Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Sun, Jul 15, 2012 at 7:28 AM, Anders Jackson
 wrote:
>> i think our difference of perspective is you seem to concentrate more
>> on how freedomboxes can communicate with each other (which i also hope
>> will be over IPv6 and with cacert), whereas i am just investigating a
>> different part of the same puzzle here: how to integrate with the
>> internet and web that already exist.
>
> No, I wouldn't say that.  I want to have a secure infrastructure to
> build FreedomBox on, which IPv6 and IPSec will give. We don't need to
> build stuff on IPv4 for that.  It will just be uggly hacks.

My focus (for this particular project idea, not the FreedomBox in
general), which I think is shared by Michiel and Markus, is to make a
box that is actually useful for independent publishing of dynamic
content, right now, on today's web.

The platform we target is neither IPv6 nor IPv4, it is the Web.  The
web is a bunch of resources reference by URLs - whether the domain
portion of the URL resolves to IPv4 or IPv6 addresses, or both, or
something else entirely (.onion) is at least theoretically irrelevant.

In practical terms however, today's web is an IPv4 thing and we aren't
compatible with that, then we don't create something useful.  It's
that simple.

Personally, I think this is the right way forward for the FreedomBox
and I think it will help achieve other goals as well.  Until the box
does something useful, it's a niche thing which nobody cares about.
If you give folks a useful FreedomBox that is backwards compatible,
then that attracts mind-share, developers and resources.  And the comm
infrastructure transparently be upgraded to use newer, better, more
secure networks.  After all, the web stuff is just URLs, if
FreedomBoxes know of better routes to reach them then we can
transparently upgrade from IPv4 to IPv6 or Tor or carrier pigeons
later on.

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Anders Jackson]

2012/7/15 Michiel de Jong :
> On Sun, Jul 15, 2012 at 7:42 AM, Anders Jackson
>  wrote:
>> if we use IPv6 in FreedomBox infrastructure
>
> [...]
>
>> CAcert are as good infrastructure as StartSSL.
>
> i think our difference of perspective is you seem to concentrate more
> on how freedomboxes can communicate with each other (which i also hope
> will be over IPv6 and with cacert), whereas i am just investigating a
> different part of the same puzzle here: how to integrate with the
> internet and web that already exist.

No, I wouldn't say that.  I want to have a secure infrastructure to
build FreedomBox on, which IPv6 and IPSec will give. We don't need to
build stuff on IPv4 for that.  It will just be uggly hacks.

But to base the infrastructure on IPv6 and IPSec will not hinder any
use of IPv4 and current architectures. You still have to use dual
stack.  Because lots of infrastructure is based on IPv4 today.  But as
with the hardware.  Why build it on something old that are not good
enough.  When we should design for the what will come.

> At any rate, this sort of choices can totally be parameters to the
> build script, so we can have one FreedomBuilder that is capable of
> producing images for various such choices - which is i think the right
> approach for this.

I think it is a misstake to base on IPv4.  Yes, we need to have
support for IPv4, at least as a transport of IPv6 and to be able to
surf out of a NAT LAN.  But why do anything more that that?  Peer to
peer based on IPv4 behind NAT sounds so 1990:th...

> Cheers,
> Michiel

Same.
Anders

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Sun, Jul 15, 2012 at 7:42 AM, Anders Jackson
 wrote:
> if we use IPv6 in FreedomBox infrastructure

[...]

> CAcert are as good infrastructure as StartSSL.

i think our difference of perspective is you seem to concentrate more
on how freedomboxes can communicate with each other (which i also hope
will be over IPv6 and with cacert), whereas i am just investigating a
different part of the same puzzle here: how to integrate with the
internet and web that already exist.

At any rate, this sort of choices can totally be parameters to the
build script, so we can have one FreedomBuilder that is capable of
producing images for various such choices - which is i think the right
approach for this.


Cheers,
Michiel

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Anders Jackson]

> Eugen Leitl Tue Jul 10 10:21:01 UTC 2012
> On Tue, Jul 10, 2012 at 08:54:01AM +0200, Anders Jackson wrote:
> > And about certificates, there are not only StartSSL
> > (https://stratssk.com), which is good but we also have have CAcert
> > (https://CAcert.org/) which should be a good infrastructure for a
> > project like ours.
> 
> Using self-signed certs with a STEED-like trust approach would be
> fine. Supplementing it with a FOAF web of trust even better.

CAcert are as good infrastructure as StartSSL.

/Anders


___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Anders Jackson]

> Michiel de JongT, ue Jul 10 08:18:06 UTC 2012
> Hi Anders,

Hi Michiel.
 
> In an ideal world, yes, but in order for the freedombox to be useful
> for mainstream users, we have to be compatible with the current
> situation of the world outside, which (still) involves IPv4, DNS,
> browsers' white lists for CAs, etcetera

To use IPv6 with IPSec and certificates doesn't say that you shouldn't
have dual stack and have IPv4 support. Actually, you need dual stack for
a forseening time.  IPv6 doesn't get rid of DNS either.  Neither CAs etc
etc.

BUT if we use IPv6 in FreedomBox infrastructure, we only need IPv4
enough for our IPv6 tunnel to be routed out of the users net, if there
isn't any native IPv6 from the ISP.  All the problems with NAT and IPv4
can just be ignored. If you actually do have a public IPv4 address, you
should be able to use it. But more like a special case.

And you could even tunnel IPv4 with thor over our encrypted IPv6 IPSec
with our friends freedombox:es.

/Anders


___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Tue, Jul 10, 2012 at 12:08 PM, Melvin Carvalho
 wrote:
> Thanks for the explanation.  In practical terms, where, typically
> would/could this reverse proxy run?

There are a few options:

   1) A commercial provider (e.g. my pagekite.net service)
   2) A VPS or home server with a public IP (so a friend could run it)
   3) A grassroots organization of volunteers

Of these 1) and 2) are real today, 3) is not.

For out-of-the-box instant gratification and user-friendliness, 1) and
3) are realistic options, I tend to think 2) is not.

Also note that 3) is IMO not a realistic option for clear-text
traffic, because there are significant risks of abuse by malware
authors and other nasty folks who would just love to "volunteer" to
inject crap into your websites.

> One of the fundamental motivations for freedombox is for a user to keep
> their own logs.  Therefore, if I've understood correctly, trust in the
> reverse proxy would need to be paramount?

Your web server logs stay on your web server. :-)

PageKite as written does not log much when running as a relay, it even
obfuscates IP addresses before writing to its log.  It does not log
the contents of a stream.

Of course, anyone could hack the code and add more snooping, but that
is already the case for all the other routers you rely on (at you ISP
and the Internet backbone) for clear-text communication.

So as usual, if you are concerned about snooping, you use end-to-end
HTTPS. This reduces the snooping potential to information like: "IP
x.y.z.a communicated with host.foo.com over SSL at Date/Time and
transferred N bytes".  Again, this is exactly the same info as all the
existing routers on the Internet can (and often do) already collect.

Using PageKite in MITM SSL mode provides a middle ground where all the
other routers are denied access to the contents of your communication,
but the PageKite relay could still snoop.  So there is still a risk,
but it is (depending on who your adversary is) significantly
decreased, especially if you have a good trust relationship with the
person running your PageKite relay (and they know how to keep their
servers secure).

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 10 July 2012 14:05, Bjarni Rúnar Einarsson  wrote:

> On Tue, Jul 10, 2012 at 11:56 AM, Melvin Carvalho
>  wrote:
> > On 10 July 2012 13:44, Michiel de Jong  wrote:
> >
> > Sorry for being a bit slow, I'm trying to understand the pagekite
> proposal
> > better.
>
> Please don't call it a "pagekite proposal".  The initiative came from
> Markus and Michiel, and pagekite is only a (potential) part of it.
>

Got it, thanks.


>
> > Is it based on a user's own certificate, or some other certificate, or a
> > proxy?
>
> Are you asking for a description of how PageKite works?  The
> ultra-short summary is that PageKite defines a protocol and software
> which lets a web server "connect to" or become "part of"  the web,
> even if it doesn't have a public IP.  It does so using an encrypted
> tunnel to a specialized reverse proxy.  The reverse proxy can do
> helpful things such as terminate incoming SSL connections with a
> wild-card certificate, before re-encrypting the traffic that travels
> over the tunnel.  Alternately, PageKite can also proxy end-to-end
> HTTPS traffic which is more secure (the relay cannot see or modify the
> traffic stream) but harder to set up (the origin web server needs its
> own domain and certificiate).
>

Thanks for the explanation.  In practical terms, where, typically
would/could this reverse proxy run?

One of the fundamental motivations for freedombox is for a user to keep
their own logs.  Therefore, if I've understood correctly, trust in the
reverse proxy would need to be paramount?


>
> --
> Bjarni R. Einarsson
> Founder, lead developer of PageKite.
>
> Make localhost servers visible to the world: https://pagekite.net/
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Tue, Jul 10, 2012 at 11:56 AM, Melvin Carvalho
 wrote:
> On 10 July 2012 13:44, Michiel de Jong  wrote:
>
> Sorry for being a bit slow, I'm trying to understand the pagekite proposal
> better.

Please don't call it a "pagekite proposal".  The initiative came from
Markus and Michiel, and pagekite is only a (potential) part of it.

> Is it based on a user's own certificate, or some other certificate, or a
> proxy?

Are you asking for a description of how PageKite works?  The
ultra-short summary is that PageKite defines a protocol and software
which lets a web server "connect to" or become "part of"  the web,
even if it doesn't have a public IP.  It does so using an encrypted
tunnel to a specialized reverse proxy.  The reverse proxy can do
helpful things such as terminate incoming SSL connections with a
wild-card certificate, before re-encrypting the traffic that travels
over the tunnel.  Alternately, PageKite can also proxy end-to-end
HTTPS traffic which is more secure (the relay cannot see or modify the
traffic stream) but harder to set up (the origin web server needs its
own domain and certificiate).

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Tue, Jul 10, 2012 at 11:44 AM, Michiel de Jong  wrote:
> i appreciate that we as power users can use those things, but our goal
> with freedombox is to make something for 'normal' people. If you visit
> https://g10code.com/steed.html using for instance Chrome, you get a
> big page saying you are under attack and this domain is unsafe. In
> Firefox it's grey, but it's still a scary page. Did you see that?

Actually, to clarify - this particular project, to build a "FreedomBox
which is helpful in the context of today's web" is obviously only a
subset of what the FreedomBox project itself is about.

We don't mean to co-opt the FreedomBox and turn it into something
else, but we wonder whether we could build something obviously useful
for specifically the "be independent on the web" scenario which Eben
Moglen was talking about at the very beginning (his message changed
over time, especially as the Arab Spring unfolded).

Perhaps we should call the box something else to avoid confusion?

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 10 July 2012 13:44, Michiel de Jong  wrote:

> i appreciate that we as power users can use those things, but our goal
> with freedombox is to make something for 'normal' people. If you visit
> https://g10code.com/steed.html using for instance Chrome, you get a
> big page saying you are under attack and this domain is unsafe. In
> Firefox it's grey, but it's still a scary page. Did you see that?
>

The above site works fine for me in firefox.

Sorry for being a bit slow, I'm trying to understand the pagekite proposal
better.

Is it based on a user's own certificate, or some other certificate, or a
proxy?


>
> Therefore, even though i'm also very much against the politics of the
> CA system we have, I think these alternatives are not an option (yet)
> (unfortunately).
>
> On Tue, Jul 10, 2012 at 1:21 PM, Eugen Leitl  wrote:
> > On Tue, Jul 10, 2012 at 08:54:01AM +0200, Anders Jackson wrote:
> >
> >> And about certificates, there are not only StartSSL
> >> (https://stratssk.com), which is good but we also have have CAcert
> >> (https://CAcert.org/) which should be a good infrastructure for a
> >> project like ours.
> >
> > Using self-signed certs with a STEED-like trust approach would be
> > fine. Supplementing it with a FOAF web of trust even better.
> >
> > ___
> > Freedombox-discuss mailing list
> > Freedombox-discuss@lists.alioth.debian.org
> >
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
> ___
> Freedombox-discuss mailing list
> Freedombox-discuss@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

i appreciate that we as power users can use those things, but our goal
with freedombox is to make something for 'normal' people. If you visit
https://g10code.com/steed.html using for instance Chrome, you get a
big page saying you are under attack and this domain is unsafe. In
Firefox it's grey, but it's still a scary page. Did you see that?

Therefore, even though i'm also very much against the politics of the
CA system we have, I think these alternatives are not an option (yet)
(unfortunately).

On Tue, Jul 10, 2012 at 1:21 PM, Eugen Leitl  wrote:
> On Tue, Jul 10, 2012 at 08:54:01AM +0200, Anders Jackson wrote:
>
>> And about certificates, there are not only StartSSL
>> (https://stratssk.com), which is good but we also have have CAcert
>> (https://CAcert.org/) which should be a good infrastructure for a
>> project like ours.
>
> Using self-signed certs with a STEED-like trust approach would be
> fine. Supplementing it with a FOAF web of trust even better.
>
> ___
> Freedombox-discuss mailing list
> Freedombox-discuss@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Eugen Leitl]

On Tue, Jul 10, 2012 at 08:54:01AM +0200, Anders Jackson wrote:

> And about certificates, there are not only StartSSL
> (https://stratssk.com), which is good but we also have have CAcert
> (https://CAcert.org/) which should be a good infrastructure for a
> project like ours.

Using self-signed certs with a STEED-like trust approach would be
fine. Supplementing it with a FOAF web of trust even better.

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

Hi Anders,

In an ideal world, yes, but in order for the freedombox to be useful
for mainstream users, we have to be compatible with the current
situation of the world outside, which (still) involves IPv4, DNS,
browsers' white lists for CAs, etcetera.

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Anders Jackson]

I can't understand why som many are so locked into one public IP address
per home, when we at least can have 2^64 different addresses if we uses
IPv6.  And with some sertificates we can even encrypt communication
between sites.  We also doesn't need to handle NAT (in any other way but
to get out of the IPv4 net).  These small devices would work greate as
IPv6 routers for your home network.

And I also can't understand that people are so worried about the low
performance of the ARM-computers we have now.  If there are problems,
just run on a x86 computer. Or when we are getting started with
something to distribute, the performance would be double that of the
current ARM-computers (at least).

And about certificates, there are not only StartSSL
(https://stratssk.com), which is good but we also have have CAcert
(https://CAcert.org/) which should be a good infrastructure for a
project like ours.

/A Jackson


smime.p7s
Description: S/MIME cryptographic signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

Hi John :-)

On Tue, Jul 10, 2012 at 12:52 AM, John Gilmore  wrote:
>> > That's it.  Did I miss anything? :-)
>
> Sure.  Here are three more scenarios.  What all of them share is that
> YOU choose which friends with static IP addresses to trust, and that
> those friends' FreedomBoxes handle much of the setup and maintenance
> overhead.  These three scenarios don't require ANY centralized
> infrastructure other than a DNS provider that everyone needs anyway.

I think you just describe variants of scenarios One and Two, where
your "friends" function as (dynamic) DNS providers and PageKite
relays?  Is there any difference aside from the social ties (or lack
thereof) between the user and those providing him with service?  There
are thousands of companies that provide DNS services.  PageKite is
open source, so anyone can run a relay and I explicitly mentioned
peer-operated relays as an option...

Your Web Cache scenario is new, but it's out of scope as we were
assuming end-to-end encryption and dynamic content (Unhosted is all
about web-apps).  But it could obviously be very useful for folks who
don't care about encryption or are willing to trust their friends with
SSL keys.

...

As an aside, I don't much like the idea of relying on friends.  It's
no fun to nag a friend or acquaintance when the network is down, I'd
much rather complain to someone who is getting paid to listen to my
whinging.  But there's room for both approaches.

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[John Gilmore]

> > That's it.  Did I miss anything? :-)

Sure.  Here are three more scenarios.  What all of them share is that
YOU choose which friends with static IP addresses to trust, and that
those friends' FreedomBoxes handle much of the setup and maintenance
overhead.  These three scenarios don't require ANY centralized
infrastructure other than a DNS provider that everyone needs anyway.

Since FreedomBox is built out of standardized software, even friends
who don't have FreedomBoxes can act as your friends, if they are
already running, or willing to run, that software on their existing
Linux servers.

