1
00:00:08,220 --> 00:00:11,122
I'm very proud to have as a guest here from the United States

2
00:00:11,122 --> 00:00:14,861
coming to Elevate is James Vasile of the Freedom Box Foundation

3
00:00:14,861 --> 00:00:20,619
James Vasile is working on a multitude of projects

4
00:00:20,619 --> 00:00:23,568
like Apache, I think, Joomla and many others. He is also a lawyer,

5
00:00:23,568 --> 00:00:31,347
and he's working also with the Freedom Box Foundation and the Free Software Foundation.

6
00:00:31,347 --> 00:00:37,895
He's going to present one of the, in my opinion, most revolutionary projects I've seen in recent years

7
00:00:37,895 --> 00:00:43,236
as we can see here, a little small box, the Freedom Box.

8
00:00:43,236 --> 00:00:48,042
Yeah, erm, James is going to do a presentation and then we're going to

9
00:00:48,042 --> 00:00:50,294
be open for questions and then sit down for a talk

10
00:00:50,294 --> 00:00:53,731
so James, I give the floor to you.

11
00:00:53,731 --> 00:00:56,564
Thank you, Daniel.

12
00:00:56,564 --> 00:01:03,135
I've been here at the Elevate festival for a few days now

13
00:01:03,135 --> 00:01:10,101
I've been attending the talks and the films and the music

14
00:01:10,101 --> 00:01:15,743
and this has been an amazing place to see all these different ideas coming togethers

15
00:01:15,743 --> 00:01:21,223
I want to say thank you to Daniel for organizing so much

16
00:01:21,223 --> 00:01:23,615
of this. To Joseph as well.

17
00:01:23,615 --> 00:01:30,349
To Daniel especially for making a big effort to get me out here,

18
00:01:30,349 --> 00:01:33,484
making it possible for me to come out here and being such a gracious host.

19
00:01:33,484 --> 00:01:36,316
Thank you Dan, I really appreciate it.

20
00:01:36,316 --> 00:01:42,841
<i>APPLAUSE</i>

21
00:01:42,841 --> 00:01:52,524
A long time ago, in the beginning of the internet

22
00:01:52,524 --> 00:01:56,657
When we first started using the internet as a way to talk to each other

23
00:01:56,657 --> 00:02:00,651
We mostly talked directly to each other, right?

24
00:02:00,651 --> 00:02:05,086
Think about how email works, on a technical level

25
00:02:05,086 --> 00:02:10,009
You take a message, you hand it off to your mail transport agent

26
00:02:10,009 --> 00:02:14,653
It sends it through a network, directly to the recipient.

27
00:02:14,653 --> 00:02:16,905
It hops through some other computers, but funadmentally

28
00:02:16,905 --> 00:02:21,084
you use the network to talk directly to your other computer

29
00:02:21,084 --> 00:02:26,309
the other computer where the recipient gets his or her mail

30
00:02:26,309 --> 00:02:30,489
It was a direct communication medium.

31
00:02:30,489 --> 00:02:33,484
If you're old enough to remember a program called 'talk'

32
00:02:33,484 --> 00:02:37,176
Talk was the first, sort of, interactive you type, they see it, they type, you see it

33
00:02:37,176 --> 00:02:40,403
instant message application.

34
00:02:40,403 --> 00:02:43,074
This again, was direct.

35
00:02:43,074 --> 00:02:48,205
You would put your, put their name, into your program, and address

36
00:02:48,205 --> 00:02:51,363
they would put theirs into yours, and you would just talk directly to each other

37
00:02:51,363 --> 00:02:57,308
You didn't send this message through servers. That centralised technology.

38
00:02:57,308 --> 00:03:02,091
From there, from those beginnings of talking directly to each other

39
00:03:02,091 --> 00:03:07,733
we started to build communities, emailing directly to people.

40
00:03:07,733 --> 00:03:10,705
But that was relatively inefficient.

41
00:03:10,705 --> 00:03:17,254
Talking directly to people, one-to-one, works very good for one-to-one converstions.

42
00:03:17,254 --> 00:03:19,506
But as soon as you want a group conversation

43
00:03:19,506 --> 00:03:21,735
as soon as you want to find people reliably who you haven't

44
00:03:21,735 --> 00:03:26,774
already set up contacts for, exchanged email addresses and such

45
00:03:26,774 --> 00:03:28,724
you run into friction, you run into problems

46
00:03:28,724 --> 00:03:34,018
So the solution to that, was to create more centralised structures

47
00:03:34,018 --> 00:03:37,896
and we did this with IRC

48
00:03:37,896 --> 00:03:41,472
IRC is a place where instead of talking directly to the people we're trying to reach

49
00:03:41,472 --> 00:03:45,210
we take a message, and we send it to an IRC server

50
00:03:45,210 --> 00:03:46,696
a third party

51
00:03:46,696 --> 00:03:48,484
and the IRC server then copies that message

52
00:03:48,484 --> 00:03:51,201
to all the people who we might want to talk to.

53
00:03:51,201 --> 00:03:54,336
We developed mailing lists, listservs

54
00:03:54,336 --> 00:03:58,214
And again, this was a way where we would take our message

55
00:03:58,214 --> 00:03:59,375
and hand it to a third party

56
00:03:59,375 --> 00:04:03,392
A mail server, that is not us and not the person we're trying to talk to

57
00:04:03,392 --> 00:04:05,923
and that mail server would then echo our communication to

58
00:04:05,923 --> 00:04:07,571
all the people we want to talk to

59
00:04:07,571 --> 00:04:10,381
and this was great, because you didn't have to know the

60
00:04:10,381 --> 00:04:12,563
addresses of all the people you wanted to talk to

61
00:04:12,563 --> 00:04:15,373
You could just all 'meet' in a common place

62
00:04:15,373 --> 00:04:19,529
We all meet in an IRC chatroom, we all meet on a listserv

63
00:04:19,529 --> 00:04:23,523
And there were a lot of IRC channels, and a lot of IRC servers

64
00:04:23,523 --> 00:04:25,311
and a lot of mail servers

65
00:04:25,311 --> 00:04:27,285
all across the internet

66
00:04:27,285 --> 00:04:28,887
A lot of places to do this communication.

67
00:04:28,887 --> 00:04:32,463
And if you didn't like the policies or the structures or the technology

68
00:04:32,463 --> 00:04:34,274
of any one of these service providers

69
00:04:34,274 --> 00:04:36,503
these IRC servers, or these list servers

70
00:04:36,503 --> 00:04:38,454
you could just switch, you could choose to run your own.

71
00:04:38,454 --> 00:04:40,102
It was very simple.

72
00:04:40,102 --> 00:04:46,975
This infrastructure is not hard to create, it's not hard to run, it's not hard to install.

73
00:04:46,975 --> 00:04:49,669
And so a lot of people did run, create and install it.

74
00:04:49,669 --> 00:04:53,082
There were a bunch of IRC servers, there were a bunch of different listserv packages

75
00:04:53,082 --> 00:04:57,842
But as we've moved forward in time,

76
00:04:57,842 --> 00:05:01,395
we've started to centralise even more.

77
00:05:01,395 --> 00:05:05,366
And, you can fast-forward to today

78
00:05:05,366 --> 00:05:07,455
where we're channeling our communication

79
00:05:07,455 --> 00:05:10,567
through fewer and fewer places.

80
00:05:10,567 --> 00:05:13,702
And we are making structures that are more and more central

81
00:05:13,702 --> 00:05:15,629
and more and more over-arching

82
00:05:15,629 --> 00:05:20,830
So, from the, the IRC way of talking to each other

83
00:05:20,830 --> 00:05:25,451
we moved to instant messaging applications.

84
00:05:25,451 --> 00:05:28,144
AOL Instant Messenger, ICQ,

85
00:05:28,144 --> 00:05:31,372
those were the early ways to do it

86
00:05:31,372 --> 00:05:33,299
and there were only a few of them

87
00:05:33,299 --> 00:05:36,852
MSN had its messaging system, Yahoo had its messaging system

88
00:05:36,852 --> 00:05:39,383
and when people wanted to talk to each other now,

89
00:05:39,383 --> 00:05:41,333
they were using third-parties again.

90
00:05:41,333 --> 00:05:43,144
But they were only using a few third parties.

91
00:05:43,144 --> 00:05:46,883
And if you wanted to switch providers,

92
00:05:46,883 --> 00:05:49,414
you would leave almost everyone you knew behind,

93
00:05:49,414 --> 00:05:51,364
your entire community behind.

94
00:05:51,364 --> 00:05:53,013
And so it becomes harder to switch.

95
00:05:53,013 --> 00:05:54,662
There are fewer options

96
00:05:54,662 --> 00:05:58,098
and the cost of switching leaves more and more people behind

97
00:05:58,098 --> 00:06:00,768
So you started to have lock-in.

98
00:06:00,768 --> 00:06:05,529
You started to have people who were chained to their methods of communication

99
00:06:05,529 --> 00:06:07,874
because the cost of losing your community is too high.

100
00:06:07,874 --> 00:06:10,126
And so if you don't like the technology, or you don't like the policy

101
00:06:10,126 --> 00:06:12,077
or you don't like the politics

102
00:06:12,077 --> 00:06:13,261
or if they're trying to filter you

103
00:06:13,261 --> 00:06:14,863
or censor you

104
00:06:14,863 --> 00:06:16,070
you don't have a lot of options.

105
00:06:16,070 --> 00:06:18,601
The cost of leaving is so high that you might stay.

106
00:06:18,601 --> 00:06:21,411
People do stay. And they accept it.

107
00:06:21,411 --> 00:06:25,265
And we went from that small basket of providers of this kind

108
00:06:25,265 --> 00:06:27,053
of communication technology

109
00:06:27,053 --> 00:06:29,143
to an even more centralised structure

110
00:06:29,143 --> 00:06:33,625
where there is effectively only one way to reach all our friends,

111
00:06:33,625 --> 00:06:36,040
in each mode of communication,

112
00:06:36,040 --> 00:06:37,502
Facebook.

113
00:06:37,502 --> 00:06:38,687
And Twitter.

114
00:06:38,687 --> 00:06:41,403
These two services rule everything.

115
00:06:41,403 --> 00:06:43,493
And I'm not going to stand here and say Facebook is evil

116
00:06:43,493 --> 00:06:45,142
and that Twitter is evil

117
00:06:45,142 --> 00:06:49,043
What I want to say is that having one place

118
00:06:49,043 --> 00:06:50,645
where we do all our communication

119
00:06:50,645 --> 00:06:53,176
leaves us at the mercy of the policies of the people

120
00:06:53,176 --> 00:06:55,544
that control the infrastructure that we are chained to,

121
00:06:55,544 --> 00:06:57,750
that we are stuck using, that we are locked into.

122
00:06:57,750 --> 00:07:02,232
You can't leave Facebook without leaving everybody you know

123
00:07:02,232 --> 00:07:05,645
because everybody you know is on Facebook.

124
00:07:05,645 --> 00:07:09,523
I was not a Facebook user.

125
00:07:09,523 --> 00:07:11,171
I was against Facebook.

126
00:07:11,171 --> 00:07:14,469
I thought it was bad to centralise all our communication in one place.

127
00:07:14,469 --> 00:07:15,653
I didn't like the privacy implications,

128
00:07:15,653 --> 00:07:18,207
I didn't like Facebook's censorship

129
00:07:18,207 --> 00:07:21,783
of things like pictures of nursing mothers.

130
00:07:21,783 --> 00:07:22,967
I don't think that kind of thing is obscene,

131
00:07:22,967 --> 00:07:25,498
and I don't think Facebook should have the ability to tell us

132
00:07:25,498 --> 00:07:27,565
what we can share with our friends.

133
00:07:27,565 --> 00:07:29,074
So I thought those were bad policies,

134
00:07:29,074 --> 00:07:32,464
and I reacted to that by not joining Facebook. For years.

135
00:07:32,464 --> 00:07:35,576
All my friends were on Facebook.

136
00:07:35,576 --> 00:07:41,682
I joined Facebook late last year. November.

137
00:07:41,682 --> 00:07:48,207
Because in November, a friend of mine passed away.

138
00:07:48,207 --> 00:07:50,018
His name was Chuck. He was a brilliant man.

139
00:07:50,018 --> 00:07:55,243
And he lived a lot of his life online.

140
00:07:55,243 --> 00:07:58,215
He was on Facebook, and he shared things with friends on Facebook.

141
00:07:58,215 --> 00:08:01,071
When he passed away I realised I hadn't communicated with him in a while,

142
00:08:01,071 --> 00:08:02,720
I hadn't really talked to him in a while.

143
00:08:02,720 --> 00:08:05,552
And the reason I hadn't was because I wasn't

144
00:08:05,552 --> 00:08:08,083
communicating with him in the place he communicates.

145
00:08:08,083 --> 00:08:10,034
I wasn't meeting him where he was, I wasn't on Facebook.

146
00:08:10,034 --> 00:08:12,402
I was missing out on something huge.

147
00:08:12,402 --> 00:08:15,653
That's the cost of not being there.

148
00:08:15,653 --> 00:08:17,441
And so I joined.

149
00:08:17,441 --> 00:08:19,368
Because I decided that as strong as my beliefs were,

150
00:08:19,368 --> 00:08:21,296
it was more important to me to be there with my friends and

151
00:08:21,296 --> 00:08:23,084
to talk to my friends.

152
00:08:23,084 --> 00:08:24,570
That's the power of lock-in.

153
00:08:24,570 --> 00:08:27,240
Me, a person who cares, as much as I do,

154
00:08:27,240 --> 00:08:31,048
who cares enough about these issues that I do something like this

155
00:08:31,048 --> 00:08:32,975
I got locked into Facebook. I'm there now.

156
00:08:32,975 --> 00:08:35,344
That's how I talk to a lot of my friends, whether I like it or not

157
00:08:35,344 --> 00:08:38,734
I am locked into Facebook.

158
00:08:38,734 --> 00:08:42,774
You know, I'm also on Diaspora. But my friends aren't on Diaspora.

159
00:08:42,774 --> 00:08:46,814
This sort of lock-in creates a sort of situation where

160
00:08:46,814 --> 00:08:51,133
we have one arbiter of what is acceptable speech,

161
00:08:51,133 --> 00:08:53,223
whether we like it or not.

162
00:08:53,223 --> 00:08:55,034
If they're free, we're free to the extent,

163
00:08:55,034 --> 00:08:56,218
only to the extent,

164
00:08:56,218 --> 00:08:57,263
that they give us freedom.

165
00:08:57,263 --> 00:08:59,051
And that to me isn't freedom.

166
00:08:59,051 --> 00:09:01,443
That to me is accepting what you're given.

167
00:09:01,443 --> 00:09:04,136
It's the exact opposite of making your own choices.

168
00:09:04,136 --> 00:09:08,641
The exact opposite of self-determination.

169
00:09:08,641 --> 00:09:13,564
All of our problems in communication can be traced

170
00:09:13,564 --> 00:09:16,977
to centralized communications infrastructure.

171
00:09:16,977 --> 00:09:22,620
Now, I've sort of told this story at the social level,

172
00:09:22,620 --> 00:09:25,870
in the way that we're talking about how to talk to your peers

173
00:09:25,870 --> 00:09:28,703
and your friends on the internet.

174
00:09:28,703 --> 00:09:33,765
But this story also exists when we think about relying on the pipes,

175
00:09:33,765 --> 00:09:38,247
relying on the hardware, the technical infrastructure behind the software.

176
00:09:38,247 --> 00:09:43,471
We rely on internet backbones,

177
00:09:43,471 --> 00:09:45,700
we rely on centralized cellphone networks,

178
00:09:45,700 --> 00:09:47,952
we rely on centralized telephone networks.

179
00:09:47,952 --> 00:09:52,434
The people that control these networks have the ability

180
00:09:52,434 --> 00:09:54,802
to tell us what we're allowed to say,

181
00:09:54,802 --> 00:09:56,614
when we're allowed to say it.

182
00:09:56,614 --> 00:09:59,748
They have the ability to filter us, to censor us, to influence us.

183
00:09:59,748 --> 00:10:02,581
Sometimes they use that ability, and sometimes they don't,

184
00:10:02,581 --> 00:10:04,671
and sometimes by law they're not allowed to.

185
00:10:04,671 --> 00:10:06,482
But at the end of the day

186
00:10:06,482 --> 00:10:09,268
the power doesn't rest in our hands.

187
00:10:09,268 --> 00:10:11,521
The power, from a technological perspective,

188
00:10:11,521 --> 00:10:13,587
rests in the hands of the people that operate the

189
00:10:13,587 --> 00:10:15,654
networks.

190
00:10:15,654 --> 00:10:20,414
Centralization doesn't just allow this sort of filtering and censorship.

