[Freedombox-discuss] Freedombox-discuss Digest, Vol 38, Issue 31
Edge at edgeascension.com
Edge at edgeascension.com
Tue Sep 17 23:56:20 UTC 2013
New: iPhone 5S (iPhone 5NSA)
https://www.youtube.com/watch?v=oSJqBJ1TF-E
I have got to get me one of these!!! Maybe not!
> -------- Original Message --------
> Subject: Freedombox-discuss Digest, Vol 38, Issue 31
> From: freedombox-discuss-request at lists.alioth.debian.org
> Date: Tue, September 17, 2013 3:57 pm
> To: freedombox-discuss at lists.alioth.debian.org
>
>
> Send Freedombox-discuss mailing list submissions to
> freedombox-discuss at lists.alioth.debian.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
> or, via email, send a message with subject or body 'help' to
> freedombox-discuss-request at lists.alioth.debian.org
>
> You can reach the person managing the list at
> freedombox-discuss-owner at lists.alioth.debian.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freedombox-discuss digest..."
>
>
> Today's Topics:
>
> 1. Re: Onion Pi (Petter Reinholdtsen)
> 2. Re: What is Freedombox? (Petter Reinholdtsen)
> 3. Re: Onion Pi (Tim Retout)
> 4. Re: JURI wants citizens to regain control over their personal
> data and communication with Free and Open Source Software
> (cgw993 at aol.com)
> 5. Re: What is Freedombox? (Jonas Smedegaard)
> 6. Re: Onion Pi (Nick Daly)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 17 Sep 2013 16:31:28 +0200
> From: Petter Reinholdtsen <pere at hungry.com>
> To: freedombox list <freedombox-discuss at lists.alioth.debian.org>
> Subject: Re: [Freedombox-discuss] Onion Pi
> Message-ID: <2flbo3rh64f.fsf at diskless.uio.no>
> Content-Type: text/plain; charset=us-ascii
>
>
> [Sandy Harris]
> > Raspberry Pi as a TOR proxy
> >
> > http://arstechnica.com/information-technology/2013/06/onion-pi-turns-raspberry-pi-into-tor-proxy-and-wireless-access-point/
>
> This look like something that would be trivial to replicate on the
> Freedombox. It is a just simple Tor configuration and some iptables
> rules, combined with a wifi access point setup.
>
> We could either use the recipes on
> <URL: http://learn.adafruit.com/onion-pi/install-tor > and
> <URL: https://raw.github.com/breadtk/onion_pi/master/setup.sh > to
> replicate the Onion Pi setup (using Tor as the DNS server and TCP proxy)
> or by configuring privoxy, dnsmasq and redsocks with iptables to pass
> all traffic passing through the Freedombox via Tor.
>
> Is there some reason not to do this by default? If so, perhaps it
> should be a selectable option in the plinth web interface to enable it?
>
> --
> Happy hacking
> Petter Reinholdtsen
>
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 17 Sep 2013 16:42:41 +0200
> From: Petter Reinholdtsen <pere at hungry.com>
> To: freedombox-discuss at lists.alioth.debian.org
> Subject: Re: [Freedombox-discuss] What is Freedombox?
> Message-ID: <2fl8uyvh5lq.fsf at diskless.uio.no>
> Content-Type: text/plain; charset=us-ascii
>
>
> [Jonas Smedegaard]
> > I would love to answer your question but don't understand it. Seems
> > you quote different parts than what you actually ask me questions
> > about. If so, please include adequate context in your quote.
>
> Probably just a misunderstanding on my part. I got the impression that
> you had identified some parts of the Freedombox that were "exclusive"
> for the Freedombox, and that the existence of these parts worried you.
> I thus hoped you could let me know which parts this was, to let me have
> a look at them too.
>
> But I now suspect you only talked about plinth, and not what I
> understood at all. Never mind, just forget about it. :)
>
> --
> Happy hacking
> Petter Reinholdtsen
>
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 17 Sep 2013 17:45:06 +0100
> From: Tim Retout <diocles at debian.org>
> To: freedombox-discuss at lists.alioth.debian.org
> Subject: Re: [Freedombox-discuss] Onion Pi
> Message-ID:
> <CADc0ge9hy090sp2ciGmygZoe9KXBK87TmrCGq1chYwok7WmsXQ at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On 17 Sep 2013 15:32, "Petter Reinholdtsen" <pere at hungry.com> wrote:
> > or by configuring privoxy, dnsmasq and redsocks with iptables to pass
> > all traffic passing through the Freedombox via Tor.
> >
> > Is there some reason not to do this by default?
>
> Hi!
>
> There are some good reasons not to run unencrypted traffic through Tor:
>
> - malicious exit nodes will be studying all unencrypted traffic passing
> through them - badly-secured websites still send session cookies
> unencrypted, for example.
> - the exit node can very easily inject arbitrary Javascript into the web
> page. This is bad. I don't think Javascript-enabled browsers should use
> Tor. (Ditto for Flash/Java.)
>
> For fully encrypted traffic, you still need to be careful of MITM attacks.
> Again this is easy for a malicious exit node. You can think of Tor as
> subjecting yourself to a deliberate MITM. :)
>
> I have heard anecdotal evidence that the above is happening routinely on
> Tor, FWIW.
>
> Tim
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130917/ffeedddb/attachment-0001.html>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 17 Sep 2013 09:50:53 -0700
> From: <cgw993 at aol.com>
> To: <freedombox-discuss at lists.alioth.debian.org>
> Subject: Re: [Freedombox-discuss] JURI wants citizens to regain
> control over their personal data and communication with Free and Open
> Source Software
> Message-ID: <004401ceb3c6$138b5d00$3aa21700$@aol.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Cloud computing, was that a joke?
>
> -----Original Message-----
> From: Freedombox-discuss
> [mailto:freedombox-discuss-bounces+cgw993=aol.com at lists.alioth.debian.org]
> On Behalf Of JOSEFSSON Erik
> Sent: Tuesday, September 17, 2013 1:45 AM
> To: freedombox-discuss at lists.alioth.debian.org
> Subject: [Freedombox-discuss] JURI wants citizens to regain control over
> their personal data and communication with Free and Open Source Software
>
> Just a short report from the European Parliament.
>
> The Legal Affairs Committee just voted unanimously to promote that citizens
> regain control over their personal data and communication with Free and Open
> Source Software:
>
>
>
>
>
> Calls on the Commission to promote the development, jointly with
> stakeholders, of decentralised Free and Open Source Software (FOSS) based
> services which would help to harmonise practices across cloud providers and
> enable European citizens to regain control over their personal data and
> communication, for example by means of point-to-point encryption.
>
>
> More info here:
> http://icg.greens-efa.eu/pipermail/hub/2013-September/000070.html
>
>
> :-)
>
>
> //Erik
>
>
>
> --
> Erik Josefsson
> Advisor on Internet Policies
> Greens/EFA Group
> <http://www.greens-efa.eu/36-details/josefsson-erik-138.html>
> GSM: +32484082063
> BXL: PHS 04C075 TEL: +3222832667
> SBG: WIC M03005 TEL: +33388173776
>
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 17 Sep 2013 19:49:47 +0200
> From: Jonas Smedegaard <dr at jones.dk>
> To: freedombox-discuss at lists.alioth.debian.org
> Subject: Re: [Freedombox-discuss] What is Freedombox?
> Message-ID: <20130917174947.12494.37246 at bastian.jones.dk>
> Content-Type: text/plain; charset="utf-8"
>
> Quoting Petter Reinholdtsen (2013-09-17 16:42:41)
> > [Jonas Smedegaard]
> > > I would love to answer your question but don't understand it. Seems
> > > you quote different parts than what you actually ask me questions
> > > about. If so, please include adequate context in your quote.
> >
> > Probably just a misunderstanding on my part. I got the impression
> > that you had identified some parts of the Freedombox that were
> > "exclusive" for the Freedombox, and that the existence of these parts
> > worried you. I thus hoped you could let me know which parts this was,
> > to let me have a look at them too.
>
> Ah, makes sense now.
>
> I do feel that some pieces are currently being pushed for FreedomBox
> only, even if they do seem to me as being usable broader. If it isn't
> obvious which ones those are, then I'd be happy to try enumerate them.
>
> That said, in this thread I was talking another somewhat opposite issue,
> where I see "constraint" as a positive quality: Some pieces considered
> for FreedomBox (disregarding whether targeted wider or not) may have
> some limiting design choices related to being runtime arch-independent.