== Scenario DNS Redirect ==

Offer an option to host your website on your freedombox, with a
dynamic IP address, that is reached via one, two, or more friends'
freedomboxes' static IP addresses who serve up your domain records.

Domain records (also known as your "DNS zone") describe what IP
addresses your web server (and other servers) are located on, the
domain names of the servers that serve up your DNS zone, and possibly
public keys and signatures that secure this and other information.  In
the standard DNS protocol, these records can be changed dynamically
and are globally cached for high performance and reliability.  (This
is how the Internet already works.)

Our software would provide both server and client implementations of a
domain name server / redirector.  If you have a static IP address,
your FreedomBox can host a domain server, which serves up your own
domain name(s), and also serves up the name(s) of friends.  This DNS
server would accept dynamic updates from your friends' FreedomBoxes,
which would revise the IP address in the zone.

The client software that runs in your FreedomBox would merely publish
these dynamic updates (to your friends' FreedomBoxes) whenever your
FreedomBox's public IP address changed.  These updates would be
cryptographically signed to avoid unwanted changes.

By choosing more than one friend to host your domain zone, you would
avoid single points of failure.

Web accesses would come directly from the world to your
dynamically-addressed FreedomBox.

Even friends who don't have a static IP address can improve your
reachability/reliability, if they have a dynamic and publicly
reachable IP address.  You should start with one friend with a static
IP address as an "anchor" site.

Once browsers support DNS-signed SSL certificates using the IETF DANE
TLS protocol, the same software can securely publish your public key
without making you interact with an SSL certificate provider (reducing
the setup costs and making more of it automatable).

Pros:  Relatively low setup overhead.  Works with SSL or without.
   Requires minimal permanent storage in all participating FreedomBoxes.
   Trivial ongoing overhead for your friend sites.
   Web accesses from the world go straight to your box.
   Can convert transparently to the Webproxy Redirect mode below,
   or to the Friends Web Cache mode below.

Cons:  Requires that you have at least ONE public IP address,
   dynamically assigned.  Must find one or two friends.  Must
   register those friends' domain names with your domain provider
   as your NS servers.

== Scenario Webproxy Redirect ==

Same setup as above, except you don't even have a publicly reachable
dynamic IP address.  All you have is a NAT address and your NAT
redirector is completely oblivious to all attempts to punch a hole
through it.  

So you find two or more friends and they serve up your DNS records as
before, but each of them advertise the entire set of friends' IP
addresses as the address of your web site.  And each of them runs a
web proxy that relays any incoming web accesses from their box, out
over their ISP, to your box, using the PageKite protocol.

FreedomBox software would again provide both the server software
and the client software for this.

Your FreedomBox would at all times keep a TCP connection up to each
friend's FreedomBox so that web accesses can be relayed to you down
that TCP connection.

Incoming web accesses from the world would go at random to any of your
friends' FreedomBoxes.  Those boxes would relay the traffic to yours.
If you or the world can't reach some of your friends, those friends'
proxies would not answer, and clients would try another address,
making it possible to reach you anyway.

As in DNS Redirect mode, can also publish IETF DANE TLS keys to
eventually avoid SSL certificate setup overhead.

Pros:  Relatively low setup overhead.  Works with SSL or without.
   Requires minimal permanent storage in all participating FreedomBoxes.
   Can convert transparently to the DNS Redirect mode above,
   or to the Friends Web Cache mode below.

Cons:  Must find one or two friends.  Must
   register those friends' domain names with your domain provider
   as your NS servers.  Your friends must be willing to have ALL
   your web traffic go via their ISP connection.

We could ship a FreedomBox with

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Marc]

2012/7/9 Bjarni Rúnar Einarsson 
>
> Hi Marc,
>
> On Mon, Jul 9, 2012 at 5:50 AM, Marc  wrote:
> > There are several open source registies out there:
> >
> > http://let.de/index.php/the-search-for-a-registry-solution-experiences-of-a-small-cctld/
> >
> > Why certs ? Every twitter or facebook app works with an api key , why not
> > simply use somethign like that ?
>
> Not sure which problem you are trying to solve here, you should
> clarify. Whether a DNS registry is open source or not is largely
> irrelevant, if you need a domain you need someone to provide you with
> it - unless you plan to run your own TLD, we're obviously not all
> going to do.

hi Bjarni

Ok, thats the centralised alternative, If we build our own Network
with a lets call it
" Freedombox Grid" We could use our own DNS and we are not dependent
on any other controlled DNS registry , so everybody could register a
http://whatever  adress to reach each freedombox.


> > http://pdos.csail.mit.edu/uia/

> However, at first glance UIA doesn't appear useful for folks who want
> to take part in the "legacy" public web, as the addresses it allocates
> are cryptographic hashes which they generally represent to the OS as
> part of the IPv6 pool reserved for link-local (so completely
> non-routeable).


If you take a close look you will see its build on apple bonjour
,zeroconfiguration, NAT-PmP
and could run on any mobile device.

this is another project with the same approach:

The MyNet Project is a collaboration between the Nokia Pervasive
Computing Group and the MIT UIA team (UIA=User Information
Architecture). It is clear that personal devices such as mobile
phones, digital music players, personal digital assistants, console
gaming systems, and digital cameras have become commonplace in the
lives of ordinary people. We believe that as these intelligent and
networking capable devices proliferate - security, ease of use and
peer-to-peer connectivity will become increasingly important.


 http://research.nokia.com/page/51

I believe that DNS is the most important thing of the project !

just my 2 cents

Greetings



--
Marc Manthey
50823 Köln, germany
Vogelsangerstr.97
Phone: 0049-221-29891489
Mobile : 0049-1577-3329231
Website: http://let.de
Email: m...@let.de

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

Hi Marc,

On Mon, Jul 9, 2012 at 5:50 AM, Marc  wrote:
> There are several open source registies out there:
>
> http://let.de/index.php/the-search-for-a-registry-solution-experiences-of-a-small-cctld/
>
> Why certs ? Every twitter or facebook app works with an api key , why not
> simply use somethign like that ?

Not sure which problem you are trying to solve here, you should
clarify. Whether a DNS registry is open source or not is largely
irrelevant, if you need a domain you need someone to provide you with
it - unless you plan to run your own TLD, we're obviously not all
going to do.


> Why reinventing the wheel when working code and solutions are out there ?
>
> http://pdos.csail.mit.edu/uia/

Thanks for this link, this is awesome work which I was unaware of. :-)
 The research paper is very long and I only skimmed it to get a feel
for what it could do.

IAt first glance this looks very relevant to other (non-web-serving)
aspects of the FreedomBox - it looks like it is (potentially) a more
decentralized and more performant alternative to Tor (so gaining speed
and decentralization,but sacrificing strong anonymity). There may well
be many use-cases where that is a good trade-off.

However, at first glance UIA doesn't appear useful for folks who want
to take part in the "legacy" public web, as the addresses it allocates
are cryptographic hashes which they generally represent to the OS as
part of the IPv6 pool reserved for link-local (so completely
non-routeable).

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Mon, Jul 9, 2012 at 1:41 AM, Bjarni Rúnar Einarsson  
wrote:
> To make this e-mail not a complete waste: random useful thing:
> badger.com provide an API for registering domains.  Others may as well
> (gandi.net?).  This means if someone writes the software, then buying
> a domain could be handled entirely within the UI of the box itself.

that would be amazingly awesome actually. IndieWeb in a box! it will
also feel nice to really have your own website. and we can add a few
basic fedsocweb features.

previously i was thinking of subdomains because they don't cost money
to renew. but there are two advantages of proper domain names:
- the user directly deals with the domain name registrar. they can
even transfer to another registrar without interrupting anything. it's
as decentralized as we can make it.
- what if we also automate startssl as Michael Rogers suggested?
startssl's identity check they do now relies on an email conversation
with a supposed human agent (i always wonder if i'm talking with a bot
during those), but the fact that a physical object was purchased and
shipped can effectively work to establish legitimacy of the user
(buying the plugserver is like resolving a captcha, it proves that you
are human).

as Bjarni and i also already discussed, maybe we need to reach out to
startssl and find out if they could cooperate to make this really
work. wouldn't that be amazing? each freedombox coming with a real
https-enabled domain, which makes you a first-class citizen on the
(social) web. if we can automate the two registration steps (DNR and
SSL), then it could be feasible. if people think this could work then
i'll contact startssl about it, and see what they say. they might say
no, for reasons we can't predict, but i think it's worth a try.


cheers,
Michiel

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Marc]

There are several open source registies out there:

http://let.de/index.php/the-search-for-a-registry-solution-experiences-of-a-small-cctld/

Why certs ? Every twitter or facebook app works with an api key , why not
simply

use somethign like that ?

Why reinventing the wheel when working code and solutions are out there ?


http://pdos.csail.mit.edu/uia/

cheers


-- 
Marc Manthey
50823 Köln, germany
Vogelsangerstr.97
Phone: 0049-221-29891489
Mobile : 0049-1577-3329231
Website: http://let.de
Email: m...@let.de
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Sun, Jul 8, 2012 at 11:51 PM, Michael Rogers
 wrote:
> On 08/07/12 23:41, Bjarni Rúnar Einarsson wrote:
>
> Not quite - unlike scenario two, the user would get a subdomain from
> the PageKite provider, rather than using her own domain. And unlike
> scenario four, the user would generate a certificate for the subdomain
> and have it signed by a CA, rather than using someone else's wildcard
> cert.

I don't think most CAs are willing do that. I would love to be proven
wrong though.

There are multiple issues here though - subdomains may be free, but
they do tie your identity to whoever provided you with it and make you
depend on their DNS infrastructure.  Top level domains at least have
formal procedures and rules in place for handling transfers from one
registrar to another.

That's why this wasn't considered as a scenario.


One way to look at the scenarios I provided was from the point of view
of independence.

Scenarios One and Two give the user at least a theoretical possibility
of independence, where they can move from network to network and
provider to provider. This is very important IMO, but unfortunately
places a burden on the user to register and manage his own identity
(domain & cert) himself.

Scenarios Three, Four and to a lesser degree, Five, introduce
dependencies of various types which give more convenience to the user
in the short term but may not really be compatible with the long-term
vision of something like a FreedomBox.  I think of them as training
wheels. :-)

(When presented this way, I actually see it as a benefit for the
training wheels to be somewhat clunky and obviously imperfect. If your
training wheels let you go 30kph, you may never take them off...)

There are many other dimensions to this, but I feel this one is really
fundamental and many of the others depend on it. Being able to switch
service providers is in some ways a freedom which presupposes many of
the others; privacy, anonymity, security - they don't do much for you
if your provider cuts you off.

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michael Rogers]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/07/12 23:41, Bjarni Rúnar Einarsson wrote:
> On Sun, Jul 8, 2012 at 10:39 PM, Bjarni Rúnar Einarsson Oops,
> please don't take my last reply too seriously.  But you're 
> confusing scenarios there, what you just described is scenario Two
> or Four. :-)

Not quite - unlike scenario two, the user would get a subdomain from
the PageKite provider, rather than using her own domain. And unlike
scenario four, the user would generate a certificate for the subdomain
and have it signed by a CA, rather than using someone else's wildcard
cert.

I'm splitting hairs, though - the main point was that things like
certificate signing can be handled by the installation wizard, using
service providers that are independent from the hardware vendor.

> To make this e-mail not a complete waste: random useful thing: 
> badger.com provide an API for registering domains.  Others may as
> well (gandi.net?).  This means if someone writes the software, then
> buying a domain could be handled entirely within the UI of the box
> itself.

That sounds great! What was the issue you mentioned with end-to-end
HTTPS when using PageKite with the user's own domain?

Cheers,
Michael
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJP+h0AAAoJEBEET9GfxSfM6w4H+gO0o+Lz3a79WLCdRLYF9wmx
xwlMzKfoT4Yv4qAtBCsDiFVape9qpAMsZZAQnxOLKijH3OEnFzt0WGRRieOIPNrh
zBi4GuSpgsbzV8SJbO3o49I0UJlmDPa3Orhvs+MuQ2R/Rg93u7AGKH8tabML1S6E
Tl+6jRajMXTezPgmtUCI1MD1sgtY8c2tqqlDfZ9hDejCZMJn6eyGCzX9TOVmRnCo
M59h8wqRLVoDUMzl+YoirKPJZYcFAwpyTtixouDY9ReliPhml/sulg3DMWbWEiWd
foWHnQsaLfyuJt2j5RPm+E4bD+ZgoJsON7PxohlzuTrW5HbUUKtmbsi8vMQGDw4=
=tkVl
-END PGP SIGNATURE-

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Sun, Jul 8, 2012 at 10:39 PM, Bjarni Rúnar Einarsson
 wrote:
> On Sun, Jul 8, 2012 at 9:35 PM, Michael Rogers  
> wrote:
>>> Cons: Requires the user have a public IP.  The FreedomBox
>>> distributor becomes a "single point of attack" as they have a
>>> central list of which domain belongs to which user.  The
>>> distributor is also in a position which allows them to issue new
>>> certs and MITM attack users without their knowledge.
>>
>> These cons are all solvable. The box's installation wizard can guide
>> the user through choosing a PageKite subdomain, entering payment
>> details, generating an SSL cert and submitting it to StartSSL. The
>> user doesn't need a static IP. The hardware distributor doesn't need
>> to know which PageKite subdomain the user chooses, and doesn't need to
>> generate or sign certs.

Oops, please don't take my last reply too seriously.  But you're
confusing scenarios there, what you just described is scenario Two or
Four. :-)

To make this e-mail not a complete waste: random useful thing:
badger.com provide an API for registering domains.  Others may as well
(gandi.net?).  This means if someone writes the software, then buying
a domain could be handled entirely within the UI of the box itself.

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Sun, Jul 8, 2012 at 9:35 PM, Michael Rogers  wrote:
>> Cons: Requires the user have a public IP.  The FreedomBox
>> distributor becomes a "single point of attack" as they have a
>> central list of which domain belongs to which user.  The
>> distributor is also in a position which allows them to issue new
>> certs and MITM attack users without their knowledge.
>
> These cons are all solvable. The box's installation wizard can guide
> the user through choosing a PageKite subdomain, entering payment
> details, generating an SSL cert and submitting it to StartSSL. The
> user doesn't need a static IP. The hardware distributor doesn't need
> to know which PageKite subdomain the user chooses, and doesn't need to
> generate or sign certs.

If the user doesn't have a static IP, then the user has to configure
dynamic DNS. Also solvable.

However, you seem to be assuming the box will have a public IP (static
or not) - that is almost never the case.  Usually the public IP is
reserved for your border router, which the FreedomBox may not be able
to replace.  Power users may be using their public ports already,
non-power-users will find port-forwarding to be a challenge.

Helping people with port-forwarding is not easy because of the
dizzying array of different devices out there, any instructions we
provide (or scripts, or...) will be inaccurate most of the time.  Some
routers will let us uPNP our way out, but much of the time you'll find
that the local Skype instance has already stolen port 443. :-)

> A power user might want to choose a different PageKite provider or
> certificate authority - there's no reason the software shouldn't
> support that.

This I absolutely agree with!

-- 
Bjarni R. Einarsson
Founder, lead developer of PageKite.

Make localhost servers visible to the world: https://pagekite.net/

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michael Rauch]

On 07/08/2012 09:45 PM, Nick M. Daly wrote:

On Sat, 7 Jul 2012 16:25:54 +0300, Michiel de Jong wrote:

On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch wrote:

with PageKite, this probably leads to registering a domain name for
a box...


or subdomain, which saves money.


with Tor HS, no need to register a domain...


for mainstream users that would mean going via tor2web, so effectively
still a reverse proxy setup.


For the record, I'd like to see what comes of both the PK and THS
approaches.  PK seems easier, while THS seems more robust (it'll take a
lot more than some ICE paperwork to corrupt the Tor directory servers).
Box-to-box communication can be much simpler and is where I've been
focusing most of my time.  Thanks for looking into these harder
problems.


i think too that Tor HS (+FreedomBuddy) is mostly an advantage for interbox 
communication and a time when app usage might mean, that a user logs-in to his 
fbx where information gets pulled together for him.

for the integration in the web-of-today (role:server) it's more of a handicap.