191
00:10:20,414 --> 00:10:23,525
There's another big problem with centralization.

192
00:10:23,525 --> 00:10:26,056
The other big problem with centralization is that by

193
00:10:26,056 --> 00:10:30,050
gathering all of our data in one place

194
00:10:30,050 --> 00:10:33,510
it becomes easy

195
00:10:33,510 --> 00:10:36,645
to spy on us.

196
00:10:36,645 --> 00:10:39,338
So every time you go to a website

197
00:10:39,338 --> 00:10:41,428
pretty much

198
00:10:41,428 --> 00:10:45,445
the website includes, at the bottom of the page

199
00:10:45,445 --> 00:10:49,927
a little graphic or invisible Javascript thing

200
00:10:49,927 --> 00:10:53,061
that tells Google that you came to visit the page.

201
00:10:53,061 --> 00:10:56,173
Eva goes to a website, and the website says

202
00:10:56,173 --> 00:10:59,284
"Hey Google! Eva just came to my website!"

203
00:10:59,284 --> 00:11:01,490
Every time she goes to a website, that happens.

204
00:11:01,490 --> 00:11:04,764
And so Google effectively sits next to her and watches,

205
00:11:04,764 --> 00:11:06,552
while she uses the internet.

206
00:11:06,552 --> 00:11:07,899
Watches everything she does,

207
00:11:07,899 --> 00:11:09,083
and everything she enters,

208
00:11:09,083 --> 00:11:11,637
everything she looks at and knows.

209
00:11:11,637 --> 00:11:15,236
It's not just her search data, it's not just her Gmail.

210
00:11:15,236 --> 00:11:19,253
It's the entire picture of her digital life.

211
00:11:19,253 --> 00:11:22,086
In one place.

212
00:11:22,086 --> 00:11:23,735
That's a pretty complete profile.

213
00:11:23,735 --> 00:11:24,780
If you were able...

214
00:11:24,780 --> 00:11:27,613
...imagine if somebody could sit next to you and watch

215
00:11:27,613 --> 00:11:29,261
everything you did online,

216
00:11:29,261 --> 00:11:31,351
imagine how much they would know about you.

217
00:11:31,351 --> 00:11:33,278
That's how much Google knows about you.

218
00:11:33,278 --> 00:11:36,250
Google knows more about you than you know about yourself,

219
00:11:36,250 --> 00:11:39,942
because Google never forgets.

220
00:11:39,942 --> 00:11:42,914
Google knows more about you than your parents,

221
00:11:42,914 --> 00:11:43,959
than your partner,

222
00:11:43,959 --> 00:11:46,885
Google knows your secrets, your worst secrets,

223
00:11:46,885 --> 00:11:48,673
Google knows if you're cheating on your spouse

224
00:11:48,673 --> 00:11:49,857
because they saw you do the Google search for the

225
00:11:49,857 --> 00:11:54,641
sexually-transmitted disease.

226
00:11:54,641 --> 00:11:56,707
Google knows your hopes and your dreams.

227
00:11:56,707 --> 00:11:58,170
Because the things we hope and dream about,

228
00:11:58,170 --> 00:11:59,354
we look for more information about.

229
00:11:59,354 --> 00:12:00,701
We're natural information seekers.

230
00:12:00,701 --> 00:12:02,489
We think about something, it fascinates us,

231
00:12:02,489 --> 00:12:05,182
we go and look it up online. We search around.

232
00:12:05,182 --> 00:12:06,970
We look around the internet, and we think about it.

233
00:12:06,970 --> 00:12:11,011
And Google is right there. Following our thought process,

234
00:12:11,011 --> 00:12:15,028
the thought process in our click trail.

235
00:12:15,028 --> 00:12:19,347
That is an intimate relationship.

236
00:12:19,347 --> 00:12:21,297
Right? Do you want an intimate relationship with Google?

237
00:12:21,297 --> 00:12:21,901
Maybe you do.

238
00:12:21,901 --> 00:12:25,500
I personally, don't.

239
00:12:25,500 --> 00:12:28,774
But that's it, Google sits next to us and watches us use

240
00:12:28,774 --> 00:12:30,121
our computers.

241
00:12:30,121 --> 00:12:34,741
And if anyone actually did... if you had a friend who wanted

242
00:12:34,741 --> 00:12:37,272
to sit next to you, or a stranger said I want to sit next to you

243
00:12:37,272 --> 00:12:39,060
and just watch you use your computer all day,

244
00:12:39,060 --> 00:12:41,406
you would use that computer very differently to the way you do now.

245
00:12:41,406 --> 00:12:44,378
But because Google doesn't physically sit next to you,

246
00:12:44,378 --> 00:12:49,068
Google sits invisibly in the box, you don't know Google is there.

247
00:12:49,068 --> 00:12:51,158
But you do know, right?

248
00:12:51,158 --> 00:12:52,644
We're all aware of this. I'm not saying any of you don't know,

249
00:12:52,644 --> 00:12:55,755
especially in a room like this.

250
00:12:55,755 --> 00:12:57,102
But we don't think about it.

251
00:12:57,102 --> 00:12:58,751
We try not to think about it.

252
00:12:58,751 --> 00:13:01,584
We are locked in, to the internet.

253
00:13:01,584 --> 00:13:03,650
We can't stop using it.

254
00:13:03,650 --> 00:13:05,299
And the structures that exist,

255
00:13:05,299 --> 00:13:06,506
the infrastructure that exists,

256
00:13:06,506 --> 00:13:09,014
that has been slowly turned from

257
00:13:09,014 --> 00:13:12,729
a means to allow us to communicate with each other

258
00:13:12,729 --> 00:13:16,119
to a means of allowing us to access web services

259
00:13:16,119 --> 00:13:19,811
in return for all our personal information so we can be bought and sold

260
00:13:19,811 --> 00:13:21,599
like products.

261
00:13:21,599 --> 00:13:24,966
That is the problem. That is the problem of centralization, of having one structure.

262
00:13:24,966 --> 00:13:27,381
As soon as we put all that information in one place

263
00:13:27,381 --> 00:13:32,025
we get complete profiles of us, you get complete pictures of you.

264
00:13:32,025 --> 00:13:33,488
And that is a lot of information.

265
00:13:33,488 --> 00:13:34,556
It's valuable information.

266
00:13:34,556 --> 00:13:39,455
It's information that is used, right now, mostly to sell you things.

267
00:13:39,455 --> 00:13:42,288
And that, you might find objectionable.

268
00:13:42,288 --> 00:13:43,171
Maybe you don't.

269
00:13:43,171 --> 00:13:46,909
Maybe you don't believe the studies that say you can't ignore advertising.

270
00:13:46,909 --> 00:13:51,669
Maybe you think that you are smart and special, and advertising doesn't affect you.

271
00:13:51,669 --> 00:13:53,457
You're wrong.

272
00:13:53,457 --> 00:13:56,267
But maybe you believe that.

273
00:13:56,267 --> 00:14:02,025
But that information, that same infrastructure, that same technology that allows them

274
00:14:02,025 --> 00:14:05,973
to know you well enough to sell you soap

275
00:14:05,973 --> 00:14:12,219
allows them to know you well enough to decide how much of a credit risk you are,

276
00:14:12,219 --> 00:14:14,146
how much of a health risk you are,

277
00:14:14,146 --> 00:14:16,956
and what your insurance premiums should look like.

278
00:14:16,956 --> 00:14:18,906
In America we have a big problem right now.

279
00:14:18,906 --> 00:14:23,225
Insurance costs are out of control. Health insurance. We're having a lot of difficulty paying for it.

280
00:14:23,225 --> 00:14:28,728
Insurance companies would like to respond to this problem

281
00:14:28,728 --> 00:14:31,747
by knowing better who's a good risk and who's a bad risk

282
00:14:31,747 --> 00:14:35,624
so they can lower prices for the good risk and raise prices for the bad risk.

283
00:14:35,624 --> 00:14:41,290
Essentially they want to make people who are going to get sick, uninsurable.

284
00:14:41,290 --> 00:14:45,330
And if you could know enough about a person to know what their risk factors are based on

285
00:14:45,330 --> 00:14:49,347
what they're digital life is, if you can get just a little bit of information about them,

286
00:14:49,347 --> 00:14:53,365
maybe you can figure out who their parents are and what hereditary diseases they might be subject to,

287
00:14:53,365 --> 00:14:55,872
you can start to understand these things.

288
00:14:55,872 --> 00:14:58,844
You can start to figure out who's a good risk and who's a bad risk.

289
00:14:58,844 --> 00:15:04,487
You can use this information for ends that seem reasonable if you're a health insurance

290
00:15:04,487 --> 00:15:07,041
company, but probably don't seem reasonable if you're

291
00:15:07,041 --> 00:15:10,315
the kind of person sitting in this room, the kind of person that I talk to.

292
00:15:10,315 --> 00:15:17,467
And that's the problem. The innocuous use. The use that seems kind of icky, but not truly evil,

293
00:15:17,467 --> 00:15:19,696
which is advertising.

294
00:15:19,696 --> 00:15:25,246
It's the same mechanism, the same data, that then gets used for other purposes.

295
00:15:25,246 --> 00:15:32,838
It's the same data that then gets turned over to a government who wants to oppress you

296
00:15:32,838 --> 00:15:36,577
because you are supporting wikileaks.

297
00:15:36,577 --> 00:15:39,828
And that's not a fantasy, that's what happened.

298
00:15:39,828 --> 00:15:49,325
It's the same information that anybody who wants to know something about you for an evil end would use.

299
00:15:49,325 --> 00:15:56,616
We have a saying in the world of information, that if the data exists, you can't decide what it gets

300
00:15:56,616 --> 00:15:58,148
used for.

301
00:15:58,148 --> 00:16:03,048
Once data exists, especially data in the hands of the government, of officials,

302
00:16:03,048 --> 00:16:05,811
once that data exists, it's a resource.

303
00:16:05,811 --> 00:16:10,153
And the use of that resource it its own energy, its own logic.

304
00:16:10,153 --> 00:16:15,401
Once a resource is there begging to be used, it's very hard to stop it from being used.

305
00:16:15,401 --> 00:16:22,645
Because it's so attractive, it's so efficient, it would solve so many problems to use the data.

306
00:16:22,645 --> 00:16:28,590
And so once you collect the data, once the data exists in one centralized place,

307
00:16:28,590 --> 00:16:35,439
for anybody to come and get it with a warrant, or maybe no warrant, or maybe some money...

308
00:16:35,439 --> 00:16:41,059
somebody is going to come with a warrant, or no warrant, and they are going to get that data.

309
00:16:41,059 --> 00:16:42,847
And they will use it for whatever they want to use it.

310
00:16:42,847 --> 00:16:47,189
Once it's out of the hands of the first person who collected it, who maybe you trust,

311
00:16:47,189 --> 00:16:52,692
who maybe has good privacy policies, who maybe has no intention to do anything with your data

312
00:16:52,692 --> 00:16:58,613
other than use it for diagnostic purposes, once it's out of that person's hands it's gone.

313
00:16:58,613 --> 00:17:00,981
You never know where it goes after that.

314
00:17:00,981 --> 00:17:02,909
It is completely uncontrolled and unchecked

315
00:17:02,909 --> 00:17:05,904
and there is no ability to restrain what happens to that data.

316
00:17:05,904 --> 00:17:14,379
So all of this is my attempt to convince you that privacy is a real value in our society,

317
00:17:14,379 --> 00:17:18,095
and that the danger of losing privacy is a real problem.

318
00:17:18,095 --> 00:17:20,788
It's not just the censorship, it's not just the filtering,

319
00:17:20,788 --> 00:17:26,918
it's not just the propaganda, the influencing of opinion, that's one aspect of it,

320
00:17:26,918 --> 00:17:35,417
it's not just the free speech. It's also the privacy, because privacy goes to the heart of our autonomy.

321
00:17:35,417 --> 00:17:43,451
About a year and a half ago to two years ago at the Software Freedom Law Center

322
00:17:43,451 --> 00:17:47,607
a man named Ian Sullivan who's a co-worker of mine,

323
00:17:47,607 --> 00:17:49,697
he bought a bunch of plug servers,

324
00:17:49,697 --> 00:17:54,480
because he was really excited at the thought of using them as print servers, and media servers,

325
00:17:54,480 --> 00:17:59,240
and he started tinkering with them in our office.

326
00:17:59,240 --> 00:18:02,932
My boss Eben Moglen who is a long-time activist in the Free Software movement,

327
00:18:02,932 --> 00:18:15,030
fought very hard for Phil Zimmerman and PGP when that was a big issue,

328
00:18:15,030 --> 00:18:23,552
he looked at this technology and he immediately realised that several streams had come together in one

329
00:18:23,552 --> 00:18:24,596
place.

330
00:18:24,596 --> 00:18:27,987
There's a lot of really good technology to protect your privacy right now.

331
00:18:27,987 --> 00:18:31,144
In fact that's the stuff we're putting on the Freedom Box.

332
00:18:31,144 --> 00:18:33,095
We're not writing new software.

333
00:18:33,095 --> 00:18:36,740
We are gathering stuff, and putting it in one place.

334
00:18:36,740 --> 00:18:40,920
Stuff that other people did because there are people who are better at writing software, and security,

335
00:18:40,920 --> 00:18:43,265
than we are. We're software integrators.

336
00:18:43,265 --> 00:18:46,679
And he realised there was all this software out there, and suddenly there was a box to put it on.

337
00:18:46,679 --> 00:18:53,111
You could put all that software in one place, make it easy, and give it to people in one neat package.

338
00:18:53,111 --> 00:18:56,710
Pre-installed, pre-configured, or as close to it as we can get.

339
00:18:56,710 --> 00:19:02,654
And that, was the vision for the FreedomBox.

340
00:19:02,654 --> 00:19:08,180
The FreedomBox is a tiny computer. Look at this.

341
00:19:08,180 --> 00:19:10,874
That's small, it's unobtrusive.

342
00:19:10,874 --> 00:19:11,779
So it's a small computer.

343
00:19:11,779 --> 00:19:16,238
And we don't just mean small in size... it doesn't take a lot of energy.

344
00:19:16,238 --> 00:19:22,670
I could be running this box on a couple of AA batteries for the life of this presentation.

345
00:19:22,670 --> 00:19:24,620
You could run it on a solar panel.

346
00:19:24,620 --> 00:19:27,778
It's very lightweight infrastructure.

347
00:19:27,778 --> 00:19:33,304
You plug it into your home network, and when I say home network,

348
00:19:33,304 --> 00:19:35,092
(I'm going to pass this around)

349
00:19:35,092 --> 00:19:38,343
When I say home network, I mean home network.

350
00:19:38,343 --> 00:19:42,824
This is technology we are designing for individuals to use to talk to their friends.

351
00:19:42,824 --> 00:19:47,910
Our use-case, the thing we're trying to protect is you guys, as individuals in your communities.

352
00:19:47,910 --> 00:19:51,927
This isn't a small-business appliance, it's not a large corporate applicance, this is a thing

353
00:19:51,927 --> 00:19:58,939
that we are truly aiming at the home market, and people who care about privacy on an individual level.

354
00:19:58,939 --> 00:20:05,975
You plug it into your home network to protect your privacy, your freedom, your anonymity and your security.

355
00:20:05,975 --> 00:20:09,690
That is our mission statement, I guess. Unofficially.

356
00:20:09,690 --> 00:20:17,004
That is what we believe we are trying to do with this device.

357
00:20:17,004 --> 00:20:22,089
So, what privacy means in this context, the way we're going to go about trying to protect your privacy

358
00:20:22,089 --> 00:20:27,616
is to connect you directly with other people and take everything you do and try to encrypt it

359
00:20:27,616 --> 00:20:31,331
so that only you and the person you are talking to can see it. This is not a new idea.

360
00:20:31,331 --> 00:20:35,696
We can do encrypted messaging, and we can do encrypted browsing.

361
00:20:35,696 --> 00:20:43,986
Now there are problems with encrypted browsing. Right now if you want to have secure browsing you generally

362
00:20:43,986 --> 00:20:45,890
use something called SSL.

363
00:20:45,890 --> 00:20:57,523
SSL is a system of certificates that allow a web server to say to you "we can talk privately".

364
00:20:57,523 --> 00:21:01,981
That's the first guarantee, a secure cryptographic connection (A).

365
00:21:01,981 --> 00:21:05,673
and (B) I can authenticate to you that I am who I say I am.

366
00:21:05,673 --> 00:21:11,362
So not only can nobody listen, but you know who you're talking to.

367
00:21:11,362 --> 00:21:18,328
You're not secretly talking to the government, when really you're talking to me.

