On 05/01/13 16:12, Graham Burnside wrote: > On 05/01/13 15:20, Jonas Smedegaard wrote: >> Quoting Graham Burnside (2013-01-05 15:15:05) >> >>> I've had a couple of hours recently to catch up on how freedombox is >>> developing. I was reading through the debian wiki and noticed that the >>> method being used to resolve the IP address of nodes in the network is >>> via Tor hidden services. >>> >> It is true that some are discussing how to penetrate masquerading >> firewalls and how to discover nodes. Also true that some find Tor >> suitable for handling those issues, and actively explore that option. >> >> Some of us, however, consider FreedomBox a project to mainstream >> privacy-related functionality that is already mainstream among geeks. >> >> With "mainstream among geeks" I people who install packages with >> aptitude (or apt-get) and generally rely on Debian to provide sensible >> defaults for those packages. >> >> I believe Tor is only relevant to consider including into FreedomBox >> when someone can provide sensible defaults for it which can be >> integrated with the Debian packaging of Tor. >> >> Until then, Tor is outside the scope of FreedomBox, in my opinion. >> >> Don't get me wrong: Tor is a _very_ relevant tool, my point is that it >> is not yet mature enough to mainstream among non-geeks, when not even >> mainstream among geeks yet. >> >> Same goes for any other exciting inventions - I do not mean to >> fingerpoint Tor specifically, that just happen to be the one you >> emphasize so I feel a need to "de-emphasize" it. >> >> > > I would have thought that the firewall penetration will be a non > issue, the boxes will presumably be connecting via a IPsec VPN (Strong > Swan)? In tunnelling mode this would allow NAT traversal. Finding your > friend's box (node) is the problem, for which we must rely on some > form of dynamic dns. > >>> I know that Tor is well tested, but is this not far too centralized a >>> way of bootstrapping the networks? More so, is it not going to make a >>> lot of people nervous about hosting a node on the network. It wouldn't >>> take more than the mention of silkroad and CP in the mainstream media >>> to taint the whole project. >>> >>> Has there been any discussion into alternatives? Such as running a >>> basic xmpp client on each box, which periodically contacts your >>> friends' boxes with its current IP address, encrypted and signed using >>> PGP? The host freedombox JID could be distributed with public keys. >>> This would allow anyone with a domain name to run a tracker for their >>> friends' boxes, or to just use a free jabber server. >>> >> I find your idea interesting. >> >> But please think of FreedomBox not as a box containing unique tools, but >> as a box containing uniquely simple access to common tools. >> >> ...which means specifically for your idea: Please implement your idea as >> a common concept independent of FreedomBox, and when it gains some >> traction then suggest that FreedomBox _also_ adopts that concept - >> either at its core or perhaps as an option among several. >> >> It is my understanding that those talking about Tor as core platform for >> Freedombox, seek a high level of privacy, which is more complex to reach >> reliably, and is not yet mainstream even among geeks. >> >> I imagine that those seeking high level of privacy (read: secrecy and >> stealth) would find it outragous that their box would act as a beacon >> towards (most likely centralized, due to the issue of non-public IPs) >> xmpp servers. >> >> What I have not seen (please do correct me if simply I've missed it!) is >> discussions taking into account the level of privacy needed, and being >> realistic about which privacy levels are achievable at an early stage >> reflecting what is already mainstream among geeks - which I call >> FreedomBox 1.0. >> >> >> - Jonas >> > Tor does provide anonymity, it is also a central record for all > machines connected > see - https://metrics.torproject.org/exonerator.html > > As for unique tools, FreedomBuddy certainly the glue binding together > common tools, but no more so than implementing a custom xmpp client > with say python-jabberbot (in debian repo). XMPP works on a client > server basis, so your IP is not being broadcast beyond your trusted > XMPP and DNS servers. If you really need to be anonymous, connect to > them over Tor. > > Now don't get me wrong, I'm a believer in decentralization, anonymity > and net neutrality, I just don't think that fbx should be rolling out > with Tor enabled in version 1.0 I think that it is a very useful > tool, and when a critical mass is met alongside say, another Arab > spring, then users should be urged to enable the service. > > - Graham > > > > See basic example clients here - http://www.linuxforu.com/2012/06/use-xmpp-to-create-your-own-google-talk-client/ "The code below will connect the client to the server and authenticate. A base client in just 12 lines of code — can you believe it?"
- Graham
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
