[Freedombox-discuss] my summary of yesterday's Hackfest

Melvin Carvalho melvincarvalho at gmail.com
Mon Feb 28 20:54:43 UTC 2011 

On 28 February 2011 15:55, Michiel de Jong <michiel at unhosted.org> wrote:
> This summary is probably biased towards my own point of view. Please correct
> and append.
> General
> ======
> Multiple were experimenting installing debian on plugservers. I tried to get
> the VirtualBox image working, but had some trouble with the networking.
>
> We talked about how to extract package dependency structures from running
> systems
> (http://lists.alioth.debian.org/pipermail/freedombox-discuss/2010-October/000164.html
> and Jonas's new boxer tool)
> 1: Social
> =======
> Several people mentioned how message sending can be done with social tools
> other than email, for instance xmpp or something like twitter's DMs. more
> about this under point 6 (email). Just remember we're right now trying to
> shortlist existing debian packages.

IM should not be the mainstay of the system, but rather, a supporting
aspect.  Several good XMPP solutions out there.

But you also need a plain old web server, maybe with some dyndns,
preferably hosting html5.  Every user should have a home page,
displaying their profile, imho.

> I studied the facebook api a bit more to see if we can scrape it. For now,
> my conclusion is that, since you need to register each app to get an api
> key, I think this is not so appropriate to do separately on each freedombox.
> I am planning to create an unhosted web app as a generic social client
> though - if we get something working on this front i'll let you know.

Some stuff is public, some private.  The FB graph gives some public
data but the user *usually* needs an OAuth2 token to get more.

Make sure it abides by FB T&C ... no point getting in their bad books
if it's not necessary.  FWIW I genuinely think FB have made an
excellent effort to make an open platform, to Eben has a great point
about owning the logs.  Would be good to work with them than against.

> 2: Backup
> =======
> I someone saw something about this, but iirc that was on the mailing list
> and not at the hackfest.
> 3: Network Neutrality
> ===============
> Again, interesting discussions about this more on the mailing list than at
> the hackfest. Just remember we're right now trying to shortlist existing
> debian packages.
> 4: Anonymous publishing
> ==================
> I looked into the "main four" again (tor, i2p, freenet, gnunet) and came to
> the same conclusion as last week, that Tor seems to be a lot more light
> weight and also more mature than the other 3, and thus looks like the best
> option. It is an existing debian package.
> 5: Firewalling
> ==========
> We again got stuck at the issue that this one is a bit vague. If you use NAT
> on your router, it's already quite safe from attacks, and other virus
> scanning and such can be done on the windows computer.
> 6: Email
> ======
> Goal #6 of http://freedomboxfoundation.org/goals/ reads:
> Encrypted email, with seamless encryption and decryption;
> We have been discussing three options (both at the hackfest, and also this
> week on the mailing list):
> - running a mailserver on the freedombox. this has several problems:
>   - you need to find a way to point a domainname to it, and let it receive
> traffic on port 25.
>   - you need to do the spam filtering on the plugserver, which is hard
> performance-wise
>   - a mailserver generally needs some sysadmin love from time to time - it's
> not something you can easily leave running unattended
> - running a mail client on the freedombox.
>   - you still need a mailserver somewhere. that's solvable, but as was
> mentioned on the mailing list, this creates a handy central kill switch for
> governments.
>   - you need to make the pgp invisible, and automatically discover the
> public key of a recipient, if she (or her freedombox) advertises one. that's
> doable, especially where we are the designer of both the sending and the
> receiving device.
>   - this isn't as decentralized as the other two options, and worse, as we
> said, it generates a centralized kill switch.
> - discourage the use of smtp, and promote something superior instead, like
> xmpp
>   - xmpp is better than smtp in the same way "Internet Mail 2000" is: it
> puts the burden with the sender, thus discouraging spam.
>   - downside is, this means you would have to send your communications
> through several different channels. people will still be using standard
> email, without using freedombox, and will not be encouraged to use pgp
> there.
> addendum: after also reading the two recent threads about email on the
> mailing list, i think we should maybe discourage the use of email, yet still
> offer a pgp-enabled email client, and maybe an easy way to register your own
> domain name (from a choice of TLDs) and rent an in-the-cloud mailserver for
> it. however, the question is, if we want to promote something that is better
> than email, do we still want to promote pgp as an intermediate solution?
> 7: Voice
> ======
> Someone found plugpdx.org, a project to put Asterisk onto a plug server. It
> looks interesting, i'll contact the author to make sure he know about
> freedombox.
> Other than that, it was discussed that Asterisk has currently no consensus
> on how to proceed with adding the necessary configuration options to
> debconf, so that would sort of block the route for plugpbx's configuration
> going into a debian package.
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
>
>

More information about the Freedombox-discuss mailing list