On Sat, Dec 30, 2017 at 2:30 AM, Jonas Smedegaard <jo...@jones.dk> wrote:
> Quoting Sandy Harris (2017-12-29 18:34:55)
>> I wrote a small program to extract entropy from timer jitter & pump it
>> into /dev/random. It might be useful if you do not have a hardware RN
I wrote a small program to extract entropy from timer jitter & pump it
into /dev/random. It might be useful if you do not have a hardware RNG
on the board you use:
https://github.com/sandy-harris/maxwell
___
Freedombox-discuss mailing list
Freedo
Web description sounds good. I have not tested.
https://staltz.com/an-off-grid-social-network.html
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
Encrypt queries from local resolver out to more general DNS servers.
Not a complete solution, but makes tracking much harder. I think the
Box should definitely do this.
http://www.theregister.co.uk/2016/11/22/dns_boffins_offer_up_privacy_test/
___
The draft for authenticating PGP keys via DANE (DNS Authentication of
Named Entities) has just become an RFC. Unfortunately it took three
years and it is tagged as "experimental" rather than "standards
track", but at least it is now available.
https://tools.ietf.org/html/rfc7929
This would let
https://github.com/Librerouter
Part of their librerouter project is librekernel":
The aim of the project is to remove from the Linux kernel any software
that does not include its source code, has its source code obfuscated,
or is released under proprietary licenses."
The distros they appear to
This looks like a good thing to add to the Box, though there are other
attempts to solve the same problem & for all I know one of them might
be better, or we might need more than one.
https://medium.com/@BeameDevelopers/pki-for-the-people-a-beame-io-research-project-6673e4811ef6#.cogk1w737
Back in 2011 I started a thread on possible security issues. There was
considerable comment & some may have been resolved by now, but some
may still be open.
Archive of the thread:
https://lists.alioth.debian.org/pipermail/freedombox-discuss/2011-April/001439.html
A google-developed module to improve Apache or nginx performance:
http://www.tecmint.com/install-mod_pagespeed-to-boost-apache-nginx-performance/
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
Sunil Mohan Adapa wrote:
> Given the interest and specific information by our community with
> regards to setting up Let's Encrypt, I was able to prepare a module ...
> https://github.com/freedombox/Plinth/pull/365
That includes the text "Sets up Apache configuration for the
-- Forwarded message --
From: Jean-Philippe Aumasson
Date: Mon, Nov 2, 2015 at 1:08 PM
Subject: PHC winner release
To: "crypto-competiti...@googlegroups.com"
I'm happy to release the Password Hashing
Is this an issue for the Box? I presume there'll be a fix debian
will include it so we should be covered, but it seems worth noting.
http://www.itworld.com/article/2951494/bug-exposes-openssh-servers-to-bruteforce-password-guessing-attacks.html
___
Now that this competition has a winner we, and for that matter Debian,
should consider implementing it.
-- Forwarded message --
From: Jean-Philippe Aumasson jeanphilippe.aumas...@gmail.com
Date: Mon, Jul 20, 2015 at 1:43 PM
Subject: PHC winner and special recognitions
To:
A rather scary article:
http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
Does the current Fbox implementation use Java? Should we eliminate it
as a matter of necessary security policy? If not, how can we
Petter Reinholdtsen p...@hungry.com wrote:
Time to pick up this thread again, and set up some defence against the
simple and stupid brute force attacks. ...
Yes.
These are the known options:
... [his list is quite reasonable, but snipped out here] ...
These options are not exclusive, and
Darkmail aims at doing genuinely secure email. They say that requires
replacing SMTP because, even if the body is PGP_encrypted, the headers
leak too much private info.
http://nakedsecurity.sophos.com/2013/11/01/lavabit-and-silent-circle-form-dark-mail-alliance-to-thwart-email-surveillance/
Last
http://mediagoblin.org/pages/campaign.html
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
Anyone here want to contribute a paper?
-- Forwarded message --
From: Primavera De Filippi pdefili...@gmail.com
Date: Thu, Apr 3, 2014 at 2:13 PM
Subject: [liberationtech] CFP: « Reclaiming the Internet » with
distributed architectures
To: liberationtech
From a Slashdot story on MIT research:
http://www.technologyreview.com/news/525651/new-approach-could-stop-websites-from-leaking-or-stealing-your-data/
Could Freedom boxes dp this?