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michael Rauch]

On 07/08/2012 09:43 PM, Bjarni Rúnar Einarsson wrote:

On Sat, Jul 7, 2012 at 1:25 PM, Michiel de Jong  wrote:

On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch  wrote:

- with PageKite, this probably leads to registering a domain name for a box.
as this is how the regular web works, normal browser/http-client can access
the page/service.


or subdomain, which saves money.

we could use per-box startssl certs instead of certs on the proxy, but
if the proxy is the apt server anyway then that does not really
increase security, and it's annoying that you have to renew them each
year.

...

Michiel and I discussed this and related issues on IRC a bit
yesterday, and he asked me to summarize the conclusions.  So here
goes...

Goals:
* Be able to host content on a FreedomBox which is part of the web
* Be as independent as possible
* Avoid single-points of failure, security and reliability-wise

Non-goals:
* Resist attacks/censorship by "government-grade" opponents

The techniques we consider available to us, are traditional static
IPs, PageKite and Tor/Tor2web.  We specifically have Unhosted data in
mind and HTTPS is considered a requirement for that.

After talking back and forth a bit, we came up a few scenarios which
the box can support relatively easily, which should suit different
users' needs to varying degrees:

== Scenario One: Traditional Web ==

1. Use has a public IP address
2. User purchases their own domain name, configures it
3. User obtains SSL certificates

Pros: This is the traditional way hosting on the web has worked, and
it is still arguably the most efficient way to publish content.  Very
decentralized (user depends on DNS provider, security of SSL vendor
and their own ISP, none of which have to be the same for everyone).

Cons: Relatively high barrier, user must be quite technical. No
anonymity. Can not be preconfigured.  Most users have at most 1 public
IP, so at only FreedomBox per household can serve content at a time.

User costs: Domain registration and SSL cert (recurring, estimated
$15/year, cheap domain and free StartSSL cert)


== Scenario Two: Independent PageKite ==

Same as Scenario One, except instead of a public IP, the user connects
to a PageKite relay to expose their web server (using their own
cert/domain and end-to-end HTTPS).

Pros: Mostly compatible with public web. Works for almost all users,
slightly less technical as local network config isn't an issue.
PageKite relay service could be provided either by the pagekite.net
service or a network of peers, user could migrate from one to another
at will.  Provides weak anonymity, as the domain could be registered
anonymously and the PageKite provider provides single layer of
misdirection.

Cons: High barrier, technical user.  End-to-end HTTPS encryption over
PageKite is not supported by some older browsers.  A peer-operated
PageKite relay network does not exist, so currently the only option is
to pay pagekite.net (about $3/month) or run your own relay on a VPS
($5-20/month).

User costs: Domain registration and SSL cert, PageKite subscription
(recurring, estimated $50/year (see below, re. PK pricing))


== Scenario Three: Prepackaged Domain/SSL/PageKite ==

A variation on the above two, where instead of the user registering
their own domain and SSL certificate, both are provided preconfigured
on the FreedomBox itself by the distributor.  A PageKite account could
be included/preconfigured as well.

Pros: A "plug and play" solution, especially if PageKite is included.
Compatible with the public web.

Cons: Requires the user have a public IP.  The FreedomBox distributor
becomes a "single point of attack" as they have a central list of
which domain belongs to which user.  The distributor is also in a
position which allows them to issue new certs and MITM attack users
without their knowledge.

User costs: Domain registration and SSL cert, maybe PageKite
subscription (recurring, estimated $15-50/year).  First year maybe
included in price of the box?


== Scenario Four: Prepackaged PageKite/MITM SSL ===

Same as Scenario three, but without including a domain name or cert
(uses a subdomain from the PageKite service or some other friendly
org.)  The boxes will be configured to relay through servers which do
"man in the middle" SSL using a wild-card certificate.

Pros: Plug and play.  Weak anonymity. Mostly web compatible.

Cons: User depends on the PageKite service for their identity (domain)
and security.

User costs: PageKite subscription (recurring, estimated $36/year).
First year maybe included in price of the box?

(Note: This number can be massaged a bit as I control the PageKite
pricing scheme and I want to support these projects for idealistic
reasons - I just need to not be losing lots of money on this. If we
guarantee users aren't transferring massive amounts of bandwidth, this
number can go down quite a bit.)


== Scenario Five: Tor/Tor2web ==

This scenario assumes the box's services are published

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michael Rogers]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/07/12 20:43, Bjarni Rúnar Einarsson wrote:
> == Scenario Three: Prepackaged Domain/SSL/PageKite ==
> 
> A variation on the above two, where instead of the user registering
> their own domain and SSL certificate, both are provided 
> preconfigured on the FreedomBox itself by the distributor.  A 
> PageKite account could be included/preconfigured as well.
> 
> Pros: A "plug and play" solution, especially if PageKite is 
> included. Compatible with the public web.
> 
> Cons: Requires the user have a public IP.  The FreedomBox 
> distributor becomes a "single point of attack" as they have a 
> central list of which domain belongs to which user.  The 
> distributor is also in a position which allows them to issue new 
> certs and MITM attack users without their knowledge.

These cons are all solvable. The box's installation wizard can guide
the user through choosing a PageKite subdomain, entering payment
details, generating an SSL cert and submitting it to StartSSL. The
user doesn't need a static IP. The hardware distributor doesn't need
to know which PageKite subdomain the user chooses, and doesn't need to
generate or sign certs.

A power user might want to choose a different PageKite provider or
certificate authority - there's no reason the software shouldn't
support that.

Of course, a malicious hardware distributor could insert backdoors in
the software to defeat the "separation of powers", but all the
proposed solutions are vulnerable to backdoors. Users will either have
to trust the distributors or collectively audit the boxes.

Cheers,
Michael
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJP+f0MAAoJEBEET9GfxSfM0voIAIf29JgusZqYkbVaMj/X+SHT
JG2gC7VACAK2XWeyYQ+on/95gxYKjCW+Knf1Vk4BTWAgnOqSc0WQp6RNtUcRL867
zHS6IrjFtOmCF72dSmivGOvsHjyV+rqutrU9j5/pE1NnVdHkYpIqka413a7dIsNS
fbjE60BnZEFZDz4HK+wqSE/wzcPZnHlZr2CvYzTLEKRLMC78X811TJrxBwZTEh7R
Cccif6bC38XjjK1jkJ22FrgBky62UCFGSz0rlTgU1Q28n1ZeXwATezD6XD55jAAS
8JGQ869SE0PFAbTPA+lILbjTzcGZwgqmbgFmHUTX8mWL6AE6hjUNkqfi2nQyX04=
=8y3p
-END PGP SIGNATURE-

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Nick M. Daly]

On Sat, 7 Jul 2012 16:28:46 +0200, Markus Sabadello wrote:
> On Fri, Jul 6, 2012 at 2:16 PM, Nick M. Daly wrote:
> > On Tue, 3 Jul 2012 16:25:16 +0200, Markus Sabadello wrote:
> > > We should also have some updating mechanism...
> > >
> > > 1. When the FreedomBox boots, it checks if a certain file
> > > (together with a signature) is present on an attached USB drive.
> > >
> > > 2. If yes, and if the user enters their password, that file is
> > > executed and can update the box.
> >
> > Why reinvent the wheel when we already have Debian's updating system?
> > Apt seems to work pretty well for the rest of the distribution.  Any
> > reasons it won't work here?
>
> Good point. Yeah I agree the standard updating mechanism should be
> used.  That would be presented through Plinth, right?  I.e.  there
> would be a button saying "Update my FreedomBox"?

Yup.  The update-notifier package handles this well.  It just pops a
little icon that you can click when there are new updates.  We can also
pre-configure the system to install security updates automagically,
which might be useful when Wheezy is released.  That's in the
plug-server setup guide [0] somewhere...

> Maybe the ability to stick a USB-drive-with-update-file into the box
> would still make sense.  Kind of a backup recovery-mode option in case
> something went wrong with the box?

Good idea.  The OpenPandora project [1] actually has this built out into
their system's firmware (hold a particular button while booting with
specific SD card in a chosen card slot, while singing /It's a Small
World/ backwards three times...).  Right now, we do have the JTAG
option, but we can't ask everybody to go that route.

Would you be able to bring that sort of thread to the mailing with any
questions you have?  I'd do it, but you've been thinking over this
problem for longer than I have and probably have more answers and better
questions.

My big question is: what files do we save off to recover later?  A
firmware reset (because that's essentially what it is) shouldn't lose
all your blog posts, for example.  An easy solution to this would be to
move specific directories to a different partition that isn't wiped on
reset.  Which directories?  Where's that partition stored?

Right now, I'm imagining putting /home and /var on an external SD card.

Upsides:

- Your data's safe in case of factory reset.

- Your data's easily transportable.

Downsides:

- The box won't work if you lose the card.  You'll have to reset if you
  accidentally pop out the card.

- Your data's easily steal-able.

Nick

0: bitbucket.org/nickdaly/plugserver
1: openpandora.org


pgpc1kAvTYiSm.pgp
Description: PGP signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

One thing I left out completely, sorry: Self signed certs.

Obviously, these work with any of the scenarios where the user has
their own commercial cert, and they can be auto-configured by the
software on the box when it is first used, thus providing significant
security without any central repository or administrative burden.

I left them out because Michiel and I felt the browser warnings make
this a non-starter for most users, but I should have included it for
completeness.  Sorry. :-)


On Sun, Jul 8, 2012 at 7:43 PM, Bjarni Rúnar Einarsson  
wrote:
> On Sat, Jul 7, 2012 at 1:25 PM, Michiel de Jong  wrote:
>> On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch  wrote:
>>> - with PageKite, this probably leads to registering a domain name for a box.
>>> as this is how the regular web works, normal browser/http-client can access
>>> the page/service.
>>
>> or subdomain, which saves money.
>>
>> we could use per-box startssl certs instead of certs on the proxy, but
>> if the proxy is the apt server anyway then that does not really
>> increase security, and it's annoying that you have to renew them each
>> year.
> ...
>
> Michiel and I discussed this and related issues on IRC a bit
> yesterday, and he asked me to summarize the conclusions.  So here
> goes...
>
> Goals:
>* Be able to host content on a FreedomBox which is part of the web
>* Be as independent as possible
>* Avoid single-points of failure, security and reliability-wise
>
> Non-goals:
>* Resist attacks/censorship by "government-grade" opponents
>
> The techniques we consider available to us, are traditional static
> IPs, PageKite and Tor/Tor2web.  We specifically have Unhosted data in
> mind and HTTPS is considered a requirement for that.
>
> After talking back and forth a bit, we came up a few scenarios which
> the box can support relatively easily, which should suit different
> users' needs to varying degrees:
>
> == Scenario One: Traditional Web ==
>
>1. Use has a public IP address
>2. User purchases their own domain name, configures it
>3. User obtains SSL certificates
>
> Pros: This is the traditional way hosting on the web has worked, and
> it is still arguably the most efficient way to publish content.  Very
> decentralized (user depends on DNS provider, security of SSL vendor
> and their own ISP, none of which have to be the same for everyone).
>
> Cons: Relatively high barrier, user must be quite technical. No
> anonymity. Can not be preconfigured.  Most users have at most 1 public
> IP, so at only FreedomBox per household can serve content at a time.
>
> User costs: Domain registration and SSL cert (recurring, estimated
> $15/year, cheap domain and free StartSSL cert)
>
>
> == Scenario Two: Independent PageKite ==
>
> Same as Scenario One, except instead of a public IP, the user connects
> to a PageKite relay to expose their web server (using their own
> cert/domain and end-to-end HTTPS).
>
> Pros: Mostly compatible with public web. Works for almost all users,
> slightly less technical as local network config isn't an issue.
> PageKite relay service could be provided either by the pagekite.net
> service or a network of peers, user could migrate from one to another
> at will.  Provides weak anonymity, as the domain could be registered
> anonymously and the PageKite provider provides single layer of
> misdirection.
>
> Cons: High barrier, technical user.  End-to-end HTTPS encryption over
> PageKite is not supported by some older browsers.  A peer-operated
> PageKite relay network does not exist, so currently the only option is
> to pay pagekite.net (about $3/month) or run your own relay on a VPS
> ($5-20/month).
>
> User costs: Domain registration and SSL cert, PageKite subscription
> (recurring, estimated $50/year (see below, re. PK pricing))
>
>
> == Scenario Three: Prepackaged Domain/SSL/PageKite ==
>
> A variation on the above two, where instead of the user registering
> their own domain and SSL certificate, both are provided preconfigured
> on the FreedomBox itself by the distributor.  A PageKite account could
> be included/preconfigured as well.
>
> Pros: A "plug and play" solution, especially if PageKite is included.
> Compatible with the public web.
>
> Cons: Requires the user have a public IP.  The FreedomBox distributor
> becomes a "single point of attack" as they have a central list of
> which domain belongs to which user.  The distributor is also in a
> position which allows them to issue new certs and MITM attack users
> without their knowledge.
>
> User costs: Domain registration and SSL cert, maybe PageKite
> subscription (recurring, estimated $15-50/year).  First year maybe
> included in price of the box?
>
>
> == Scenario Four: Prepackaged PageKite/MITM SSL ===
>
> Same as Scenario three, but without including a domain name or cert
> (uses a subdomain from the PageKite service or some other friendly
> org.)  The boxes will be configured to relay through servers which do
> "man in the middle" SSL usi

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Nick M. Daly]

On Fri, Jul 6, 2012 at 3:16 PM, Nick M. Daly wrote:
> I'm a little leery of asking users to sign up for a service on a
> device that's designed to let them host their own services.

On 07/06/2012 06:45 PM, Michiel de Jong wrote:
> if you want to offer any form of web presence, you need... a DNS
> server or a (network of) reverse proxy(s) if you're on a dynamically
> assigned own IP.

On Fri, 06 Jul 2012 12:57:37 -0400, Ian Sullivan wrote:
> I don't see anything wrong with setting up such a service as long as
> we work towards making it possible for others to set them up too...
> If everyone with a route-able address can run such a service for the
> people in their lives who trust them to run it then it actually seems
> pretty natural to me that community non-profits like the freedombox
> foundation or Debian itself would start running such services for
> their communities.

Very well put, Ian.  I wouldn't have concerns with that, as long as
users have the option and ability to enable themselves.  I'm a little
annoyed we don't have an easy solution yet, all of the solutions are
aimed at power users (defined as "requiring almost any setup at all")
and might be hard to configure out of the box, but I have faith in
Michiel and Bjarni.

On Sat, 7 Jul 2012 16:25:54 +0300, Michiel de Jong wrote:
> On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch wrote:
> > with PageKite, this probably leads to registering a domain name for
> > a box...
>
> or subdomain, which saves money.
>
> > with Tor HS, no need to register a domain...
>
> for mainstream users that would mean going via tor2web, so effectively
> still a reverse proxy setup.

For the record, I'd like to see what comes of both the PK and THS
approaches.  PK seems easier, while THS seems more robust (it'll take a
lot more than some ICE paperwork to corrupt the Tor directory servers).
Box-to-box communication can be much simpler and is where I've been
focusing most of my time.  Thanks for looking into these harder
problems.

On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch wrote:
> in the long run, i would prefer something like FreedomBuddy as Tor HS
> in the role of a gatekeeper. this frees from registering a domain name
> and still gets you a durable name/address. further, it gives the
> service provider more anonymity and FreedomBuddy can do access-control
> before revealing service endpoints to clients (either connections
> through Tor network or direct connections).

On Sat, 7 Jul 2012 16:25:54 +0300, Michiel de Jong wrote:
> i think the main point (for me, at least) is that we want to get a
> 2013 version out there now, that has functionality for a mainstream
> user. It would then be updateable through apt as soon as we have more
> better things working, and then the 2014 version can have full
> FreedomBuddy-based onion routing.

FreedomBuddy as Tor Hidden Service is available today.  It, too, isn't
integrated into the disk image yet.  However, given the recent
freedombuddyLocation script (wow, that needs a less annoying name) any
service in the system should be able to use the address layer, right
now.  That still requires client-configuration, unfortunately.

On Sat, 7 Jul 2012 16:25:54 +0300, Michiel de Jong wrote:
> my main open questions for the pagekite-based setup we're proposing
> are if it makes sense to put ssl-certs on the boxes (i have a feeling
> that it doesn't), and how we want to do the installation (i think the
> best way is to connect it via ethernet to the existing ISP-supplied
> router, and make it emit a wifi access point).

