[Freedombox-discuss] Policy questions
dr at jones.dk
Sun May 8 12:02:22 UTC 2011
On 11-05-08 at 01:23pm, Rob van der Hoeven wrote:
> > > You are right. A competent sysadmin can build a secure system
> > > without using virtualization. I don't think that an average
> > > FreedomBox user can manage the more advanced security features
> > > that you mention. So, must they become dependent on FreedomBox
> > > security experts every time they want to install a new service
> > > that connects to the internet? That's no freedom to me. In my
> > > design i use VM's as sandboxes. Users are free to install whatever
> > > they want inside a VM.
> > Sure, users are free to whatever with their FreedomBoxes - it is
> > Free Software.
> People will install other non FreedomBox approved software. It would
> be nice if the FreedomBox has a software architecture that makes this
> as safe as possible.
FreedomBox is a Debian system with only FreedomBox-optimized software
Our users are non-technical end-users. They will only install
FreedomBox-optimized software on their FreedomBox. Because that is what
we tell them is safe.
Users are welcome to install non-FreedomBox-optimized official Debian
packages. In doing so their system is no longer a FreedomBox but still
a Debian system. We do more harm than good if we continue to try help
them through FreedomBox chatrooms, helpdesks or documentation: We should
instead refer them to Debian user areas instead - and encourage them to
join us in improving FreedomBox for other non-technical end-users. :-)
Users are also welcome to install non-Debian software. In doing so
their system is no longer a FreedomBox and also no longer a Debian
system. We should suggest them to try seek help in Debian user areas,
and recommend them to clearly mention that their system contains
non-Debian parts, to avoid frustrations for all involved - and encourage
them to instead work with Debian in incorporating those missing pieces
they felt necessary to add.
Systems may still work and do nice things for their owners even if no
longer FreedomBox or Debian, but that is not our concern.
> Just curious: Have you considered automating a process like this using
> Puppet or another configuration management system, if that’s possible?
> It would be nice if a setup like this were as easily built-up and torn
> down as a single “app” on a freedombox
Yes, I have struggled with various approaches to hacking on top of
Debian for some years.
Try search the archives of this mailinglist - I have tried - especially
in the fall, I believe - to elaborate on my concerns with this and why I
believe the reliable approach is for all to be handled by Debian
packages, no hacking on top.
> > > Maybe the cloud companies have done some research on that? You
> > > have a valid question here. I'm very interested how secure the
> > > virtualization i use (LXC) is.
> > You expect cloud companies to have done research in running
> > virtualization on crippled hardware without dedicated RNG or even
> > CPU virtualization support?
> Yes. Cloud companies are very security aware. CPU virtualization
> features are mostly there to improve performance, not security. The
> hardware of the FreedomBox is not crippled hardware. It is modest
> hardware for modest tasks. Cloud companies have more powerful
> hardware, but on this hardware they are running far more VM's. From my
> own experience i would say that a VM on my FreedomBox has roughly the
> same performance as a cloud VM.
Well, you could argue that lack of a hardware Random Number Generator
(RNG) is related only to performance, not security, if always using
/dev/random (not /dev/urandom) and tolerating that the system freezes if
the random pool is depleeted. But I dare say that is a lousy argument.
I suspect - as mentioned by others in this thread - that virtualization
affects the revitalization process of the random pool. And I find it
unlikely that companies using big iron for virtualization purposes have
done analysis on what happens if applying similar virtualization
structures to "modest hardware".
> > > One of the goals of the FreedomBox is to decentralize popular
> > > social networking services. The software to do so is still in
> > > development or does not exists. In order to develop the software
> > > FreedomBoxes are needed. Are you going to wait until Diaspora is
> > > mature in order to let it run on the FreedomBox?
> > I am going to bet on alternatives to Diaspora not building
> > everything from scratch, e.g. Buddycloud - approached as an XMPP
> > extension with multiple implementations.
> Diaspora is just an example. The problem here is that in order to
> mature some programs that we want to have on our FreedomBoxes need our
> platform to mature.
Yes. I agree.
But virtualization is an extreme, and you use somewhat the opposite
extreme as argument for your approach. I then point out that instead of
fighting extremes with extremes, I find a more modest approach more
I dare say that your very approach of running virtualization on "modest
hardware" is experimental itself. Quite interesting, but still.
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: Digital signature
More information about the Freedombox-discuss