368
00:21:18,328 --> 00:21:23,878
The problem with SSL, the big problem with SSL, is that the system for signing certificates relies

369
00:21:23,878 --> 00:21:28,266
on a trust hierachy that goes back to a cartel of companies who have the server certificates,

370
00:21:28,266 --> 00:21:35,581
who have the ability to do this "guarantee". So when the website says to you "I guarantee I am who I

371
00:21:35,581 --> 00:21:42,639
am", you say "I don't know you, I don't trust you". And they say "Oh, but this other company, I paid

372
00:21:42,639 --> 00:21:47,098
them money, and so they'll guarantee that I am me."

373
00:21:47,098 --> 00:21:52,624
Which is a really interesting idea - because I also don't know this company, why would I trust that company?

374
00:21:52,624 --> 00:21:57,059
I mean, the company is just old enough and influential enough that they could actually get their

375
00:21:57,059 --> 00:22:03,630
authority into my browser. So really my browser is willing to accept at face-value that this website

376
00:22:03,630 --> 00:22:07,345
is who it says it is, but I don't necessarily accept that.

377
00:22:07,345 --> 00:22:13,150
And then, we have the problem of self-signed certificate. Where if they say, none of those authorities

378
00:22:13,150 --> 00:22:17,771
in your browser trust me, I trust myself and look, I've signed a piece of paper -

379
00:22:17,771 --> 00:22:20,581
I swear I am who I say I am.

380
00:22:20,581 --> 00:22:24,017
And that, is not trustworthy at all, right?

381
00:22:24,017 --> 00:22:27,895
That's just him saying again "No, really! I'm me!".

382
00:22:27,895 --> 00:22:33,584
So this is a problem, because the FreedomBoxes are not going to trust the SSL cartel,

383
00:22:33,584 --> 00:22:36,696
and they are not going to trust each other, so they can't just sort of swear to each other that

384
00:22:36,696 --> 00:22:39,528
they are who they are.

385
00:22:39,528 --> 00:22:45,124
So we think we've solved this. I'm not going to say we've solved it, because we're just starting to tell

386
00:22:45,124 --> 00:22:52,137
people about this idea, and I'm sure people will have reasons why the idea can be improved.

387
00:22:52,137 --> 00:22:58,406
But there is a technology called MonkeySphere, that allows you to take an SSH key and wrap it around a

388
00:22:58,406 --> 00:23:03,329
PGP key, and use a PGP key to authenticate SSH connections.

389
00:23:03,329 --> 00:23:10,341
It's really neat technology that allows you to replace SSH trust with PGP trust.

390
00:23:10,341 --> 00:23:14,498
And we looked at that, and we thought, why can't we do that with SSL?

391
00:23:14,498 --> 00:23:21,371
So one thing we're going do with browsing is take an SSL certificate, an X.509 certificate,

392
00:23:21,371 --> 00:23:25,248
and wrap it around a PGP key and send it through the normal SSL layer mechanisms

393
00:23:25,248 --> 00:23:32,284
but when it gets to the other end, smart servers and smart browsers will open it up and use PGP mechanisms

394
00:23:32,284 --> 00:23:39,575
to figure out how to trust people, to verify the connections, to sign the authentication of the identity

395
00:23:39,575 --> 00:23:42,687
of the browser, of the server.

396
00:23:42,687 --> 00:23:48,492
This allows us to replace the SSL cartel with the web of trust, the keyservers.

397
00:23:48,492 --> 00:23:57,292
We're replacing a tiny group of companies that control everything with keyservers, community infrastructure.

398
00:23:57,292 --> 00:24:01,170
Anyone can set up a keyserver, and you can decide which one you want to trust.

399
00:24:01,170 --> 00:24:02,772
They share information.

400
00:24:02,772 --> 00:24:06,232
The web of trust is built on people, telling each other that they trust each other.

401
00:24:06,232 --> 00:24:09,947
Again, you can decide who to trust and how much you want to trust them.

402
00:24:09,947 --> 00:24:16,193
This is emblematic of our approach. We've identified structures that are unreliable because

403
00:24:16,193 --> 00:24:20,373
they are centralized, because they are controlled by interests that are not the same interests

404
00:24:20,373 --> 00:24:22,625
as our interests.

405
00:24:22,625 --> 00:24:29,777
And we've decided to replace them wherever we can with structures that rely on people,

406
00:24:29,777 --> 00:24:37,532
that rely on human relationships, that rely less on the notion that you can buy trust, and more on the

407
00:24:37,532 --> 00:24:42,292
notion that you earn trust, by being trustworthy, by having people vouch for you over time.

408
00:24:42,292 --> 00:24:50,303
So that's our approach to encrypted browsing. It's also our approach to encrypted messaging.

409
00:24:50,303 --> 00:24:58,221
We're doing Jabber for a lot of message passing, XMPP, and we're securing that again with PGP.

410
00:24:58,221 --> 00:25:02,076
Everywhere we can we're going to try to use the PGP network, because it already exists...

411
00:25:02,076 --> 00:25:04,351
as I said, we're not trying to invent anything new.

412
00:25:04,351 --> 00:25:10,621
PGP already exists and it does a really good job. So we're taking the PGP trust system and we're

413
00:25:10,621 --> 00:25:16,611
going to apply it to things like XMPP and make sure that we can do message passing in a way

414
00:25:16,611 --> 00:25:18,539
that we can trust.

415
00:25:18,539 --> 00:25:26,015
Once we have XMPP we have a way to send text, a way to send audio, sure...

416
00:25:26,015 --> 00:25:28,709
but also you can send structured data.

417
00:25:28,709 --> 00:25:33,144
Through that same channel. And you can send that data to buddy lists.

418
00:25:33,144 --> 00:25:39,344
So the system starts to look like a way to pass data in a social way. And we think this is the

419
00:25:39,344 --> 00:25:42,432
beginning of the social layer of the box.

420
00:25:42,432 --> 00:25:46,890
At the bottom of the box we have a belief that the technology should be social

421
00:25:46,890 --> 00:25:48,376
from the ground up.

422
00:25:48,376 --> 00:25:50,629
And so we're building structures that allow it to be social,

423
00:25:50,629 --> 00:25:55,505
that assume you want to connect with friends in a network of freedom,

424
00:25:55,505 --> 00:26:01,310
perhaps FreedomBoxes, perhaps other kinds of software, other kinds of technology.

425
00:26:01,310 --> 00:26:04,259
And we're designing with that in mind.

426
00:26:04,259 --> 00:26:08,740
With that in mind, we think we get certain benefits technologically which I'll get into later.

427
00:26:08,740 --> 00:26:13,384
We think we can simply things like key management, through methods like this.

428
00:26:13,384 --> 00:26:19,189
By privacy I also mean that we can install a proxy server, privoxy,

429
00:26:19,189 --> 00:26:21,209
we think the answer is privoxy here,

430
00:26:21,209 --> 00:26:26,852
privoxy on the box, so you can point your browser at the box, surf the web on the box,

431
00:26:26,852 --> 00:26:33,632
and strip ads, strip cookies, stop Google from tracking you from website to website to website,

432
00:26:33,632 --> 00:26:43,338
to remove, the constant person sitting at your side, spying, recording, listening to everything you do.

433
00:26:43,338 --> 00:26:46,914
In that vein, we don't just want to block ads and reject cookies,

434
00:26:46,914 --> 00:26:50,327
we want to do something new, relatively new.

435
00:26:50,327 --> 00:27:02,750
We think we want to munge your browser fingerprint, that unique pattern of data that is captured by your

436
00:27:02,750 --> 00:27:03,632
user-agent string and what plugins you have, and all that stuff

437
00:27:03,632 --> 00:27:07,812
that forms a unique profile of you that allows people to track your browser, companies to track your

438
00:27:07,812 --> 00:27:09,878
browser as you hop along the web, even if they don't know anything about you.

439
00:27:09,878 --> 00:27:13,338
It can sort of tie you to the browser, make profiles about your browser.

440
00:27:13,338 --> 00:27:16,473
And that turns out to be a very effective way of figuring out who you are.

441
00:27:16,473 --> 00:27:23,578
So even without a cookie, even without serving you with an ad, once they're talking to you they can

442
00:27:23,578 --> 00:27:26,388
uniquely identify you, or relatively uniquely.

443
00:27:26,388 --> 00:27:32,750
But it's relatively early in the browser fingerprint arms race.

444
00:27:32,750 --> 00:27:37,649
We think that with a very little bit of changing, we can foil the recording.

445
00:27:37,649 --> 00:27:40,505
and win this round at least.

446
00:27:40,505 --> 00:27:46,937
And instead of having one profile where they gather all of your data, you will present to services

447
00:27:46,937 --> 00:27:51,279
as a different person every time you use the service. So they cannot build profiles of you over time.

448
00:27:51,579 --> 00:27:53,157
That's what privacy looks like in our context. We're looking for cheap ways to foil the tracking.

449
00:27:55,057 --> 00:28:02,054
We're looking for easy things we can do, because we believe there's a lot of low-hanging fruit.

450
00:28:02,054 --> 00:28:05,931
And we'll talk about that more in a minute.

451
00:28:05,931 --> 00:28:09,832
Freedom is our value, freedom is the thing we are aiming for,

452
00:28:09,832 --> 00:28:13,431
freedom from centralized structures like the pipes.

453
00:28:13,431 --> 00:28:19,213
Now mesh networking, I have mesh networking in my slides. That is a lie.

454
00:28:19,213 --> 00:28:21,465
We are not doing mesh networking.

455
00:28:21,465 --> 00:28:26,992
The reason we are not doing mesh networking is because I do not know <i>anything</i> about mesh networking

456
00:28:26,992 --> 00:28:31,705
and one of the reaons I came here was to meet people who know a lot about mesh networking

457
00:28:31,705 --> 00:28:34,492
and I see people in this audience who know a lot about mesh networking.

458
00:28:34,492 --> 00:28:41,295
If you want to turn that lie into the truth, the way you do that

459
00:28:41,295 --> 00:28:43,548
is by continuing on your projects, making mesh networking awesome,

460
00:28:43,548 --> 00:28:46,195
to the point where I can say yes, we're going to put that in this box.

461
00:28:46,195 --> 00:28:49,190
Then eventually, by the time this box is ready to do real

462
00:28:49,190 --> 00:28:52,766
things for real people, we're really hoping that the mesh story

463
00:28:52,766 --> 00:28:56,504
coheres, where we've identified the protocol and the technology and the people who are going to help

464
00:28:56,504 --> 00:29:00,243
us. If you think you might be one of those people, we want to talk to you.

465
00:29:00,243 --> 00:29:02,774
So yes, we are going to do mesh networking,

466
00:29:02,774 --> 00:29:05,746
and that might be a lie

467
00:29:05,746 --> 00:29:08,277
but I hope not.

468
00:29:08,277 --> 00:29:10,668
We want you to have the freedom to own your data

469
00:29:10,668 --> 00:29:16,775
that means data portability, that means that your data sits on your box and never goes to a third party.

470
00:29:16,775 --> 00:29:18,586
It only goes to the people you want it to go to.

471
00:29:18,586 --> 00:29:23,625
Fine-grained access control. Your data, your structures, you decide where it goes.

472
00:29:23,625 --> 00:29:25,390
That's a user-interface problem,

473
00:29:25,390 --> 00:29:27,155
that's a user permission problem,

474
00:29:27,155 --> 00:29:29,105
an access control problem.

475
00:29:29,105 --> 00:29:33,261
Access control is a solved problem.

476
00:29:33,261 --> 00:29:37,882
Doing it through a convenient user-interface, that's not solved... so that's work to be done.

477
00:29:37,882 --> 00:29:42,039
That's a big chunk of our todo list.

478
00:29:42,039 --> 00:29:43,710
We want you to own your social network

479
00:29:43,710 --> 00:29:50,119
Before Facebook there was a thing called MySpace, which was... I'm not even sure it exists anymore.

480
00:29:50,119 --> 00:29:54,136
Before MySpace there was Tribe.

481
00:29:54,136 --> 00:29:56,551
Before Tribe there was Friendster.

482
00:29:56,551 --> 00:29:59,825
Friendster is now like a... "gaming network".

483
00:29:59,825 --> 00:30:02,820
I don't know what it is but they still send me email

484
00:30:02,820 --> 00:30:06,234
Which is the only reason I know they're still alive.

485
00:30:06,234 --> 00:30:11,017
Before Friendster was the original social network.

486
00:30:11,017 --> 00:30:15,522
We called this social network "the internet".

487
00:30:15,522 --> 00:30:17,008
We talked directly to each other,

488
00:30:17,008 --> 00:30:21,420
we used email, an instant messenger and IRC.

489
00:30:21,420 --> 00:30:23,951
We talked to people using the structures that were out there.

490
00:30:23,951 --> 00:30:27,828
It wasn't centralized in one service, we had a lot of ways of meeting each other

491
00:30:27,828 --> 00:30:29,152
and passing messages.

492
00:30:29,152 --> 00:30:31,706
What we lacked was a centralized interface.

493
00:30:31,706 --> 00:30:35,584
So when we say "own your social network" we mean use the services of the internet,

494
00:30:35,584 --> 00:30:37,650
own the pieces that talk to each other.

495
00:30:37,650 --> 00:30:41,110
Hopefully we'll provide you with a convenient interface to do that.

496
00:30:41,110 --> 00:30:44,106
But the actual structures, the places where your data live,

497
00:30:44,106 --> 00:30:48,401
that is just the same pieces that we know how to use already.

498
00:30:48,401 --> 00:30:51,234
We are not going to try to reinvent how you talk to people,

499
00:30:51,234 --> 00:30:56,459
we're just going to make it so that the pipes are secure.

500
00:30:56,459 --> 00:30:59,454
A big part of freedom, a big part of privacy,

501
00:30:59,454 --> 00:31:02,426
is anonymity.

502
00:31:02,426 --> 00:31:06,443
Tor can provide anonymity.

503
00:31:06,443 --> 00:31:08,812
But we don't have to go all the way to Tor.

504
00:31:08,812 --> 00:31:12,248
Tor is expensive, in terms of latency.

505
00:31:12,248 --> 00:31:16,822
Tor is difficult to manage...

506
00:31:16,822 --> 00:31:21,397
I don't know how many people have tried to use Tor, to run all their traffic through Tor.

507
00:31:21,397 --> 00:31:23,649
It's hard. For two reasons.

508
00:31:23,649 --> 00:31:26,575
For one, the latency... it takes a very long time to load a web page.

509
00:31:26,575 --> 00:31:32,380
And two, you look like a criminal. To every website that you go to.

510
00:31:32,380 --> 00:31:38,649
My bank shut down my account when I used Tor.

511
00:31:38,649 --> 00:31:44,942
Because suddenly, I was coming from an IP address in Germany that they had detected in the past

512
00:31:44,942 --> 00:31:48,518
efforts to hack them on.

513
00:31:48,518 --> 00:31:52,256
So they closed my account, well I had to talk to them about it,

514
00:31:52,256 --> 00:31:53,905
it did all get solved in the end.

515
00:31:53,905 --> 00:31:57,782
PayPal as well closed my account down.

516
00:31:57,782 --> 00:31:59,408
So that was the end of my ability to use Tor.

517
00:31:59,408 --> 00:32:01,057
So we can't just run all our traffic through Tor.

518
00:32:01,057 --> 00:32:07,117
It's too slow, and the network has weird properties in terms of how you present to websites,

519
00:32:07,117 --> 00:32:08,951
that frankly, are scary.

520
00:32:08,951 --> 00:32:16,916
Because if I look like a criminal to the bank, I don't want to imagine what I look like to my own government.

521
00:32:16,916 --> 00:32:19,006
But we can do privacy in other ways.

522
00:32:19,006 --> 00:32:25,252
If you are a web user, in China, and you want to surf the internet,

523
00:32:25,252 --> 00:32:30,941
with full access to every website you might go to, and with privacy from your government,

524
00:32:30,941 --> 00:32:34,981
so that you don't get a knock on your door from visiting those websites,

525
00:32:34,981 --> 00:32:36,769
we can do that without Tor.

526
00:32:36,769 --> 00:32:39,021
We don't need Tor to do that. We can do that cheaply.

527
00:32:39,021 --> 00:32:45,592
Because all you need to do in that situation is get your connection out of China.

528
00:32:45,592 --> 00:32:54,393
Send your request for a web page through an encrypted connection to a FreedomBox in...

529
00:32:54,393 --> 00:32:58,410
Austria, America, who knows?

530
00:32:58,410 --> 00:33:05,933
Just get the request away from the people who physically have the power to control you.

531
00:33:05,933 --> 00:33:08,905
And we can do that cheaply, that's just SSH port forwarding.