___
Freedombox-discuss mailing list
On Sat, Mar 22, 2014 at 9:59 AM, Petter Reinholdtsen p...@hungry.com wrote:
Hi. Did any of you check out s3ql, a fuse file system with cloud
backends, ...
It occured to me that it each freedombox privide a storage API (say
OpenStack), friends can grant access to each others storage API and
Possibly of interest?
-- Forwarded message --
From: Michael Powers mich...@mpowers.net
Date: Sat, Mar 15, 2014 at 1:36 PM
Subject: [Cryptography] Encryption in Trsst
To: cryptogra...@metzdowd.com cryptogra...@metzdowd.com
We're starting some early field testing of the Trsst
Slashdot story:
http://tech.slashdot.org/story/14/02/16/0319238/plan-9-from-bell-labs-operating-system-now-available-under-gplv2
Does that include anything the Freedom Box could use? It does include
a Rasberry Pi port.
___
Freedombox-discuss mailing
Is this something the FB project could use?
-- Forwarded message --
From: Yosem Companys compa...@stanford.edu
Date: Tue, Feb 4, 2014 at 5:00 PM
Subject: [liberationtech-jobs] Projects for Code the Change's Berkeley Chapter
To: Liberationtech Jobs
Anders Jackson anders.jack...@gmail.com wrote:
Yes? Traffic in Tor isn't encrypted, it is annonymized. So you still
need encryption when using Tor.
Tor does encrypt everything within its network.
A small nitpick to check my understanding: even if you use Tor on IPSec,
it is possible to
Jonathan Wilkes jancs...@yahoo.com writes:
Also, keep in mind that the most direct way to show public support for Tor
would be to run an exit-node. If every interested party with a fast
internet connection did that it would help alleviate the speed problem. But
running an exit-node is
Petter Reinholdtsen p...@hungry.com wrote:
After looking a bit into the mesh options, ...
* Which mesh system should be included in Freedombox?
* What are the options and their features?
* What should be use to decide which one to pick?
As I see it, security has to be the first
On Fri, Aug 16, 2013 at 3:37 AM, Rob van der Hoeven
robvanderhoe...@ziggo.nl wrote:
I've been looking for projects comparable to freedombox
Another FreedomBox-like project is arkOS
https://arkos.io/
Runs on the Raspberry Pi, looks very promising!
Here are some remarks the author of
On Fri, Sep 13, 2013 at 8:18 PM, cgw...@aol.com wrote:
Again, not an expert in this subject at all, but since we are talking about
security I wanted to bring up WEP. My limited understanding of WEP is that
it was an insecure encryption method used a decade or more ago and is still
offered
Jonas Smedegaard d...@jones.dk wrote:
Would be nice if those knowledgeable about crypto could propose a
shortlist of purposes, and corresponding CAs and cipher suites.
I see no reason offhand for a Box to trust any CA. That is a
problem for the browsers, not a server. To identify the box to
On Sat, Sep 7, 2013 at 3:08 AM, Petter Reinholdtsen p...@hungry.com wrote:
Using deb packages and a APT repository, I've been able to set up both a
Debian Wheezy amd64 laptop and a Raspberry Pi using Raspbian as a
Freedombox.
Nice!
___
http://www.motherjones.com/politics/2013/08/mesh-internet-privacy-nsa-isp
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
Nick Daly nick.m.d...@gmail.com wrote:
There's been some recent work on Tinc that I'm really excited about.
...
Poke at it, let me know what you think.
Their docs include this paragraph:
On the 15th of September 2003, Peter Gutmann posted a security
analysis of tinc 1.0.1. He argues that
On Sat, Aug 10, 2013 at 3:36 PM, John Gilmore g...@toad.com wrote:
completely forgot about. If you're interested in Tinc, check out
tinc_rollout (github.com/jvasile).
Could somebody spend a sentence or a paragraph explaining what tinc is?
A VPN demon with its own protocol
Open Internet Tools Project sound like people this project should talk
to, if it hasn't already.
OpenITP provides material support to free and open source software
projects that make tools for circumventing digital surveillance and
censorship.
http://openitp.org/
They are advertising a job in
How would FreedomBox fit into this?
