The Freedom Box gets off the ground

By Jake Edge
February 23, 2011

The Freedom Box is starting to roll, with a fundraising drive that met its goals in a few short days, along with a newly formed foundation to oversee its development. What started as an idea in a talk given by Eben Moglen just over a year ago has more recently gained a lot of momentum. What can we expect to see from this "personal server running a free software operating system, with free applications designed to create and preserve personal privacy", and when can we expect to see it?

The "when" question may have become somewhat clearer since the "Push the FreedomBox Foundation from 0 to 60 in 30 days" Kickstarter fundraising effort has clearly been a success. The fundraising drive was set up on February 17, with the goal of getting $60,000 in donations in 30 days, but it has exceeded that—and quickly. As of this writing, there are more than 650 supporters who have donated over $64,000 in just five or six days. Based on the Kickstarter appeal, reaching the goal (and quite possibly far surpassing it) should result in a software release in six months. With luck, that means we will see the first Freedom Box release in August or so.

It should be noted that, perhaps a bit oddly, the project is called "Freedom Box", but the foundation is the "FreedomBox Foundation".

Like the Diaspora fundraising drive last May, the FreedomBox effort shows that there is a pool of money available for privacy-respecting tools and applications. So far, Diaspora, which is an attempt to provide a privacy-respecting Facebook alternative, has delivered some code and is running a private alpha. Whether Diaspora gains any sort of traction remains to be seen, but it may fall flat because the vast majority of internet users do not seem to put privacy anywhere near the top of their priority lists.

But, clearly some internet users do have a privacy focus and are willing to fund projects they see as advancing that agenda. There are also a large number of people whose privacy may be more than just a preference and is, instead, a life or death matter. For those folks, what will the Freedom Box offer? The high-level goals are spelled out on the foundation's website; the basic idea is to decentralize web applications and services, so that governments, companies, and other organizations will find it difficult to disrupt or eavesdrop on Freedom Box users' communications. To accomplish that, the project's goals are quite ambitious.

The goals

Unlike some other projects, Freedom Box is not just a software solution. It is targeting various types of low-end hardware servers to run a Debian-derived Linux system that implements its plans. The current targets are so-called "plug computers" (or "plug servers"), which are small, low-cost, low-power computers that often have the form factor of a "wall wart" power supply. These devices would be always-on gateways to the internet, with an interface that allows them to be used by both technically savvy and less sophisticated users.

While providing "safe social networking" is one of the aims of the Freedom Box, it is only part of the picture. The project wants to protect users' data as well as their communications, including internet traffic, email, and voice. Beyond that, Freedom Box is specifically targeted at routing around ISPs' restrictions on the types of traffic they will carry, as well as attempts by governments to do similar traffic restrictions. In short, the goals of the Freedom Box live up to Moglen's original vision, as spelled out in his February 2010 talk at the New York branch of the Internet Society, as well as those outlined in a more recent talk at FOSDEM 2011: it is geared towards restoring users' freedoms.

Those freedoms are best guarded by keeping our data safe within the walls of our homes, because there are typically more legal protections there than there are when storing data on some company's servers. We have already seen that companies will often bow to governmental pressure in ways that would be more difficult to orchestrate when the data is spread out across the net. To that end, Freedom Box also plans to provide ways to securely back up encrypted data on friends' and neighbors' servers. In addition, it will provide ways for those under repressive regimes to anonymously publish information, such that those regimes will find it difficult to stop or track down the publishers. If the FreedomBox is going to handle all of these kinds of things, obviously the security of the device itself is paramount, but it is also targeted at protecting other systems in the home that live "behind" the Freedom Box.

Did we mention that it is an ambitious vision? It is that, without question, and will certainly not be fully delivered in the six-month time frame. One would guess it will be a few years before it fulfills all of its goals, but those goals are important.

Development

Development, or at least planning, has been taking place on the Debian wiki's Freedom Box project page. One would guess that the infusion of some funding will accelerate the process, but there is already a fair amount of information about the parts and pieces that could come together as the Freedom Box. As Moglen has said, almost all of those pieces needed for the project already exist in one form or another. In some sense, the project will be an integration effort for many different free software projects. That part will be tricky for sure, but fairly straightforward; the harder part will be getting the user interface "right".

The Debian Freedom Box "vision statement" describes that part of the problem well:

In order to bring about the new network order, it is paramount that it is easy to convert to it. The hardware it runs on must be cheap. The software it runs on must be easy to install and administrate by anybody. It must be easy to transition from existing services.

There are a number of projects working to realize a future of distributed services; we aim to bring them all together in a convenient package.