532
00:33:08,905 --> 00:33:14,130
That's just a little bit of tunneling, that's just a little bit of VPN.

533
00:33:14,130 --> 00:33:16,057
There's a lot of ways to do that sort of thing,

534
00:33:16,057 --> 00:33:20,840
to give you anonymity and privacy in your specific context

535
00:33:20,840 --> 00:33:22,791
without going all the way into something like Tor.

536
00:33:22,791 --> 00:33:25,902
Now there are people who are going to need Tor.

537
00:33:25,902 --> 00:33:27,969
They will need it for their use case.

538
00:33:27,969 --> 00:33:32,891
But not every use case requires that level of attack.

539
00:33:32,891 --> 00:33:37,930
And so one of the things we're trying to do is figure out how much privacy and anonymity you need,

540
00:33:37,930 --> 00:33:40,206
and from whom you need it.

541
00:33:40,206 --> 00:33:43,457
If we can do that effectively we can give people solutions

542
00:33:43,457 --> 00:33:45,546
that actually work for them. Because if we just tell people

543
00:33:45,546 --> 00:33:49,540
to use Tor, we're going to have a problem.

544
00:33:49,540 --> 00:33:52,652
They're not going to use it, and they won't get any privacy at all.

545
00:33:52,652 --> 00:33:55,183
And that's bad.

546
00:33:55,183 --> 00:33:57,249
So we want to allow people to do anonymous publishing,

547
00:33:57,249 --> 00:33:59,710
and file-sharing, and web-browsing and email.

548
00:33:59,710 --> 00:34:01,615
All the communications you want to do.

549
00:34:01,615 --> 00:34:03,867
The technology to do that already exists,

550
00:34:03,867 --> 00:34:05,771
we could do all of that with Tor.

551
00:34:05,771 --> 00:34:09,045
The next piece of our challenge is to figure out how to do it without Tor.

552
00:34:09,045 --> 00:34:12,017
To figure out what pieces we need Tor for, and to figure out

553
00:34:12,017 --> 00:34:17,845
what pieces we can do a little bit more cheaply.

554
00:34:17,845 --> 00:34:19,633
Security.

555
00:34:19,633 --> 00:34:23,975
Without security, you don't have freedom and privacy and anonymity.

556
00:34:23,975 --> 00:34:25,624
If the box isn't secure,

557
00:34:25,624 --> 00:34:27,853
you lose.

558
00:34:27,853 --> 00:34:32,033
We're going to encrypt everything.

559
00:34:32,033 --> 00:34:36,189
We're going to do something that's called social key management, which I'm going to talk about.

560
00:34:36,189 --> 00:34:39,138
I do want to talk about the Debian-based bit.

561
00:34:39,138 --> 00:34:42,853
We are based on a distribution of Linux called Debian,

562
00:34:42,853 --> 00:34:46,290
because it is a community-based distribution.

563
00:34:46,290 --> 00:34:48,380
It is made by people who care a lot about your

564
00:34:48,380 --> 00:34:51,654
freedom, your privacy, and your ability to speak anonymously.

565
00:34:51,654 --> 00:34:55,531
And we really believe that the best way to distribute this

566
00:34:55,531 --> 00:34:58,341
software is to hand it to the Debian mirror network and let

567
00:34:58,341 --> 00:35:00,129
them distribute it. Because they have mechanisms

568
00:35:00,129 --> 00:35:02,219
to make sure that nobody changes it.

569
00:35:02,219 --> 00:35:05,214
If we were to distribute the software to you directly, we

570
00:35:05,214 --> 00:35:09,092
would become a target. People would want to change the

571
00:35:09,092 --> 00:35:11,808
software as we distribute it on our website.

572
00:35:11,808 --> 00:35:13,271
They would want to crack our website and distribute their

573
00:35:13,271 --> 00:35:15,965
version of the package.

574
00:35:15,965 --> 00:35:18,496
We don't want to be a target, so we're not going to give you software.

575
00:35:18,496 --> 00:35:21,630
We're going to give it to Debian, and let them give you the software.

576
00:35:21,630 --> 00:35:26,414
And at the same time you get all of the Debian guarantees about freedom.

577
00:35:26,414 --> 00:35:28,666
The Debian Free Software Guidelines.

578
00:35:28,666 --> 00:35:32,103
They're not going to give you software unless it comes

579
00:35:32,103 --> 00:35:37,025
with all of the social guarantees that are required to participate in the Debian community.

580
00:35:37,025 --> 00:35:39,556
So we're very proud to be using Debian in this manner,

581
00:35:39,556 --> 00:35:41,948
and working with Debian in this manner.

582
00:35:41,948 --> 00:35:44,781
And we think that's the most effective way we can guarantee that we're going to live up to

583
00:35:44,781 --> 00:35:51,747
our promises to you, because it provides a mechanism whereby if we fail to live up to our promises,

584
00:35:51,747 --> 00:35:56,344
we cannot give you something that is broken. Because Debian won't let us,

585
00:35:56,344 --> 00:35:59,618
they just won't distribute it.

586
00:35:59,618 --> 00:36:02,010
There are problems with security.

587
00:36:02,010 --> 00:36:04,100
There are things we can't solve.

588
00:36:04,100 --> 00:36:05,377
One...

589
00:36:05,377 --> 00:36:08,744
Physical security of the box.

590
00:36:08,744 --> 00:36:13,643
We haven't really talked much internally about whether we can encrypt the filesystem on this box.

591
00:36:13,643 --> 00:36:16,615
I don't quite see a way to do it.

592
00:36:16,615 --> 00:36:20,029
It doesn't have an interface for you to enter a password effectively.

593
00:36:20,029 --> 00:36:23,303
By the time you've brought an interface up you'd be running untrusted code.

594
00:36:23,303 --> 00:36:25,230
I don't know a way to do it.

595
00:36:25,230 --> 00:36:29,549
If anyone can think of a way that we can effectively encrypt the filesystem, I'd love to hear it.

596
00:36:29,549 --> 00:36:35,029
But, on top of that, if we do encrypt the filesystem,

597
00:36:35,029 --> 00:36:38,605
then the thing cannot be rebooted remotely, which is a downside.

598
00:36:38,605 --> 00:36:40,694
So there are trade-offs at every step of the way.

599
00:36:40,694 --> 00:36:45,013
If we can figure out some of these security issues, then we can be ahead of the game.

600
00:36:45,013 --> 00:36:50,261
But I think the encrypting the filesystem is the only way to guarantee the box is secure, even if it's

601
00:36:50,261 --> 00:36:52,351
not physically secure.

602
00:36:52,351 --> 00:36:53,698
So I think that's a big one.

603
00:36:53,698 --> 00:36:58,040
If you have ideas about that, please come and talk to me after the talk.

604
00:36:58,040 --> 00:37:01,291
I promised I would talk about social key management, and here it is.

605
00:37:01,291 --> 00:37:06,376
So we're building the idea of knowing who your friends are

606
00:37:06,376 --> 00:37:08,024
into the box at a somewhat low level.

607
00:37:08,024 --> 00:37:12,947
To the point where things that are on the box can assume it is there,

608
00:37:12,947 --> 00:37:17,544
or ask you if it's there, or rely on it as a matter of course in some cases.

609
00:37:17,544 --> 00:37:21,887
So we can do things with keys that make your keys unlosable.

610
00:37:21,887 --> 00:37:25,207
Right now a PGP key is a hard thing to manage.

611
00:37:25,207 --> 00:37:26,670
Key management is terrible.

612
00:37:26,670 --> 00:37:30,432
Do you guys like PGP? PGP is good.

613
00:37:30,432 --> 00:37:34,727
Does anyone here like key management?

614
00:37:34,727 --> 00:37:36,213
We have one guy who likes key management.

615
00:37:36,213 --> 00:37:39,487
<i>LAUGHTER</i>

616
00:37:39,487 --> 00:37:41,252
He's going to do it for all of you!

617
00:37:41,252 --> 00:37:43,504
So, none of us like key management.

618
00:37:43,504 --> 00:37:46,151
Key management doesn't work, especially if your use-case is home users, naive end-users.

619
00:37:46,151 --> 00:37:48,102
Nobody wants to do key management.

620
00:37:48,102 --> 00:37:51,701
Writing their key down and putting it in a safety deposit box is ludicrous.

621
00:37:51,701 --> 00:37:54,371
It's a very difficult thing to actually convince people to do.

622
00:37:54,371 --> 00:38:00,316
Sticking it on a USB key, putting it in a zip-lock back and burying it in your backyard is paranoid.

623
00:38:00,316 --> 00:38:03,311
I can't believe I just told you what I do with my key.

624
00:38:03,311 --> 00:38:04,820
<i>LAUGHTER</i>

625
00:38:04,820 --> 00:38:06,748
No, you can't ask people to do that.

626
00:38:06,748 --> 00:38:08,071
They won't do it.

627
00:38:08,071 --> 00:38:09,882
You can't protect keys in this manner.

628
00:38:09,882 --> 00:38:13,342
You have to have a system that allows them to sort of, not ever know they have a key.

629
00:38:13,342 --> 00:38:16,012
To not think about their key unless they really want to.

630
00:38:16,012 --> 00:38:19,008
We think we've come up with something that might work.

631
00:38:19,008 --> 00:38:20,772
You take the key,

632
00:38:20,772 --> 00:38:22,282
or a subkey,

633
00:38:22,282 --> 00:38:24,511
you chop it into little bits

634
00:38:24,511 --> 00:38:25,416
and you give that key...

635
00:38:25,416 --> 00:38:31,245
and we're talking about a key of a very long length, so there's a giant attack space

636
00:38:31,245 --> 00:38:36,307
and you can chop it into bits and hand it to people without reducing the search space for a key.

637
00:38:36,307 --> 00:38:39,000
You chop it into bits and hand all the bits to your friends.

638
00:38:39,000 --> 00:38:42,437
Now all your friends have your key, as a group.

639
00:38:42,437 --> 00:38:44,271
Individually, none of them can attack you.

640
00:38:44,271 --> 00:38:47,708
Indicidually, none of them has the power to come root your box,

641
00:38:47,708 --> 00:38:50,378
to access your services and pretend to be you.

642
00:38:50,378 --> 00:38:53,791
As a group, they can do this.

643
00:38:53,791 --> 00:39:04,217
We trust our friends, as a group, more than we trust them as individuals.

644
00:39:04,217 --> 00:39:08,698
Any single one of your friends, if you gave them the key to your financial data and your private online

645
00:39:08,698 --> 00:39:10,811
life that would make you very nervous.

646
00:39:10,811 --> 00:39:14,387
You would worry that they would succumb to temptation to peek,

647
00:39:14,387 --> 00:39:17,220
fall on hard times and want to attack you in some way,

648
00:39:17,220 --> 00:39:19,612
fall out with you, get mad at you.

649
00:39:19,612 --> 00:39:23,350
As an individual, people are sort of fallible in this sense.

650
00:39:23,350 --> 00:39:25,579
But as a group of friends who would have to get together

651
00:39:25,579 --> 00:39:30,038
and affirmatively make a decision to attack you,

652
00:39:30,038 --> 00:39:32,592
we think that's extremely unlikely.

653
00:39:32,592 --> 00:39:38,072
It's so unlikely that there are only a few scenarios where we think it might happen.

654
00:39:38,072 --> 00:39:39,535
One...

655
00:39:39,535 --> 00:39:42,669
if you are ill, and unable to access your box

656
00:39:42,669 --> 00:39:44,202
or you're in jail

657
00:39:44,202 --> 00:39:45,548
or you've passed away

658
00:39:45,548 --> 00:39:49,008
or you've disappeared.

659
00:39:49,008 --> 00:39:52,305
Or... you've gone crazy.

660
00:39:52,305 --> 00:39:57,646
We call this type of event, where all your friends get together and help you,

661
00:39:57,646 --> 00:39:59,898
even if you don't ask them for help,

662
00:39:59,898 --> 00:40:02,871
we call that an intervention.

663
00:40:02,871 --> 00:40:05,564
When your friends sit you down and say,

664
00:40:05,564 --> 00:40:09,302
"you need our help, you can't ask us for it because you're not in a position to ask us for it",

665
00:40:09,302 --> 00:40:10,951
that's an intervention.

666
00:40:10,951 --> 00:40:16,733
If you have a moment in your life, a crisis in your life that is an intervention level event,

667
00:40:16,733 --> 00:40:18,544
that's when you can go to your friends.

668
00:40:18,544 --> 00:40:22,120
If your house burns down, you lose your key and all your data

669
00:40:22,120 --> 00:40:25,533
You go to your friends, and you say "can I have part of my key back?"

670
00:40:25,533 --> 00:40:29,829
"Oh, and give me that data that you have in a cryptographically-sealed box that you can't read."

671
00:40:29,829 --> 00:40:31,013
To all your friends...

672
00:40:31,013 --> 00:40:32,035
"My data please, my key please, ..."

673
00:40:32,035 --> 00:40:32,778
"My data please, my key please, ..."

674
00:40:32,778 --> 00:40:34,148
"My data please, my key please, ..."

675
00:40:34,148 --> 00:40:39,697
You take all those pieces, you get a new box,

676
00:40:39,697 --> 00:40:42,089
you load it all onto your box.

677
00:40:42,089 --> 00:40:47,151
You have the key, you have your entire key, and now you can read your data.

678
00:40:47,151 --> 00:40:49,241
And you haven't lost your digital life.

679
00:40:49,241 --> 00:40:54,001
You have a key that is now unlosable.

680
00:40:54,001 --> 00:40:58,761
Even if you never wrote it down, even if you never buried it in the backyard.

681
00:40:58,761 --> 00:41:00,502
This is a hard problem in key management.

682
00:41:00,502 --> 00:41:04,241
People lose their keys and their passwords to services all the time.

683
00:41:04,241 --> 00:41:09,024
The only way we can think of to make that impossible, is this mechanism.

684
00:41:09,024 --> 00:41:10,371
And of course it's optional.

685
00:41:10,371 --> 00:41:13,808
If you're a person who doesn't trust your friends, even as a group,

686
00:41:13,808 --> 00:41:17,244
or if you're a person who just doesn't have a lot of friends

687
00:41:17,244 --> 00:41:20,518
(let me finish!)

688
00:41:20,518 --> 00:41:25,116
...who doesn't have a lot of friends with FreedomBoxes who can be the backend for this,

689
00:41:25,116 --> 00:41:27,229
you don't have to trust this mechanism.

690
00:41:27,229 --> 00:41:30,015
You can do something else to make your key unforgettable.

691
00:41:30,015 --> 00:41:32,430
But for a lot of naive end-users,

692
00:41:32,430 --> 00:41:34,520
this is the mechanism.

693
00:41:34,520 --> 00:41:36,749
This is the way they are going to never

694
00:41:36,749 --> 00:41:37,956
lose their keys

695
00:41:37,956 --> 00:41:41,695
Because the first time a user gets irretrievably locked out of his FreedomBox,

696
00:41:41,695 --> 00:41:43,784
we lose that user forever.

697
00:41:43,784 --> 00:41:45,572
And we lose all his friends forever.

698
00:41:45,572 --> 00:41:52,306
Because it would scare you to lose such an important group of information.

699
00:41:52,306 --> 00:41:53,932
Social key management.

700
00:41:53,932 --> 00:41:58,692
This is the benefit of building social, of building knowledge

701
00:41:58,692 --> 00:42:03,614
of who your friends are, into the box, at a deep level.

702
00:42:03,614 --> 00:42:05,820
We have never done that before, with a technology

703
00:42:05,820 --> 00:42:08,026
as a community project.

704
00:42:08,026 --> 00:42:11,021
And it opens up new possibilities. This is just one.

705
00:42:11,021 --> 00:42:13,088
There are others.

706
00:42:13,088 --> 00:42:15,317
But it's a field we haven't really thought a lot about.

707
00:42:15,317 --> 00:42:19,636
I think once we get out there and we start doing this kind of

708
00:42:19,636 --> 00:42:25,441
construction, a lot of new uses are going to be found for this architecture.

709
00:42:25,441 --> 00:42:28,576
I encourage you all to think about what changes,

710
00:42:28,576 --> 00:42:34,938
when you can assume that the box has people you can trust, just a little bit,

711
00:42:34,938 --> 00:42:38,212
because right now we live in a world where we are asked

712
00:42:38,212 --> 00:42:42,694
to trust third party services like Facebook with all our photos,

713
00:42:42,694 --> 00:42:46,409
or Flickr with all our photos, or Gmail with all our email.

714
00:42:46,409 --> 00:42:47,755
We are asked to trust them.

715
00:42:47,755 --> 00:42:50,101
We have no reason to trust them.