-- Forwarded message --
From: Yosem Companys compa...@stanford.edu
Date: Wed, Jun 26, 2013 at 10:40 PM
Subject: [liberationtech] Introducing CrossCloud: A project to get
your data out of silos - Knight Foundation
To: Liberation Technologies
Raspberry Pi as a TOR proxy
http://arstechnica.com/information-technology/2013/06/onion-pi-turns-raspberry-pi-into-tor-proxy-and-wireless-access-point/
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
While following links from the Minnowboard posts here, I ran across
some thing I hadn't known of that looks interesting, the Linux
Foundation Yocto Project:
https://www.yoctoproject.org/about
an open source collaboration project that provides templates,
tools and methods to help you create
Plan to put Linux servers in apartment building basements all over
Brazil, use cheap thin client machines in apartments provide much
employment for system admins.
http://news.techworld.com/data-centre/3453406/project-cau-revolutionising-it-for-masses/
Can those servers include much of the
Almost a year ago, Jun 25, 2012, I wrote:
One risk of the current net is that social
networks, email providers, etc. can be
used to track people, in particular to
track them down when a government is
irritated with them. Consider Yahoo
turning in Shi Tao or the US gov't
demanding Twitter
Jonas Smedegaard d...@jones.dk wrote:
Quoting John Gilmore (2013-05-31 20:07:16)
The reason that the compressed man pages are there is that each
installed Debian package includes its man pages ...
The reason that the man command itself wasn't there is that nobody
had asked for it yet. I'm
Cebolla is Spanish for onion. This is an open source implementation
of some onion routing protocols from credible people.
http://www.cypherspace.org/cebolla/
I think it is quite clear the Box must have some TOR (The Onion
Router) support, but it is not clear to me how much is needed. My
guess
On Thu, Feb 7, 2013 at 11:24 AM, Daniel Kahn Gillmor
d...@fifthhorseman.net wrote:
Nick is proposing using , which (if i understand the theory
correctly) doesn't leak any information about the secret material until
the correct number of pieces are assembled in one place (at which point
Also note the text in https://en.wikipedia.org/wiki/Secret_sharing
All secret sharing schemes use random bits.
Like most other crypto, these schemes fail if the box lacks
an adequate RNG. I know the topic has been discussed
before. Does the Box as currently set up handle this?
On Fri, Feb 8, 2013 at 6:34 PM, John Gilmore g...@toad.com wrote:
Like most other crypto, these schemes fail if the box lacks
an adequate RNG. I know the topic has been discussed
before. Does the Box as currently set up handle this?
The DreamPlug does not have a good source of randomness.
I
A tech company born in Kenya dedicated to democratizing information
and increasing transparency using flexible and robust open source
technology. Has projects in several African countries:
http://www.ushahidi.com/
___
Freedombox-discuss mailing list
Jonathan Wilkes jancs...@yahoo.com wrote:
Apropos of the ongoing Petraeus media circus-- a box with a simple setup
to provide a basic email server would be very desirable
For complete email security, you need PGP for end-to-end encryption.
That needs to be done on the end systems, not on the
On Thu, Nov 15, 2012 at 3:57 PM, Jonathan Wilkes jancs...@yahoo.com wrote:
Apropos of the ongoing Petraeus media circus-- ...
EFF have an interesting analysis:
https://www.eff.org/deeplinks/2012/11/when-will-our-email-betray-us-email-privacy-primer-light-petraeus-saga
Slashdot points to a PC world article on a $57 board that
runs Debian. There are links to competitors too.
https://www.pcworld.com/article/2013622/tiny-57-pc-is-like-the-raspberry-pi-but-faster-and-fully-open.html
___
Freedombox-discuss mailing list
FBI reading Gmail:
http://www.huffingtonpost.com/2012/11/12/petraeus-fbi-gmail_n_2119319.html
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
Only 0.0.1, but at least there is something to play with:
http://devblog.joindiaspora.com/2012/10/07/diaspora-0-0-1-0-released/
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
On Fri, Sep 7, 2012 at 9:55 AM, Sandy Harris sandyinch...@gmail.com wrote:
Bennett Haselton is a well-known activist, founder of the
anti-censorship Peacefire organisation.
https://en.wikipedia.org/wiki/Peacefire
http://peacefire.org
He recently made a long Slashdot post on the future
On Wed, Sep 19, 2012 at 3:25 AM, Daniel Pocock dan...@pocock.com.au wrote:
I've started a wiki page about VoIP/IM/real-time communications with
FreedomBox
http://wiki.debian.org/FreedomBox/VoIPVideoAndInstantMessaging
Nice.