Making all of the envisioned functionality easy to configure and use will be an enormous challenge. Focusing on just a few—or even one—hardware platform(s) will help with that process, but there are a lot of disparate pieces to be integrated—and to be made to mostly "just work". It would appear that the planning for that part has barely started, but there has been some work done on defining and describing the underlying guts of the system.

The "Design and ToDos" page outlines the base system as well as the extensions—based on existing free software tools—that will replace various "cloud" services (Facebook, Twitter, Flickr, Dropbox, Google Calendar and Reader, and so on) that are in use today. It also has a list of issues that underscores the amount of work to be done.

The base system will be based on Debian (obviously) with encrypted filesystems (which immediately raises a question about key/password management for users), a web server, AppArmor for security, a configuration system possibly based on Config::Model, and Tor for anonymous communications. The server extensions that are listed cover all kinds of different services including web-based email (Roundcube, SquirrelMail, ...), blogging (Wordpress, Drupal), file sharing (Sparkleshare, ownCloud, ...), telephony (Asterisk, Yate), social networking a la Facebook (Appleseed, Jappix, Diaspora), and so on. The extension list seems to cover most or all of the web applications and services that folks are using today, but it's a little hard to say if, for example, SquirrelMail is truly an acceptable Gmail alternative.

The project mailing list starts back in August, but the posting volume trailed off late last year. Since the advent of the FreedomBox Foundation, along with Moglen's FOSDEM talk, things have rapidly picked back up. Discussions there have mostly centered on high-level requirements, thoughts, and plans.

Funding and the role of the foundation

One of the more interesting postings to freedombox-discuss, was a transcription of an IRC question and answer session with Ian Sullivan, who is helping to coordinate the activities of the foundation. The Q&A was held on February 18 on the #freedombox channel on OFTC, and outlined some of the goals of the foundation along with the plans for the funds that are being raised:

The biggest part of the work is getting a team together with solid integration and technical design skills so that we can start coming together on general design ideas and roadmaps. Coordinating that is the biggest role for the foundation at this step. But as we've all seen, there are so many different places to start and so many different angles, it is easy to get stymied and lose the initiative. So the kickstarter goal is to get the foundation enough resources to enable it to start filling that role.

Presumably, how the funds will be used will be dependent on how much is raised. The current plan is not to hire full-time developers—$60,000 wouldn't go very far in doing so anyway—but to use the funds as something of a seed to get more people involved. Sullivan mentioned the idea of "buying plug computers and sending them to developers who promise to work on the project" as one possibility for using the funds. But, part of the idea of the funding drive is to increase the visibility of the project and, hopefully, increase the enthusiasm of potential contributors:

There are a lot of people who have expressed interest in the project, and even more firm commitments of time and effort, but it is too easy for all of that to keep in a holding pattern with everyone thinking that they will move after person X has moved or milestone X has been reached. If we can raise this funding, it will enable us to get some full time support and will shake up a lot of people who have been interested, but who are not yet convinced that now is the right time.

Clearly the project and the foundation are in their early stages, with much left to be worked out—not just technically, but organizationally as well. The foundation's web page notes that "in coming weeks we will be announcing here the technical leads for Freedom Box and its component projects". The foundation is incorporated as a Delaware non-profit and will seek non-profit recognition by the US Internal Revenue Service (IRS) "as soon as the paperwork is ready", Sullivan said.

Sense of urgency

Recent unrest in the Middle East, along with Egypt and Libya governments' internet shutdowns, have clearly increased the sense of urgency in the need for a device like the Freedom Box, as the Kickstarter appeal makes clear:

What we need is the glue to hold all of that together, the architecture of which pieces stack together in which way to turn a collection of possibilities into an appliance so easy to use that you forget you even have one, at least until that moment when you really need it. The FreedomBox Foundation was built to put this all together. It was started by community leaders with long track records and lives as a community project. But the past few months have shown us all that there are millions of people around the world who need such a device now and we need to pick up the pace and get them made so that next time, our friends have some help.

In the end, $60,000 is not a lot of money for a project of this scope. Even if the amount doubles (or more) before the Kickstarter campaign ends, it's really just a drop in the bucket. Moglen was quoted in the New York Times as saying that "slightly north of $500,000" would be enough to develop Freedom Box 1.0 in a year, so one might guess that the foundation has some other fundraising plans—perhaps approaching well-heeled individuals, other foundations, or companies to make up the difference. The interest and enthusiasm shown by the Kickstarter effort may be enough to shake loose some bigger donations.