I think it does make sense to put SSL-certs on the boxes.  Bdale put a
"make sure to generate your own certificates" warning in Freedom Maker's
readme.  There's actually space reserved in the first-boot process for
certificate generation.  It should be easy to put together a FBuddy
script that sniffs your certs and advertises them at your identity
locations, allowing for out-of-band verification.  That would finally
make self-signed SSL certs meaningful, and might be another way to
handle the Monkeysphere problem.  Should I work on that this week?

I imagine the boxes would come pre-installed.  What use case wouldn't
that cover?  Did you mean "initial configuration" instead of
installation?  If so, then yes, I agree that a wifi access point would
be a good first configuration.  Just in case users are particularly
concerned about their security, we might want to allow users to disable
the WAP when requesting their plug (allowing configuration only over
ethernet) or password the WAP before it's configured (with the password
written on an included index-card).

It should be able to function as both a device on a network with a
router and as router on its own.  You know, being multi-function and
all.

Nick


pgpF4fzKbh92U.pgp
Description: PGP signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Bjarni Rúnar Einarsson]

On Sat, Jul 7, 2012 at 1:25 PM, Michiel de Jong  wrote:
> On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch  wrote:
>> - with PageKite, this probably leads to registering a domain name for a box.
>> as this is how the regular web works, normal browser/http-client can access
>> the page/service.
>
> or subdomain, which saves money.
>
> we could use per-box startssl certs instead of certs on the proxy, but
> if the proxy is the apt server anyway then that does not really
> increase security, and it's annoying that you have to renew them each
> year.
...

Michiel and I discussed this and related issues on IRC a bit
yesterday, and he asked me to summarize the conclusions.  So here
goes...

Goals:
   * Be able to host content on a FreedomBox which is part of the web
   * Be as independent as possible
   * Avoid single-points of failure, security and reliability-wise

Non-goals:
   * Resist attacks/censorship by "government-grade" opponents

The techniques we consider available to us, are traditional static
IPs, PageKite and Tor/Tor2web.  We specifically have Unhosted data in
mind and HTTPS is considered a requirement for that.

After talking back and forth a bit, we came up a few scenarios which
the box can support relatively easily, which should suit different
users' needs to varying degrees:

== Scenario One: Traditional Web ==

   1. Use has a public IP address
   2. User purchases their own domain name, configures it
   3. User obtains SSL certificates

Pros: This is the traditional way hosting on the web has worked, and
it is still arguably the most efficient way to publish content.  Very
decentralized (user depends on DNS provider, security of SSL vendor
and their own ISP, none of which have to be the same for everyone).

Cons: Relatively high barrier, user must be quite technical. No
anonymity. Can not be preconfigured.  Most users have at most 1 public
IP, so at only FreedomBox per household can serve content at a time.

User costs: Domain registration and SSL cert (recurring, estimated
$15/year, cheap domain and free StartSSL cert)


== Scenario Two: Independent PageKite ==

Same as Scenario One, except instead of a public IP, the user connects
to a PageKite relay to expose their web server (using their own
cert/domain and end-to-end HTTPS).

Pros: Mostly compatible with public web. Works for almost all users,
slightly less technical as local network config isn't an issue.
PageKite relay service could be provided either by the pagekite.net
service or a network of peers, user could migrate from one to another
at will.  Provides weak anonymity, as the domain could be registered
anonymously and the PageKite provider provides single layer of
misdirection.

Cons: High barrier, technical user.  End-to-end HTTPS encryption over
PageKite is not supported by some older browsers.  A peer-operated
PageKite relay network does not exist, so currently the only option is
to pay pagekite.net (about $3/month) or run your own relay on a VPS
($5-20/month).

User costs: Domain registration and SSL cert, PageKite subscription
(recurring, estimated $50/year (see below, re. PK pricing))


== Scenario Three: Prepackaged Domain/SSL/PageKite ==

A variation on the above two, where instead of the user registering
their own domain and SSL certificate, both are provided preconfigured
on the FreedomBox itself by the distributor.  A PageKite account could
be included/preconfigured as well.

Pros: A "plug and play" solution, especially if PageKite is included.
Compatible with the public web.

Cons: Requires the user have a public IP.  The FreedomBox distributor
becomes a "single point of attack" as they have a central list of
which domain belongs to which user.  The distributor is also in a
position which allows them to issue new certs and MITM attack users
without their knowledge.

User costs: Domain registration and SSL cert, maybe PageKite
subscription (recurring, estimated $15-50/year).  First year maybe
included in price of the box?


== Scenario Four: Prepackaged PageKite/MITM SSL ===

Same as Scenario three, but without including a domain name or cert
(uses a subdomain from the PageKite service or some other friendly
org.)  The boxes will be configured to relay through servers which do
"man in the middle" SSL using a wild-card certificate.

Pros: Plug and play.  Weak anonymity. Mostly web compatible.

Cons: User depends on the PageKite service for their identity (domain)
and security.

User costs: PageKite subscription (recurring, estimated $36/year).
First year maybe included in price of the box?

(Note: This number can be massaged a bit as I control the PageKite
pricing scheme and I want to support these projects for idealistic
reasons - I just need to not be losing lots of money on this. If we
guarantee users aren't transferring massive amounts of bandwidth, this
number can go down quite a bit.)


== Scenario Five: Tor/Tor2web ==

This scenario assumes the box's services are published as Tor Hidden
Services only.

Pros: Plug an

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

On Fri, Jul 6, 2012 at 6:45 PM, Michiel de Jong wrote:

> On Fri, Jul 6, 2012 at 3:16 PM, Nick M. Daly 
> wrote:
> > I haven't actually given a lot of thought to the box as a wireless host.
> > Most of my thinking has been using it as a host through the wild
> > intertubes.
>
> by wireless host do you mean client or access point? i think the
> freedombox can be connected to the existing router with a network
> cable, and then itself become a second access point.
>
> I see two options:
>
> - the freedombox emits a wifi signal
> or:
> - the freedombox sits inbetween the wifi router and the wall
>
> if additionally you can pull a network cable from your laptop to the
> freedombox, then that's nice to have for power users, but the wifi
> signal is what people use - network cables are very 2007 IMHO. if
> there is doubt about this then i'll do some street research, but i
> think only power users still use them for 'the last meter' so to
> speak.
>
> > There are a couple ways we could go here.
> >
> > 1. Replace your router with a FreedomBox.  Technically, always possible,
> >though ISPs might get irritated.
>
> i don't care about ISP irritation, but chances are if you plug the DSL
> line into the freedombox, that simply nothing will happen. ISPs have
> all sorts of proprietary things going on there afaik. i think some
> even do remote firmware upgrades. i guess that's also what you meant
> with this point. so i don't think replacing the ISP-provided router is
> an option really.
>

Ya I agree..
Of course sometimes you hear the question, why do I need another box, why
can't I just use my existing router.
But it really seems impossible to work with all the ISP specific details.


> > 2. Co-mingle your FBX and router.  If people understand wifi, they'll
> >also understand multiple signals.  As long as the FBX is an effective
> >proxy, I'm not worried about it, technically.  Socially, though, it's
> >a weird thing: "You mean I have to click that wifi button *every
> >time* I want privacy?!"
>
> most laptops will i think pick whichever signal is the strongest, and
> even switch dynamically. so yes, they would have to disconfigure their
> old wifi signal and get it out of the way.
>
> >Ideally, people would just move away from their router's networks
> >altogether and push all their client devices' communications through
> >the FBX.
>
> yeah, that's doable though, i think.
>
> if i understand correctly this explains that it's possible to make for
> instance a dreamplug become a wifi ap:
> http://www.spinifex.com.au/plugs/dphowtowifiap.html
>

Yes that's what I had always been assuming.
You connect your FreedomBox to your ISP router with a cable.
And then you connect to your FreedomBox' Wifi.

Then your "Internet" works just like before, except that you can now use
all the FreedomBox features.

dnsmasq intercepts the "freedombox" name which you just type into your
browser to access Plinth..

There has been an issue with AP mode working only with the proprietary
Marvell drivers, not with open source drivers.
Not sure what's the current status of this, if I remember correctly it
depends on which one of the network interfaces is in the box (mwifiex,
libertas, ..)

>
> > I'm a little leery of asking users to sign up for a service on a device
> > that's designed to let them host their own services.  It seems
> > internally inconsistent.  I don't think I have anything against offering
> > it as an option, but it shouldn't be the only one.
>
> i see your point, but what alternative do you see? if you want to
> offer any form of web presence, you need an IP address with a DNS
> domain pointing to it. the box needs to dial up to some sort of name
> service to announce where it is today. this can be either a DNS server
> or a (network of) reverse proxy(s) if you're on a dynamically assigned
> own IP. If you're behind NAT, then only a (network of) reverse
> proxy(s) can help you. The proposed DHT which resolves names to onion
> addresses is effectively a network of revers proxies too, and is not
> something we currently have working in production even on normal
> laptops afaik.
>
> > We should also
> > listen to Zooko's advice and allow the folks who want to attach a GB -
> > TB scale device to host their own storage provider and contribute to a
> > (self-encrypted) shared FBX storage grid.  I guess it's mostly a
> > question of which one gets done when.
>
> yes, that's the important question here i think. i'm all for it, in
> fact i think we should implement brokep's idea of buying .p2p as a top
> level domain, putting DHT-based DNS on it, and using that for
> everything. but my prediction is if it's not something we have working
> on our own normal PCs now, then it's not going to be easy to add it to
> the freedombox out of nowhere.
>
>
> > Apt seems to work pretty well for the rest of the distribution.
>
> yeah, that seems reasonable. if we already trust a reverse proxy
> somewhere in the cloud

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

On Fri, Jul 6, 2012 at 2:16 PM, Nick M. Daly  wrote:

> Thanks for discussing this, you both raise a lot of good points, and I
> have a couple questions.
>
> On Tue, 3 Jul 2012 16:25:16 +0200, Markus Sabadello wrote:
> > On Tue, Jul 3, 2012 at 8:59 AM, Michiel de Jong wrote:
> > >
> > > So even though ownCloud has a nicer interface than pyUnhosted,
> > > getting apache, sqlite, GD, php5 and ownCloud 4.0.4 all on a device
> > > with basically the power of a smartphone might be a bit ambitious...
> > >
> > > So let me think about what steps we would need:
> > >
> > > - add pagekite and pyUnhosted to the image.
>
> Easy, given this week's weekly-image changes.  See:
>
> freedom-maker/bin/projects
>
> > > - pyUnhosted ... piped somehow to plinth
>
> Wordpress on Debian has actually solved this for us.  See:
>
> /usr/share/doc/wordpress/examples/setup-mysql
>
> They dump the credentials to a file with the right permissions and
> ownership and use that as the permanent data store.
>
> > > - become the default proxy for all devices on the wifi...?
> >
> > My understanding is that it would be a transparent proxy... they get
> > privoxyfied automatically if they use the FreedomBox wifi.
>
> I haven't actually given a lot of thought to the box as a wireless host.
> Most of my thinking has been using it as a host through the wild
> intertubes.
>
> On Tue, 3 Jul 2012 16:45:43 +0200, Markus Sabadello wrote:
> > Of course then people would have 2 wifis, not sure if that's good or bad.
> > Good, because I think it would easily work with the setup that most
> people
> > have at home.
> > Good also, because you can always choose to NOT use the FreedomBox.
> > Bad, because it might be a more complex setup than it needs to be.
>
> There are a couple ways we could go here.
>
> 1. Replace your router with a FreedomBox.  Technically, always possible,
>though ISPs might get irritated.
>
> 2. Co-mingle your FBX and router.  If people understand wifi, they'll
>also understand multiple signals.  As long as the FBX is an effective
>proxy, I'm not worried about it, technically.  Socially, though, it's
>a weird thing: "You mean I have to click that wifi button *every
>time* I want privacy?!"
>
>Ideally, people would just move away from their router's networks
>altogether and push all their client devices' communications through
>the FBX.
>
> > > on first use, you would have to opt-in to setting up the public
> > > interface to your remoteStorage...  we would have to set up said
> > > service, with for instance a 5-year plan included in the purchase of
> > > the off-the-shelf device...  if we can resolve the first-use/wifi
> > > question then i think putting a box with privoxy +
> > > remoteStorage-through-pagekite on the market should be achievable.
>
> I'm a little leery of asking users to sign up for a service on a device
> that's designed to let them host their own services.  It seems
> internally inconsistent.  I don't think I have anything against offering
> it as an option, but it shouldn't be the only one.  We should also
> listen to Zooko's advice and allow the folks who want to attach a GB -
> TB scale device to host their own storage provider and contribute to a
> (self-encrypted) shared FBX storage grid.  I guess it's mostly a
> question of which one gets done when.
>
> > We should also have some updating mechanism...
> > 1. When the FreedomBox boots, it checks if a certain file (together with
> a
> > signature) is present on an attached USB drive.
> > 2. If yes, and if the user enters their password, that file is executed
> and
> > can update the box.
>
> Why reinvent the wheel when we already have Debian's updating system?
> Apt seems to work pretty well for the rest of the distribution.  Any
> reasons it won't work here?
>

Good point. Yeah I agree the standard updating mechanism should be used.
That would be presented through Plinth, right?
I.e.  there would be a button saying "Update my FreedomBox"?

Maybe the ability to stick a USB-drive-with-update-file into the box would
still make sense.
Kind of a backup recovery-mode option in case something went wrong with the
box?

Nick
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch  wrote:
> - with PageKite, this probably leads to registering a domain name for a box.
> as this is how the regular web works, normal browser/http-client can access
> the page/service.

or subdomain, which saves money.

we could use per-box startssl certs instead of certs on the proxy, but
if the proxy is the apt server anyway then that does not really
increase security, and it's annoying that you have to renew them each
year.

> - with Tor HS, no need to register a domain. as long as you don't loose the
> private-key you keep the same .onion address. to access the page/service,
> you need a Tor-Browser, Tor-Proxy or go via tor2web though.

for mainstream users that would mean going via tor2web, so effectively
still a reverse proxy setup. also, the Tor-based setup is not
something we have working in production right now on normal Debian
PCs, so unlike the pagekite-based setup, it's not readily packageable

>
> as i understand the proposition, the focus is on allowing unhosted-apps
> (JavaScript in an ordinary webbrowser) to access the fbx.

yes, that would be one functionality, the other would be privoxy when
accessing the internet from within the box's wifi range.

> maybe an
> unhosted-app could try first the .onion address directly (which succeeds if
> a tor-proxy is used) and fallback on tor2web if necessary?

if you tell an unhosted web app that you want to connect your remote
storage on an onion address, then it will try to do cross-origin XHR
to that onion address, yes. it will go to whatever address you give
it.

i think the main point (for me, at least) is that we want to get a
2013 version out there now, that has functionality for a mainstream
user. It would then be updateable through apt as soon as we have more
better things working, and then the 2014 version can have full
FreedomBuddy-based onion routing.

my main open questions for the pagekite-based setup we're proposing
are if it makes sense to put ssl-certs on the boxes (i have a feeling
that it doesn't), and how we want to do the installation (i think the
best way is to connect it via ethernet to the existing ISP-supplied
router, and make it emit a wifi access point).

