I'm very proud to have as a guest here from the United States

coming to Elevate is James Vasile of the Freedom Box Foundation

James Vasile is working on a multitude of projects

like Apache, I think, Joomla and many others. He is also a lawyer,

and he's working also with the Freedom Box Foundation and the Free Software Foundation.

He's going to present one of the, in my opinion, most revolutionary projects I've seen in recent years

as we can see here, a little small box, the Freedom Box.

Yeah, erm, James is going to do a presentation and then we're going to

be open for questions and then sit down for a talk

so James, I give the floor to you.

Thank you, Daniel.

I've been here at the Elevate festival for a few days now

I've been attending the talks and the films and the music

and this has been an amazing place to see all these different ideas coming togethers

I want to say thank you to Daniel for organizing so much

of this. To Joseph as well.

To Daniel especially for making a big effort to get me out here,

making it possible for me to come out here and being such a gracious host.

Thank you Dan, I really appreciate it.

<i>APPLAUSE</i>

A long time ago, in the beginning of the internet

When we first started using the internet as a way to talk to each other

We mostly talked directly to each other, right?

Think about how email works, on a technical level

You take a message, you hand it off to your mail transport agent

It sends it through a network, directly to the recipient.

It hops through some other computers, but funadmentally

you use the network to talk directly to your other computer

the other computer where the recipient gets his or her mail

It was a direct communication medium.

If you're old enough to remember a program called 'talk'

Talk was the first, sort of, interactive you type, they see it, they type, you see it

instant message application.

This again, was direct.

You would put your, put their name, into your program, and address

they would put theirs into yours, and you would just talk directly to each other

You didn't send this message through servers. That centralised technology.

From there, from those beginnings of talking directly to each other

we started to build communities, emailing directly to people.

But that was relatively inefficient.

Talking directly to people, one-to-one, works very good for one-to-one converstions.

But as soon as you want a group conversation

as soon as you want to find people reliably who you haven't

already set up contacts for, exchanged email addresses and such

you run into friction, you run into problems

So the solution to that, was to create more centralised structures

and we did this with IRC

IRC is a place where instead of talking directly to the people we're trying to reach

we take a message, and we send it to an IRC server

a third party

and the IRC server then copies that message

to all the people who we might want to talk to.

We developed mailing lists, listservs

And again, this was a way where we would take our message

and hand it to a third party

A mail server, that is not us and not the person we're trying to talk to

and that mail server would then echo our communication to

all the people we want to talk to

and this was great, because you didn't have to know the

addresses of all the people you wanted to talk to

You could just all 'meet' in a common place

We all meet in an IRC chatroom, we all meet on a listserv

And there were a lot of IRC channels, and a lot of IRC servers

and a lot of mail servers

all across the internet

A lot of places to do this communication.

And if you didn't like the policies or the structures or the technology

of any one of these service providers

these IRC servers, or these list servers

you could just switch, you could choose to run your own.

It was very simple.

This infrastructure is not hard to create, it's not hard to run, it's not hard to install.

And so a lot of people did run, create and install it.

There were a bunch of IRC servers, there were a bunch of different listserv packages

But as we've moved forward in time,

we've started to centralise even more.

And, you can fast-forward to today

where we're channeling our communication

through fewer and fewer places.

And we are making structures that are more and more central

and more and more over-arching

So, from the, the IRC way of talking to each other

we moved to instant messaging applications.

AOL Instant Messenger, ICQ,

those were the early ways to do it

and there were only a few of them

MSN had its messaging system, Yahoo had its messaging system

and when people wanted to talk to each other now,

they were using third-parties again.

But they were only using a few third parties.

And if you wanted to switch providers,

you would leave almost everyone you knew behind,

your entire community behind.

And so it becomes harder to switch.

There are fewer options

and the cost of switching leaves more and more people behind

So you started to have lock-in.

You started to have people who were chained to their methods of communication

because the cost of losing your community is too high.

And so if you don't like the technology, or you don't like the policy

or you don't like the politics

or if they're trying to filter you

or censor you

you don't have a lot of options.

The cost of leaving is so high that you might stay.

People do stay. And they accept it.

And we went from that small basket of providers of this kind

of communication technology

to an even more centralised structure

where there is effectively only one way to reach all our friends,

in each mode of communication,

Facebook.

And Twitter.

These two services rule everything.

And I'm not going to stand here and say Facebook is evil

and that Twitter is evil

What I want to say is that having one place

where we do all our communication

leaves us at the mercy of the policies of the people

that control the infrastructure that we are chained to,

that we are stuck using, that we are locked into.

You can't leave Facebook without leaving everybody you know

because everybody you know is on Facebook.

I was not a Facebook user.

I was against Facebook.

I thought it was bad to centralise all our communication in one place.

I didn't like the privacy implications,

I didn't like Facebook's censorship

of things like pictures of nursing mothers.