716
00:42:50,101 --> 00:42:54,861
I mean, we expect that they'll act all right, because they have no reason to destroy us.

717
00:42:54,861 --> 00:42:56,927
But we don't know what's going to happen.

718
00:42:56,927 --> 00:43:01,664
We're effectively giving all our information to people we don't trust at all right now.

719
00:43:01,664 --> 00:43:04,613
How does a network of people we trust, just a little bit,

720
00:43:04,613 --> 00:43:06,982
change the landscape?

721
00:43:06,982 --> 00:43:09,071
I think that's a really interesting question.

722
00:43:09,071 --> 00:43:10,418
This box explores that question,

723
00:43:10,418 --> 00:43:16,061
this box creates new solutions to old problems that previously seemed intractable.

724
00:43:16,061 --> 00:43:19,660
So, I encourage everybody to think about how that might

725
00:43:19,660 --> 00:43:27,137
change the solution to a problem they have with a technological architecture as it exists today.

726
00:43:27,137 --> 00:43:31,595
Here's another problem...

727
00:43:31,595 --> 00:43:34,567
Boxes that know who you are, and know who your friends are,

728
00:43:34,567 --> 00:43:37,562
and know how your friends normally act,

729
00:43:37,562 --> 00:43:41,881
can also know when your friends are acting weird.

730
00:43:41,881 --> 00:43:49,613
If you have a friend who sends you one email a year, who suddenly sends you ten emails in a day,

731
00:43:49,613 --> 00:43:51,680
that look like spam,

732
00:43:51,680 --> 00:43:53,445
you know that box is rooted.

733
00:43:53,445 --> 00:43:55,372
You know that box is weird.

734
00:43:55,372 --> 00:43:59,412
Or if you are using the FreedomBox as your gateway to the internet,

735
00:43:59,412 --> 00:44:05,357
and a box it is serving downstream, starts sending a bunch of spam through it, it knows.

736
00:44:05,357 --> 00:44:08,793
It can say "Oh no! You're acting like a zombie."

737
00:44:08,793 --> 00:44:10,442
"You should get a check-up."

738
00:44:10,442 --> 00:44:15,527
It can shut off mail service to that box, and not let the messages out.

739
00:44:15,527 --> 00:44:21,611
It can make that decision to protect the wider internet to make you a better citizen in the world.

740
00:44:21,611 --> 00:44:27,996
If suddenly your computer starts saying "Hey, I'm in Scotland and I need $5000"...

741
00:44:27,996 --> 00:44:30,179
but we know you're not in Scotland

742
00:44:30,179 --> 00:44:33,035
Maybe this box, because it has contact information,

743
00:44:33,035 --> 00:44:35,705
maybe this box sends you an SMS.

744
00:44:35,705 --> 00:44:40,930
And says "Dude, you've been hacked, go do something about your box."

745
00:44:40,930 --> 00:44:43,762
So the types of things we can do once we assume we have

746
00:44:43,762 --> 00:44:49,010
close relations as opposed to arms-length relations,

747
00:44:49,010 --> 00:44:51,100
the types of things we can do when we trust each other a little bit

748
00:44:51,100 --> 00:44:54,374
and we trust our boxes a little bit, goes way up.

749
00:44:54,374 --> 00:44:55,860
Way up.

750
00:44:55,860 --> 00:44:58,786
And by bringing that infrastructure closer to us,

751
00:44:58,786 --> 00:45:03,360
I mean Gmail is too far away to play that role from a network perspective.

752
00:45:03,360 --> 00:45:08,840
But if the box is in our land, we can do that.

753
00:45:08,840 --> 00:45:11,812
These boxes will only work if they are convenient.

754
00:45:11,812 --> 00:45:14,784
There's an old punk-rock slogan, from the Dead Kennedys,

755
00:45:14,784 --> 00:45:18,523
"Give me convenience, or give me death."

756
00:45:18,523 --> 00:45:24,676
We laugh at that, but that's a belief users have,

757
00:45:24,676 --> 00:45:26,580
and I deduce that based on their behaviour,

758
00:45:26,580 --> 00:45:29,738
because every time there is a convenient web service,

759
00:45:29,738 --> 00:45:31,201
people use it.

760
00:45:31,201 --> 00:45:34,777
Even if it's not very good with privacy, a lot of people are going to use it.

761
00:45:34,777 --> 00:45:41,325
And conversely, whenever we have web services that are very good at privacy, but aren't very convenient,

762
00:45:41,325 --> 00:45:44,018
comparatively fewer people use them.

763
00:45:44,018 --> 00:45:47,733
We don't think this box works without convenience.

764
00:45:47,733 --> 00:45:51,286
If we don't get the user-interface right then this project

765
00:45:51,286 --> 00:45:53,376
will probably fall over.

766
00:45:53,376 --> 00:45:56,023
It will never gain any sort of critical mass.

767
00:45:56,023 --> 00:45:57,811
So we need a simple interface,

768
00:45:57,811 --> 00:46:00,945
we need a way for users to interact with this box in a minimal way.

769
00:46:00,945 --> 00:46:03,476
They should think about it as little as possible.

770
00:46:03,476 --> 00:46:06,007
That's the hardest problem we face.

771
00:46:06,007 --> 00:46:07,494
Quite frankly.

772
00:46:07,494 --> 00:46:10,489
The technology to do private communication, that exists.

773
00:46:10,489 --> 00:46:14,367
A lot of the people in this room helped to build that infrastructure and technology.

774
00:46:14,367 --> 00:46:16,619
We can put it on the box.

775
00:46:16,619 --> 00:46:21,100
Making it easy and accessible for users, that's hard.

776
00:46:21,100 --> 00:46:23,353
And right now we're trying to figure out what that looks like,

777
00:46:23,353 --> 00:46:25,141
who the designers are going to be.

778
00:46:25,141 --> 00:46:30,783
If you have user interface or user experience design that you want to bring to a project like this,

779
00:46:30,783 --> 00:46:33,918
please, please, come find me.

780
00:46:33,918 --> 00:46:38,980
In order to have convenience, we need to have the thing provide services that are not just

781
00:46:38,980 --> 00:46:44,924
freedom-oriented, we need to use its position in your network as a trusted device

782
00:46:44,924 --> 00:46:48,500
to do things for you that aren't just about privacy.

783
00:46:48,500 --> 00:46:50,543
It needs to do backups.

784
00:46:50,543 --> 00:46:52,006
This is important.

785
00:46:52,006 --> 00:46:56,627
Right now the way people back up their photos is by giving them to Flickr.

786
00:46:56,627 --> 00:47:00,180
The way they back up their email is by giving it to Gmail.

787
00:47:00,180 --> 00:47:06,031
If we don't provide backups, we can never be an effective replacement

788
00:47:06,031 --> 00:47:09,142
for the services that store your data somewhere else.

789
00:47:09,142 --> 00:47:14,831
Even though they're storing it out there in the cloud for their purposes, you get a benefit from it.

790
00:47:14,831 --> 00:47:16,619
We have to replicate that benefit.

791
00:47:16,619 --> 00:47:19,893
So things that we don't think of as privacy features have to

792
00:47:19,893 --> 00:47:21,658
be in the box.

793
00:47:21,658 --> 00:47:25,513
The backups, the passwords, and the keys, you can't forget them.

794
00:47:25,513 --> 00:47:29,112
We would like it to be a music, a video, a photo server,

795
00:47:29,112 --> 00:47:33,709
all the kinds of things you might expect from a convenient box on your network.

796
00:47:33,709 --> 00:47:37,703
All the things that you want to share with other people, this box has to do those things.

797
00:47:37,703 --> 00:47:44,994
And these aren't privacy features, but without them we won't be able to give people privacy.

798
00:47:44,994 --> 00:47:49,150
Our first feature, the thing we are working towards

799
00:47:49,150 --> 00:47:50,474
is Jabber.

800
00:47:50,474 --> 00:47:53,144
It's secure encrypted chat, point-to-point.

801
00:47:53,144 --> 00:47:57,719
That will be the thing we are working on right now.

802
00:47:57,719 --> 00:48:02,223
But in order to do that we need to solve this monkey-spherish SSL problem that I described.

803
00:48:02,223 --> 00:48:06,705
We have code, it needs to get packaged and all that.

804
00:48:06,705 --> 00:48:10,234
Our development strategy, the way we are going to do all the things we said,

805
00:48:10,234 --> 00:48:15,180
because the list of things I have said we're going to do...

806
00:48:15,180 --> 00:48:19,360
I can't believe you're not throwing things at me.

807
00:48:19,360 --> 00:48:21,566
Because it's ludicrous to believe that we can actually do all these things by ourselves.

808
00:48:21,566 --> 00:48:23,516
And we're not.

809
00:48:23,516 --> 00:48:25,908
We're going to let other people make the software.

810
00:48:25,908 --> 00:48:28,160
As much as possible we're going to encourage other people

811
00:48:28,160 --> 00:48:31,713
to build stuff. We're going to use stuff that already exists.

812
00:48:31,713 --> 00:48:35,010
We're going to use Privoxy, we're going to use Prosody, we're going to use Apache.

813
00:48:35,010 --> 00:48:38,563
We're not going to reinvent the web server, we're not going to reinvent protocols.

814
00:48:38,563 --> 00:48:45,621
I really hope that by the time this project is mature, we haven't invented any new protocols.

815
00:48:45,621 --> 00:48:48,617
Maybe we'll use new protocols, but I don't want to be

816
00:48:48,617 --> 00:48:53,238
generating new things that haven't been tested, and then putting them in FreedomBox.

817
00:48:53,238 --> 00:48:58,462
I want to see things in the real world, tested, gain credibility and take them.

818
00:48:58,462 --> 00:49:01,736
The less we invent, the better.

819
00:49:01,736 --> 00:49:07,541
As far as timelines go, by the time we have it ready, you'll know why you need it.

820
00:49:07,541 --> 00:49:10,676
People right now are figuring out that privacy is important.

821
00:49:10,676 --> 00:49:12,975
They're seeing it over and over again.

822
00:49:12,975 --> 00:49:18,106
In Egypt, the at the start of the Arab spring, one of the things the government did to try to

823
00:49:18,106 --> 00:49:22,982
tamp down the organisation was to convince companies to shut off cell networks,

824
00:49:22,982 --> 00:49:25,165
to prevent people from talking to each other.

825
00:49:25,165 --> 00:49:28,300
In America they did the same thing in San Francisco I hear.

826
00:49:28,300 --> 00:49:36,334
Turned off the cell towers to prevent people from organising to meet for a protest.

827
00:49:36,334 --> 00:49:42,255
With Occupy Wall Street, you're starting to see infiltration,

828
00:49:42,255 --> 00:49:45,970
you're starting to see people going and getting information

829
00:49:45,970 --> 00:49:48,501
that Occupy Wall Street is talking about and turning it over

830
00:49:48,501 --> 00:49:51,938
to the authorities, the police, the FBI.

831
00:49:51,938 --> 00:49:59,089
So the need for privacy as we enter a new age of increased activism, we hope,

832
00:49:59,089 --> 00:50:01,783
of increased activity, of social activity,

833
00:50:01,783 --> 00:50:06,241
I think the need for a lot of this privacy stuff is going to become clear.

834
00:50:06,241 --> 00:50:11,001
As the technology for invading your privacy improves,

835
00:50:11,001 --> 00:50:18,083
the need for technology to protect your privacy will become stark and clear.

836
00:50:18,083 --> 00:50:22,541
Our two big challenges as I said are user experience,

837
00:50:22,541 --> 00:50:27,557
and the one I didn't say was paying for developers, paying for designers.

838
00:50:27,557 --> 00:50:31,713
Those are the hard parts that we're working on.

839
00:50:31,713 --> 00:50:35,870
And if we fail, we think that's where we fail.

840
00:50:35,870 --> 00:50:40,212
Software isn't on that list, as I said software is already out there.

841
00:50:40,212 --> 00:50:42,441
So you can have a FreedomBox.

842
00:50:42,441 --> 00:50:46,760
If you like that box that we've been passing around the audience, you can buy one from Globalscale.

843
00:50:46,760 --> 00:50:51,241
If you don't want the box, it's just Debian, it's just Linux, it's just packages.

844
00:50:51,241 --> 00:50:56,466
Throw Debian on a box, we will have packages available through the normal Debian mechanisms.

845
00:50:56,466 --> 00:50:58,277
You don't even have to use our repository.

846
00:50:58,277 --> 00:51:01,551
In fact, I don't think we're going to have a repository.

847
00:51:01,551 --> 00:51:06,149
You're just going to download it and install it the same way you normally do it if you're technologically

848
00:51:06,149 --> 00:51:08,517
capable of doing that.

849
00:51:08,517 --> 00:51:10,259
I grabbed a bunch of photos from Flickr,

850
00:51:10,259 --> 00:51:14,415
my colleague Ian Sullivan took that awesome picture of the FreedomBox.

851
00:51:14,415 --> 00:51:17,238
And that's how you reach me.

852
00:51:18,992 --> 00:51:31,307
<i>APPLAUSE</i>

853
00:51:39,030 --> 00:51:44,787
Thanks James, please sit down.

854
00:51:44,787 --> 00:51:49,105
We are up for questions from the audience for James.

855
00:51:49,105 --> 00:52:03,525
Please raise your hand if you have any questions about the FreedomBox.

856
00:52:03,525 --> 00:52:05,754
Hello, thanks that was a very interesting presentation.

857
00:52:05,754 --> 00:52:06,660
Thank you.

858
00:52:06,660 --> 00:52:10,491
Your boss Eben Moglen, he has given a speech at a committee of the US congress

859
00:52:10,491 --> 00:52:13,486
I believe, which has received a lot of attention

860
00:52:13,486 --> 00:52:18,572
and in Iran during the green movement the US state department

861
00:52:18,572 --> 00:52:24,075
I believe has told Twitter to reschedule maintainence so that

862
00:52:24,075 --> 00:52:29,160
the opposition could keep using Twitter during the attempted revolution

863
00:52:29,160 --> 00:52:33,038
and Hilary Clinton has given a very popular speech about

864
00:52:33,038 --> 00:52:36,915
how America would support the promotion of internet freedom

865
00:52:36,915 --> 00:52:40,793
and I think things such as the New America Foundation are

866
00:52:40,793 --> 00:52:46,412
funding and supporting projects such as the Commotion mesh networking project

867
00:52:46,412 --> 00:52:49,222
that we've already heard about before.

868
00:52:49,222 --> 00:52:52,635
So in other words there's a link between politics and technology sometimes,

869
00:52:52,635 --> 00:52:57,860
and in the past I believe certain influential Americans such

870
00:52:57,860 --> 00:53:03,967
Rupert Murdoch or George W. Bush have viewed modern communication technologies as a way to

871
00:53:03,967 --> 00:53:09,052
promote U.S. foreign policy and to spread democracy and freedom in the world.

872
00:53:09,052 --> 00:53:14,137
So my question is, what is your relationship with your government?

873
00:53:14,137 --> 00:53:16,087
That's a really good question.

874
00:53:16,087 --> 00:53:21,335
So one of the things that we sort of figured out from the beginning was that

875
00:53:21,335 --> 00:53:25,770
if we had close relationships with the U.S. government,

876
00:53:25,770 --> 00:53:29,787
people outside of the U.S. might have difficulty trusting us,

877
00:53:29,787 --> 00:53:34,547
because nobody wants to tell all their secrets to the American government.

878
00:53:34,547 --> 00:53:42,674
So we were thinking about what that really looks like in the context of a box that could be used globally.

879
00:53:42,674 --> 00:53:48,642
We are working very hard to engineer a device that does not require you to trust us.

880
00:53:48,642 --> 00:53:50,569
I'm not asking for your trust.

881
00:53:50,569 --> 00:53:55,051
I'm not asking for your trust, I'm asking for your help.

882
00:53:55,051 --> 00:53:59,091
All the code we write you'll be able to see it, you'll be able to

883
00:53:59,091 --> 00:54:02,086
audit it, you'll be able to make your own decisions about what it does,

884
00:54:02,086 --> 00:54:05,383
you'll be able to test it if it trustworthy or not,

885
00:54:05,383 --> 00:54:10,887
and if you decide that it is not, you can tell everyone,

886
00:54:10,887 --> 00:54:11,931
and they won't use it.

887
00:54:11,931 --> 00:54:16,808
So from a trust perspective, it doesn't matter what our relationship is with anybody.

888
00:54:16,808 --> 00:54:18,433
So that's the first thing.

889
00:54:18,433 --> 00:54:23,797
The second thing is that right now we don't have much of a relationship with the U.S. government.

890
00:54:23,797 --> 00:54:33,456
Jacob Applebaum is somewhat famous for his work with Julian Assange on Wikileaks,

891
00:54:33,456 --> 00:54:36,568
and his work on Tor, and security in general,

892
00:54:36,568 --> 00:54:39,726
his efforts to provide you with freedom and privacy.

893
00:54:39,726 --> 00:54:45,856
He is a guy who was recently revealed in the Wall Street Journal that the U.S. government has been spying

894
00:54:45,856 --> 00:54:51,545
on. And he is on our team, he's on our technical advisory committee.

895
00:54:51,545 --> 00:54:56,026
He's one of the people we go to for help when we need to understand security on the box.

896
00:54:56,026 --> 00:55:02,690
So right now our position with the American government is that we're not really related except in

897
00:55:02,690 --> 00:55:05,662
so much that we are a bunch of people who really care about these issues,

898
00:55:05,662 --> 00:55:12,768
which maybe occasionally makes us targets. Which gives us a reason to use a box like this.

899
00:55:12,768 --> 00:55:21,266
Coupled with that, there is a program in America - you were talking about Hilary Clinton saying

900
00:55:21,266 --> 00:55:26,026
she was going to encourage technologies that will spread democracy.

901
00:55:26,026 --> 00:55:30,206
So the way America encourages things is by spending money on it.

902
00:55:30,206 --> 00:55:34,687
That's our typical way to support programs. We fund different things.

903
00:55:34,687 --> 00:55:40,678
We don't generally have feel-good campaigns, we just pay people to make good work, or try to.

904
00:55:40,678 --> 00:55:46,924
So the U.S. state department has a program to provide funding for projects like the FreedomBox.

905
00:55:46,924 --> 00:55:48,526
We have not applied for that funding.

906
00:55:48,526 --> 00:55:50,198
I don't know if we will.

907
00:55:50,198 --> 00:55:56,143
However I do know that they have given funding to some very good and genuine projects that are

908
00:55:56,143 --> 00:56:00,276
run by people I trust, so I try not to be cynical about that.

909
00:56:00,276 --> 00:56:06,522
I imagine at some point that through a direct grant or a sub-grant or something,

910
00:56:06,522 --> 00:56:11,143
some state department money might support some aspect of work that is related to us.

911
00:56:11,143 --> 00:56:15,020
I mean, we might take work from a project that is state department funded,

912
00:56:15,020 --> 00:56:17,853
just because it's quick work.

913
00:56:17,853 --> 00:56:20,849
Have I answered your question?

914
00:56:20,849 --> 00:56:21,708
Yes, thanks.

915
00:56:32,200 --> 00:56:37,637
Hi, well you always have tension if you talk about privacy

916
00:56:37,637 --> 00:56:41,073
since 9/11 you know, I heard this in America very often,

917
00:56:41,073 --> 00:56:44,185
"we have to be careful", every body is suspicious and stuff.

918
00:56:44,185 --> 00:56:48,155
So how do you react when people like the government say well,

919
00:56:48,155 --> 00:56:55,446
you are creating a way to support terrorism, whatever.

920
00:56:55,446 --> 00:57:00,230
That's a good question, and it's a common question.

921
00:57:00,230 --> 00:57:04,711
Frankly every time I do this talk, it's one of the first questions that come up.

922
00:57:04,711 --> 00:57:06,940
The answer is really simple.

923
00:57:06,940 --> 00:57:11,747
The fact is, this box doesn't create any new privacy technology.

924
00:57:11,747 --> 00:57:15,137
It just makes it easier to use and easier to access.

925
00:57:15,137 --> 00:57:21,429
People who are committed to terrorism or criminal activity, they have sufficient motivation that they

926
00:57:21,429 --> 00:57:23,612
can use the technology that exists. Terrorists are already using PGP.

927
00:57:23,612 --> 00:57:27,165
They're already using Tor.

928
00:57:27,165 --> 00:57:30,253
They're already using stuff to hide their data.

929
00:57:30,253 --> 00:57:33,341
At best we are helping stupid terrorists.

930
00:57:33,341 --> 00:57:35,710
<i>LAUGHTER</i>

931
00:57:35,710 --> 00:57:42,861
Granted, I'm not excited about that, but I don't that's a sufficient reason to deny common people

932
00:57:42,861 --> 00:57:44,510
access to these technologies.

933
00:57:44,510 --> 00:57:49,131
And more importantly than the fact that terrorists and criminals have access to this technology,

934
00:57:49,131 --> 00:57:52,405
governments have access to this technology.

935
00:57:52,405 --> 00:57:54,657
The largest corporations have access to this technology.

936
00:57:54,657 --> 00:58:00,787
Every bank, the same encryption methods that we are using is the stuff that protects trillions of dollars

937
00:58:00,787 --> 00:58:05,106
in value that banks trade every day.

938
00:58:05,106 --> 00:58:12,583
This is technology that is currently being used by everyone except us.

939
00:58:12,583 --> 00:58:15,114
All we're doing is levelling the playing field.

940
00:58:15,114 --> 00:58:22,243
The same technology that hides data from us, that causes a complete lack of transparency in a downward

941
00:58:22,243 --> 00:58:27,908
direction, we can have to level the playing field a little bit.

942
00:58:27,908 --> 00:58:39,727
More questions?

943
00:58:39,727 --> 00:58:43,884
Thank you for your presentation.

944
00:58:43,884 --> 00:58:51,337
Could we add to challenges, maybe we could produce it in a non-communist dictatorship?

945
00:58:51,337 --> 00:58:54,333
Because I saw the label "Made in China", so I think it is just

946
00:58:54,333 --> 00:59:00,927
paradox to produce something like the FreedomBox in this country, and I would also like to be independent

947
00:59:00,927 --> 00:59:07,173
from producing in China. So that's just something for a challenge I think.

948
00:59:07,173 --> 00:59:10,610
That's a really good question and important point.

949
00:59:10,610 --> 00:59:16,229
So, we're not a hardware project. Hardware is really really hard to do right and do well.

950
00:59:16,229 --> 00:59:19,340
We have some hardware hackers on our project.

951
00:59:19,340 --> 00:59:25,261
Our tech lead Bdale Garbee does amazing work with satellites and model rockets and altimeters,

952
00:59:25,261 --> 00:59:28,837
and he's brilliant. But this is not a hardware project.

953
00:59:28,837 --> 00:59:31,972
All we can do is use hardware that already exists.

954
00:59:31,972 --> 00:59:37,638
When the world makes hardware in places other than China, we will use that hardware.

955
00:59:37,638 --> 00:59:41,098
Right now, we don't have a lot of options.

956
00:59:41,098 --> 00:59:46,624
And we're not going to deny everybody privacy because we don't have a lot of hardware options.

957
00:59:46,624 --> 00:59:48,110
When we have those options we'll take them.

958
00:59:48,110 --> 00:59:51,941
In the meantime, if you are a person who really cares about this issue,

959
00:59:51,941 --> 00:59:55,656
don't buy a FreedomBox.

960
00:59:55,656 --> 00:59:58,954
Take the software, go find a computer that isn't made in China,

961
00:59:58,954 --> 01:00:02,228
<i>LAUGHTER</i>

962
01:00:02,228 --> 01:00:05,014
and go put the software on that box.

963
01:00:05,014 --> 01:00:11,748
If you want a solution that is run on computers that don't exist, I can't help you with that.

964
01:00:11,748 --> 01:00:15,951
If you want a solution that runs, I might be able to help you with that.

965
01:00:15,951 --> 01:00:20,270
But yes, I agree that that is a real issue, and we are thinking about that.

966
01:00:20,270 --> 01:00:25,471
We believe that there is an open hardware project story here.

967
01:00:25,471 --> 01:00:28,884
And one thing we've been doing is working with the manufacturer of the box,

968
01:00:28,884 --> 01:00:32,948
to get the code free, to make sure we know what's in it,

969
01:00:32,948 --> 01:00:35,316
so that there are no binary blobs in the box,

970
01:00:35,316 --> 01:00:38,149
so we have some assurances that we actually do have freedom.

971
01:00:38,149 --> 01:00:45,672
At some point though, we do believe that somebody will solve the open hardware problem for us.

972
01:00:45,672 --> 01:00:50,548
We're not going to be the hardware project, but there are people trying to do this in an open way.

973
01:00:50,548 --> 01:00:54,426
RaspberryPi for example. They're not quite right for our use-case, but those kinds of projects

974
01:00:54,426 --> 01:00:58,582
are starting to exist, and they're starting to be really good.

975
01:00:58,582 --> 01:01:01,415
In a few years, maybe that will be the thing we move onto.

976
01:01:01,415 --> 01:01:09,937
Now, I'm guessing that even an open hardware project like RaspberryPi does their manufacturing in

977
01:01:09,937 --> 01:01:14,860
a place like China. And that's a big problem.

978
01:01:14,860 --> 01:01:19,480
When the world is ready with a solution to that, we will be ready to accept that solution and adopt it

979
01:01:19,480 --> 01:01:22,615
of course.

980
01:01:22,615 --> 01:01:30,533
Any more questions for James? or statements?

981
01:01:33,056 --> 01:01:37,012
This is more of a statement than a question I guess,

982
01:01:37,012 --> 01:01:42,979
but should the FreedomBox start being made in China there will be a lot more of them coming out of

983
01:01:42,979 --> 01:01:46,253
the back door and enabling privacy for people that don't get

984
01:01:46,253 --> 01:01:51,919
it, but also as soon as it starts getting manufactured I'd imagine you may,

985
01:01:51,919 --> 01:01:54,914
because you're not in it for the money as you told me last night,

986
01:01:54,914 --> 01:01:59,558
you may be looking forward to how easy it will be to copy,

987
01:01:59,558 --> 01:02:05,990
and with things like MakerBot, making a case, making a bot is easy,

988
01:02:05,990 --> 01:02:08,823
you can do it in your bedroom now with 3D printers.

989
01:02:08,823 --> 01:02:15,998
So there will be a bag of components, a board, made by some online place that is really into this,

990
01:02:15,998 --> 01:02:18,227
and you can assemble these at home.

991
01:02:18,227 --> 01:02:22,987
So you've just got to get it out there first I think, and lead the way.

992
01:02:22,987 --> 01:02:29,628
Yeah, I think that's quite right in that we are not the only place to get a box like this.

993
01:02:29,628 --> 01:02:34,551
I mean, we're putting it on a specific box to make it easy, but there will be lots of places that make

994
01:02:34,551 --> 01:02:40,657
boxes, and hopefully there will be places where working conditions are acceptable to everybody.

995
01:02:40,657 --> 01:02:43,931
And at that point you can make your own boxes,

996
01:02:43,931 --> 01:02:44,431
you can put them on any box you can find.

997
01:02:44,431 --> 01:02:46,137
The point of Free Software is not to lock you into a service,

998
01:02:46,137 --> 01:02:53,196
a technology, a software, a structure or a box.

999
01:02:53,196 --> 01:02:53,696
We're not going to lock you into anything, that's one thing we're extremely clear about.

1000
01:02:53,696 --> 01:03:00,928
If you manage to make a box like this at home, I would really love to hear about it.

1001
01:03:00,928 --> 01:03:06,455
If you can spin up a MakerBot to make a case,

1002
01:03:06,455 --> 01:03:08,939
and you have a friend who can etch boards,

1003
01:03:08,939 --> 01:03:10,565
and you make a box like this at home,

1004
01:03:10,565 --> 01:03:14,141
that would be big news and a lot of people would want to know about it.

1005
01:03:14,141 --> 01:03:22,662
More statements or questions? Yes...

1006
01:03:22,662 --> 01:03:31,463
So, if you lose your box and get a new one, how is it going to reauthenticate to the boxes of your friends?

1007
01:03:31,463 --> 01:03:34,296
I think I didn't get that one.

1008
01:03:34,296 --> 01:03:39,381
Yeah, so, the good thing about friends is that they don't actually know you by your PGP key.

1009
01:03:39,381 --> 01:03:48,251
Sorry, I didn't specify it, if you want a grand security and you want distribution to more than 12 friends,

1010
01:03:48,251 --> 01:03:54,009
so let's say a hundred, and they're like, all over the world.

1011
01:03:54,009 --> 01:03:59,536
You are probably going to reach them through the internet to get your key parts back,

1012
01:03:59,536 --> 01:04:05,178
and you are probably not going to be able to use the FreedomBox to get a new one because

1013
01:04:05,178 --> 01:04:06,478
it has to be authenticated.

1014
01:04:06,478 --> 01:04:09,311
So how do you do?

1015
01:04:09,311 --> 01:04:10,960
Well, you at that point...

1016
01:04:10,960 --> 01:04:14,536
if you don't have a FreedomBox, the FreedomBox can't provide you with a solution to that problem.

1017
01:04:14,536 --> 01:04:16,811
What you're going to have to do,

1018
01:04:16,811 --> 01:04:19,017
is perhaps call your friends.

1019
01:04:19,017 --> 01:04:20,991
Have a conversation with them,

1020
01:04:20,991 --> 01:04:23,499
convince them that you are the person you say you are.

1021
01:04:23,499 --> 01:04:27,400
Reference your shared experiences, maybe they know your voice,

1022
01:04:27,400 --> 01:04:33,506
maybe they just know who you are by the way that you act and the way that you talk.

1023
01:04:33,506 --> 01:04:37,059
There's not going to be any one way that we get our keys back.

1024
01:04:37,059 --> 01:04:41,076
If you lose your key, yeah, we're not saying that's never going to be a problem.

1025
01:04:41,076 --> 01:04:43,909
And I wouldn't recommend splitting your key up among a hundred people,

1026
01:04:43,909 --> 01:04:48,530
because that's a lot of people to ask for your key back.

1027
01:04:48,530 --> 01:04:53,568
The mechanism I have in mind is not that you get a little bit of your key from

1028
01:04:53,568 --> 01:04:56,424
everyone you know, it's that you spread out the key among

1029
01:04:56,424 --> 01:05:00,000
a lot of people, and you need a certain number of those people.

1030
01:05:00,000 --> 01:05:02,694
So maybe it's five of seven of your friends.

1031
01:05:02,694 --> 01:05:06,734
So you give seven people the key, but any five of them could give you a whole key.

1032
01:05:06,734 --> 01:05:09,730
So in case you can't reach somebody you can still manage to do it.

1033
01:05:09,730 --> 01:05:12,887
And we can make that access control as fine-grained as we want,

1034
01:05:12,887 --> 01:05:15,860
but a hundred would be overwhelming.

1035
01:05:15,860 --> 01:05:20,504
We wouldn't do that. Sure, you could do it if you wanted,

1036
01:05:20,504 --> 01:05:23,476
but I don't think you'll have a hundred friends you could trust that much.

1037
01:05:23,476 --> 01:05:26,750
Maybe you do, I don't.

1038
01:05:26,750 --> 01:05:33,878
More questions, statements?

1039
01:05:33,878 --> 01:05:39,498
Yes?

1040
01:05:39,498 --> 01:05:47,253
Erm, it's just a wish... but have you thought about the idea of using the FreedomBox to create

1041
01:05:47,253 --> 01:05:51,897
a community where you can exchange not only data but like

1042
01:05:51,897 --> 01:05:58,770
products or services, so that would maybe like, change the system?

1043
01:05:58,770 --> 01:06:04,738
One of the things we want to do with the FreedomBox is

1044
01:06:04,738 --> 01:06:10,380
create a thing that looks a lot like your current social networking,

1045
01:06:10,380 --> 01:06:12,911
minus the advertising and the spying.

1046
01:06:12,911 --> 01:06:16,417
A way to talk to all your friends at once.

1047
01:06:16,417 --> 01:06:20,295
Once you have a place, a platform, where you can communicate

1048
01:06:20,295 --> 01:06:23,128
with your friends, you can build on that platform

1049
01:06:23,128 --> 01:06:25,055
and you can create structures like that.

1050
01:06:25,055 --> 01:06:29,072
If we make a thing that has programmable interfaces, so

1051
01:06:29,072 --> 01:06:32,671
you can make apps for it, you can make an app like that,

1052
01:06:32,671 --> 01:06:34,436
if that's important to you.

1053
01:06:34,436 --> 01:06:38,174
What people do with the communication once they have it,

1054
01:06:38,174 --> 01:06:40,403
we don't have any opinions about.

1055
01:06:40,403 --> 01:06:43,236
We want them to do everything that's important to them.

1056
01:06:43,236 --> 01:06:45,930
And I think something like that could be important,

1057
01:06:45,930 --> 01:07:03,414
and yeah, that would be amazing if that were to emerge.

1058
01:07:03,414 --> 01:07:08,337
Some things I believe are easier to do in a centralized architecture than a decentralized one,

1059
01:07:08,337 --> 01:07:12,819
for example search, or services that require a lot of bandwidth.