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michael Rauch]

On 07/06/2012 06:45 PM, Michiel de Jong wrote:

On Fri, Jul 6, 2012 at 3:16 PM, Nick M. Daly  wrote:

I'm a little leery of asking users to sign up for a service on a device
that's designed to let them host their own services.  It seems
internally inconsistent.  I don't think I have anything against offering
it as an option, but it shouldn't be the only one.


i see your point, but what alternative do you see? if you want to
offer any form of web presence, you need an IP address with a DNS
domain pointing to it. the box needs to dial up to some sort of name
service to announce where it is today. this can be either a DNS server
or a (network of) reverse proxy(s) if you're on a dynamically assigned
own IP. If you're behind NAT, then only a (network of) reverse
proxy(s) can help you. The proposed DHT which resolves names to onion
addresses is effectively a network of revers proxies too, and is not
something we currently have working in production even on normal
laptops afaik.


to be able to deal with NAT, which is probably the most common setup found in 
regular users homes, using reverse proxy seems to be a must.

i don't know of any other readily available solution besides PageKite and Tor 
hidden services to do this. i assume that we want a fbx to have a durable name 
by which they can be found, so;
- with PageKite, this probably leads to registering a domain name for a box. as 
this is how the regular web works, normal browser/http-client can access the 
page/service.
- with Tor HS, no need to register a domain. as long as you don't loose the 
private-key you keep the same .onion address. to access the page/service, you 
need a Tor-Browser, Tor-Proxy or go via tor2web though.

in the long run, i would prefer something like FreedomBuddy as Tor HS in the 
role of a gatekeeper. this frees from registering a domain name and still gets 
you a durable name/address. further, it gives the service provider more 
anonymity and FreedomBuddy can do access-control before revealing service 
endpoints to clients (either connections through Tor network or direct 
connections).

a simpler version of this gatekeeper could be a Tor HS 'entry-point' that 
simply http-redirects to yourname.pagekite.me upon successful authentication 
and access-control (e.g. with username/pass).

as i understand the proposition, the focus is on allowing unhosted-apps 
(JavaScript in an ordinary webbrowser) to access the fbx. maybe an unhosted-app 
could try first the .onion address directly (which succeeds if a tor-proxy is 
used) and fallback on tor2web if necessary?


cheers!
michael

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Ian Sullivan]

On 07/06/2012 12:45 PM, Michiel de Jong wrote:
>> I'm a little leery of asking users to sign up for a service on a device
>> > that's designed to let them host their own services.  It seems
>> > internally inconsistent.  I don't think I have anything against offering
>> > it as an option, but it shouldn't be the only one.
>
> i see your point, but what alternative do you see? if you want to
> offer any form of web presence, you need an IP address with a DNS
> domain pointing to it. the box needs to dial up to some sort of name
> service to announce where it is today. this can be either a DNS server
> or a (network of) reverse proxy(s) if you're on a dynamically assigned
> own IP. If you're behind NAT, then only a (network of) reverse
> proxy(s) can help you. The proposed DHT which resolves names to onion
> addresses is effectively a network of revers proxies too, and is not
> something we currently have working in production even on normal
> laptops afaik.
> 

I don't see anything wrong with setting up such a service as long as we
work towards making it possible for others to set them up too. I have a
publicly virtual machine with a v4 address that I would love to use as a
dynamicDNS provider for my freedombox trapped behind cable company NAT.
Others may be able to more easily buy a static address from their ISP
directly and use their freedombox itself as a dynamicDNS server for
friends with their own freedomboxes. If everyone with a route-able
address can run such a service for the people in their lives who trust
them to run it then it actually seems pretty natural to me that
community non-profits like the freedombox foundation or Debian itself
would start running such services for their communities.

-Ian

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Fri, Jul 6, 2012 at 3:16 PM, Nick M. Daly  wrote:
> I haven't actually given a lot of thought to the box as a wireless host.
> Most of my thinking has been using it as a host through the wild
> intertubes.

by wireless host do you mean client or access point? i think the
freedombox can be connected to the existing router with a network
cable, and then itself become a second access point.

I see two options:

- the freedombox emits a wifi signal
or:
- the freedombox sits inbetween the wifi router and the wall

if additionally you can pull a network cable from your laptop to the
freedombox, then that's nice to have for power users, but the wifi
signal is what people use - network cables are very 2007 IMHO. if
there is doubt about this then i'll do some street research, but i
think only power users still use them for 'the last meter' so to
speak.

> There are a couple ways we could go here.
>
> 1. Replace your router with a FreedomBox.  Technically, always possible,
>though ISPs might get irritated.

i don't care about ISP irritation, but chances are if you plug the DSL
line into the freedombox, that simply nothing will happen. ISPs have
all sorts of proprietary things going on there afaik. i think some
even do remote firmware upgrades. i guess that's also what you meant
with this point. so i don't think replacing the ISP-provided router is
an option really.

> 2. Co-mingle your FBX and router.  If people understand wifi, they'll
>also understand multiple signals.  As long as the FBX is an effective
>proxy, I'm not worried about it, technically.  Socially, though, it's
>a weird thing: "You mean I have to click that wifi button *every
>time* I want privacy?!"

most laptops will i think pick whichever signal is the strongest, and
even switch dynamically. so yes, they would have to disconfigure their
old wifi signal and get it out of the way.

>Ideally, people would just move away from their router's networks
>altogether and push all their client devices' communications through
>the FBX.

yeah, that's doable though, i think.

if i understand correctly this explains that it's possible to make for
instance a dreamplug become a wifi ap:
http://www.spinifex.com.au/plugs/dphowtowifiap.html

>
> I'm a little leery of asking users to sign up for a service on a device
> that's designed to let them host their own services.  It seems
> internally inconsistent.  I don't think I have anything against offering
> it as an option, but it shouldn't be the only one.

i see your point, but what alternative do you see? if you want to
offer any form of web presence, you need an IP address with a DNS
domain pointing to it. the box needs to dial up to some sort of name
service to announce where it is today. this can be either a DNS server
or a (network of) reverse proxy(s) if you're on a dynamically assigned
own IP. If you're behind NAT, then only a (network of) reverse
proxy(s) can help you. The proposed DHT which resolves names to onion
addresses is effectively a network of revers proxies too, and is not
something we currently have working in production even on normal
laptops afaik.

> We should also
> listen to Zooko's advice and allow the folks who want to attach a GB -
> TB scale device to host their own storage provider and contribute to a
> (self-encrypted) shared FBX storage grid.  I guess it's mostly a
> question of which one gets done when.

yes, that's the important question here i think. i'm all for it, in
fact i think we should implement brokep's idea of buying .p2p as a top
level domain, putting DHT-based DNS on it, and using that for
everything. but my prediction is if it's not something we have working
on our own normal PCs now, then it's not going to be easy to add it to
the freedombox out of nowhere.


> Apt seems to work pretty well for the rest of the distribution.

yeah, that seems reasonable. if we already trust a reverse proxy
somewhere in the cloud then there is no reason to not also trust an
apt server (probably that same host can fulfill both functions).


cheers!
Michiel

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Nick M. Daly]

Thanks for discussing this, you both raise a lot of good points, and I
have a couple questions.

On Tue, 3 Jul 2012 16:25:16 +0200, Markus Sabadello wrote:
> On Tue, Jul 3, 2012 at 8:59 AM, Michiel de Jong wrote:
> >
> > So even though ownCloud has a nicer interface than pyUnhosted,
> > getting apache, sqlite, GD, php5 and ownCloud 4.0.4 all on a device
> > with basically the power of a smartphone might be a bit ambitious...
> >
> > So let me think about what steps we would need:
> >
> > - add pagekite and pyUnhosted to the image.

Easy, given this week's weekly-image changes.  See:

freedom-maker/bin/projects

> > - pyUnhosted ... piped somehow to plinth

Wordpress on Debian has actually solved this for us.  See:

/usr/share/doc/wordpress/examples/setup-mysql

They dump the credentials to a file with the right permissions and
ownership and use that as the permanent data store.

> > - become the default proxy for all devices on the wifi...?
>
> My understanding is that it would be a transparent proxy... they get
> privoxyfied automatically if they use the FreedomBox wifi.

I haven't actually given a lot of thought to the box as a wireless host.
Most of my thinking has been using it as a host through the wild
intertubes.

On Tue, 3 Jul 2012 16:45:43 +0200, Markus Sabadello wrote:
> Of course then people would have 2 wifis, not sure if that's good or bad.
> Good, because I think it would easily work with the setup that most people
> have at home.
> Good also, because you can always choose to NOT use the FreedomBox.
> Bad, because it might be a more complex setup than it needs to be.

There are a couple ways we could go here.

1. Replace your router with a FreedomBox.  Technically, always possible,
   though ISPs might get irritated.

2. Co-mingle your FBX and router.  If people understand wifi, they'll
   also understand multiple signals.  As long as the FBX is an effective
   proxy, I'm not worried about it, technically.  Socially, though, it's
   a weird thing: "You mean I have to click that wifi button *every
   time* I want privacy?!"

   Ideally, people would just move away from their router's networks
   altogether and push all their client devices' communications through
   the FBX.

> > on first use, you would have to opt-in to setting up the public
> > interface to your remoteStorage...  we would have to set up said
> > service, with for instance a 5-year plan included in the purchase of
> > the off-the-shelf device...  if we can resolve the first-use/wifi
> > question then i think putting a box with privoxy +
> > remoteStorage-through-pagekite on the market should be achievable.

I'm a little leery of asking users to sign up for a service on a device
that's designed to let them host their own services.  It seems
internally inconsistent.  I don't think I have anything against offering
it as an option, but it shouldn't be the only one.  We should also
listen to Zooko's advice and allow the folks who want to attach a GB -
TB scale device to host their own storage provider and contribute to a
(self-encrypted) shared FBX storage grid.  I guess it's mostly a
question of which one gets done when.

> We should also have some updating mechanism...
> 1. When the FreedomBox boots, it checks if a certain file (together with a
> signature) is present on an attached USB drive.
> 2. If yes, and if the user enters their password, that file is executed and
> can update the box.

Why reinvent the wheel when we already have Debian's updating system?
Apt seems to work pretty well for the rest of the distribution.  Any
reasons it won't work here?

Nick


pgpLQ781iwowg.pgp
Description: PGP signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Fri, Jul 6, 2012 at 2:27 PM, Melvin Carvalho
 wrote:
> If remotestorage is simply going to put a blob in a location ... ie the
> equivalent of autosave ... it's going to be a very useful tool for some web
> apps, but it makes little sense on a freedombox, imho.

yes, our remoteStorage.js library stores all data as json-ld, except
for media like images.

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 1 July 2012 23:17, Michiel de Jong  wrote:

> IMO, applications support linked data, storage servers do not. Asking
> if a storage server supports linked data is a bit like asking whether
> a certain hard drive supports pdf. :)
>
> Having said that, there are always connotations, and that is probably
> what you are both referring to - so for instance, if you ask if the
> remoteStorage protocol supports ACLs based on client-side
> certificates, or SPARQL queries, the answer is no.
>
> We are however in the process of writing the data module for the
> client-side library (remoteStorage.js), and they will all use linked
> data at their core (specifically, json-ld).
>

I do agree that it's useful to have client side data in structured form.

However, it's more important to have structured data on back end.

If remotestorage is simply going to put a blob in a location ... ie the
equivalent of autosave ... it's going to be a very useful tool for some web
apps, but it makes little sense on a freedombox, imho.

Consider modern (or even less modern) databases.  They can handle a blob in
a field.  But it's much better to use a table with fields, as this enables
querying, cross referencing, federation and all those good things.

I can see a great dyndns solution being VERY valuable to freedombox.  If
pagekite can provide that, it's a huge win.


>
>
> hth,
> Michiel
>
> On Mon, Jul 2, 2012 at 12:03 AM, Markus Sabadello
>  wrote:
> >
> > On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho <
> melvincarva...@gmail.com>
> > wrote:
> >>
> >>
> >>
> >> On 1 July 2012 19:44, Markus Sabadello 
> wrote:
> >>>
> >>> Yes, having your own data on the FreedomBox via remoteStorage is
> exactly
> >>> the core of the proposal.
> >>> That, plus potentially integration with the FunkFeuer community
> wireless
> >>> network in Vienna.
> >>>
> >>> Okay I have to say this..
> >>> We haven't submitted the proposal yet.
> >>> If for some reason this is not a good idea,
> >>> if this looks like an attempt to "hijack" FreedomBox, or "capitalize"
> on
> >>> it, or anything like that,
> >>> if there already is some sort of relationship between FreedomBox and
> >>> Access that makes this proposal pointless,
> >>> then we don't have to submit it.
> >>>
> >>> It was just an idea we came up with.
> >>> It would effectively show ONE thing the FreedomBox could do (out of
> many
> >>> ideas, including social networking).
> >>> It would show how different projects (FreedomBox, Unhosted, PageKite,
> >>> FunkFeuer) could complement each other.
> >>>
> >>> I think we should at least wait until the hackfest is over, maybe
> longer,
> >>> before we submit it.
> >>
> >>
> >> Makes sense to wait for feedback from the hackfest.
> >>
> >> Storing my own data (on my own box) is something I find very
> interesting.
> >> But as far as I know I'm one of the only people that does that.
> >>
> >> Im curious as to what solutions you might suggest for the data storage,
> >> and what features are avaiable?  ( personally I use data.fm )
> >
> >
> > Hmm we would want to be compatible with Unhosted's remoteStorage API,
> which
> > does not include Linked Data.
> > ownCloud might be an obvious option, but that's PHP.
> > Bjarni wrote a simple implementation of remoteStorage in Python (here),
> > which might fit in better with other Python-based FreedomBox components,
> but
> > that's more limited than ownCloud.
> >
> > Please correct me if I'm wrong, but data.fm is read/write Linked Data
> and
> > not compatible with Unhosted's remoteStorage, right?
> >
> > In any case, the FreedomBox will need a flexible storage API for the
> various
> > apps that would run on it.
> >
> > Perhaps it could support ownCloud/remoteStorage on one hand, but also
> > read/write Linked Data like data.fm, which would be like what WebBox is
> also
> > all about, as I understand.
> > Perhaps remoteStorage could be modified to also work with data.fm, I
> don't
> > know that.
> >
> >>
> >>>
> >>>
> >>> Markus
> >>>
> >>>
> >>> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho
> >>>  wrote:
> 
> 
> 
>  On 30 June 2012 14:07, Markus Sabadello 
>  wrote:
> >
> > To be honest, I have never built a Debian package nor am I deeply
> > familiar with the process.
> >
> > But all the pieces we're considering have Debian packages, i.e.
> > PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
> > considered a number of times on this list already.
> >
> > There really isn't much new about the proposal, just to help
> assemble a
> > few things to the point where they can be demo'd at events and
> understood by
> > end-users.
> > It would help show the public that FreedomBox is real..
> 
> 
>  Thanks for the response.  A couple of questions about the proposal:
> 
>  Is the idea here to save your own data (ie remote storage) on your
>  freedom box?
> 
>  Would a minimal viable product, to demo FreedomBox, 

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Tue, Jul 3, 2012 at 5:45 PM, Markus Sabadello
 wrote:
> On Tue, Jul 3, 2012 at 4:38 PM, Michiel de Jong 
> wrote:
>> On Tue, Jul 3, 2012 at 5:25 PM, Markus Sabadello
>>  wrote:
>> > My understanding is that it would be a transparent proxy, i.e. it
>> > captures
>> > all connections.
>> > So you don't have to configure anything on the client devices, they get
>> > privoxyfied automatically if they use the FreedomBox wifi.
>>
>> OK, so do i understand correctly that the hardware we're targetting
>> will emit a wifi signal? Presumably a person who buys a freedombox,
>> already has a router at home with wifi and probably also between 1 and
>> 4 ethernet sockets. How will they deploy the freedombox? link the
>> freedombox and the router by ethernet (i guess that would dhcp without
>> need for any config on most routers, right?), and reconfigure their
>> laptop and phone to forget the old wifi network and start to use the
>> new freedombox wifi?
>
> Hmm yeah I think that's how I imagined it.
> Of course then people would have 2 wifis, not sure if that's good or bad.
> Good, because I think it would easily work with the setup that most people
> have at home.
> Good also, because you can always choose to NOT use the FreedomBox.
> Bad, because it might be a more complex setup than it needs to be.
> Anyway I would be interested in Nick's opinion.
> Guess there is some overlap with the other thread here (FreedomBox as home
> router).

any decision on this? will we target hardware that is capable of
emitting a (second) wifi signal in the home?

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

On Tue, Jul 3, 2012 at 4:38 PM, Michiel de Jong wrote:

> On Tue, Jul 3, 2012 at 5:25 PM, Markus Sabadello
>  wrote:
> > My understanding is that it would be a transparent proxy, i.e. it
> captures
> > all connections.
> > So you don't have to configure anything on the client devices, they get
> > privoxyfied automatically if they use the FreedomBox wifi.
>
> OK, so do i understand correctly that the hardware we're targetting
> will emit a wifi signal? Presumably a person who buys a freedombox,
> already has a router at home with wifi and probably also between 1 and
> 4 ethernet sockets. How will they deploy the freedombox? link the
> freedombox and the router by ethernet (i guess that would dhcp without
> need for any config on most routers, right?), and reconfigure their
> laptop and phone to forget the old wifi network and start to use the
> new freedombox wifi?
>

Hmm yeah I think that's how I imagined it.
Of course then people would have 2 wifis, not sure if that's good or bad.
Good, because I think it would easily work with the setup that most people
have at home.
Good also, because you can always choose to NOT use the FreedomBox.
Bad, because it might be a more complex setup than it needs to be.
Anyway I would be interested in Nick's opinion.
Guess there is some overlap with the other thread here (FreedomBox as home
router).

