[Freedombox-discuss] In-the-cloud infrastructure and business involvement (was: distributed DNS)

[Bjarni Rúnar Einarsson]

On Wed, Mar 16, 2011 at 4:13 PM, <bertagaz at ptitcanardnoir.org> wrote:

>
> Why would it be needed if the main idea is that each service is hosted on
> your
> freedombox or the one of your friend, which helps a lot to bring back data
> close to you, or in trusted places. Sure some pieces will be hard to get
> rid off, like a registrar for the top level domain, but there are ways get
> rid of a lot of this pieces.
>

For the FreedomBox to be really useful, you'll want to be able to connect to
it when you are away from home - it becomes your "personal cloud".  It also
needs to be able to communicate with other FBs.  These both imply it needs a
name and a way to be reached, which is one of the things being discussed.
There are lots of options!

If you want to be able to reach the box using standard tools, say a
web-browser, then it needs to be compatible with today's web: normal DNS,
reachable IP address - both of which require lots of help from the cloud if
your ISP is filtering your traffic or you don't have a public IP.  If you
are OK with using specialized software to interact with your FreedomBox
remotely, then you may not need such compatibility.

Same if you want to be able to send normal e-mail to the box, or send normal
e-mail from the box, it needs to be compatible with SMTP and needs help from
the cloud to work around existing spam protection and ISP filters.  If you
are OK with only communicating with other FB users, then again, you don't
need SMTP and may not need help from the cloud.

I tend to assume compatibility is something we want, and something the
project will fail without. But others may well disagree. :-)


> I mean explicitly founding a business to help FreedomBox users. Like
> > founding a mail relay provider which promises to anonymize and discard
> logs
> > and do it's best to not end up on spam black-lists (so FB users can
> reliably
> > *send* e-mail), or a DNS provider that gives you a super-cheap name, but
> > also promises to delegate it to whichever DNS servers you choose (so you
> can
> > switch providers at will). Or a privacy-friendly IPv6 VPN service. Or an
> > all-in-one virtual ISP which provides all these and more in one easy
> > package. There are many, many services which could be provided from the
> > cloud which could make FreedomBoxes much more powerful and viable in the
> > short term.
>
> So why leave the cloud then?
>

For all the same reasons as before?  Nothing I just said negates the
officially stated goals of the project, does it?


> Obviously no such ventures would or should be guaranteed business, and
> none
> > should be granted exclusive or even preferred status - but if the project
> is
> > openly hostile to such efforts and *only* wants to work with non-profit
> > community efforts, then that's a pretty important thing to know up-front,
> > isn't it?
>
> Sure. This make me think of a correlation with the Tor project, which has
> nodes run by volunteers only and is fine with that. And this is part of
> its resilience against attack on privacy.


Tor is actually a very funny case. There is no reason a for-profit venture
cannot run a front-end, but currently the only clear motivation to do so is
to spy on people who use Tor. :-)  That's also the academic motive:
"research" is spying by another name. There is ample reason to believe this
happens quite a lot.  Wanna harvest Facebook credentials?  Set up an exit
node...

For anonymity, if Tor users are aware of the risks and know how to manage
them, this is all just fine.  It's better that it exist than not, but Tor's
anarchistic volunteer structure *causes* privacy issues which would be
decreased or even eliminated if it were a centralized system run by some
really responsible dudes.  There is always a trade-off!

I'd personally rather my service providers were motivated by a desire to
earn my custom, than motivated by the desire to snoop on my traffic. That's
exactly the choice we always seem to end up with on the Internet, and it's
why we're all on this list in the first place. :-P

Free as in freedom, may actually *exclude* free as in beer...



> I guess a lot of people
> (including me) that are concerned by privacy think that business is by
> essence almost incompatible with privacy. Mostly because business is far
> more dependant on the govs than individuals, and that business on internet
> is a lot based on dealing with user datas.
>

Yes, I understand this.  And it does take an extra effort to build a privacy
friendly business - so many common business practices are privacy hostile by
default.  Merely accepting money causes privacy problems, as there is always
a paper trail for legal reasons.

(In my business, the way I deal with that is I have a 3rd party handle the
financial side of things, and ask them to please *not* forward to me a copy
of every single personal detail entered into the order form.  This was extra
effort, and is still a work in progress, but I do it because I am actually
trying to build a privacy friendly business. Whether anyone cares is another
question entirely. :-)


I understand your position, but I don't really agree with it. If we are
> only two interested in this discussion, we can fork on private mails I
> guess.
>

I'd rather keep it public, but you're welcome to contact me directly at any
time if you prefer. :-)

But I do suspect that I was a bit premature in bringing this up now.  It'll
be a lot easier to have this discussion when people start hitting real
obstacles and we know how many of my concerns are serious issues and how
many aren't, and which of those may benefit from business involvement as
part of the solution.

-- 
Bjarni R. Einarsson
The Beanstalks Project ehf.

Making personal web-pages fly: http://pagekite.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110316/2aec7e09/attachment-0001.htm>