1060
01:07:12,819 --> 01:07:16,093
I don't see how you can run something like YouTube on the FreedomBox.

1061
01:07:16,093 --> 01:07:18,461
So is your utopian vision one where everything is decentralized,

1062
01:07:18,461 --> 01:07:23,918
or is it ok to have some centralized pieces in a future network?

1063
01:07:23,918 --> 01:07:28,840
Look, if you're going to grant me my utopia then of course everything is decentralized.

1064
01:07:28,840 --> 01:07:31,812
But we don't live in a utopia, I don't have magic.

1065
01:07:31,812 --> 01:07:38,546
We actually have in our flowchart a box labeled "magic routing",

1066
01:07:38,546 --> 01:07:41,217
because routing is hard to do in a decentralized way...

1067
01:07:41,217 --> 01:07:44,049
You need someone to tell you where the IPs are.

1068
01:07:44,049 --> 01:07:47,347
And that's hard to do in a decentralized way.

1069
01:07:47,347 --> 01:07:52,107
We haven't solved it, and we don't think we're going to fully solve it.

1070
01:07:52,107 --> 01:07:54,731
We hope someone else solves it first of all.

1071
01:07:54,731 --> 01:07:56,844
But second of all, we don't know where the compromises are.

1072
01:07:56,844 --> 01:07:59,212
Some things are not possible to decentralize.

1073
01:07:59,212 --> 01:08:01,859
We're going to decentralize as much as we can,

1074
01:08:01,859 --> 01:08:04,227
but we're not committing to doing anything impossible.

1075
01:08:04,227 --> 01:08:06,155
If you can't run YouTube off this box,

1076
01:08:06,155 --> 01:08:08,407
which I disagree with by the way,

1077
01:08:08,407 --> 01:08:10,009
then you won't, because it's impossible.

1078
01:08:10,009 --> 01:08:12,262
If you want to run YouTube on this box you turn all your

1079
01:08:12,262 --> 01:08:14,491
friends into your content delivery network,

1080
01:08:14,491 --> 01:08:16,743
and all your friends parallelize the distribution of the box,

1081
01:08:16,743 --> 01:08:18,368
you share the bandwidth.

1082
01:08:18,368 --> 01:08:20,621
It's ad-hoc, BitTorrent-like functionality.

1083
01:08:20,621 --> 01:08:24,220
Yes, that technology doesn't exist yet, I just made all that up,

1084
01:08:24,220 --> 01:08:27,192
but we can do it.

1085
01:08:27,192 --> 01:08:32,556
The parts that are hard though, the things like the routing,

1086
01:08:32,556 --> 01:08:35,064
there will be real compromises.

1087
01:08:35,064 --> 01:08:36,410
There will be real trade-offs.

1088
01:08:36,410 --> 01:08:39,986
There will be places where we'll say, you know what, we have

1089
01:08:39,986 --> 01:08:41,612
to rely on the DNS system.

1090
01:08:41,612 --> 01:08:44,955
Everybody in this room knows that the DNS system has some

1091
01:08:44,955 --> 01:08:48,090
security problems, some architectural problems that make it

1092
01:08:48,090 --> 01:08:51,689
a thing we would ideally not have to rely on.

1093
01:08:51,689 --> 01:08:55,869
But you know what? This project is not going to be able to replace DNS.

1094
01:08:55,869 --> 01:08:59,305
There are plenty of alternate DNS proposals out there, but we are not going to

1095
01:08:59,305 --> 01:09:02,579
just chuck the old DNS system, because we want people

1096
01:09:02,579 --> 01:09:05,551
to be able to get to the box, even if they don't have a box.

1097
01:09:05,551 --> 01:09:09,290
We want you to be able to serve services to the public.

1098
01:09:09,290 --> 01:09:13,911
We are going to use a lot of structures that are less than ideal.

1099
01:09:13,911 --> 01:09:16,302
We're assuming that TCP/IP is there...

1100
01:09:16,302 --> 01:09:19,414
in the normal use case you're using the internet backbone

1101
01:09:19,414 --> 01:09:22,664
to do your communication.

1102
01:09:22,664 --> 01:09:25,637
The mesh routing story we talked about is not how you do

1103
01:09:25,637 --> 01:09:30,490
your normal use. That's an emergency mode if there's a crisis, a political instability, a tsunami,

1104
01:09:30,490 --> 01:09:35,110
if you can't get to your regular internet because it has failed you in some way because

1105
01:09:35,110 --> 01:09:38,222
it has become oppressive or inaccessible.

1106
01:09:38,222 --> 01:09:40,614
Then you would use something like the mesh network.

1107
01:09:40,614 --> 01:09:44,050
But in the normal course of business, you are using

1108
01:09:44,050 --> 01:09:47,324
a thing that is less than ideal, and that's a trade-off.

1109
01:09:47,324 --> 01:09:49,530
We can't as a project protect you from everything.

1110
01:09:49,530 --> 01:09:51,318
We are going to look for the places where we can make

1111
01:09:51,318 --> 01:09:54,476
effective protection. We are going to try and make it clear

1112
01:09:54,476 --> 01:09:57,750
the limits of that protection. And we're going to give you

1113
01:09:57,750 --> 01:09:59,097
everything we can.

1114
01:09:59,097 --> 01:10:05,389
And then, as we move forward, when opportunities to solve new problems present themselves,

1115
01:10:05,389 --> 01:10:08,501
we'll take them.

1116
01:10:08,501 --> 01:10:16,303
Well I have to add before when we had the talk, unfortunately German you couldn't

1117
01:10:16,303 --> 01:10:19,275
understand a lot.

1118
01:10:19,275 --> 01:10:22,572
I didn't understand it but I could tell that it was occurring at a very high level of technical competence

1119
01:10:22,572 --> 01:10:25,730
and that there was a lot of good information there.

1120
01:10:25,730 --> 01:10:28,702
And I'm really hoping that you'll take the video of it and put it up on universalsubtitles.org, or some

1121
01:10:28,702 --> 01:10:33,183
other service where people can subtitle it. And hopefully there'll be an English version and I'll get

1122
01:10:33,183 --> 01:10:35,877
to see it. I think there was a lot of really good information in there.

1123
01:10:35,877 --> 01:10:38,269
What's universalsubtitles.org?

1124
01:10:38,269 --> 01:10:46,349
Universalsubtitles.org is a great website. It's kind of like, you put a video up, and anyone can

1125
01:10:46,349 --> 01:10:49,020
add subtitles to as much or as little as they want.

1126
01:10:49,020 --> 01:10:53,780
And then other people can change the subtitles, and you can do it in as many languages as you want.

1127
01:10:53,780 --> 01:10:59,213
So you don't have to ask someone for a favour, "hey, will you subtitle my video?"

1128
01:10:59,213 --> 01:11:03,068
that's 20 minutes long or an hour long. You tell a community of people "we need help subtitling",

1129
01:11:03,068 --> 01:11:08,547
and everyone goes and subtitles 3 minutes in their favourite languages.

1130
01:11:08,547 --> 01:11:15,421
It's a very effective way to crowdsouce subtitling, and it's a very effective way to just share information.

1131
01:11:15,421 --> 01:11:20,947
We have a lot of videos with good information that are locked into languages that not everyone speaks.

1132
01:11:20,947 --> 01:11:22,712
So this is a way to get around that.

1133
01:11:22,712 --> 01:11:25,428
As FreedomBox, we use that project.

1134
01:11:25,428 --> 01:11:28,099
And I believe, if I'm not mistaken, I haven't looked in a while,

1135
01:11:28,099 --> 01:11:33,021
that it's all Free software that they are using. So you can download it and start your own if you want.

1136
01:11:33,021 --> 01:11:41,752
So back to my previous question - in the talk in the afternoon we heard about mesh networking

1137
01:11:41,752 --> 01:11:44,863
we talked about that, and it's actually not just being used in

1138
01:11:44,863 --> 01:11:46,814
emergency situations but people are really using it.

1139
01:11:46,814 --> 01:11:52,851
And especially, the philosophy that everyone becomes part of the net as not just a consumer

1140
01:11:52,851 --> 01:11:58,633
but providing part of the net, it certainly is like that that they

1141
01:11:58,633 --> 01:12:01,187
can share data among each other, they don't necessarily need

1142
01:12:01,187 --> 01:12:03,416
to go into the internet.

1143
01:12:03,416 --> 01:12:07,155
So, I would imagine the FreedomBox, with mesh networking,

1144
01:12:07,155 --> 01:12:10,591
we could essentially create a large network of many many

1145
01:12:10,591 --> 01:12:12,379
people using it.

1146
01:12:12,379 --> 01:12:17,464
We also talked about the mesh networking like FunkFeuer in Graz or Vienna

1147
01:12:17,464 --> 01:12:21,156
but it would be interesting to get them on mobile devices,

1148
01:12:21,156 --> 01:12:23,269
so that you could walk through the street,

1149
01:12:23,269 --> 01:12:30,375
theoretically people have these devices, and you could walk

1150
01:12:30,375 --> 01:12:32,023
through and it would automatically mesh and connect you.

1151
01:12:32,023 --> 01:12:37,828
So FreedomBox if applied to that, you told me this interesting example, you could screw them to

1152
01:12:37,828 --> 01:12:41,660
light posts on the street, so maybe elaborate on that,

1153
01:12:41,660 --> 01:12:44,492
maybe it could have an effect and give a lot of coverage.

1154
01:12:44,492 --> 01:12:48,974
The reason why we currently envision mesh,

1155
01:12:48,974 --> 01:12:50,622
and no decisions have been made, right,

1156
01:12:50,622 --> 01:12:54,198
but just in the way we think about it when we talk to each other,

1157
01:12:54,198 --> 01:12:58,215
and the reason why we think mesh networking is not your daily

1158
01:12:58,215 --> 01:13:03,300
mode of use is that the performance degradation is not acceptable to most end-users.

1159
01:13:03,300 --> 01:13:06,296
If mesh networking reaches the point where it is acceptable

1160
01:13:06,296 --> 01:13:09,732
if you're in a place where there's enough nodes, and you

1161
01:13:09,732 --> 01:13:13,030
have a density that you can move around then sure, that

1162
01:13:13,030 --> 01:13:15,839
can make a lot of sense. But for a lot of people who

1163
01:13:15,839 --> 01:13:19,253
exist as a person not near a lot of FreedomBoxes, they're

1164
01:13:19,253 --> 01:13:21,667
going to need the regular internet.

1165
01:13:21,667 --> 01:13:26,102
So yeah, we think mesh will be great where you have that

1166
01:13:26,102 --> 01:13:29,098
density, when the mesh technology is mature.

1167
01:13:29,098 --> 01:13:33,835
When that happens, we could have the most easy access

1168
01:13:33,835 --> 01:13:38,456
to municipal wifi by using the power in all the street

1169
01:13:38,456 --> 01:13:43,378
lights. Put a FreedomBox up in the top of every street lamp.

1170
01:13:43,378 --> 01:13:47,860
Unscrew the light bulb, screw in the FreedomBox, and screw the light bulb back on top.

1171
01:13:47,860 --> 01:13:51,134
So you still get light, we're not going to plunge you into darkness.

1172
01:13:51,134 --> 01:13:56,358
You still get light, but then you have a mesh node. Right there.

1173
01:13:56,358 --> 01:14:00,700
And you could do every 3rd or 4th street light down town, and you could cover

1174
01:14:00,700 --> 01:14:02,790
an area rather effectively.

1175
01:14:02,790 --> 01:14:07,109
It is a way to get simple municipal wifi without running

1176
01:14:07,109 --> 01:14:10,220
any fibre. And every time you have fibre you can link to it.

1177
01:14:10,220 --> 01:14:13,796
Like any time you're near fibre you can link to it and you'll

1178
01:14:13,796 --> 01:14:18,858
get your information out of that little mesh and into the regular network.

1179
01:14:18,858 --> 01:14:23,943
We could have municipal wifi with much lower infrastructure costs than most people currently think of

1180
01:14:23,943 --> 01:14:28,866
when they think of municipal wifi. And we can do it through mesh nodes.

1181
01:14:28,866 --> 01:14:33,951
And if we did it through mesh nodes we would be providing that service not only to people who have

1182
01:14:33,951 --> 01:14:38,572
FreedomBoxes, that just looks like wifi, it just looks like a regular connection.

1183
01:14:38,572 --> 01:14:45,584
You might need to do some fancy hopping, but it's not...

1184
01:14:45,584 --> 01:14:51,111
the mesh boxes themselves will do the fancy hopping, your phone itself won't have to do it.

1185
01:14:51,111 --> 01:14:54,083
While we are talking about phones,

1186
01:14:54,083 --> 01:14:59,006
I want to say that I'm not sure how phones fit into the FreedomBox.

1187
01:14:59,006 --> 01:15:02,419
I'm pretty sure there is a way that phones fit into FreedomBoxes,

1188
01:15:02,419 --> 01:15:05,855
but you can't trust your phone.

1189
01:15:05,855 --> 01:15:09,455
With the so-called smartphones it's not a phone actually but a little computer, no?

1190
01:15:09,455 --> 01:15:12,450
Yes, your phone, a smartphone is a little computer but

1191
01:15:12,450 --> 01:15:16,467
it's not a computer that you can trust, because

1192
01:15:16,467 --> 01:15:20,623
even if you replace the software on your phone,

1193
01:15:20,623 --> 01:15:26,893
with Free software, it's almost impossible to actually replace all the binary drivers,

1194
01:15:26,893 --> 01:15:29,726
it's almost impossible to go all the way down to the metal.

1195
01:15:29,726 --> 01:15:31,815
It's very hard to get a phone that is completely trustworthy

1196
01:15:31,815 --> 01:15:35,089
all the way down to the bottom of the stack.

1197
01:15:35,089 --> 01:15:37,202
So that's a problem we haven't quite figured out how to solve.

1198
01:15:37,202 --> 01:15:42,380
And pretty soon it's going to be impossible to put Free software on phones.

1199
01:15:42,380 --> 01:15:47,698
The days of jailbreaking your iPhone and rooting your Android phone might

1200
01:15:47,698 --> 01:15:55,012
very well come to an end. There is a proposal right now called UEFI.

1201
01:15:55,012 --> 01:16:01,026
It's a standard. We currently use EFI, this would be UEFI.

1202
01:16:01,026 --> 01:16:03,534
I don't know what it stands for, it's a new thing.

1203
01:16:03,534 --> 01:16:08,247
And what this proposal is, is that before your computer,

1204
01:16:08,247 --> 01:16:14,308
before the BIOS will load a bootloader on your computer

1205
01:16:14,308 --> 01:16:17,860
that BIOS has to authenticate, sorry, that bootloader has

1206
01:16:17,860 --> 01:16:20,113
to authenticate to the BIOS. It has to be signed by someone

1207
01:16:20,113 --> 01:16:23,108
the BIOS trusts, someone the BIOS manufacturer trusts.

1208
01:16:23,108 --> 01:16:25,779
And the person who puts the BIOS in your phone can decide who it trusts,

1209
01:16:25,779 --> 01:16:29,494
and they can decide they don't trust anyone except themselves.

1210
01:16:29,494 --> 01:16:36,622
If Apple sells you an iPhone with a BIOS that requires a

1211
01:16:36,622 --> 01:16:39,734
signed operating system, it might be very hard for you to

1212
01:16:39,734 --> 01:16:43,170
get another version of the operating system on there.

1213
01:16:43,170 --> 01:16:49,997
The proposals for this stuff are really in the realm of laptops and computers, that's where it's starting,

1214
01:16:49,997 --> 01:16:53,155
but believe me, technology spreads.

1215
01:16:53,155 --> 01:16:58,983
And if you want to be able to put Linux on a computer that you buy, on a laptop you buy,

1216
01:16:58,983 --> 01:17:03,464
very soon you might have a very difficult time doing that.

1217
01:17:03,464 --> 01:17:05,252
The standard is there, the companies paying attention to it

1218
01:17:05,252 --> 01:17:08,387
are not paying attention to it for our purposes.

1219
01:17:08,387 --> 01:17:12,567
They want to make sure that they can control what is on your computer.

1220
01:17:12,567 --> 01:17:17,605
So this is, you know, another political fight that we're going to engage in,

1221
01:17:17,605 --> 01:17:20,136
not the FreedomBox, but the community.

1222
01:17:20,136 --> 01:17:25,523
We're going to have to have this fight. UEFI. Look it up.

1223
01:17:25,523 --> 01:17:32,536
Start thinking about it. This is going to be a big piece of the puzzle for freedom in computing over

1224
01:17:32,536 --> 01:17:34,184
the next few years.

1225
01:17:34,184 --> 01:17:38,945
We're going to have some problems and we're going to have to find some solutions.