 > Idealistic as it may be, I don't think the open WiFi movement is
> appealing
>
> hm, it was worth a try ;)
>
> > So we could start shipping simple Privoxy+remoteStorage+PageKite boxes
> now,
> > and in a year or so we could tell people to download the update file and
> > stick it into their box.
>
> sounds like a plan to me :)
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Tue, Jul 3, 2012 at 5:25 PM, Markus Sabadello
 wrote:
> My understanding is that it would be a transparent proxy, i.e. it captures
> all connections.
> So you don't have to configure anything on the client devices, they get
> privoxyfied automatically if they use the FreedomBox wifi.

OK, so do i understand correctly that the hardware we're targetting
will emit a wifi signal? Presumably a person who buys a freedombox,
already has a router at home with wifi and probably also between 1 and
4 ethernet sockets. How will they deploy the freedombox? link the
freedombox and the router by ethernet (i guess that would dhcp without
need for any config on most routers, right?), and reconfigure their
laptop and phone to forget the old wifi network and start to use the
new freedombox wifi?

> Idealistic as it may be, I don't think the open WiFi movement is appealing

hm, it was worth a try ;)

> So we could start shipping simple Privoxy+remoteStorage+PageKite boxes now,
> and in a year or so we could tell people to download the update file and
> stick it into their box.

sounds like a plan to me :)

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

On Tue, Jul 3, 2012 at 8:59 AM, Michiel de Jong wrote:

> This is great stuff!
>
> On Tue, Jul 3, 2012 at 5:29 AM, Nick M. Daly 
> wrote:
> > I'd *love* to see Tor and PageKite in the default image.  I don't know
> > if there'll be time/expertise to get Tor into the image before EOY, but
> > we should be able to include PageKite, if nothing else.  Bjarni's two
> > line install instructions are confounding! :)
> >
> > Nick
> >
> > 0: http://github.com/nickdaly/freedom-maker
> >
> > 1: http://github.com/nickdaly/plinth
> >
> > 2: http://github.com/nickdaly/freedombox-privoxy
>
> So even though ownCloud has a nicer interface than pyUnhosted, getting
> apache, sqlite, GD, php5 and ownCloud 4.0.4 all on a device with
> basically the power of a smartphone might be a bit ambitious. Also,
> the whole point of the remoteStorage web architecture is that the
> storage is just dumb storage and that all functionality and actual
> niceness is in unhosted web apps to which you connect your
> remoteStorage dynamically, instead of doing server-side webpage
> generation.
>
> So let me think about what steps we would need:
>
> - add pagekite and pyUnhosted to the image.
>
> - right now pyUnhosted outputs information (including the password you
> need) to the console. that should be piped somehow to plinth, so that
> the user can actually see it.
>
> - IIUC, for privoxy to work out of the box, we still need a way for
> the freedombox to become the default proxy for all devices on the
> wifi. how does that work?


My understanding is that it would be a transparent proxy, i.e. it captures
all connections.
So you don't have to configure anything on the client devices, they get
privoxyfied automatically if they use the FreedomBox wifi.

The easiest UI for this would be if the
> freedombox emits a wifi signal. people will understand that. If the
> freedombox only lets through https and ssh traffic, then this wifi
> signal can be unencrypted, like for instance the wifi signal at fosdem
> or other big conferences, so we help with the open wifi movement
> http://www.dslreports.com/shownews/EFF-Pushes-For-Open-WiFi-Movement-114016
> by default (of course if the user is opposed to bandwidth altruism for
> some reason then they should be able to switch it off in plinth). If
> the freedombox does not emit its own wifi single, then i cannot see an
> easy first-use experience, but maybe i'm missing something.
>

Idealistic as it may be, I don't think the open WiFi movement is appealing
to the mainstream of Internet users. I think we'll get into all sorts of
troubles and liabilities if we ship FreedomBox'es with open WiFi. Of course
it could be optional, but I don't think it should be the default.

- on first use, you would have to opt-in to setting up the public
> interface to your remoteStorage. so plinth would need a screen that
> say "choose your username and password at freedomstorage.org (or
> whatever we call it)", and from that moment on, it would be dialled in
> there, and ready for connecting your freedombox to unhosted web apps
> as remoteStorage.
>

Sounds good to me, yeah the user will have to choose their PageKite name
(and maybe be allowed to later change it? or add multiple names?)


> - we would have to set up said service, with for instance a 5-year
> plan included in the purchase of the off-the-shelf device. i know this
> proposal is only for creating the disk image, but we should also set
> up a pre-order production chain. As soon as 100 orders are in, we just
> organize a flashing-weekend, flash 100 devices in an afternoon, and
> ship them.
>

Sounds great.

- if we can resolve the first-use/wifi question then i think putting a
> box with privoxy+remoteStorage-through-pagekite on the market should
> be achievable.
>

We should also have some updating mechanism.
Ideally, we would have a FreedomAppStore where you can download additional
functionality, but that may be too hard for now, and a bit risky from a
security perspective.

A simple future-ready updating mechanism could be:
1. When the FreedomBox boots, it checks if a certain file (together with a
signature) is present on an attached USB drive.
2. If yes, and if the user enters their password, that file is executed and
can update the box.

So we could start shipping simple Privoxy+remoteStorage+PageKite boxes now,
and in a year or so we could tell people to download the update file and
stick it into their box.
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

This is great stuff!

On Tue, Jul 3, 2012 at 5:29 AM, Nick M. Daly  wrote:
> I'd *love* to see Tor and PageKite in the default image.  I don't know
> if there'll be time/expertise to get Tor into the image before EOY, but
> we should be able to include PageKite, if nothing else.  Bjarni's two
> line install instructions are confounding! :)
>
> Nick
>
> 0: http://github.com/nickdaly/freedom-maker
>
> 1: http://github.com/nickdaly/plinth
>
> 2: http://github.com/nickdaly/freedombox-privoxy

So even though ownCloud has a nicer interface than pyUnhosted, getting
apache, sqlite, GD, php5 and ownCloud 4.0.4 all on a device with
basically the power of a smartphone might be a bit ambitious. Also,
the whole point of the remoteStorage web architecture is that the
storage is just dumb storage and that all functionality and actual
niceness is in unhosted web apps to which you connect your
remoteStorage dynamically, instead of doing server-side webpage
generation.

So let me think about what steps we would need:

- add pagekite and pyUnhosted to the image.

- right now pyUnhosted outputs information (including the password you
need) to the console. that should be piped somehow to plinth, so that
the user can actually see it.

- IIUC, for privoxy to work out of the box, we still need a way for
the freedombox to become the default proxy for all devices on the
wifi. how does that work? The easiest UI for this would be if the
freedombox emits a wifi signal. people will understand that. If the
freedombox only lets through https and ssh traffic, then this wifi
signal can be unencrypted, like for instance the wifi signal at fosdem
or other big conferences, so we help with the open wifi movement
http://www.dslreports.com/shownews/EFF-Pushes-For-Open-WiFi-Movement-114016
by default (of course if the user is opposed to bandwidth altruism for
some reason then they should be able to switch it off in plinth). If
the freedombox does not emit its own wifi single, then i cannot see an
easy first-use experience, but maybe i'm missing something.

- on first use, you would have to opt-in to setting up the public
interface to your remoteStorage. so plinth would need a screen that
say "choose your username and password at freedomstorage.org (or
whatever we call it)", and from that moment on, it would be dialled in
there, and ready for connecting your freedombox to unhosted web apps
as remoteStorage.

- we would have to set up said service, with for instance a 5-year
plan included in the purchase of the off-the-shelf device. i know this
proposal is only for creating the disk image, but we should also set
up a pre-order production chain. As soon as 100 orders are in, we just
organize a flashing-weekend, flash 100 devices in an afternoon, and
ship them.

- if we can resolve the first-use/wifi question then i think putting a
box with privoxy+remoteStorage-through-pagekite on the market should
be achievable.

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Nick M. Daly]

On Mon, 2 Jul 2012 06:10:43 +0300, Michiel de Jong  wrote:
> > If you need help integrating it into the Freedom-Maker repository, so
> > it's installed out of the box, I'd be more than happy to lend a hand.
> > That would be very neat to see working.
> 
> Cool, thanks! looking at
> http://anonscm.debian.org/gitweb/?p=freedombox/freedom-maker.git;a=tree
> it seems to currently have just the OS, right? And reading
> http://freedomboxfoundation.org/code/ it seem that apart from that,
> privoxy and plinth are already on there. Where exactly should we add
> ownCloud (or pyUnhosted, if the lamp stack is too heavy) into that?

Er, kinda.  I've been committing to my own copy of the freedom-maker
tree [0], and including Plinth [1] and FreedomBox-Privoxy [2] in the
constructed image manually.  Look at freedom-maker/mk_dreamplug_rootfs.
You can add ownCloud / pyUnhosted there, or you can wait until this
weekend when I've cleaned up the mk_dreamplug_rootfs file further.

That's kind of my project for this week: clean up freedom-maker as best
I can, so it's easy to build upon.

> Has there been a decision about whether pagekite and owncloud should
> be added to the image? As i said on another thread, i think we should
> either choose to use Tor (probably with exit-node functionality
> disabled by default), or not to use Tor. Has there been a decision
> about that? If not, then now might be as good a time as ever to make a
> few of those decisions. Even if it's just to officially decide that we
> will simply do both versions (one with Tor and one without).

I'd *love* to see Tor and PageKite in the default image.  I don't know
if there'll be time/expertise to get Tor into the image before EOY, but
we should be able to include PageKite, if nothing else.  Bjarni's two
line install instructions are confounding! :)

Nick

0: http://github.com/nickdaly/freedom-maker

1: http://github.com/nickdaly/plinth

2: http://github.com/nickdaly/freedombox-privoxy


pgpBCWnOJ0Dkm.pgp
Description: PGP signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

On Mon, Jul 2, 2012 at 1:23 AM, Nick M. Daly  wrote:
> On Sat, 30 Jun 2012 13:03:59 +0200, Markus Sabadello wrote:
>> They are now calling for proposals for the Access Innovation Prize
>>  where you can win $20k.
>>
>> ...Basically, the idea is that you could use any Unhosted-enabled web
>> application out there, and your data remains on your FreedomBox...
>>
>> What do you think..?
>
> If you need help integrating it into the Freedom-Maker repository, so
> it's installed out of the box, I'd be more than happy to lend a hand.
> That would be very neat to see working.
>
> Nick

Cool, thanks! looking at
http://anonscm.debian.org/gitweb/?p=freedombox/freedom-maker.git;a=tree
it seems to currently have just the OS, right? And reading
http://freedomboxfoundation.org/code/ it seem that apart from that,
privoxy and plinth are already on there. Where exactly should we add
ownCloud (or pyUnhosted, if the lamp stack is too heavy) into that?

Has there been a decision about whether pagekite and owncloud should
be added to the image? As i said on another thread, i think we should
either choose to use Tor (probably with exit-node functionality
disabled by default), or not to use Tor. Has there been a decision
about that? If not, then now might be as good a time as ever to make a
few of those decisions. Even if it's just to officially decide that we
will simply do both versions (one with Tor and one without).


Cheers,
Michiel

___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Nick M. Daly]

On Sat, 30 Jun 2012 13:03:59 +0200, Markus Sabadello wrote:
> They are now calling for proposals for the Access Innovation Prize
>  where you can win $20k.
>
> ...Basically, the idea is that you could use any Unhosted-enabled web
> application out there, and your data remains on your FreedomBox...
> 
> What do you think..?

If you need help integrating it into the Freedom-Maker repository, so
it's installed out of the box, I'd be more than happy to lend a hand.
That would be very neat to see working.

Nick


pgpJ5hXmFArJR.pgp
Description: PGP signature
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 1 July 2012 23:40, Markus Sabadello  wrote:

> I guess one question is whether the FreedomBox should have SPARQL or some
> other semantic query language.
> Or is it good enough to simply be able to get/put entire Linked Data
> documents just like any other files.
>
> I would tend to say it would be nice to have both
>

Makes sense, and any features the data store doesnt have, that people want,
we can just patch

It's much easier to roll out new features to freedombox, for example, than
CouchDB


>
> Markus
>
>
> On Sun, Jul 1, 2012 at 11:23 PM, Melvin Carvalho  > wrote:
>
>>
>>
>> On 1 July 2012 23:03, Markus Sabadello wrote:
>>
>>>
>>> On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho <
>>> melvincarva...@gmail.com> wrote:
>>>


 On 1 July 2012 19:44, Markus Sabadello wrote:

> Yes, having your own data on the FreedomBox via remoteStorage is
> exactly the core of the proposal.
> That, plus potentially integration with the FunkFeuer community
> wireless network in Vienna.
>
> Okay I have to say this..
> We haven't submitted the proposal yet.
> If for some reason this is not a good idea,
> if this looks like an attempt to "hijack" FreedomBox, or "capitalize"
> on it, or anything like that,
> if there already is some sort of relationship between FreedomBox and
> Access that makes this proposal pointless,
> then we don't have to submit it.
>
> It was just an idea we came up with.
> It would effectively show ONE thing the FreedomBox could do (out of many
> ideas,
> including social networking).
> It would show how different projects (FreedomBox, Unhosted, PageKite,
> FunkFeuer) could complement each other.
>
> I think we should at least wait until the hackfest is over, maybe
> longer, before we submit it.
>

 Makes sense to wait for feedback from the hackfest.

 Storing my own data (on my own box) is something I find very
 interesting.  But as far as I know I'm one of the only people that does
 that.

 Im curious as to what solutions you might suggest for the data storage,
 and what features are avaiable?  ( personally I use data.fm )

>>>
>>> Hmm we would want to be compatible with Unhosted's remoteStorage API,
>>> which does not include Linked Data.
>>> ownCloud might be an obvious option, but that's PHP.
>>> Bjarni wrote a simple implementation of remoteStorage in Python 
>>> (here),
>>> which might fit in better with other Python-based FreedomBox components,
>>> but that's more limited than ownCloud.
>>>
>>> Please correct me if I'm wrong, but data.fm is read/write Linked Data
>>> and not compatible with Unhosted's remoteStorage, right?
>>>
>>> In any case, the FreedomBox will need a flexible storage API for the
>>> various apps that would run on it.
>>>
>>> Perhaps it could support ownCloud/remoteStorage on one hand, but also
>>> read/write Linked Data like data.fm, which would be like what WebBox is
>>> also all about, as I understand.
>>> Perhaps remoteStorage could be modified to also work with data.fm, I
>>> don't know that.
>>>
>>
>> I believe all of remotestorage, owncloud and data.fm support WebDAV, so
>> that's perhaps a start.
>>
>> Freedombox has the advantage everyone using the standard package can have
>> a pretty decent data store, rather than, having to cater for many different
>> providers.  These means the lowest common denominator can be that much
>> higher.
>>
>>
>>>
>>>

>>>
> Markus
>
>
> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho <
> melvincarva...@gmail.com> wrote:
>
>>
>>
>> On 30 June 2012 14:07, Markus Sabadello 
>> wrote:
>>
>>> To be honest, I have never built a Debian package nor am I deeply
>>> familiar with the process.
>>>
>>> But all the pieces we're considering have Debian packages, i.e.
>>> PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
>>> considered a number of times on this list already.
>>>
>>> There really isn't much new about the proposal, just to help
>>> assemble a few things to the point where they can be demo'd at events 
>>> and
>>> understood by end-users.
>>> It would help show the public that FreedomBox is real..
>>>
>>
>> Thanks for the response.  A couple of questions about the proposal:
>>
>> Is the idea here to save your own data (ie remote storage) on your
>> freedom box?
>>
>> Would a minimal viable product, to demo FreedomBox, need to contain
>> some kind of social network?
>>
>>
>>> Markus
>>>
>>>
>>> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
>>> melvincarva...@gmail.com> wrote:
>>>


 On 30 June 2012 13:03, Markus Sabadello 
 wrote:

>>>

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

I guess one question is whether the FreedomBox should have SPARQL or some
other semantic query language.
Or is it good enough to simply be able to get/put entire Linked Data
documents just like any other files.

