[Freedombox-discuss] [gnu-prog-discuss] MediaGoblin, now an official GNU project :)

Luke Kenneth Casson Leighton luke.leighton at gmail.com
Tue Aug 9 15:22:30 UTC 2011


2011/8/9 Bjarni Rúnar Einarsson <bre at pagekite.net>:

> I strongly agree that assuming everyone has a public, unfiltered IP address
> is a huge mistake if people want to aim for mass adoption and provide
> realistic alternatives to the stuff "in the cloud".

 well... duh :)

>>   gnunet is the only free software infrastructure that we have that has
>> been designed - somewhat accidentally - to deal with this.
>
> This isn't exactly true - so please forgive me for jumping in and promoting
> my own project now... :-)

 hey, go for it - if it does the job, fits the requirements, that's brilliant.

> Although the implementation is completely different, PageKite
> (http://pagekite.org/) is designed to solve exactly this problem - to let
> people run publicly visible servers on machines that do not have unfiltered
> and/or public IP addresses.

 gooood.  excellent.  ok.  let me double-check with you what the
capabilities are (let's do that below, after you mention gnunet)

> Instead of attempting to provide strong anonymity like GNUnet, I2P and Tor,
> PageKite's goal is to be backwards compatible with today's browsers and
> today's servers, letting people use the tools and standards they are already
> familiar with.  (If people want backwards compatibility and strong anonymity
> at the same time, it is possible to use Tor and PageKite together, at the
> cost of performance.)

 ok.  first things: the requirements are (as i understand them, and
yes i know i probably missed some bits out):

 * to provide user anonymity whilst also allowing "inter-friend communication".
 * to provide _multiple_ peer-to-peer services not just HTTP-based
ones (including file / home directory backup services)
 * more specifically, to allow migration from pre-existing well-known
client-server services
 * to allow users to "lock down" sharing, access, communications etc.
specifically to their "friends".

now, this latter one is the one thing that gnunet has had for..
forever.  you pre-define the servers that you are happy to communicate
with... even though you actually have no idea where in the world those
are!  kinda two diametrically-opposed things, yet it's perfectly
possible.

the gnunet infrastructure *does* have the ability to specify how many
"hops" you want before packets get to their destination.  so you _can_
have reasonably good performance... or you can have strong service
anonymity (just not both at the same time, obviously).

the gnunet infrastructure has a "plugin" architecture.  it's not "just
about HTTP", it's not just about VPN forwarding.  there's an SMTP
plugin, an HTTP plugin, an IRC plugin, file-sharing plugin - the list
is quite extensive and covers the obvious range of services.  it
doesn't however cover _precisely_ what the FreedomBox Software Project
needs, because... well... gnunet was written before the FreedomBox
Software Project came along.  duh.

> In my opinion, if you want people to gradually migrate to more privacy
> friendly alternatives than Facebook and Google, then this backwards
> compatibility is critical

 tell me about it.  yes, this has been recognised very early on by
eben as essential to the success of the project.

> - I can't demand that everyone who wants to visit
> my photo albums install a GNU VPN client or an IPv6 tunnel; my photo album
> has to work with the web browser and Internet connection they have already.

 no you can't - but you *can* ask them to plug in a little tiny box
into the wall (which you gave to them as a christmas present) and it
juuust so happens that it has everything pre-installed and
pre-configured and/or self-configuring to do the job...

 ... and one of those jobs is to act, perhaps, as a transparent HTTP
proxy that rewrites the photo album flikr web service, as a
transparent proxy that rewrites facebook, and grabs the gmail AJAX
service by the balls and yanks its email out from under it.  ok, maybe
that's a bit ambitious right now... :)

 begin again: .... and one of those jobs is to ask people to enter
their facebook password, flikr password and gmail password, then for
it to suck out all their albums and email on an ongoing basis (and
identify which friends are already in the freedombox-network and use
that as a 1st priority) until such time as they have no friends left
in the non-free service world.

 that's the goal.  transition technology.  which is much harder than
"darknet" technology.  *some* "darknet" technology already exists
(e.g. gnunet, I2P) but none of them do VoIP and some other critical
stuff, and they _definitely_ don't do the essential part - the
transition technology.

picking one of these "darknets" as the underlying basis will, however,
save vast amounts of coding, even though they don't completely (as-is)
fulfil the service-level requirements.

 but until the underlying technology is chosen (whatever it may be -
pagekite, gnunet, I2P god don't for god's sake pick I2P it's written
in java you'll regret it) the decision of how to proceed on the
transition technology is a non-starter.

 btw, just in case anyone on the freedombox project list isn't aware,
and hasn't got the message yet: it's necessary to actually write that
transition software.  it doesn't exist yet.  it actually needs to be
written before it can be packaged as a debian package.  that was a
joke, btw (more of a running gag) even though it was pretty deadpan.
but it's worth repeating until it truly sinks in.

 l.



More information about the Freedombox-discuss mailing list