The problem that the Freedom Box is seeking to solve is real, and recent events have only helped clarify that. We will have to wait and see whether the project and foundation are successful in solving it. Even if they fail, which is an outcome few would hope for, all of the work that is done will be available to others who want to head down that path. That is just another example of the freedom inherent in free software.

Index entries for this article
Security	Home network
Security	Internet

The Freedom Box gets off the ground

Posted Feb 23, 2011 19:43 UTC (Wed) by michel (subscriber, #10186) [Link]

Perhaps they should have a chat with the folks at www.tonidoplug.com.

Some concerns

Posted Feb 23, 2011 21:57 UTC (Wed) by JoeBuck (subscriber, #2330) [Link] (5 responses)

I think that it would be wise to think like an attacker: if FreedomBox is widely deployed and catches on, how would someone attack it? There are several kinds of attackers: governments who want to keep tabs on dissidents, marketers trying to assemble detailed databases that invade people's privacy, spammers, stalker ex-boyfriends/girlfriends, and random crackers in it for the lulz.

Assuming we all keep our data on our own servers, the "friend" relationship presumably means that there's a public-key structure that allows friends to see data that I've decided to share with friends. But if I share anything with a friend, I can't prevent that friend from passing it on far and wide. Furthermore it's possible that some people will install bridges: they have friends that use Facebook and friends that use FreedomBox, and they pass things from one side to the other. Or maybe it will be possible to run applications on top of FreedomBox, with the ability to share data, and privacy could be defeated that way. Or people could be tempted to give away their privacy for a marketing offer (make us your FreedomBox friend and get 10% off on your next Happy Meal!). Or people could be required to give up their FreedomBox password as a condition for employment, or else hide the fact that they run it.

In the end, I'm skeptical that we can solve social problems with clever technical hacks. See xkcd .

Some concerns

Posted Feb 24, 2011 6:54 UTC (Thu) by ssmith32 (subscriber, #72404) [Link] (3 responses)

I mostly agree, with one caveat. Yes, most pictures of me on Facebook are from other people. And, yes, any hypothetical pictures that I wouldn't have wanted made public to the whole world would definitely have been posted by a friend ;)

On the other hand, some causes are worth dying for, and some brave souls can take being beat to death by xkcd's $5 wrench - especially when they have even a modicum of hope that not giving up whatever secrets were desired meant that the 4096 bit encrypted hard drive, with whatever links to whatever other people they cared about, would be out of reach of wrench-wielding thugs.

And sometimes you just need to delay the thugs long enough that your revolution becomes thousands strong, and secrets no longer matter.

Some concerns

Posted Feb 25, 2011 14:39 UTC (Fri) by NAR (subscriber, #1313) [Link] (2 responses)

On the other hand - how many people would buy this stuff if they risk being beaten to death just because they own one? I mean it's a dead giveway to government agents - guy has such a device, he's up to something! And although there are some brave souls who can take the beating, would they also let their mother/sister take the beating/raping?

wrenches don't scale, and they provide visibility

Posted Feb 25, 2011 19:23 UTC (Fri) by coriordan (guest, #7544) [Link] (1 responses)

I think this is focussing on irrelevant details of an immense exaggeration.

First difference is scale. Even if everyone handed over their passwords at the mere sight of a wrench, this is *many* orders of magnitude slower than ording Facebook to hand over their entire database.

Secondly, the wrench method is publicly visible or leaves traces. We don't know if Facebook gave info to Mubarak or his allies but we would hear if a government was using physical violence to get account passwords.

wrenches don't scale, and they provide visibility

Posted Mar 3, 2011 9:37 UTC (Thu) by renox (guest, #23785) [Link]

Irrelevant details?

Well one detail that I don't find irrelevant is that by monitoring the access of TOR proxys, the governements can get easily a list of 'suspect users'.

If the list is small, it's very risky to be in the list, so IMHO that's something to keep in mind as the Freedom box plan to use TOR..

Some hope

Posted Feb 24, 2011 12:14 UTC (Thu) by coriordan (guest, #7544) [Link]

I'm less sceptical. FreedomBox won't guarantee privacy, but it might at least make it possible.

> structure that allows friends to see data that I've decided to share with friends

I think they'll implement a structure which allows each particular "friend" to see only what you want to show to that particular friend. For some people, you might show everything, for marketers and employers there'll be privacy features such as "Dud profile/password for employer" or "Dud 'friend' list for non-friend friends".

As for the wrench, it doesn't scale. Zuckerberg can give the data of a million Egyptians' Facebook accounts to a government for data-mining. Getting that same info via TCP/wrench is completely impractical.