I would tend to say it would be nice to have both

Markus

On Sun, Jul 1, 2012 at 11:23 PM, Melvin Carvalho
wrote:

>
>
> On 1 July 2012 23:03, Markus Sabadello  wrote:
>
>>
>> On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho > > wrote:
>>
>>>
>>>
>>> On 1 July 2012 19:44, Markus Sabadello wrote:
>>>
 Yes, having your own data on the FreedomBox via remoteStorage is
 exactly the core of the proposal.
 That, plus potentially integration with the FunkFeuer community
 wireless network in Vienna.

 Okay I have to say this..
 We haven't submitted the proposal yet.
 If for some reason this is not a good idea,
 if this looks like an attempt to "hijack" FreedomBox, or "capitalize"
 on it, or anything like that,
 if there already is some sort of relationship between FreedomBox and
 Access that makes this proposal pointless,
 then we don't have to submit it.

 It was just an idea we came up with.
 It would effectively show ONE thing the FreedomBox could do (out of many
 ideas,
 including social networking).
 It would show how different projects (FreedomBox, Unhosted, PageKite,
 FunkFeuer) could complement each other.

 I think we should at least wait until the hackfest is over, maybe
 longer, before we submit it.

>>>
>>> Makes sense to wait for feedback from the hackfest.
>>>
>>> Storing my own data (on my own box) is something I find very
>>> interesting.  But as far as I know I'm one of the only people that does
>>> that.
>>>
>>> Im curious as to what solutions you might suggest for the data storage,
>>> and what features are avaiable?  ( personally I use data.fm )
>>>
>>
>> Hmm we would want to be compatible with Unhosted's remoteStorage API,
>> which does not include Linked Data.
>> ownCloud might be an obvious option, but that's PHP.
>> Bjarni wrote a simple implementation of remoteStorage in Python 
>> (here),
>> which might fit in better with other Python-based FreedomBox components,
>> but that's more limited than ownCloud.
>>
>> Please correct me if I'm wrong, but data.fm is read/write Linked Data
>> and not compatible with Unhosted's remoteStorage, right?
>>
>> In any case, the FreedomBox will need a flexible storage API for the
>> various apps that would run on it.
>>
>> Perhaps it could support ownCloud/remoteStorage on one hand, but also
>> read/write Linked Data like data.fm, which would be like what WebBox is
>> also all about, as I understand.
>> Perhaps remoteStorage could be modified to also work with data.fm, I
>> don't know that.
>>
>
> I believe all of remotestorage, owncloud and data.fm support WebDAV, so
> that's perhaps a start.
>
> Freedombox has the advantage everyone using the standard package can have
> a pretty decent data store, rather than, having to cater for many different
> providers.  These means the lowest common denominator can be that much
> higher.
>
>
>>
>>
>>>
>>
 Markus


 On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho <
 melvincarva...@gmail.com> wrote:

>
>
> On 30 June 2012 14:07, Markus Sabadello wrote:
>
>> To be honest, I have never built a Debian package nor am I deeply
>> familiar with the process.
>>
>> But all the pieces we're considering have Debian packages, i.e.
>> PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
>> considered a number of times on this list already.
>>
>> There really isn't much new about the proposal, just to help assemble
>> a few things to the point where they can be demo'd at events and 
>> understood
>> by end-users.
>> It would help show the public that FreedomBox is real..
>>
>
> Thanks for the response.  A couple of questions about the proposal:
>
> Is the idea here to save your own data (ie remote storage) on your
> freedom box?
>
> Would a minimal viable product, to demo FreedomBox, need to contain
> some kind of social network?
>
>
>> Markus
>>
>>
>> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
>> melvincarva...@gmail.com> wrote:
>>
>>>
>>>
>>> On 30 June 2012 13:03, Markus Sabadello wrote:
>>>
 Heya,

 So back in May, when I did a FreedomBox-related 
 demoat
  the Internet Identity Workshop, I was made aware of the Access 
 movement,
 which hosted the recent RightsCon and is also doing a lot of other 
 great
 work.

 They are now calling for

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 1 July 2012 23:03, Markus Sabadello  wrote:

>
> On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho 
> wrote:
>
>>
>>
>> On 1 July 2012 19:44, Markus Sabadello wrote:
>>
>>> Yes, having your own data on the FreedomBox via remoteStorage is exactly
>>> the core of the proposal.
>>> That, plus potentially integration with the FunkFeuer community wireless
>>> network in Vienna.
>>>
>>> Okay I have to say this..
>>> We haven't submitted the proposal yet.
>>> If for some reason this is not a good idea,
>>> if this looks like an attempt to "hijack" FreedomBox, or "capitalize" on
>>> it, or anything like that,
>>> if there already is some sort of relationship between FreedomBox and
>>> Access that makes this proposal pointless,
>>> then we don't have to submit it.
>>>
>>> It was just an idea we came up with.
>>> It would effectively show ONE thing the FreedomBox could do (out of many
>>> ideas,
>>> including social networking).
>>> It would show how different projects (FreedomBox, Unhosted, PageKite,
>>> FunkFeuer) could complement each other.
>>>
>>> I think we should at least wait until the hackfest is over, maybe
>>> longer, before we submit it.
>>>
>>
>> Makes sense to wait for feedback from the hackfest.
>>
>> Storing my own data (on my own box) is something I find very
>> interesting.  But as far as I know I'm one of the only people that does
>> that.
>>
>> Im curious as to what solutions you might suggest for the data storage,
>> and what features are avaiable?  ( personally I use data.fm )
>>
>
> Hmm we would want to be compatible with Unhosted's remoteStorage API,
> which does not include Linked Data.
> ownCloud might be an obvious option, but that's PHP.
> Bjarni wrote a simple implementation of remoteStorage in Python 
> (here),
> which might fit in better with other Python-based FreedomBox components,
> but that's more limited than ownCloud.
>
> Please correct me if I'm wrong, but data.fm is read/write Linked Data and
> not compatible with Unhosted's remoteStorage, right?
>
> In any case, the FreedomBox will need a flexible storage API for the
> various apps that would run on it.
>
> Perhaps it could support ownCloud/remoteStorage on one hand, but also
> read/write Linked Data like data.fm, which would be like what WebBox is
> also all about, as I understand.
> Perhaps remoteStorage could be modified to also work with data.fm, I
> don't know that.
>

I believe all of remotestorage, owncloud and data.fm support WebDAV, so
that's perhaps a start.

Freedombox has the advantage everyone using the standard package can have a
pretty decent data store, rather than, having to cater for many different
providers.  These means the lowest common denominator can be that much
higher.


>
>
>>
>
>>> Markus
>>>
>>>
>>> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho <
>>> melvincarva...@gmail.com> wrote:
>>>


 On 30 June 2012 14:07, Markus Sabadello wrote:

> To be honest, I have never built a Debian package nor am I deeply
> familiar with the process.
>
> But all the pieces we're considering have Debian packages, i.e.
> PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
> considered a number of times on this list already.
>
> There really isn't much new about the proposal, just to help assemble
> a few things to the point where they can be demo'd at events and 
> understood
> by end-users.
> It would help show the public that FreedomBox is real..
>

 Thanks for the response.  A couple of questions about the proposal:

 Is the idea here to save your own data (ie remote storage) on your
 freedom box?

 Would a minimal viable product, to demo FreedomBox, need to contain
 some kind of social network?


> Markus
>
>
> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
> melvincarva...@gmail.com> wrote:
>
>>
>>
>> On 30 June 2012 13:03, Markus Sabadello wrote:
>>
>>> Heya,
>>>
>>> So back in May, when I did a FreedomBox-related 
>>> demoat
>>>  the Internet Identity Workshop, I was made aware of the Access 
>>> movement,
>>> which hosted the recent RightsCon and is also doing a lot of other great
>>> work.
>>>
>>> They are now calling for proposals for the Access Innovation 
>>> Prizewhere you can win $20k.
>>>
>>> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided
>>> to submit a proposal, which would include building a simple FreedomBox
>>> prototype that runs an Unhosted "remoteStorage" component and PageKite 
>>> to
>>> make it accessible from the open web. Also, the idea is to try integrate
>>> FreedomBox with the local Funk

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Michiel de Jong]

IMO, applications support linked data, storage servers do not. Asking
if a storage server supports linked data is a bit like asking whether
a certain hard drive supports pdf. :)

Having said that, there are always connotations, and that is probably
what you are both referring to - so for instance, if you ask if the
remoteStorage protocol supports ACLs based on client-side
certificates, or SPARQL queries, the answer is no.

We are however in the process of writing the data module for the
client-side library (remoteStorage.js), and they will all use linked
data at their core (specifically, json-ld).


hth,
Michiel

On Mon, Jul 2, 2012 at 12:03 AM, Markus Sabadello
 wrote:
>
> On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho 
> wrote:
>>
>>
>>
>> On 1 July 2012 19:44, Markus Sabadello  wrote:
>>>
>>> Yes, having your own data on the FreedomBox via remoteStorage is exactly
>>> the core of the proposal.
>>> That, plus potentially integration with the FunkFeuer community wireless
>>> network in Vienna.
>>>
>>> Okay I have to say this..
>>> We haven't submitted the proposal yet.
>>> If for some reason this is not a good idea,
>>> if this looks like an attempt to "hijack" FreedomBox, or "capitalize" on
>>> it, or anything like that,
>>> if there already is some sort of relationship between FreedomBox and
>>> Access that makes this proposal pointless,
>>> then we don't have to submit it.
>>>
>>> It was just an idea we came up with.
>>> It would effectively show ONE thing the FreedomBox could do (out of many
>>> ideas, including social networking).
>>> It would show how different projects (FreedomBox, Unhosted, PageKite,
>>> FunkFeuer) could complement each other.
>>>
>>> I think we should at least wait until the hackfest is over, maybe longer,
>>> before we submit it.
>>
>>
>> Makes sense to wait for feedback from the hackfest.
>>
>> Storing my own data (on my own box) is something I find very interesting.
>> But as far as I know I'm one of the only people that does that.
>>
>> Im curious as to what solutions you might suggest for the data storage,
>> and what features are avaiable?  ( personally I use data.fm )
>
>
> Hmm we would want to be compatible with Unhosted's remoteStorage API, which
> does not include Linked Data.
> ownCloud might be an obvious option, but that's PHP.
> Bjarni wrote a simple implementation of remoteStorage in Python (here),
> which might fit in better with other Python-based FreedomBox components, but
> that's more limited than ownCloud.
>
> Please correct me if I'm wrong, but data.fm is read/write Linked Data and
> not compatible with Unhosted's remoteStorage, right?
>
> In any case, the FreedomBox will need a flexible storage API for the various
> apps that would run on it.
>
> Perhaps it could support ownCloud/remoteStorage on one hand, but also
> read/write Linked Data like data.fm, which would be like what WebBox is also
> all about, as I understand.
> Perhaps remoteStorage could be modified to also work with data.fm, I don't
> know that.
>
>>
>>>
>>>
>>> Markus
>>>
>>>
>>> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho
>>>  wrote:



 On 30 June 2012 14:07, Markus Sabadello 
 wrote:
>
> To be honest, I have never built a Debian package nor am I deeply
> familiar with the process.
>
> But all the pieces we're considering have Debian packages, i.e.
> PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
> considered a number of times on this list already.
>
> There really isn't much new about the proposal, just to help assemble a
> few things to the point where they can be demo'd at events and understood 
> by
> end-users.
> It would help show the public that FreedomBox is real..


 Thanks for the response.  A couple of questions about the proposal:

 Is the idea here to save your own data (ie remote storage) on your
 freedom box?

 Would a minimal viable product, to demo FreedomBox, need to contain some
 kind of social network?

>
> Markus
>
>
> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho
>  wrote:
>>
>>
>>
>> On 30 June 2012 13:03, Markus Sabadello 
>> wrote:
>>>
>>> Heya,
>>>
>>> So back in May, when I did a FreedomBox-related demo at the Internet
>>> Identity Workshop, I was made aware of the Access movement, which 
>>> hosted the
>>> recent RightsCon and is also doing a lot of other great work.
>>>
>>> They are now calling for proposals for the Access Innovation Prize
>>> where you can win $20k.
>>>
>>> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided
>>> to submit a proposal, which would include building a simple FreedomBox
>>> prototype that runs an Unhosted "remoteStorage" component and PageKite 
>>> to
>>> make it accessible from the open web. Also, the idea is to try integrate
>>> FreedomBox with the local FunkFeuer c

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

On Sun, Jul 1, 2012 at 8:27 PM, Melvin Carvalho wrote:

>
>
> On 1 July 2012 19:44, Markus Sabadello  wrote:
>
>> Yes, having your own data on the FreedomBox via remoteStorage is exactly
>> the core of the proposal.
>> That, plus potentially integration with the FunkFeuer community wireless
>> network in Vienna.
>>
>> Okay I have to say this..
>> We haven't submitted the proposal yet.
>> If for some reason this is not a good idea,
>> if this looks like an attempt to "hijack" FreedomBox, or "capitalize" on
>> it, or anything like that,
>> if there already is some sort of relationship between FreedomBox and
>> Access that makes this proposal pointless,
>> then we don't have to submit it.
>>
>> It was just an idea we came up with.
>> It would effectively show ONE thing the FreedomBox could do (out of many
>> ideas,
>> including social networking).
>> It would show how different projects (FreedomBox, Unhosted, PageKite,
>> FunkFeuer) could complement each other.
>>
>> I think we should at least wait until the hackfest is over, maybe longer,
>> before we submit it.
>>
>
> Makes sense to wait for feedback from the hackfest.
>
> Storing my own data (on my own box) is something I find very interesting.
> But as far as I know I'm one of the only people that does that.
>
> Im curious as to what solutions you might suggest for the data storage,
> and what features are avaiable?  ( personally I use data.fm )
>

Hmm we would want to be compatible with Unhosted's remoteStorage API, which
does not include Linked Data.
ownCloud might be an obvious option, but that's PHP.
Bjarni wrote a simple implementation of remoteStorage in Python
(here),
which might fit in better with other Python-based FreedomBox components,
but that's more limited than ownCloud.

Please correct me if I'm wrong, but data.fm is read/write Linked Data and
not compatible with Unhosted's remoteStorage, right?

In any case, the FreedomBox will need a flexible storage API for the
various apps that would run on it.

Perhaps it could support ownCloud/remoteStorage on one hand, but also
read/write Linked Data like data.fm, which would be like what WebBox is
also all about, as I understand.
Perhaps remoteStorage could be modified to also work with data.fm, I don't
know that.


>

>> Markus
>>
>>
>> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho > > wrote:
>>
>>>
>>>
>>> On 30 June 2012 14:07, Markus Sabadello wrote:
>>>
 To be honest, I have never built a Debian package nor am I deeply
 familiar with the process.

 But all the pieces we're considering have Debian packages, i.e.
 PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
 considered a number of times on this list already.

 There really isn't much new about the proposal, just to help assemble a
 few things to the point where they can be demo'd at events and understood
 by end-users.
 It would help show the public that FreedomBox is real..

>>>
>>> Thanks for the response.  A couple of questions about the proposal:
>>>
>>> Is the idea here to save your own data (ie remote storage) on your
>>> freedom box?
>>>
>>> Would a minimal viable product, to demo FreedomBox, need to contain some
>>> kind of social network?
>>>
>>>
 Markus


 On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
 melvincarva...@gmail.com> wrote:

>
>
> On 30 June 2012 13:03, Markus Sabadello wrote:
>
>> Heya,
>>
>> So back in May, when I did a FreedomBox-related 
>> demoat
>>  the Internet Identity Workshop, I was made aware of the Access movement,
>> which hosted the recent RightsCon and is also doing a lot of other great
>> work.
>>
>> They are now calling for proposals for the Access Innovation 
>> Prizewhere you can win $20k.
>>
>> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided
>> to submit a proposal, which would include building a simple FreedomBox
>> prototype that runs an Unhosted "remoteStorage" component and PageKite to
>> make it accessible from the open web. Also, the idea is to try integrate
>> FreedomBox with the local FunkFeuer community mesh network in Vienna. We
>> haven't submitted the proposal yet (deadline is August 15th), but here's
>> the current text we're working on:
>>
>> http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012
>>
>> Basically, the idea is that you could use any Unhosted-enabled web
>> application out there, and your data remains on your FreedomBox.
>>
>> I know that on the other thread there's a discussion about leadership
>> and about joining in.
>> I had all these questions too since I star

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 1 July 2012 19:44, Markus Sabadello  wrote:

> Yes, having your own data on the FreedomBox via remoteStorage is exactly
> the core of the proposal.
> That, plus potentially integration with the FunkFeuer community wireless
> network in Vienna.
>
> Okay I have to say this..
> We haven't submitted the proposal yet.
> If for some reason this is not a good idea,
> if this looks like an attempt to "hijack" FreedomBox, or "capitalize" on
> it, or anything like that,
> if there already is some sort of relationship between FreedomBox and
> Access that makes this proposal pointless,
> then we don't have to submit it.
>
> It was just an idea we came up with.
> It would effectively show ONE thing the FreedomBox could do (out of many
> ideas,
> including social networking).
> It would show how different projects (FreedomBox, Unhosted, PageKite,
> FunkFeuer) could complement each other.
>
> I think we should at least wait until the hackfest is over, maybe longer,
> before we submit it.
>

Makes sense to wait for feedback from the hackfest.

