On Sat, Oct 22, 2011 at 11:43 PM, Weaver <[email protected]> wrote: > > I think we need to avoid tailoring a product to a specific market. Just > produce a product that enables secure, private, decentralised > communication. >
I think we do have a specific market. I've been trying to keep focused on the use cases that Eben Moglen was describing in his speeches, which _mostly_ is getting stuff off the remote servers out of the user's control, and on a box in their house that doesn't take an admin to run. That was the banner that FreedomBox Foundation was launched under. Things that can be ripped out of the Cloud and put on a FreedomBox right now are: blogs, StatusNet (Twitter equivalent,) wiki and instant messaging. There's just no installer to make it easy for a regular person, and the "box" isn't 50$ yet. Many people on this list are concerned about the fact that centralized SSL CA's aren't trustworthy, or how to prevent DNS hijacking, or how to exchange PGP keys. It's not a waste of time to talk about these things, because they are problems with the security models of all the things FreedomBox needs. But the solutions to all these things aren't readily available to be dropped right on a server. If the minimal goal of FreedomBox is to stave off government/business siphoning of nearly everybody's data on tools like Gmail, Google talk, etc. then just getting the server in someone's house is pretty good for that. But much(most?) of the conversation on the list seems to be about the stronger security stuff that doesn't exist yet. If someone needs "real" security right now, the tools are already available and they are just going to have to learn how to set up a secure box and use it. This is all the more reason for FreedomBox to ignore this "market" for the time being. Easy to use FreedomFighterBox is out of reach right now; easy to use FreedomBox to get people's crap out of the cloud IS within reach right now. Stuff necessary for a shipped FreedomFighterBox is also necessary for FreedomBox in the long term, but it's hardly necessary in the short term to just get out of the cloud as much as possible. In my basic estimation the only significant software "missing" for launch is the installer; and a way to get around browser warnings about self-signed certificates, which possibly could be "good-enough-for-now" solved by one of the two prevalent network notary systems. Email is clearly too problematic to solve before launch, and Facebook replacements aren't done yet. tl;dr: the FreedomBox that won't get freedom fighters killed isn't doable in the next year, and the FreedomBox that does most of what _Eben Moglen said it should do_ is. Three cheers for do-ocracy, but if a project is launched with specific goals, those are the standards by which success is measured. Respectfully, "Spectral" _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