For the problem of (real) friends reposting your pics on their Facebook page, yeh, that's a problem that will have to be solved. Still, from what I've seen of Facebook, people don't repost entire galleries from others. The limited flow of data between accounts will still greatly reduce how much data a government (or whoever) can easily get about you. Maybe that's enough already. In any case, FreedomBox seems our best hope, and the best starting point for a solution.

The Freedom Box gets off the ground

Posted Feb 23, 2011 22:06 UTC (Wed) by jmorris42 (guest, #2203) [Link] (3 responses)

If this is just for tin foil hat types, blowing off nerd rage and striking a pose against 'the man', this is a great project and might spin off some useful software, mostly as a side effect.

If the intent is to keep information off of maga corp servers, it is even better since those guys have proven over and over they see mining our personal information as the price of the 'free' service. Yes I'm looking right at you Google. And Facebook, etc.

However, if it is intended to be used by people in repressive regimes it better have a LOT more effort put into it than grabbing existing software and sticking it on a plug computer or router and slapping a happy fisher price interface in front of it. People in those countries who aren't clued in might believe the hype. They will die and their blood will be on the hands of the fools who deceived them.

Squirrelmail? PHP? Really? Has a year gone by without an exploit? Just how long would that last against Chinese Intelligence agencies, or the Russians? And the way the political climate is going, someday soon, God help us all, this thing will probably have to withstand the NSA. 0% chance of survival.

These plans aren't even on the same planet as a plan to build something to withstand that sort of penetration attempt. The conversation should start with something (as much as I hate Java) more like Android with separated Java containers for each network facing component and a master that watches each one and disables it at the first sign of penetration, turning a penetration into a DoS. Or a single exposed network port with a small audited out the wazoo server that talks XML and validates the holy heck out of all in/output against DTDs that are so strict we forget the "Be generous in what you accept" style of design. Then that one heavily tested component sends super cleansed requests to separated processes that implement the various new protocols. And the various internal subprocesses can only communicate through the same gateway process to help ensure a contagion in one subsystem won't spread. Without a lot of manyears of dedicated pen testing by people I trusted I still wouldn't trust it with my life against the NSA but it might trust it if I were in a 3rd world county going up against their intelligence services.

The Freedom Box gets off the ground

Posted Feb 23, 2011 22:36 UTC (Wed) by Trelane (subscriber, #56877) [Link]

> this is a great project and might spin off some useful software, mostly as a side effect.\

Yep. I'd really like to know more about the foundation, though, before donating to it. What's the governance and how is it set up?

The Freedom Box gets off the ground

Posted Feb 25, 2011 1:27 UTC (Fri) by coriordan (guest, #7544) [Link]

The target audience is social network users. They're currently using stuff that's not just insecure but is designed to be subservient to governments.

Yes, even PHP is an improvement.

Maybe the 2011 version won't be the fortress you hope for, but if we want to have a fortress in 2012 or 2013 or 2014, someone has to do the precursor work now. That's what they're doing.

The Freedom Box gets off the ground

Posted Mar 3, 2011 21:15 UTC (Thu) by robbe (guest, #16131) [Link]

Your paranoia is well taken. The freedom box won't be able to defend against $agency using a 0day against squirrelmail, php, apache or the kernel. But they are well advised to only engage this against a very small group of users. Sure, they could use it against everybody at once, but the larger the group, the greater the chances of discovery. So the box would still thwart wholesale surveilance, a thing that is not so hard to get when all you have to do is hook up with a number of backbone operators or content/service providers.

The Freedom Box gets off the ground

Posted Feb 24, 2011 5:51 UTC (Thu) by alison (subscriber, #63752) [Link] (1 responses)

The Freedom Project relies on Tor to establish an encrypted anonymizing network that is essentially an overlay on the existing intertubes. If individuals in a nation with a hostile government want to send and receive data anonymously, they must route their transmissions through a Tor relay. A Tor relay must either be inside the country, in which case it can be discovered and taken down by the hostile government, or outside the country, in which case the packets have to go out through a "Great Firewall" router. Or am I missing something?

In the context of projects with a human right and security focus, it's worth mentioning Benetech's Martus: http://www.benetech.org/human_rights/martus.shtml

The Freedom Box gets off the ground

Posted Feb 24, 2011 14:21 UTC (Thu) by ejr (subscriber, #51652) [Link]

Thank you for the Martus link! That's really interesting, and it looks quite similar to what some military folks want for intelligence gathering. I'm much more interested in analyzing the resulting data, and Martus is in a far better field.

The Freedom Box gets off the ground

Posted Feb 24, 2011 13:25 UTC (Thu) by ortalo (guest, #4654) [Link] (3 responses)

Why rushing to Debian?
Don't mistake me, I love Debian, I installed 1.0 and am still using it (not 1.0, Debian ;-), and I highly respect the security level they achieve.