I don't think that kind of thing is obscene,

and I don't think Facebook should have the ability to tell us

what we can share with our friends.

So I thought those were bad policies,

and I reacted to that by not joining Facebook. For years.

All my friends were on Facebook.

I joined Facebook late last year. November.

Because in November, a friend of mine passed away.

His name was Chuck. He was a brilliant man.

And he lived a lot of his life online.

He was on Facebook, and he shared things with friends on Facebook.

When he passed away I realised I hadn't communicated with him in a while,

I hadn't really talked to him in a while.

And the reason I hadn't was because I wasn't

communicating with him in the place he communicates.

I wasn't meeting him where he was, I wasn't on Facebook.

I was missing out on something huge.

That's the cost of not being there.

And so I joined.

Because I decided that as strong as my beliefs were,

it was more important to me to be there with my friends and

to talk to my friends.

That's the power of lock-in.

Me, a person who cares, as much as I do,

who cares enough about these issues that I do something like this

I got locked into Facebook. I'm there now.

That's how I talk to a lot of my friends, whether I like it or not

I am locked into Facebook.

You know, I'm also on Diaspora. But my friends aren't on Diaspora.

This sort of lock-in creates a sort of situation where

we have one arbiter of what is acceptable speech,

whether we like it or not.

If they're free, we're free to the extent,

only to the extent,

that they give us freedom.

And that to me isn't freedom.

That to me is accepting what you're given.

It's the exact opposite of making your own choices.

The exact opposite of self-determination.

All of our problems in communication can be traced

to centralized communications infrastructure.

Now, I've sort of told this story at the social level,

in the way that we're talking about how to talk to your peers

and your friends on the internet.

But this story also exists when we think about relying on the pipes,

relying on the hardware, the technical infrastructure behind the software.

We rely on internet backbones,

we rely on centralized cellphone networks,

we rely on centralized telephone networks.

The people that control these networks have the ability

to tell us what we're allowed to say,

when we're allowed to say it.

They have the ability to filter us, to censor us, to influence us.

Sometimes they use that ability, and sometimes they don't,

and sometimes by law they're not allowed to.

But at the end of the day

the power doesn't rest in our hands.

The power, from a technological perspective,

rests in the hands of the people that operate the

networks.

Centralization doesn't just allow this sort of filtering and censorship.

There's another big problem with centralization.

The other big problem with centralization is that by

gathering all of our data in one place

it becomes easy

to spy on us.

So every time you go to a website

pretty much

the website includes, at the bottom of the page

a little graphic or invisible Javascript thing

that tells Google that you came to visit the page.

Eva goes to a website, and the website says

"Hey Google! Eva just came to my website!"

Every time she goes to a website, that happens.

And so Google effectively sits next to her and watches,

while she uses the internet.

Watches everything she does,

and everything she enters,

everything she looks at and knows.

It's not just her search data, it's not just her Gmail.

It's the entire picture of her digital life.

In one place.

That's a pretty complete profile.

If you were able...

...imagine if somebody could sit next to you and watch

everything you did online,

imagine how much they would know about you.

That's how much Google knows about you.

Google knows more about you than you know about yourself,

because Google never forgets.

Google knows more about you than your parents,

than your partner,

Google knows your secrets, your worst secrets,

Google knows if you're cheating on your spouse

because they saw you do the Google search for the

sexually-transmitted disease.

Google knows your hopes and your dreams.

Because the things we hope and dream about,

we look for more information about.

We're natural information seekers.

We think about something, it fascinates us,

we go and look it up online. We search around.

We look around the internet, and we think about it.

And Google is right there. Following our thought process,

the thought process in our click trail.

That is an intimate relationship.

Right? Do you want an intimate relationship with Google?

Maybe you do.

I personally, don't.

But that's it, Google sits next to us and watches us use

our computers.

And if anyone actually did... if you had a friend who wanted

to sit next to you, or a stranger said I want to sit next to you

and just watch you use your computer all day,

you would use that computer very differently to the way you do now.

But because Google doesn't physically sit next to you,

Google sits invisibly in the box, you don't know Google is there.

But you do know, right?

We're all aware of this. I'm not saying any of you don't know,

especially in a room like this.

But we don't think about it.

We try not to think about it.

We are locked in, to the internet.

We can't stop using it.

And the structures that exist,

the infrastructure that exists,

that has been slowly turned from

a means to allow us to communicate with each other

to a means of allowing us to access web services

in return for all our personal information so we can be bought and sold

like products.

That is the problem. That is the problem of centralization, of having one structure.

As soon as we put all that information in one place

we get complete profiles of us, you get complete pictures of you.

And that is a lot of information.

It's valuable information.

It's information that is used, right now, mostly to sell you things.

And that, you might find objectionable.

Maybe you don't.

Maybe you don't believe the studies that say you can't ignore advertising.

Maybe you think that you are smart and special, and advertising doesn't affect you.