Storing my own data (on my own box) is something I find very interesting.
But as far as I know I'm one of the only people that does that.

Im curious as to what solutions you might suggest for the data storage, and
what features are avaiable?  ( personally I use data.fm )


>
> Markus
>
>
> On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho 
> wrote:
>
>>
>>
>> On 30 June 2012 14:07, Markus Sabadello wrote:
>>
>>> To be honest, I have never built a Debian package nor am I deeply
>>> familiar with the process.
>>>
>>> But all the pieces we're considering have Debian packages, i.e.
>>> PageKite, OLSRd, and for Unhosted there is OwnCloud, which has been
>>> considered a number of times on this list already.
>>>
>>> There really isn't much new about the proposal, just to help assemble a
>>> few things to the point where they can be demo'd at events and understood
>>> by end-users.
>>> It would help show the public that FreedomBox is real..
>>>
>>
>> Thanks for the response.  A couple of questions about the proposal:
>>
>> Is the idea here to save your own data (ie remote storage) on your
>> freedom box?
>>
>> Would a minimal viable product, to demo FreedomBox, need to contain some
>> kind of social network?
>>
>>
>>> Markus
>>>
>>>
>>> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
>>> melvincarva...@gmail.com> wrote:
>>>


 On 30 June 2012 13:03, Markus Sabadello wrote:

> Heya,
>
> So back in May, when I did a FreedomBox-related 
> demoat
>  the Internet Identity Workshop, I was made aware of the Access movement,
> which hosted the recent RightsCon and is also doing a lot of other great
> work.
>
> They are now calling for proposals for the Access Innovation 
> Prizewhere you can win $20k.
>
> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided to
> submit a proposal, which would include building a simple FreedomBox
> prototype that runs an Unhosted "remoteStorage" component and PageKite to
> make it accessible from the open web. Also, the idea is to try integrate
> FreedomBox with the local FunkFeuer community mesh network in Vienna. We
> haven't submitted the proposal yet (deadline is August 15th), but here's
> the current text we're working on:
>
> http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012
>
> Basically, the idea is that you could use any Unhosted-enabled web
> application out there, and your data remains on your FreedomBox.
>
> I know that on the other thread there's a discussion about leadership
> and about joining in.
> I had all these questions too since I started working with FreedomBox,
> e.g. when I did demos, I wasn't sure to what extent I could speak
> "officially" about FreedomBox, how I could get involved, etc.
> In light of current criticism and allegations of vaporware, I think
> the answer is simply that everybody with ideas and resources should try to
> get something done in whatever way works.
>
> Anyway, so if we win the prize, then this could serve a few purposes..
> 1. The three of us would have some $$$ to actively work and contribute
> to the FreedomBox at least for a little while.
> 2. The stuff we would work on (putting Unhosted and PageKite on the
> box) seems to align well with the "DropBox Replacement" idea that has been
> floating around.
> 3. We would have an actual (limited functionality, but working)
> FreedomBox, and a minimal viable product that can be demo'd at 
> conferences.
> 4. The prize would mean a PR boost for the involved projects.
>
> What do you think..?
>

 Will there be a debi

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

Yes, having your own data on the FreedomBox via remoteStorage is exactly
the core of the proposal.
That, plus potentially integration with the FunkFeuer community wireless
network in Vienna.

Okay I have to say this..
We haven't submitted the proposal yet.
If for some reason this is not a good idea,
if this looks like an attempt to "hijack" FreedomBox, or "capitalize" on
it, or anything like that,
if there already is some sort of relationship between FreedomBox and Access
that makes this proposal pointless,
then we don't have to submit it.

It was just an idea we came up with.
It would effectively show ONE thing the FreedomBox could do (out of many
ideas,
including social networking).
It would show how different projects (FreedomBox, Unhosted, PageKite,
FunkFeuer) could complement each other.

I think we should at least wait until the hackfest is over, maybe longer,
before we submit it.

Markus

On Sun, Jul 1, 2012 at 6:57 PM, Melvin Carvalho wrote:

>
>
> On 30 June 2012 14:07, Markus Sabadello wrote:
>
>> To be honest, I have never built a Debian package nor am I deeply
>> familiar with the process.
>>
>> But all the pieces we're considering have Debian packages, i.e. PageKite,
>> OLSRd, and for Unhosted there is OwnCloud, which has been considered a
>> number of times on this list already.
>>
>> There really isn't much new about the proposal, just to help assemble a
>> few things to the point where they can be demo'd at events and understood
>> by end-users.
>> It would help show the public that FreedomBox is real..
>>
>
> Thanks for the response.  A couple of questions about the proposal:
>
> Is the idea here to save your own data (ie remote storage) on your freedom
> box?
>
> Would a minimal viable product, to demo FreedomBox, need to contain some
> kind of social network?
>
>
>> Markus
>>
>>
>> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho <
>> melvincarva...@gmail.com> wrote:
>>
>>>
>>>
>>> On 30 June 2012 13:03, Markus Sabadello wrote:
>>>
 Heya,

 So back in May, when I did a FreedomBox-related 
 demoat
  the Internet Identity Workshop, I was made aware of the Access movement,
 which hosted the recent RightsCon and is also doing a lot of other great
 work.

 They are now calling for proposals for the Access Innovation 
 Prizewhere you can win $20k.

 So Michiel of Unhosted, Bjarni of PageKite, and myself have decided to
 submit a proposal, which would include building a simple FreedomBox
 prototype that runs an Unhosted "remoteStorage" component and PageKite to
 make it accessible from the open web. Also, the idea is to try integrate
 FreedomBox with the local FunkFeuer community mesh network in Vienna. We
 haven't submitted the proposal yet (deadline is August 15th), but here's
 the current text we're working on:

 http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012

 Basically, the idea is that you could use any Unhosted-enabled web
 application out there, and your data remains on your FreedomBox.

 I know that on the other thread there's a discussion about leadership
 and about joining in.
 I had all these questions too since I started working with FreedomBox,
 e.g. when I did demos, I wasn't sure to what extent I could speak
 "officially" about FreedomBox, how I could get involved, etc.
 In light of current criticism and allegations of vaporware, I think the
 answer is simply that everybody with ideas and resources should try to get
 something done in whatever way works.

 Anyway, so if we win the prize, then this could serve a few purposes..
 1. The three of us would have some $$$ to actively work and contribute
 to the FreedomBox at least for a little while.
 2. The stuff we would work on (putting Unhosted and PageKite on the
 box) seems to align well with the "DropBox Replacement" idea that has been
 floating around.
 3. We would have an actual (limited functionality, but working)
 FreedomBox, and a minimal viable product that can be demo'd at conferences.
 4. The prize would mean a PR boost for the involved projects.

 What do you think..?

>>>
>>> Will there be a debian package for this prototype?
>>>
>>>

 Markus
 --
 Project Danube: http://projectdanube.org
 Personal Data Ecosystem Consortium: http://personaldataecosystem.org/


 ___
 Freedombox-discuss mailing list
 Freedombox-discuss@lists.alioth.debian.org

 http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

>>>
>>>
>>> ___
>>> Freedombox-discuss mailing list
>>> F

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 30 June 2012 14:07, Markus Sabadello  wrote:

> To be honest, I have never built a Debian package nor am I deeply familiar
> with the process.
>
> But all the pieces we're considering have Debian packages, i.e. PageKite,
> OLSRd, and for Unhosted there is OwnCloud, which has been considered a
> number of times on this list already.
>
> There really isn't much new about the proposal, just to help assemble a
> few things to the point where they can be demo'd at events and understood
> by end-users.
> It would help show the public that FreedomBox is real..
>

Thanks for the response.  A couple of questions about the proposal:

Is the idea here to save your own data (ie remote storage) on your freedom
box?

Would a minimal viable product, to demo FreedomBox, need to contain some
kind of social network?


> Markus
>
>
> On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho  > wrote:
>
>>
>>
>> On 30 June 2012 13:03, Markus Sabadello  wrote:
>>
>>> Heya,
>>>
>>> So back in May, when I did a FreedomBox-related 
>>> demoat
>>>  the Internet Identity Workshop, I was made aware of the Access movement,
>>> which hosted the recent RightsCon and is also doing a lot of other great
>>> work.
>>>
>>> They are now calling for proposals for the Access Innovation 
>>> Prizewhere you can win $20k.
>>>
>>> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided to
>>> submit a proposal, which would include building a simple FreedomBox
>>> prototype that runs an Unhosted "remoteStorage" component and PageKite to
>>> make it accessible from the open web. Also, the idea is to try integrate
>>> FreedomBox with the local FunkFeuer community mesh network in Vienna. We
>>> haven't submitted the proposal yet (deadline is August 15th), but here's
>>> the current text we're working on:
>>>
>>> http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012
>>>
>>> Basically, the idea is that you could use any Unhosted-enabled web
>>> application out there, and your data remains on your FreedomBox.
>>>
>>> I know that on the other thread there's a discussion about leadership
>>> and about joining in.
>>> I had all these questions too since I started working with FreedomBox,
>>> e.g. when I did demos, I wasn't sure to what extent I could speak
>>> "officially" about FreedomBox, how I could get involved, etc.
>>> In light of current criticism and allegations of vaporware, I think the
>>> answer is simply that everybody with ideas and resources should try to get
>>> something done in whatever way works.
>>>
>>> Anyway, so if we win the prize, then this could serve a few purposes..
>>> 1. The three of us would have some $$$ to actively work and contribute
>>> to the FreedomBox at least for a little while.
>>> 2. The stuff we would work on (putting Unhosted and PageKite on the box)
>>> seems to align well with the "DropBox Replacement" idea that has been
>>> floating around.
>>> 3. We would have an actual (limited functionality, but working)
>>> FreedomBox, and a minimal viable product that can be demo'd at conferences.
>>> 4. The prize would mean a PR boost for the involved projects.
>>>
>>> What do you think..?
>>>
>>
>> Will there be a debian package for this prototype?
>>
>>
>>>
>>> Markus
>>> --
>>> Project Danube: http://projectdanube.org
>>> Personal Data Ecosystem Consortium: http://personaldataecosystem.org/
>>>
>>>
>>> ___
>>> Freedombox-discuss mailing list
>>> Freedombox-discuss@lists.alioth.debian.org
>>>
>>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>>>
>>
>>
>> ___
>> Freedombox-discuss mailing list
>> Freedombox-discuss@lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>>
>
>
>
>
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Markus Sabadello]

To be honest, I have never built a Debian package nor am I deeply familiar
with the process.

But all the pieces we're considering have Debian packages, i.e. PageKite,
OLSRd, and for Unhosted there is OwnCloud, which has been considered a
number of times on this list already.

There really isn't much new about the proposal, just to help assemble a few
things to the point where they can be demo'd at events and understood by
end-users.
It would help show the public that FreedomBox is real..

Markus

On Sat, Jun 30, 2012 at 1:49 PM, Melvin Carvalho
wrote:

>
>
> On 30 June 2012 13:03, Markus Sabadello  wrote:
>
>> Heya,
>>
>> So back in May, when I did a FreedomBox-related 
>> demoat
>>  the Internet Identity Workshop, I was made aware of the Access movement,
>> which hosted the recent RightsCon and is also doing a lot of other great
>> work.
>>
>> They are now calling for proposals for the Access Innovation 
>> Prizewhere you can win $20k.
>>
>> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided to
>> submit a proposal, which would include building a simple FreedomBox
>> prototype that runs an Unhosted "remoteStorage" component and PageKite to
>> make it accessible from the open web. Also, the idea is to try integrate
>> FreedomBox with the local FunkFeuer community mesh network in Vienna. We
>> haven't submitted the proposal yet (deadline is August 15th), but here's
>> the current text we're working on:
>>
>> http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012
>>
>> Basically, the idea is that you could use any Unhosted-enabled web
>> application out there, and your data remains on your FreedomBox.
>>
>> I know that on the other thread there's a discussion about leadership and
>> about joining in.
>> I had all these questions too since I started working with FreedomBox,
>> e.g. when I did demos, I wasn't sure to what extent I could speak
>> "officially" about FreedomBox, how I could get involved, etc.
>> In light of current criticism and allegations of vaporware, I think the
>> answer is simply that everybody with ideas and resources should try to get
>> something done in whatever way works.
>>
>> Anyway, so if we win the prize, then this could serve a few purposes..
>> 1. The three of us would have some $$$ to actively work and contribute to
>> the FreedomBox at least for a little while.
>> 2. The stuff we would work on (putting Unhosted and PageKite on the box)
>> seems to align well with the "DropBox Replacement" idea that has been
>> floating around.
>> 3. We would have an actual (limited functionality, but working)
>> FreedomBox, and a minimal viable product that can be demo'd at conferences.
>> 4. The prize would mean a PR boost for the involved projects.
>>
>> What do you think..?
>>
>
> Will there be a debian package for this prototype?
>
>
>>
>> Markus
>> --
>> Project Danube: http://projectdanube.org
>> Personal Data Ecosystem Consortium: http://personaldataecosystem.org/
>>
>>
>> ___
>> Freedombox-discuss mailing list
>> Freedombox-discuss@lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>>
>
>
> ___
> Freedombox-discuss mailing list
> Freedombox-discuss@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Re: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

[Melvin Carvalho]

On 30 June 2012 13:03, Markus Sabadello  wrote:

> Heya,
>
> So back in May, when I did a FreedomBox-related 
> demoat
>  the Internet Identity Workshop, I was made aware of the Access movement,
> which hosted the recent RightsCon and is also doing a lot of other great
> work.
>
> They are now calling for proposals for the Access Innovation 
> Prizewhere you can win $20k.
>
> So Michiel of Unhosted, Bjarni of PageKite, and myself have decided to
> submit a proposal, which would include building a simple FreedomBox
> prototype that runs an Unhosted "remoteStorage" component and PageKite to
> make it accessible from the open web. Also, the idea is to try integrate
> FreedomBox with the local FunkFeuer community mesh network in Vienna. We
> haven't submitted the proposal yet (deadline is August 15th), but here's
> the current text we're working on:
>
> http://projectdanube.pbworks.com/w/page/54796496/Access%20Innovation%20Prize%202012
>
> Basically, the idea is that you could use any Unhosted-enabled web
> application out there, and your data remains on your FreedomBox.
>
> I know that on the other thread there's a discussion about leadership and
> about joining in.
> I had all these questions too since I started working with FreedomBox,
> e.g. when I did demos, I wasn't sure to what extent I could speak
> "officially" about FreedomBox, how I could get involved, etc.
> In light of current criticism and allegations of vaporware, I think the
> answer is simply that everybody with ideas and resources should try to get
> something done in whatever way works.
>
> Anyway, so if we win the prize, then this could serve a few purposes..
> 1. The three of us would have some $$$ to actively work and contribute to
> the FreedomBox at least for a little while.
> 2. The stuff we would work on (putting Unhosted and PageKite on the box)
> seems to align well with the "DropBox Replacement" idea that has been
> floating around.
> 3. We would have an actual (limited functionality, but working)
> FreedomBox, and a minimal viable product that can be demo'd at conferences.
> 4. The prize would mean a PR boost for the involved projects.
>
> What do you think..?
>

Will there be a debian package for this prototype?


>
> Markus
> --
> Project Danube: http://projectdanube.org
> Personal Data Ecosystem Consortium: http://personaldataecosystem.org/
>
>
> ___
> Freedombox-discuss mailing list
> Freedombox-discuss@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss