LinuxCon: FreedomBox update and plans

Bdale Garbee is well-known in the free software world for a number of different things: his work with Debian (including a term as project leader), his work as HP's open source and Linux chief technologist, membership on several boards (the Linux Foundation among them), and a lot more. He's also known for giving talks at various conferences about another passion of his, model rocketry, and specifically how open hardware and software can be used to control and track those rockets. So when he said that his LinuxCon talk was a rare example of a "talk I would rather give than a rocket talk", it's a pretty good indicator of how important he thinks the topic, FreedomBox, is.

The FreedomBox project is an effort to create personal servers that will run on cheap, "plug computer" hardware. While the software will be designed to run on hardware installed in the home or elsewhere, the focus is on in-home use. In some jurisdictions, Garbee said, there is a big difference between how data stored on a computer in the home vs. one elsewhere is treated in a legal sense.

The project also wants to "contribute to privacy-respecting alternatives to social networking". In today's world, people are uploading personal data to services like Facebook without any real guarantees that the data will still be there in the future, and that they will always have access to it. In addition, the terms of service can change over time, as do the privacy settings and policies. Garbee was careful to point that the project (and the FreedomBox Foundation) would not necessarily be creating these social networking alternatives, but would be collaborating with those who are.

Another important part of the FreedomBox idea is to support mesh networking. As we have seen in the news recently, activists and political protestors in various places are too dependent on centralized services, especially communications services. We already have the technology to build mesh networks that could be used to route around repressive governments, or just repressive ISPs, he said. If two neighbors have different ISPs, with different filtering policies, a mesh network between them could potentially avoid those problems.

Debian and FreedomBox

There is a "high correlation" between the goals of the Debian distribution and those of the FreedomBox, Garbee said. There is also "no better place to find a strong technical infrastructure" than in Debian. In something of an aside, he also noted that while Linux was celebrating its 20th anniversary at the conference, Debian is celebrating its 18th anniversary, which is truly "mind-boggling", he said. There is no Debian company or corporation, it is made up of individual volunteers. It also runs on all of the relevant architectures. All of these things explain why the FreedomBox software is Debian-based.

In addition to all of that, there is a fair amount of truth to the statement that "all free software gets packaged for Debian", he said, which gives the project a good base. It can use the same bug tracker and build environment that Debian uses as well. Many of the pieces that are needed for FreedomBox are already packaged or being worked on within the distribution.

But FreedomBox does not plan to be a Debian derivative, and will instead do all of its work within the distribution. One of the goals is that every stable release of Debian will have "everything needed to create FreedomBoxes", Garbee said. So users can either buy a plug computer and install FreedomBox themselves, buy an off-the-shelf plug computer with the software pre-installed, or find a cast-off computer and install it there. One of the big advantages of that approach, he said, is that no matter how successful the FreedomBox project ends up being, all of the work and code will always be available in Debian.

The foundation

The FreedomBox Foundation (FBF) was founded by Eben Moglen, who has "done a great job articulating the need" for such a device. Moglen asked Garbee to join the board of the foundation in order to establish and chair a technical advisory committee (TAC). The TAC exists "to make the board understand what the technical issues are", he said, and it is not a "top-down design group". That work will be done in the soon-to-be-established working groups.

The FBF is not a large organization with "a lot of resources and an army of coders", Garbee said. The technology is not really the hard part, he said, at least for most of the people in the room. The much harder part will be the user experience because the FreedomBox has a "much broader audience than just those who are building it". If those others can't understand how to use it, "we will have failed". So far, that's an area where, unfortunately, not a lot of work has been done yet, he said.

There are other tasks that the FBF is taking on, such as fund-raising, outreach, and publicity. Those things are important and are a persistent problem for any non-profit organization, he said. Another non-obvious thing that the FBF can do is "industry relations". At some point, hardware vendors should be willing to build and ship products with FreedomBox pre-installed. That may require NDAs, which is not something that most free software developers want to deal with.

