[Freedombox-discuss] Rouge Freedomboxes and government intervention

bertagaz at ptitcanardnoir.org bertagaz at ptitcanardnoir.org
Thu Jun 23 16:47:04 UTC 2011

On Thu, Jun 23, 2011 at 10:52:40AM -0400, William Gardella wrote:
> Also, from a technical standpoint, I'm not sure the "silver lining" and
> the "perfectly anonymous box" can ever really be the same physical
> system, even if they can be based on the same OS distribution.  The
> "silver lining" server Freedombox is an inherently stateful system which
> is vulnerable to physical access even if all of its software is free of
> exploits.  The anonymous Freedombox could run the same operating system
> very easily, but should be a live or ramdisk system with only volatile
> state--nothing persistent that could be seized by a legal or illegal
> search.  Tin Hat Linux is an interesting example of one such system that
> aims to provide a degree of protection to physical access attempts; it's
> a Hardened Gentoo distro which resides solely in a ramdisk by default.

This is quite precisely the use case of the Tails liveCD
(https://tails.boum.org), which being a liveCD only runs in memory.

That's an interesting idea, probably having an option at boot to run the
system in ram, with some kind of persistency for some of the data might be
a way to go (like for /etc, as it has often been mentionned that having it
on a separate usb stick might bring the feature of being able to run your
services on any other freedombox if needed).

But well, live systems or encrypted filesystem are just workarounds on the
"someone have physical access" issue, and both aren't a real solution, in
the ages where cops can use devices that enable them to move a computer
without shutting it down. And seems ram memory doesn't forget
informations like we thought. ;)

Anyway I don't believe that both use cases you describe are that
exclusive, might be just an option to check to have this feature, and even
then, the "silverlining" use case might still use it by default and find
advantages to do so. Another -stealth option that might not be that hard
to push in 1.0.


More information about the Freedombox-discuss mailing list