>
> One Laptop Per Child has such design choice, for educational reason: any
> kid should be able to just "look under the hood" and see how some code
> is expressed - without having to chase sources somewhere else.
>
> CDBS has such design choice, for practical reason: Packaging a Debian
> package is centered around composing debian/rules which is a makefile so
> makes sense for reusable patterns to be make code too, not abstract away
> from that (as dh sequencer does).
>
> I believe Freedom-maker has such design choice -that it is written in
> shell so as to stay close to its purpose of "just a sequence of stuff
> that could in principle be executed on a command-line. When Bdale
> started that script in 2011 he emphasized not wanting to approach it too
> complex. It has arguably grown more complex since, but my competing
> "boxer" tool is, in comparison, far over-engineered and is not yet in a
> useable state :-P
>
> Specifically I reflected on Plinth perhaps in its choice of Python had a
> conscious design decision of being easier able to verify its logic e.g.
> when being super cautious about security.
>
>
> > But I now suspect you only talked about plinth, and not what I
> > understood at all. Never mind, just forget about it. :)
>
> Ok. Didn't do well at that, it seems :-)
>
>
> - Jonas
>
> --
> * Jonas Smedegaard - idealist & Internet-arkitekt
> * Tlf.: +45 40843136 Website: http://dr.jones.dk/
>
> [x] quote me freely [ ] ask before reusing [ ] keep private
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 490 bytes
> Desc: signature
> URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130917/f7783d09/attachment-0001.sig>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 17 Sep 2013 14:57:12 -0500
> From: Nick Daly <nick.m.daly at gmail.com>
> To: Tim Retout <diocles at debian.org>
> Cc: freedombox list <freedombox-discuss at lists.alioth.debian.org>
> Subject: Re: [Freedombox-discuss] Onion Pi
> Message-ID:
> <CAM-YhhAMqxkzTMSFessW1yS7vCjsD+TjNMrQ61+xFf5u5SS3WQ at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Long story short: this should be configurable, selectively-disableable
> by the end-user, or the end-user should be informed of the potential
> disadvantages of this connection method.
>
> If your destinations are using SSL (like they should) MITM is less of
> an issue. The lovely HttpsEverywhere Firefox/Iceweasel extension
> makes this as simple as possible (and should definitely be installed
> on any client device).
>
> The unexpected trouble you might need to worry about is infrastructure
> services (like online banking, Paypal, etc.) freaking out because
> you're connecting from a known exit node, and assuming that your
> account is under attack [0]. Some service providers are good about
> this (Google will mark your account as a Tor-using account if you sign
> in from a non-exit node IP and then sign in from a known exit-node IP,
> without clearing cookies [1]), but /I don't know/ which service
> providers are bad about it.
>
> Nick
>
> 0: personal communication with primary source.
>
> 1: a libtech email from a Google employee that I don't have time to
> find right now. Check the libtech list.
>
> On Tue, Sep 17, 2013 at 11:45 AM, Tim Retout <diocles at debian.org> wrote:
> > On 17 Sep 2013 15:32, "Petter Reinholdtsen" <pere at hungry.com> wrote:
> >> or by configuring privoxy, dnsmasq and redsocks with iptables to pass
> >> all traffic passing through the Freedombox via Tor.
> >>
> >> Is there some reason not to do this by default?
> >
> > Hi!
> >
> > There are some good reasons not to run unencrypted traffic through Tor:
> >
> > - malicious exit nodes will be studying all unencrypted traffic passing
> > through them - badly-secured websites still send session cookies
> > unencrypted, for example.
> > - the exit node can very easily inject arbitrary Javascript into the web
> > page. This is bad. I don't think Javascript-enabled browsers should use Tor.
> > (Ditto for Flash/Java.)
> >
> > For fully encrypted traffic, you still need to be careful of MITM attacks.
> > Again this is easy for a malicious exit node. You can think of Tor as
> > subjecting yourself to a deliberate MITM. :)
> >
> > I have heard anecdotal evidence that the above is happening routinely on
> > Tor, FWIW.
> >
> > Tim
> >
> >
> > _______________________________________________
> > Freedombox-discuss mailing list
> > Freedombox-discuss at lists.alioth.debian.org
> > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
> ------------------------------
>
> End of Freedombox-discuss Digest, Vol 38, Issue 31
> **************************************************
More information about the Freedombox-discuss
mailing list