1226
01:17:38,945 --> 01:17:44,750
But wouldn't such an initiative, wouldn't that create a good market for companies who actually

1227
01:17:44,750 --> 01:17:49,603
would supply Linux on such devices, on the phone and on the laptop market.

1228
01:17:49,603 --> 01:17:53,155
I'm sure there are companies supplying that.

1229
01:17:53,155 --> 01:17:54,664
Absolutely.

1230
01:17:54,664 --> 01:17:58,217
And if the market in freedom were good enough to support

1231
01:17:58,217 --> 01:18:02,699
large-scale manufacturing and all that other stuff then we might get that.

1232
01:18:02,699 --> 01:18:05,322
And we might get that anyway.

1233
01:18:05,322 --> 01:18:07,134
I mean, the standard will include as many keys as you want,

1234
01:18:07,134 --> 01:18:08,643
so we might get the freedom.

1235
01:18:08,643 --> 01:18:12,660
But the manufacturers will have a really convenient way to turn the freedom off.

1236
01:18:12,660 --> 01:18:16,700
I think there will be a lot of boxes where you will have freedom.

1237
01:18:16,700 --> 01:18:21,623
But there will also be a lot where right now we think we can get Free software onto it,

1238
01:18:21,623 --> 01:18:24,015
where we won't be able to anymore.

1239
01:18:24,015 --> 01:18:25,965
It's going to be a narrowing of the market.

1240
01:18:25,965 --> 01:18:28,937
I don't think our freedom is going to completely disappear from devices.

1241
01:18:28,937 --> 01:18:33,117
But a lot of devices, if you buy the device without thinking about freedom, assuming you can have it,

1242
01:18:33,117 --> 01:18:37,575
you might get it home and discover that you can't.

1243
01:18:37,575 --> 01:18:45,261
Ok, we want to give the floor again to the audience for more questions or statements.

1244
01:18:45,261 --> 01:18:52,087
Ok, there in the back, one more.

1245
01:18:52,087 --> 01:18:54,781
Yeah, one more time, so...

1246
01:18:54,781 --> 01:19:01,492
Nowadays, where you can hardly really save your PC, laptop, whatever, against malware...

1247
01:19:01,492 --> 01:19:16,283
Isn't it really, a red carpet for hackers to, if you have social networks and circles of friends,

1248
01:19:16,283 --> 01:19:21,925
one gets some malware on his PC, mobile device, whatever,

1249
01:19:21,925 --> 01:19:26,685
has a FreedomBox, authenticates to his friends, the state is secure

1250
01:19:26,685 --> 01:19:32,467
wouldn't that open doors?

1251
01:19:32,467 --> 01:19:37,204
Sure, well, the human error is not one we can control for.

1252
01:19:37,204 --> 01:19:45,122
But someone who has a key that you trust is not necessarily someone who you let run arbitrary code

1253
01:19:45,122 --> 01:19:48,071
on your FreedomBox.

1254
01:19:48,071 --> 01:19:52,715
You might trust them to the point of having message passing with them, and trusting who they are

1255
01:19:52,715 --> 01:19:56,244
and what they say, but you don't necessarily trust the technology that they have and the

1256
01:19:56,244 --> 01:19:58,961
code that they have to be free of malware.

1257
01:19:58,961 --> 01:20:00,865
You'll still have to do all the things you currently do.

1258
01:20:00,865 --> 01:20:04,139
Right now if somebody sends you a file, it could have malware in it.

1259
01:20:04,139 --> 01:20:08,017
We're not making that easier, or better, or more likely to happen.

1260
01:20:08,017 --> 01:20:15,006
I think what we are doing is completely orthogonal to that problem.

1261
01:20:15,006 --> 01:20:19,441
At the same time, if we were to have email services on the box,

1262
01:20:19,441 --> 01:20:23,156
and you know we're not quite sure what the email story of a box like this looks like,

1263
01:20:23,156 --> 01:20:26,732
we probably would want to include some sort of virus scanning or spam catching,

1264
01:20:26,732 --> 01:20:31,747
all the usual filtering tools to give you whatever measure of protection might currently exist.

1265
01:20:31,747 --> 01:20:35,045
But the fact someone has a key and you know who they are

1266
01:20:35,045 --> 01:20:39,085
I don't think that will ever be the security hole.

1267
01:20:39,085 --> 01:20:42,220
Or at least we really hope we can make it so it's not.

1268
01:20:42,220 --> 01:20:48,930
If we fail in that then we've missed a trick.

1269
01:20:48,930 --> 01:20:53,690
Ok, any more statements or questions?

1270
01:20:53,690 --> 01:20:56,964
Ok, so, James, my last question would be...

1271
01:20:56,964 --> 01:20:59,240
You can actually buy the box right now?

1272
01:20:59,240 --> 01:21:00,424
Yes.

1273
01:21:00,424 --> 01:21:01,608
From a company?

1274
01:21:01,608 --> 01:21:02,955
Yes.

1275
01:21:02,955 --> 01:21:05,950
Maybe you can supply that information. But the software is being developed?

1276
01:21:05,950 --> 01:21:07,297
Yes.

1277
01:21:07,297 --> 01:21:11,895
Can you give an estimation about the timeline of your project, or the next milestones?

1278
01:21:11,895 --> 01:21:13,102
Sure.

1279
01:21:13,102 --> 01:21:16,957
So, the boxes are manufactures by a company called Globalscale,

1280
01:21:16,957 --> 01:21:18,582
they're about $140 US dollars.

1281
01:21:18,582 --> 01:21:24,225
There is a slightly older model called the SheevaPlug that is about $90.

1282
01:21:24,225 --> 01:21:28,102
It does just pretty much everything the Dreamplug does.

1283
01:21:28,102 --> 01:21:31,818
It has some heat sinking issues, but it's a pretty good box as well,

1284
01:21:31,818 --> 01:21:38,969
so if the price point matters to you you can get last year's model and it'll serve you just fine.

1285
01:21:38,969 --> 01:21:43,010
The software, right now we have a bare Linux distribution.

1286
01:21:43,010 --> 01:21:45,842
We spent a lot of time getting the binary blobs out of the kernel

1287
01:21:45,842 --> 01:21:50,324
and making it installable onto this hardware target.

1288
01:21:50,324 --> 01:21:54,805
We have a Jabber server, Prosody, that we are modifying to suit our needs.

1289
01:21:54,805 --> 01:22:00,796
And that should be ready, time-frame, weeks.

1290
01:22:00,796 --> 01:22:03,745
Some short number of weeks.

1291
01:22:03,745 --> 01:22:09,643
The Privoxy server, the SSH forwarding, some short number of months.

1292
01:22:09,643 --> 01:22:16,864
But those are our roadmap for the short-term future, is Jabber, SSH forwarding, browser proxying.

1293
01:22:16,864 --> 01:22:22,785
We also are working on the interface, so we're going to have an interface that you can actually

1294
01:22:22,785 --> 01:22:24,736
control some of these services with.

1295
01:22:24,736 --> 01:22:28,172
And the first thing we're doing with that interface is probably allowing you to

1296
01:22:28,172 --> 01:22:30,843
configure this box as a wireless router.

1297
01:22:30,843 --> 01:22:35,626
So it can become your wireless access point if you want it to be.

1298
01:22:35,626 --> 01:22:38,180
And your gateway of course.

1299
01:22:38,180 --> 01:22:39,945
So user interface in one vertical,

1300
01:22:39,945 --> 01:22:44,148
SSH forwarding, browser proxying a little bit out there,

1301
01:22:44,148 --> 01:22:47,584
a little bit closer: Jabber, XMPP secure chat.

1302
01:22:47,584 --> 01:22:52,646
And once we have that stack, we believe that we're going to build upwards from XMPP towards

1303
01:22:52,646 --> 01:22:55,665
perhaps something like BuddyCloud.

1304
01:22:55,665 --> 01:22:58,776
We're seriously looking at BuddyCloud and seeing what problems it solves for us

1305
01:22:58,776 --> 01:23:05,580
in terms of actually letting users group themselves in ways that they can then do access control

1306
01:23:05,580 --> 01:23:08,691
and channels and things of that nature.

1307
01:23:08,691 --> 01:23:13,892
And are you actually in contact with the hardware company producing the servers?

1308
01:23:13,892 --> 01:23:19,419
Yeah, we've had a number of conversations with them.

1309
01:23:19,419 --> 01:23:22,089
They've agreed that when our code is ready this is something

1310
01:23:22,089 --> 01:23:24,504
they are very interested in distributing.

1311
01:23:24,504 --> 01:23:26,733
More importantly we've had a lot of conversations with

1312
01:23:26,733 --> 01:23:28,823
them about freedom.

1313
01:23:28,823 --> 01:23:31,215
About why we do what we do, they way we do.

1314
01:23:31,215 --> 01:23:35,417
And how they need to act if they want to distribute code for

1315
01:23:35,417 --> 01:23:37,484
us and work with our community.

1316
01:23:37,484 --> 01:23:39,156
And what that means is we're teaching them how to comply

1317
01:23:39,156 --> 01:23:41,826
with the GPL, and we're teaching them how to remove the binary drivers,

1318
01:23:41,826 --> 01:23:45,704
and in fact we're doing some of that for them.

1319
01:23:45,704 --> 01:23:47,492
But they're Chinese, right?

1320
01:23:47,492 --> 01:23:49,140
No. No, Globalscale is not a Chinese company.

1321
01:23:49,140 --> 01:23:53,622
Their manufacturing is in China, but they're not a Chinese company.

1322
01:23:53,622 --> 01:23:58,219
And we're also talking to Marvel. Marvel makes the system-on-a-chip that goes onto the boards

1323
01:23:58,219 --> 01:24:00,843
that Globalscale is integrating into their boxes.

1324
01:24:00,843 --> 01:24:05,905
But we're also talking to Marvel about what they can do to better serve the needs of our community.

1325
01:24:05,905 --> 01:24:13,010
So a large part of our efforts is to try to convince manufacturers to make

1326
01:24:13,010 --> 01:24:14,961
hardware that suits our needs.

1327
01:24:14,961 --> 01:24:16,888
This box is a thing that they developed, they invented,

1328
01:24:16,888 --> 01:24:18,537
before they ever met us, before they ever heard of us.

1329
01:24:18,537 --> 01:24:23,622
And if we can get them enough business,

1330
01:24:23,622 --> 01:24:27,360
if by making FreedomBoxes and by putting our software on the box,

1331
01:24:27,360 --> 01:24:30,774
that enables them to sell more boxes they will be very happy

1332
01:24:30,774 --> 01:24:34,489
and when they design the next generation,

1333
01:24:34,489 --> 01:24:39,412
not the next generation of the DreamPlug, but the next generation after whatever they're designing now,

1334
01:24:39,412 --> 01:24:41,617
so we're talking a couple of years from now.

1335
01:24:41,617 --> 01:24:44,706
We can say to them, look, you're selling a lot of boxes

1336
01:24:44,706 --> 01:24:48,723
because you're making a thing that serves the free world very well.

1337
01:24:48,723 --> 01:24:52,275
Remove the 8 inch audio jack because our people don't need it.

1338
01:24:52,275 --> 01:24:55,549
Add a second wifi radio. Put antenna ports on it.

1339
01:24:55,549 --> 01:25:00,286
This box can go from something that looks really good for our purpose to

1340
01:25:00,286 --> 01:25:02,376
being something that looks amazingly good for our purpose.

1341
01:25:02,376 --> 01:25:05,209
And that will require scale.

1342
01:25:05,209 --> 01:25:07,438
And what that means is that the FreedomBox becomes a wedge for

1343
01:25:07,438 --> 01:25:13,382
making better hardware for everyone.

1344
01:25:13,382 --> 01:25:16,331
But it's not just the FreedomBox. The Tor router project is

1345
01:25:16,331 --> 01:25:21,370
also focused on the DreamPlug. They've also decided this is a good box for their purpose.

1346
01:25:21,370 --> 01:25:26,246
If you are making a box that is kind of like a FreedomBox but isn't the FreedomBox because

1347
01:25:26,246 --> 01:25:30,704
it's more specialised to what you want it for, think about

1348
01:25:30,704 --> 01:25:35,906
the DreamPlug as a hardware target. And let us know,

1349
01:25:35,906 --> 01:25:38,599
so that when we go to the company, we can say look,

1350
01:25:38,599 --> 01:25:42,454
look at all the business you are getting by being people that serve the Free world.

1351
01:25:42,454 --> 01:25:52,136
And then, hopefully, we can convince them to make boxes that better serve the Free world.

1352
01:25:52,136 --> 01:25:55,434
And that's not a fantasy. We are having those conversations with them,

1353
01:25:55,434 --> 01:25:57,825
and they are very receptive.

1354
01:25:57,825 --> 01:26:00,171
So I am pretty happy about that aspect we do.

1355
01:26:00,171 --> 01:26:02,864
And my last question would be...

1356
01:26:02,864 --> 01:26:05,395
since we are now, everything is turning mobile,

1357
01:26:05,395 --> 01:26:07,183
it's like we have these computers with an extra phone...

1358
01:26:07,183 --> 01:26:08,646
the phone is a small application on these devices.

1359
01:26:08,646 --> 01:26:13,243
Is there any plan or any idea or any project to say like, have

1360
01:26:13,243 --> 01:26:18,259
a FreedomPhone or Free mobile device?

1361
01:26:18,259 --> 01:26:23,019
So the way you connect to this box is kind of how you connect to your router,

1362
01:26:23,019 --> 01:26:24,644
port 80, browser.

1363
01:26:24,644 --> 01:26:28,545
But another way you could do it would be an app on your cellphone that bluetooths to the box.

1364
01:26:28,545 --> 01:26:33,607
I don't actually think the box has bluetooth, but you know,

1365
01:26:33,607 --> 01:26:36,324
an app on your cellphone that talks to the box over the network, say.

1366
01:26:36,324 --> 01:26:38,228
That's possible, we're thinking about that.

1367
01:26:38,228 --> 01:26:41,223
We're thinking about what that looks like for the large population

1368
01:26:41,223 --> 01:26:43,569
that exists out there that doesn't have computers.

1369
01:26:43,569 --> 01:26:46,843
There's an awful lot of people that only have cellphones, they don't have computers.

1370
01:26:46,843 --> 01:26:49,095
And we want them to have freedom too.

1371
01:26:49,095 --> 01:26:50,883
So figuring out how we can use a cellphone to talk to the box is a future problem.

1372
01:26:50,883 --> 01:26:51,765
We're not working on it right now, but we're certainly talking

1373
01:26:51,765 --> 01:26:57,292
about where it fits into the roadmap.

1374
01:26:57,292 --> 01:27:01,262
And that's why we are concerned about whether or not you

1375
01:27:01,262 --> 01:27:05,233
can trust your phone.

1376
01:27:05,233 --> 01:27:07,299
Because if you can trust your FreedomBox, but not the

1377
01:27:07,299 --> 01:27:09,668
thing you use to access it then you don't really have the privacy you think you have.

1378
01:27:09,668 --> 01:27:12,663
So, figuring out, can you trust your cellphone? Is a big part of the puzzle.

1379
01:27:12,663 --> 01:27:17,725
It's a big thing that we don't know how to do yet.

1380
01:27:17,725 --> 01:27:21,464
So let me make a little advertisement for another interesting project,

1381
01:27:21,464 --> 01:27:24,738
there is a Spanish development, I think it is also produced in China,

1382
01:27:24,738 --> 01:27:26,827
but it's called The Geek's Phone.

1383
01:27:26,827 --> 01:27:30,705
And they have a compatible Android installation by default,

1384
01:27:30,705 --> 01:27:34,142
and they are probably having a similar philosophy to keep the hardware open.

1385
01:27:34,142 --> 01:27:36,673
So maybe there is a new cooperation on the horizon.

1386
01:27:36,673 --> 01:27:40,945
Oh yeah, we love projects like that.

1387
01:27:40,945 --> 01:27:41,445
I don't know a lot about their project, but I have heard of it

1388
01:27:41,445 --> 01:27:44,057
and it is on my list of things to look into.

1389
01:27:44,057 --> 01:27:47,609
I would love to see that succeed, that would be excellent.

1390
01:27:47,609 --> 01:27:50,303
Well James, thank you for your presentation.

1391
01:27:50,303 --> 01:27:54,761
I think it was really interesting. And thank you for coming.

1392
01:27:54,761 --> 01:27:57,849
James will be back on this stage at 7pm when we have our final discussion on the 20 years of

1393
01:27:57,849 --> 01:28:03,492
the world wide web.

1394
01:28:03,492 --> 01:28:05,001
Thank you James for coming.

1395
01:28:05,001 --> 01:28:12,838
<i>APPLAUSE</i>