Don't forget off-the-record (encrypted) messaging:
Bennett Haselton is a well-known activist, founder of the
anti-censorship Peacefire organisation.
https://en.wikipedia.org/wiki/Peacefire
http://peacefire.org
He recently made a long Slashdot post on the future
of social networking, in particular distributed social
networking
The Box software can be cross-compiled on whatever systems
developers have available or built on the target plug computers.
However, a powerful ARM-based system might be a better
development platform that either, assuming it could be paid
for.
A recent Slashdot story:
Announcement is here:
http://blog.diasporafoundation.org/2012/08/27/announcement-diaspora-will-now-be-a-community-project.html
I would say this makes Diaspora an obvious candidate to be a
major component of the Box.
I am not claiming that it is necessarily the social networking
software we
http://www.securityweek.com/home-wifi-could-be-used-emergency-responders
Is this something the Box should/could support? Is the method discussed in
the article the right one for us?
___
Freedombox-discuss mailing list
http://www.google.com/hostednews/afp/article/ALeqM5h1p0LVc4iFZxbWlflFGgcHhbRNCQ?docId=CNG.3dc7a79d06ad7dc82f701613531da926.671
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
On Mon, Jun 25, 2012 at 12:20 PM, Ted Smith te...@riseup.net wrote:
On Mon, 2012-06-25 at 11:07 +0800, Sandy Harris wrote:
Evgeny Morozov has written a critique of the whole
notion of using the net as a way to liberate the world.
His book definitely has limitations; for one thing, he
looks
Granted the basic notion of the Box is excellent, I'd say it would
be useful to ask ourselves some hard questions, especially in
relation to possible use in oppressive regimes.
Evgeny Morozov has written a critique of the whole
notion of using the net as a way to liberate the world.
His book
Markus Sabadello markus.sabade...@gmail.com wrote:
I have a paper about human rights and Internet, in case someone is
interested..
For a different and interesting view, have a look at Egveny Morozov's
book The Net Delusion.
http://www.evgenymorozov.com/
Interestingly, the subtitle seems to
2012/5/10 Angelo Danio angelo.da...@gmail.com:
2012/5/10 Nicholas Hardiman n...@planetlarg.net
I have made notes on the dreamplug hardware, the first reference platform
for the freedombox.
Just to have an idea, roughly how much may cost the hardware to realize a
freedombox?
The Dreamplug
On Thu, Mar 29, 2012 at 9:09 PM, Jack Wilborn jkwilb...@gmail.com wrote:
I have received a note from the US distributors of the Dream Plug 2 about
it's range of operation. They advised that the unit's operational area is 0
- 40 Degrees Centigrade. Which means it is about useless here for
On Tue, Feb 7, 2012 at 11:57 PM, Josef Spillner 2...@kuarepoti-dju.net wrote:
For 1), see nubisave.org for details. NubiSave is already available as a
Debian package, although lacks testers and feedback from early adopters, and I
would be happy about improved packaging and making it available
As I see it, much of the reason for the Freedom Box is to avoid
what he is talking about.
Video:
http://boingboing.net/2011/12/27/the-coming-war-on-general-purp.html
Transcript:
https://github.com/jwise/28c3-doctorow/blob/master/transcript.md
___
Speaking of protecting oneself, here's an Icelandic MP on the US gov't
grabbing data from her Twitter account.
http://www.guardian.co.uk/world/2011/nov/11/us-verdict-privacy-wikileaks-twitter
THis sort of thing is another good reason for the Box.
___
On Sun, Oct 23, 2011 at 7:53 AM, Weaver wea...@riseup.net wrote:
I believe in the Debian way. Don't release till ready. You'll kill less
people that way.
Yes, especially for a project like this. Releasing something that
was easily broken might get users who trusted it imprisoned or
even
I have written a demon for Linux that gathers entropy from timer
jitter and pushes it into random(4). There is working code and a
PDF rationale document.
Comment and criticism solicited.
It is at: ftp://ftp.cs.sjtu.edu.cn:990/sandy/maxwell/
If you have trouble with access, email me off-list and
On Wed, Oct 5, 2011 at 12:16 AM, Alex Stapleton al...@prol.etari.at wrote:
... The HAVAGE algorithm appears to have a very short reseeding time
in it's PRNG element, although I do wonder what happens when it has
trouble generating entropy from it's external machine state sources.
It does
Slashdot points to an article on Open Source router firmware:
http://www.infoworld.com/d/networking/teach-your-router-new-tricks-dd-wrt-174050
It appears this works on multiple models from several manufacturers.