However, as soon as the highest-grade security on an autonomous system is a concern, I personally consider that at least considering OpenBSD remains a must.

I fear to start yet another OS flamewar. Anyway I won't participate. I just mean that if I had to engineer such a box, I would consider bringing on it an OS that committed to security in the *first* place (whatever the motivation, name, genealogy or feature set).

The Freedom Box gets off the ground

Posted Feb 24, 2011 17:37 UTC (Thu) by tzafrir (subscriber, #11501) [Link]

Surely once a stack is prototyped, you wouldn't have a problem porting it to OpenBSD, right?

(And what version was it that you initially installed?)

The Freedom Box gets off the ground

Posted Feb 24, 2011 18:13 UTC (Thu) by coriordan (guest, #7544) [Link] (1 responses)

The licence kinds ruins OpenBSD for this purpose.

What would be the point of integrating all the software, only to have some company take it, add some features, and sell a binary blob version - complete with free spying, eavesdropping, backdoors etc.

I know that neither OS is completely one licence or another, but with OpenBSD there'll be a lot less copylefted software, and the local devs won't be enthusiastic about helping you get your GPL'd software working.

Debian is a better community to work with when freedom for all end users is your goal.

The Freedom Box gets off the ground

Posted Feb 24, 2011 18:49 UTC (Thu) by Trelane (subscriber, #56877) [Link]

> What would be the point of integrating all the software, only to have some company take it, add some features, and sell a binary blob version - complete with free spying, eavesdropping, backdoors etc.

To be honest, they could still do this even if it's licensed under the GPL. If they release the source to the end-users as required, the end-users may or may not find the back doors (see also the = vs == stuff in the kernel many many moons ago; luckily, this was in the mainline kernel, not some obscure distro's patch).

The difference is that the GPL gives the copyright holders recourse if the other company infringes on the GPL, which is a small layer of protection for the end-users (especially if it's GPLv3, since the Evil Vendor couldn't use tivoizaiton).

Of course, if a company is particularly interested in being evil, they could also silently mod the hardware....

The Freedom Box gets off the ground

Posted Feb 24, 2011 16:40 UTC (Thu) by jhhaller (guest, #56103) [Link] (1 responses)

Not everybody who wants to communicate privately is a good person in a bad regime. And if someone's wall-wart gets implicated in the next terrorist attack, it will not be good for that person. Also, providing communication services without providing a way for governments to wiretap them is against the law in most jurisdictions. In the US, this is covered under the CALEA law, Communications Assistance for Law Enforcement Agencies. While it originally applied to voice communication, it has been expanded over the years.

The idea of freeing our data from cloud services over which we have little control still has appeal, as I would like to be able to retrieve data in a useful form. I don't have a reliable enough method to do that myself, as anything I do would be subject to physical damage like fires, while cloud providers can afford geographic redundancy. However, I would feel nervous about storing someone else's encrypted data on my server without having some key recovery mechanism. I don't think a judge would take kindly to my not being able to decrypt data stored on my server without some way to show who's data it was, and that they are the one who need to provide the key on demand.

The Freedom Box gets off the ground

Posted Feb 25, 2011 5:01 UTC (Fri) by drag (guest, #31333) [Link]

This is would be considered as civil disobedience in my book.

If you get in trouble because your helping people protect their secrets it's only because you did nothing wrong and your justified in your behavior morally if not legally.

The Freedom Box gets off the ground

Posted Feb 25, 2011 21:37 UTC (Fri) by mouli.burla (guest, #66971) [Link] (1 responses)

While everything here sounds good (privacy, control, freedom etc) one thing that worries me is how green would this kind of a solution be ? Even if we are talking about low power plug in servers, I still assume that I will have to keep my PC or any other storage medium behind these plug in servers with all hosted services up and running 24x7 so that I can share stuff that I want to share. And imagine this for each and every one wants to do this instead of a single cloud hosted service, certainly not greener. Of course as noted, most of it is available in the linux distros we have today but even people who are tech savvy, don't tend use them because of the need for static ip/dyndns and the requirement of high availability.

The Freedom Box gets off the ground

Posted Feb 26, 2011 0:38 UTC (Sat) by coriordan (guest, #7544) [Link]

My understanding is that you're supposed to use the plug itself for storage, so there's no need for any other computer to be left on.

The Freedom Box gets off the ground

Posted Mar 4, 2011 10:05 UTC (Fri) by boniek (guest, #45061) [Link]

To me decentralized DNS is all I need ATM. Provide that and net will be a lot more free.