The TAC has been formed with Garbee as the chair. Five others are on the committee as well: Jacob Appelbaum, who is security researcher and core member of the Tor project; Sam Hartman, a Debian developer and security consultant; Sascha Meinrath, author and mesh networking researcher; Rob Savoye, GNU toolchain hacker and embedded systems developer; and Matt Zimmerman, who is a Debian developer and former CTO at Canonical.

Over the coming weeks, Garbee said, various working groups will be established to work on the disparate pieces that make up FreedomBox. There are a lot of different conversations going on in the mailing list, and they are often getting derailed by people who are focusing on a different piece of the problem. These working groups will likely be "instantiated as separate mailing lists" and will be tasked with a specific piece of the problem. The output may be code, packages, or recipes, he said. Garbee is "looking forward to getting them going".

DreamPlug reference platform

The DreamPlug has been chosen as the initial reference platform for FreedomBox. Part of the requirements for the FBF's Kickstarter fundraising campaign was to deliver hardware to some donors, and the DreamPlug will fill that role. While the hardware is reasonable overall, he said, there are still some frustrating things from a free software perspective. Marvell created most of the hardware inside the DreamPlug, and has generally worked well with the community, but there were still some driver and source availability problems. Most of those have been resolved except for a firmware blob that is required to run the Marvell wireless uAP device.

The idea behind the choice of the DreamPlug is to pick a specific target, and the hardware is fairly capable. It has a 1.2 GHz ARM processor, with 512M of RAM, 2M flash for u-boot, and 2G of flash for filesystems. There are also lots of IO ports, including two gigabit Ethernet interfaces, two USB 2.0 ports, an eSATA 2.0 port, an SD socket, and more. It also has audio inputs which didn't seem useful at first, he said, until someone pointed out that they could be used for random number generation.

Technical progress

One of the areas that has been extensively discussed within the project is the idea of "establishing trust". OpenPGP keys are "about as good as it gets" in terms of storing public/private key pairs, he said, but the trust relationship problem still isn't solved. Noting that the target audience may be more likely to have smartphones, the project is narrowing in on solutions that would allow an initial key exchange using the display and cameras of smartphones. A phone app could gather these keys up when people meet face-to-face and then allow them to be installed on the FreedomBox.

In addition, lots of work on the FreedomBox went on at the hackfest that preceded DebConf11 in Banja Luka, Bosnia and Herzegovina at the end of July. The focus was on assembling an initial development image for the DreamPlug and identifying and integrating an application into that image. While lots of progress was made, and an application was identified (an XMPP-based secure chat client), they didn't quite get there during the hackfest. There were also several FreedomBox talks at the conference itself and Garbee recommended viewing the videos of those talks.

Going forward, he said the team is "single-digit days" from releasing initial development images for both the DreamPlug and for x86 virtualization for those who don't have the hardware. There is ongoing work to use Monkeysphere for identity management with OpenPGP keys. Work on selecting and integrating specific applications that deliver "functionality implied by our vision" is underway, starting with the secure XMPP-based chat stack. The plan is to do periodic releases until "we achieve 1.0", Garbee said, but he won't say when that will happen, "Debian-style".

There are a number of ways for interested folks to get involved, starting with being "conscious about privacy and other freedoms in all that you do", he said. Experimenting with the software and helping to refine the list of alternatives to the proprietary cloud services would be helpful. Joining a working group or helping to select Debian packages (and determine the right configuration for them) are additional ways to help. Of course, financial contributions to the FBF are always welcome.

In answer to audience questions, Garbee reiterated that Debian was chosen for pragmatic reasons and there is no reason that others couldn't put the FreedomBox stack on top of other distributions. He did not want the FBF to have to set up distribution infrastructure or be saddled with long-term security updates, and basing on Debian avoided that. He also said that off-the-shelf FreedomBoxes are "at least a year away", and it could be longer than that.

[ I would like to thank the Linux Foundation for assistance with travel costs for LinuxCon. ]