I wonder to what extent Freedom Box goals can be met by an
appropriate router. In
On Thu, Sep 15, 2011 at 8:13 PM, Michael Rogers m...@gmx.com wrote:
http://www.digital-scurf.org/software/randomsound
Thanks, I've had a quick look at the source and it looks promising.
Unlike Turbid it doesn't try to produce high-quality randomness on its
own, it just contributes bits to
-discuss] Entropy from the soundcard
To: Sandy Harris sandyinch...@gmail.com
Hi --
On 09/15/2011 06:09 PM, you quoted Michael Rogers:
Concerning turbid:
As far as I can tell, it works by
sampling noise from a soundcard with nothing connected, calculating a
theoretical lower bound
Slashdot has a link to MIT work on defending wireless links
against man-in-the-middle attacks.
http://www.networkworld.com/news/2011/082411-mit-tep-250077.html?hpg1=bn
This might apply either to connections between FBX and clients or to
pairs of FBXs in a mesh.
On Thu, Aug 11, 2011 at 5:05 PM, John Walsh fiftyf...@waldevin.com wrote:
1) Does this mean each layer is independent of each other?
That is the whole point of layers. Applications just use TCP or UDP; they
need not care about anything below that. TCP and UDP use IP; they need
not care about
On Wed, Jul 20, 2011 at 2:53 AM, Tony Godshall t...@of.net wrote:
Any downside to letting your adversary know what domains you are
emailing to? Well, the mice probably don't want the octopus know that
they are emailing via @octopusnotsogreat.org? But then again SMTP
itself is not encrypted
On Fri, Jul 29, 2011 at 2:42 AM, Another Peasant verspa...@gmail.com wrote:
Time to demonstrate my ignorance on the subject:
The standard reference on randomness issues is RFC 4086.
Read that to become much less ignorant:
http://www.ietf.org/rfc/rfc4086.txt
the FBX will have a mic, right?
Internet cafes in Beijing being asked to install monitoring software,
threatened with loss of license:
http://www.nytimes.com/2011/07/26/world/asia/26china.html?_r=1
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
This looks like an interesting technology, and relevant to
some of the Box goals:
https://telex.cc/
___
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
On Thu, Jul 7, 2011 at 2:41 PM, nathan nolast nathan1...@gmail.com wrote:
i think keysignings violate lutzs ease of use (grandma can use it) rule .
Is it enough if people just sign their grandmas' keys?
___
Freedombox-discuss mailing list
Slashdot story points to an item on set--top boxes burning
huge amounts of power:
http://www.nytimes.com/2011/06/26/us/26cable.html?_r=4
They mention 400-odd KWh a year At 5 watts times 24
times 365, a plug computer comes out an order of
magnitude better.
This clearly is not the focus for the
On Thu, Jun 23, 2011 at 4:56 AM, John Gilmore g...@toad.com wrote:
A larger scale intrusion, which I think is the threat model you're
discussing, would be to offer up modified versions of the FreedomBox
hardware and/or software for free download. These modified versions
would not actually
Slashdot has a story on The Ugly State of ARM Linux
http://www.itworld.com/mobile-wireless/175829/arm-and-linux-major-construction-ahead
They do say it is being fixed, but it seems worth asking here how that affects
the Box since most plug computers are ARM-based.
Also, Debian currently includes
On Fri, Jun 10, 2011 at 4:50 PM, Jonas Smedegaard d...@jones.dk wrote:
So please accompany such requests with a bugnumber for a so-called RFP
bug. More info here: http://www.debian.org/devel/wnpp/#l1
Checking, I find it is already there:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591472
Sandy Harris sandyinch...@gmail.com wrote:
Almost all crypto needs random numbers, and much
otherwise sound crypto is easily broken if it is used
with a weak random source.
...
Where the plug has a sound card equivalent, and
it isn't used for sound, there is a good solution
using circuit
On Thu, May 19, 2011 at 10:36 AM, Joshua Spodek joshuaspo...@yahoo.com wrote:
This week's New Yorker has a long article relevant to FreedomBoxes. It's
about illegal wiretapping, whistleblower retaliation, centralized
un-accountable surveillance, etc.
On Mon, May 9, 2011 at 8:33 PM, Jonas Smedegaard d...@jones.dk wrote:
Yes, let's consider the persona Fei Fei.
