[Freedombox-discuss] In-the-cloud infrastructure and business involvement (was: distributed DNS)

[Boaz]

This is in response to Bjarni's writings on "cloud services".

First of all, you're completely right that "your geekier friends will
help you" is a cop-out.  As you have written, many people don't have
any technical friends, and many more don't like relying on favors.
But the response to that is to make running a server something that
people can do on their own.

Also, I whole-heartedly agree with you that for compatibility reasons,
it's imperative that where a protocol exists and is in mainstream use,
we support it.  We'd be fools not to use SMTP for messaging, HTTP for
publication, even XMPP has enough adaption that it wouldn't make sense
not to use it.

However:

The business versus nonprofit question is a false dichotomy which
completely misses the important issue.  We're happy for involvement of
business (at least I am), in the right places.  In hardware, internet
service of course, retailing, yes, maybe even domain registration.
Our goal is moving people's data out of the big server owned by
someone else on another continent and into their own homes.  It
doesn't matter one wit if the someone else who owns the big server is
a business or a nonprofit.

Yes, it may be in our best interest to work with domain registrars,
for example, to help make them more freedom friendly.  But when you
start talking about XMPP servers and SMTP relays and "VPN providers"
and on and on and on, step back and remember for a second that the
*entire purpose* of this list and this project is to enable people to
*not* rely on other people's servers but to run their own instead.  If
we force freedom box users to rely on someone else's big server on
another continent for some function, we have failed with respect to
that function.

>Hopefully none of those will be centralized in the sense that everyone goes through the same provider and people have no choice.

That, I think, is not at all the sense in which people here mean the
word decentralized.


If someone's ISP doen't give him a public IP address, or blocks
important ports, or gives him addresses from dynamic blocks that are
on spam blacklists, and these things cause problems for serving SMTP,
this is our challenge to rise up and meet.  As Eben has suggested, the
answer to this might be a way for your box to figure out on it's own
how to tunnel your traffic through your friends' boxes, without
needing to be told how to do so by you or your friends.

>It's better that it exist than not, but Tor's anarchistic volunteer structure *causes* privacy issues which would be decreased or even eliminated if it were a centralized system run >by some really responsible dudes.

I completely disagree.  You cannot just run a tor relay and start
spying on tor users.  No individual relay has the ability to
compromise the anonymity of a circuit, nor even, with the exception of
the exit relay, to see the content of the traffic.  And if the
communication is also encrypted end to end, even the exit relay
doesn't get this privilege.  I feel very comfortable using tor for
sensitive information.  For a lot of information, the content itself
isn't actually secret, only the identity of the person sending or
receiving it (the text of a publicly accessible website, for example,
is clearly not secret, only the fact that I was reading it).  And for
cases where the content is actually secret, I just don't use tor
unless the traffic is encrypted end to end.  And for good measure, I
don't run JavaScript over tor unless it's over HTTPS.

And no, some centralized system run by a "responsible dude" would not
be better.  The trust in this case comes from redundancy.  As a tor
relay operator who would rather crawl over piles of rusty nails than
betray the trust of clients, I can safely say that with the exception
of people I personally know, there is no single institution or person
alive on this planet who I would trust more than *the single most
trustworthy one* of three random tor relay operators.  Not Verisign,
not The Beanstalks Project ehf., not the Freedom Box Foundation, not
the ghost of Abraham Lincoln, not The Tor Project itself.
"Anarchistic volunteer structure", when redundant, is the most
trustworthy arrangement possible.

>I'd personally rather my service providers were motivated by a desire to earn my custom, than motivated by the desire to snoop on my traffic. That's exactly the choice we >always seem to end up with on the Internet, and it's why we're all on this list in the first place. :-P

I thought we were on this list to help people reclaim their privacy by
running their own services out of inexpensive and easy to use plug
servers.