[Freedombox-discuss] Feedback on Freedombox from Hacker News

Joshua Spodek joshuaspodek at yahoo.com
Mon Feb 6 20:15:57 UTC 2012 

I commented on Freedombox on a site for entrepreneurially-minded hackers
and programmers called Hacker News and got feedback that might be useful
here. (It might not be useful so can always be ignored). I thought it
offered constructive criticism from knowledgeable people.

My post was on this thread, which was about Facebook using people's data
more than they expect -- http://news.ycombinator.com/item?id=3554087.

Here is the thread for convenience, though it lost formatting and
nesting. The first post is by me. The rest are by others. The word
"reply" separates each post.

---------------------------------

This is what Freedombox is for (also Diaspora). Freedombox is one of the
few projects I make time to contribute to. I'm surprised it isn't one of
the more popular projects among this community.

Anyway, here are some links and background if you aren't familiar with
it. From http://freedomboxfoundation.org and
http://freedomboxfoundation.org/learn

What is FreedomBox?

    Email and telecommunications that protects privacy and resists
eavesdropping

    A publishing platform that resists oppression and censorship.

    An organizing tool for democratic activists in hostile regimes.

    An emergency communication network in times of crisis.


If you live near New York City, there will be a hack-fest February 18,
19, 20 (more information in first link above). I hope to see you there.

reply
	
	
naner 23 hours ago | link

I'm surprised it isn't one of the more popular projects among this
community.

You shouldn't be. My values align roughly with that of the freedombox
creators/developers but I can easily see this will have poorer adoption
than other well-intentioned technology like PGP or gNewSense.

If you want a project of this nature to see widespread use it will have
to be fun, usable, and pretty.

reply
	
	
aw3c2 1 day ago | link

You guys need a much simpler "what is freedombox". From the /learn text
I only get the impression that it is "Tor in a dedicated box". Where is
the social network?

reply
	

	
ryanklee 23 hours ago | link

I gave it my five-second rule, and browsed away feeling totally ignorant
of what the platform was about (or even if it was a platform).

reply
	

	
Woost 23 hours ago | link

Thirding. The "what is freedombox" posted here tells me basically
nothing. It sounds closer to marketing fluff than an actual description
of what freedombox is and does.

Is it a social network? Twitter? Both? Something new? Why should I want
to start using it, aside from claims of anonymity?

reply
	
	
pacala 1 day ago | link

I follow a few high profile tech news source, but I never heard of
Freedombox.

One major worry I have about decentralized systems is crackers. It's
hard enough to secure centralized systems using proprietary code behind
firewalls managed by an army of experts. How can a decentralized system
possibly avoid becoming a 0day distributed botnet?

reply
	

	
bootload 19 hours ago | link

"... I follow a few high profile tech news source, but I never heard of
Freedombox. ..."

That's why it's important to read HN.

Eben Moglen is one of the few lawyers I bother to listen too. It helps
he has a CS background. Moglen did a talk at New York Technology Council
& Internet Society, Friday, February 5, 2010 that outlined the idea
behind the freedom box. I remember watching & listening to the recording
just after the speech. It's worth the watch/listen to get the idea in
full.

The idea in short, "Own your own logs". Third parties can't infer what
they don't have. The talk is located here

- http://www.youtube.com/watch?v=kpHWnHxmnXg

- http://www.youtube.com/watch?v=QOEMv0S8AcA

or here for alternative AV formats ~ http://isoc-ny.org/?p=1338

reply
	
	
thomaslangston 1 day ago | link

> It's hard enough to secure centralized systems using proprietary code
behind firewalls managed by an army of experts. How can a decentralized
system possibly avoid becoming a 0day distributed botnet?

I do not understand your concern.

Centralized systems are easier to crack, not harder. Proprietary code
may or may not be easier to crack, but I'd lean towards easier.
Distributed systems do not require you to not have firewalls.
Distributed systems do not require you to not have experts managing
them. Nodes of a distributed system do not have to obey the commands of
other nodes or have a central control mechanism.

How would a decentralized system ever become a 0day botnet?

reply
	
	
pacala 1 day ago | link

The point of Freedombox is that everyone has his data in his own home.
If average Joe wants to share this data with his friends, average Joe is
going to run a server in his home. If the server code has a 0day
exploit, average Joe server easily becomes a node in a botnet.

How do you address the problem of managing a fleet of 800 Million
servers running in 800 Million homes? Who are the experts that manage
this problem and who finances their work? Why would average Joe trust
them with his data? What is the technical device through which they have
admin access to 800 Million servers in 800 Million homes?

reply
	

	
thomaslangston 13 hours ago | link

That may be the setup of that project, but it isn't the status of every
decentralized system. A decentralized system could as easily be funded
by individual users buying hosted space with professional admins.

I don't see the 0day exploit window of one additional application
running on local users' boxes to be much cause for alarm. Somehow we
muddled through decades of Windows boxes with everyone joining the Borg.

More information about the Freedombox-discuss mailing list