Please try describe the initial setup for the persona Fei Fei - if any
different than for Jim!
For one thing, it is a shared machine. Fei Fei wants several of her
friends to use it.
On Mon, May 9, 2011 at 6:43 PM, Jonas Smedegaard d...@jones.dk wrote:
But let's not talk about my mom. Let's invent a persona - Jimmy:
Jimmy is not at all interested in engaging in cyberwar - he just wants
to hang out with friends. Some of his friends do not appear at Facebook
and asking
On Mon, May 9, 2011 at 8:33 PM, Jonas Smedegaard d...@jones.dk wrote:
Yes, let's consider the persona Fei Fei.
Please try describe the initial setup for the persona Fei Fei - if any
different than for Jim!
Well, for one thing her English is not great, and she does not
know a lot about
On Sun, May 8, 2011 at 5:00 PM, Jonas Smedegaard d...@jones.dk wrote:
There may also be problems with the VM method.
Random numbers are one. ...
This is just one problem that seems obvious.
Has anyone done a security audit on one of
the VM methods? Without that, should it be
On Sun, May 8, 2011 at 5:00 PM, Jonas Smedegaard d...@jones.dk wrote:
Sure, users are free to whatever with their FreedomBoxes - it is Free
Software.
But the FreedomBox is a *subset* of Debian with additional constraints
especially on user-friendliness. I do not consider aptitude install
On Fri, Apr 29, 2011 at 10:53 PM, Jonas Smedegaard d...@jones.dk wrote:
Those are good arguments for using harddrive instead of flash drive, but
not for requiring it to be inside same box as the computer.
Here are a few arguments for putting the harddrive separate from the
computer, attached
Rob van der Hoeven robvanderhoe...@ziggo.nl wrote:
A standard tactic for security is isolation of services.
...
Clearly we cannot expect to use a separate machine
for each FB service, but we need some strategy that
limits the damage if any one service turns out to have
a security flaw.
What is our target platform? We might target anything
that can run Linux, or some subset with required
capabilities, or even one or more specific devices.
Our main target is plug computers and the ideal
target something like Dreamplug:
http://www.globalscaletechnologies.com/c-5-dreamplugs.aspx
On Sun, May 8, 2011 at 9:52 AM, Jonas Smedegaard d...@jones.dk wrote:
Old PCs? Not everyone, especially in developing
countries, has access to or can afford a plug
computer.
Then use Debian - that's the universal operating system.
FreedomBox is more narrowly targeted, with additional
We have a bit of a design problem in that we want the FB to
be very secure, but also to require a minimum of system
administration.
Our security requirements are very high.
People might be jailed or even killed if security on these
machines is broken. For example, Zimbabwe recently
jailed a
Sandy Harris sandyinch...@gmail.com wrote:
We have a bit of a design problem in that we want the FB to
be very secure, but also to require a minimum of system
administration.
Among other things, that means we want it to ship with
secure default policies in a number of areas.
Ubuntu comes
On Thu, Apr 28, 2011 at 8:17 PM, Jonas Smedegaard d...@jones.dk wrote:
FreedomBox is not (only) about wireless, so without even reading (yet),
I'd say they are different projects.
Sure, but they overlap in interesting ways. A plug computer with
Wi-Fi could easily do both. In fact, having read
Jaromil jaro...@dyne.org wrote:
... projects that are neighbours of freedombox
i'm sure people here know many... I for one like to start with this
link http://k0a1a.net/netless since it's quite fresh and mostly
inspirational :)
hope you like to add more: stuff that can integrate with
Spectral Emanation spectralemanat...@gmail.com wrote:
No problem on a typical Linux desktop; it does not do much crypto and
/dev/random gets input from keyboard mouse movement, disk delays, etc.
However, it might be a major problem for a plug server that does more crypto,
runs headless, and
On Wed, Apr 20, 2011 at 4:00 PM, Alex Stapleton al...@prol.etari.at wrote:
The main reason for smaller libraries is to save RAM. I think that even today
a
few hundred MB of SLC Flash and DRAM would not make the cost targets
impossible and by the time a FB makes it to market...
Depends a bit
Philip Hands p...@hands.com wrote:
The UK's RIPA (Regulatory and Investigatory Powers Act 2000) makes it an
offence to refuse to supply one's crypto keys when requested by a
properly authorised person ...
Yes, and there are plenty of similar problems elsewhere. The US
government demanding
1 - 100 of 102 matches
Mail list logo