User: Password:
|
|
Subscribe / Log in / New account

The Freedom Box gets off the ground

The Freedom Box gets off the ground

Posted Feb 23, 2011 22:06 UTC (Wed) by jmorris42 (guest, #2203)
Parent article: The Freedom Box gets off the ground

If this is just for tin foil hat types, blowing off nerd rage and striking a pose against 'the man', this is a great project and might spin off some useful software, mostly as a side effect.

If the intent is to keep information off of maga corp servers, it is even better since those guys have proven over and over they see mining our personal information as the price of the 'free' service. Yes I'm looking right at you Google. And Facebook, etc.

However, if it is intended to be used by people in repressive regimes it better have a LOT more effort put into it than grabbing existing software and sticking it on a plug computer or router and slapping a happy fisher price interface in front of it. People in those countries who aren't clued in might believe the hype. They will die and their blood will be on the hands of the fools who deceived them.

Squirrelmail? PHP? Really? Has a year gone by without an exploit? Just how long would that last against Chinese Intelligence agencies, or the Russians? And the way the political climate is going, someday soon, God help us all, this thing will probably have to withstand the NSA. 0% chance of survival.

These plans aren't even on the same planet as a plan to build something to withstand that sort of penetration attempt. The conversation should start with something (as much as I hate Java) more like Android with separated Java containers for each network facing component and a master that watches each one and disables it at the first sign of penetration, turning a penetration into a DoS. Or a single exposed network port with a small audited out the wazoo server that talks XML and validates the holy heck out of all in/output against DTDs that are so strict we forget the "Be generous in what you accept" style of design. Then that one heavily tested component sends super cleansed requests to separated processes that implement the various new protocols. And the various internal subprocesses can only communicate through the same gateway process to help ensure a contagion in one subsystem won't spread. Without a lot of manyears of dedicated pen testing by people I trusted I still wouldn't trust it with my life against the NSA but it might trust it if I were in a 3rd world county going up against their intelligence services.


(Log in to post comments)

The Freedom Box gets off the ground

Posted Feb 23, 2011 22:36 UTC (Wed) by Trelane (subscriber, #56877) [Link]

> this is a great project and might spin off some useful software, mostly as a side effect.\

Yep. I'd really like to know more about the foundation, though, before donating to it. What's the governance and how is it set up?

The Freedom Box gets off the ground

Posted Feb 25, 2011 1:27 UTC (Fri) by coriordan (guest, #7544) [Link]

The target audience is social network users. They're currently using stuff that's not just insecure but is designed to be subservient to governments.

Yes, even PHP is an improvement.

Maybe the 2011 version won't be the fortress you hope for, but if we want to have a fortress in 2012 or 2013 or 2014, someone has to do the precursor work now. That's what they're doing.

The Freedom Box gets off the ground

Posted Mar 3, 2011 21:15 UTC (Thu) by robbe (subscriber, #16131) [Link]

Your paranoia is well taken. The freedom box won't be able to defend against $agency using a 0day against squirrelmail, php, apache or the kernel. But they are well advised to only engage this against a very small group of users. Sure, they could use it against everybody at once, but the larger the group, the greater the chances of discovery. So the box would still thwart wholesale surveilance, a thing that is not so hard to get when all you have to do is hook up with a number of backbone operators or content/service providers.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds