[Freedombox-discuss] FreedomBuddy to use Tor to resolve IP address of nodes?

Graham Burnside graham.s.burnside at gmail.com
Sat Jan 5 16:29:51 UTC 2013 

On 05/01/13 16:12, Graham Burnside wrote:
> On 05/01/13 15:20, Jonas Smedegaard wrote:
>> Quoting Graham Burnside (2013-01-05 15:15:05)
>>   
>>> I've had a couple of hours recently to catch up on how freedombox is 
>>> developing. I was reading through the debian wiki and noticed that the 
>>> method being used to resolve the IP address of nodes in the network is 
>>> via Tor hidden services.
>>>     
>> It is true that some are discussing how to penetrate masquerading 
>> firewalls and how to discover nodes.  Also true that some find Tor 
>> suitable for handling those issues, and actively explore that option.
>>
>> Some of us, however, consider FreedomBox a project to mainstream 
>> privacy-related functionality that is already mainstream among geeks.
>>
>> With "mainstream among geeks" I people who install packages with 
>> aptitude (or apt-get) and generally rely on Debian to provide sensible 
>> defaults for those packages.
>>
>> I believe Tor is only relevant to consider including into FreedomBox 
>> when someone can provide sensible defaults for it which can be 
>> integrated with the Debian packaging of Tor.
>>
>> Until then, Tor is outside the scope of FreedomBox, in my opinion.
>>
>> Don't get me wrong: Tor is a _very_ relevant tool, my point is that it 
>> is not yet mature enough to mainstream among non-geeks, when not even 
>> mainstream among geeks yet.
>>
>> Same goes for any other exciting inventions - I do not mean to 
>> fingerpoint Tor specifically, that just happen to be the one you 
>> emphasize so I feel a need to "de-emphasize" it.
>>
>>   
>
> I would have thought that the firewall penetration will be a non
> issue, the boxes will presumably be connecting via a IPsec VPN (Strong
> Swan)? In tunnelling mode this would allow NAT traversal. Finding your
> friend's box (node) is the problem, for which we must rely on some
> form of dynamic dns.
>
>>> I know that Tor is well tested, but is this not far too centralized a 
>>> way of bootstrapping the networks? More so, is it not going to make a 
>>> lot of people nervous about hosting a node on the network. It wouldn't 
>>> take more than the mention of silkroad and CP in the mainstream media 
>>> to taint the whole project.
>>>
>>> Has there been any discussion into alternatives? Such as running a 
>>> basic xmpp client on each box, which periodically contacts your 
>>> friends' boxes with its current IP address, encrypted and signed using 
>>> PGP? The host freedombox JID could be distributed with public keys. 
>>> This would allow anyone with a domain name to run a tracker for their 
>>> friends' boxes, or to just use a free jabber server.
>>>     
>> I find your idea interesting.
>>
>> But please think of FreedomBox not as a box containing unique tools, but 
>> as a box containing uniquely simple access to common tools.
>>
>> ...which means specifically for your idea: Please implement your idea as 
>> a common concept independent of FreedomBox, and when it gains some 
>> traction then suggest that FreedomBox _also_ adopts that concept - 
>> either at its core or perhaps as an option among several.
>>
>> It is my understanding that those talking about Tor as core platform for 
>> Freedombox, seek a high level of privacy, which is more complex to reach 
>> reliably, and is not yet mainstream even among geeks.
>>
>> I imagine that those seeking high level of privacy (read: secrecy and 
>> stealth) would find it outragous that their box would act as a beacon 
>> towards (most likely centralized, due to the issue of non-public IPs) 
>> xmpp servers.
>>
>> What I have not seen (please do correct me if simply I've missed it!) is 
>> discussions taking into account the level of privacy needed, and being 
>> realistic about which privacy levels are achievable at an early stage 
>> reflecting what is already mainstream among geeks - which I call 
>> FreedomBox 1.0.
>>
>>
>>  - Jonas
>>
> Tor does provide anonymity, it is also a central record for all
> machines connected
> see - https://metrics.torproject.org/exonerator.html
>
> As for unique tools, FreedomBuddy certainly the glue binding together
> common tools, but no more so than implementing a custom xmpp client
> with say python-jabberbot (in debian repo). XMPP works on a client
> server basis, so your IP is not being broadcast beyond your trusted
> XMPP and DNS servers. If you really need to be anonymous, connect to
> them over Tor.
>
> Now don't get me wrong, I'm a believer in decentralization, anonymity
> and net neutrality, I just don't think that fbx should be rolling out
> with Tor enabled in version 1.0  I think that it is a very useful
> tool, and when a critical mass is met alongside say, another Arab
> spring, then users should be urged to enable the service.
>
> - Graham
>
>
>
>
See basic example clients here -
http://www.linuxforu.com/2012/06/use-xmpp-to-create-your-own-google-talk-client/
    "The code below will connect the client to the server and
authenticate. A base client in just 12 lines of code — can you believe it?"

- Graham



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130105/1eb38a78/attachment.html>

More information about the Freedombox-discuss mailing list