[D-community-offtopic] Freedombox: Can they really be secured?
Andrei Popescu
andreimpopescu at gmail.com
Wed Mar 9 20:03:47 UTC 2011
On Mi, 09 mar 11, 16:30:03, Memnon Anon wrote:
> Hi,
>
> This freedombox endevour sounds interesting, I really like the idea.
> However, there is one thing I don't get.
>
> The freedombox is envisioned as something that can be run by anyone.
> Moglen compared it to the Phone Answering Machine: Plug it in and it
> just runs, no expert knowledge required to configure it.
>
> OTOH, it is supposed to run several services "at home", probably 24/7.
>
> I don't run a server, but I read that securing one is not an
> easy task. This freedombox would need to be secure by default, without
> any need to wade through logs etc.
>
> Is this really possible?
>
> Moglen somewhat mockingly asked in one of his talks something like:
> "Who could run his own webserver? It's impossible, right?" and the
> audience was well amused.
> Well, I may be able to set one up, but according to what I read on the
> web, I probably shouldn't, because I am not able to secure it properly.
>
> Could someone more knowledgable than me shed some light on this?
I have little to no experience with running public services, but...
The Freedombox can have a good default configuration, the webserver can
serve only static pages, software can be automatically updated for
security issues, etc.
Of course you can not have perfect security (unless you disconnect if
from the internet), but it's not impossible to have reasonable security
out of the box.
Regards,
Andrei
--
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/d-community-offtopic/attachments/20110309/f712c09b/attachment.pgp>
More information about the D-community-offtopic
mailing list