[Freedombox-discuss] Sunday HackFest

[Dave Crossland]

Hi!

Thank you for posting this summary :-)

On 20 February 2011 13:59, Michiel de Jong <michiel at unhosted.org> wrote:
>
> 1) Safe social networking, in which, without losing touch with any of your
> friends, you replace Facebook, Flickr, Twitter and other centralized
> services with privacy-respecting federated services;
> -> I looked into this one. I think many of the open source distributed
> social networks out there "replace Facebook, Flickr, Twitter and other
> centralized services with privacy-respecting federated services". There is a
> choice between xmpp federation and OStatus federation. The tricky part is
> "without losing touch with any of your friends", which means an aggregator
> for both free and non-free social networks. I looked at diaspora, but their
> current solution is not feasible. It relies on registering an api key with
> Facebook, and although this makes sense if there are, say, 100 diaspora
> nodes in the world, it does not make much sense if there are millions. I
> also investigated facebook-notify, which uses OAuth to be a read-client for
> facebook. It only displays notifications (not lower-priority news), but I'm
> sure it should be possible to write a client that OAuths against facebook to
> read and write, much like a twitter client. I will continue to look into
> this.

Awesome!

I think (1) is a long term goal, though. A short term, high impact +
high feasibility task is to enable "encrypted access to the web" -
that general purpose feature enables people to use social networking
when it is otherwise cut off, be that distributed federating social
networking or centralized proprietary social networking.

General purpose features are highest impact. If I had to pick three,
first is web access, second is email access (which web access nets you
anyway) and third is backup.

> 2) Secure backup: Your data automatically stored in encrypted format on the
> Freedom Boxes of your friends or associates, thus protecting your personal
> data against seizure or loss;
> -> this doesn't seem to require much thought. Just a cronned rsync job would
> already do the trick. You would have to have a user interface where you
> request and allow backups from/to friends that you know from meatspace.
> maybe use PGP's WoT, or out-of-band passwords for confirmation. Nobody is
> currently actively looking into this.

"Doesn't seem to require much thought" is an illusion, I think, given
how few people back up their data regularly :-)

SparkleShare suggests to me that all we need for the server side of
this is SSH+GIT, and various Git tree browser webapps are around;
perhaps Gitorious is the most relevant.

> 3) Network neutrality protection: If your ISP starts limiting or interfering
> with your access to services in the Net, your Freedom Box can communicate
> with your friends to detect and route traffic around the limitations.
> Network censorship is automatically routed around, for your friends in
> societies with oppressive national firewalls, or for you;
> -> i think this can only be done with a wifi mesh. Volunteers for looking
> into this?

Wifi mesh seems to me a definite "yes but later" thing. I wrote a long
email about this last night, so I won't rehash, other than to say,
enable Tor or ssh-socks seems to be the most general purpose and high
impact service we can provide.

> 4) Safe anonymous publication: Friends or associates outside zones of
> network censorship can automatically forward information from people within
> them, enabling safe, anonymous publication;
> -> this is the one we talked most about in #freedombox at irc.oftc.net, i
> think. freenet and gnunet were generally considered too young by some. Tor
> was highly regarded, but it needs to be combined with some sort of
> mirroring. Nobody is currently actively looking into this (although many
> people were talking about it).

To me this is also covered by Tor/ssh-socks.

> 5) Home network security, with real protection against intrusion and the
> security threats aimed at Microsoft Windows or other risky computers your
> network;
> -> willma is looking into this one, and also into general detection
> intrusion and security hardening. Willma indicated that this goal needs some
> clarification as to what its author means.

I think we'd do better to inform people who need to know that they
can't trust Windows and to get rid of it, because

> 6) Encrypted email, with seamless encryption and decryption;
> -> this can easily be done with SquirrelMail. Somebody could experiment with
> setting this up, with the automatic PGP key generation and everything.
> Volunteers?

To me this is also covered initially by Tor/ssh-socks.

> 7) Private voice communications: Freedom Box users can make
> voice-over-Internet phone calls to one another or to any phone. Calls
> between Freedom Box users will be encrypted securely;
> -> Asterisk has been mentioned. Any volunteers for experimenting with this?

Askerisk and full VoIP networking to POTS seems complex and long term to me.

Improving http://mumble.sourceforge.net seems short term useful...

> Next week I'll do another Sunday Hackfest with whoever wants to join, and I
> think we can make it a regular thing.

That sounds like a very good idea - I'll try to make it :)