You're wrong.

But maybe you believe that.

But that information, that same infrastructure, that same technology that allows them

to know you well enough to sell you soap

allows them to know you well enough to decide how much of a credit risk you are,

how much of a health risk you are,

and what your insurance premiums should look like.

In America we have a big problem right now.

Insurance costs are out of control. Health insurance. We're having a lot of difficulty paying for it.

Insurance companies would like to respond to this problem

by knowing better who's a good risk and who's a bad risk

so they can lower prices for the good risk and raise prices for the bad risk.

Essentially they want to make people who are going to get sick, uninsurable.

And if you could know enough about a person to know what their risk factors are based on

what they're digital life is, if you can get just a little bit of information about them,

maybe you can figure out who their parents are and what hereditary diseases they might be subject to,

you can start to understand these things.

You can start to figure out who's a good risk and who's a bad risk.

You can use this information for ends that seem reasonable if you're a health insurance

company, but probably don't seem reasonable if you're

the kind of person sitting in this room, the kind of person that I talk to.

And that's the problem. The innocuous use. The use that seems kind of icky, but not truly evil,

which is advertising.

It's the same mechanism, the same data, that then gets used for other purposes.

It's the same data that then gets turned over to a government who wants to oppress you

because you are supporting wikileaks.

And that's not a fantasy, that's what happened.

It's the same information that anybody who wants to know something about you for an evil end would use.

We have a saying in the world of information, that if the data exists, you can't decide what it gets

used for.

Once data exists, especially data in the hands of the government, of officials,

once that data exists, it's a resource.

And the use of that resource it its own energy, its own logic.

Once a resource is there begging to be used, it's very hard to stop it from being used.

Because it's so attractive, it's so efficient, it would solve so many problems to use the data.

And so once you collect the data, once the data exists in one centralized place,

for anybody to come and get it with a warrant, or maybe no warrant, or maybe some money...

somebody is going to come with a warrant, or no warrant, and they are going to get that data.

And they will use it for whatever they want to use it.

Once it's out of the hands of the first person who collected it, who maybe you trust,

who maybe has good privacy policies, who maybe has no intention to do anything with your data

other than use it for diagnostic purposes, once it's out of that person's hands it's gone.

You never know where it goes after that.

It is completely uncontrolled and unchecked

and there is no ability to restrain what happens to that data.

So all of this is my attempt to convince you that privacy is a real value in our society,

and that the danger of losing privacy is a real problem.

It's not just the censorship, it's not just the filtering,

it's not just the propaganda, the influencing of opinion, that's one aspect of it,

it's not just the free speech. It's also the privacy, because privacy goes to the heart of our autonomy.

About a year and a half ago to two years ago at the Software Freedom Law Center

a man named Ian Sullivan who's a co-worker of mine,

he bought a bunch of plug servers,

because he was really excited at the thought of using them as print servers, and media servers,

and he started tinkering with them in our office.

My boss Eben Moglen who is a long-time activist in the Free Software movement,

fought very hard for Phil Zimmerman and PGP when that was a big issue,

he looked at this technology and he immediately realised that several streams had come together in one

place.

There's a lot of really good technology to protect your privacy right now.

In fact that's the stuff we're putting on the Freedom Box.

We're not writing new software.

We are gathering stuff, and putting it in one place.

Stuff that other people did because there are people who are better at writing software, and security,

than we are. We're software integrators.

And he realised there was all this software out there, and suddenly there was a box to put it on.

You could put all that software in one place, make it easy, and give it to people in one neat package.

Pre-installed, pre-configured, or as close to it as we can get.

And that, was the vision for the FreedomBox.

The FreedomBox is a tiny computer. Look at this.

That's small, it's unobtrusive.

So it's a small computer.

And we don't just mean small in size... it doesn't take a lot of energy.

I could be running this box on a couple of AA batteries for the life of this presentation.

You could run it on a solar panel.

It's very lightweight infrastructure.

You plug it into your home network, and when I say home network,

(I'm going to pass this around)

When I say home network, I mean home network.

This is technology we are designing for individuals to use to talk to their friends.

Our use-case, the thing we're trying to protect is you guys, as individuals in your communities.

This isn't a small-business appliance, it's not a large corporate applicance, this is a thing

that we are truly aiming at the home market, and people who care about privacy on an individual level.

You plug it into your home network to protect your privacy, your freedom, your anonymity and your security.

That is our mission statement, I guess. Unofficially.

That is what we believe we are trying to do with this device.

So, what privacy means in this context, the way we're going to go about trying to protect your privacy

is to connect you directly with other people and take everything you do and try to encrypt it

so that only you and the person you are talking to can see it. This is not a new idea.

We can do encrypted messaging, and we can do encrypted browsing.

Now there are problems with encrypted browsing. Right now if you want to have secure browsing you generally

use something called SSL.

SSL is a system of certificates that allow a web server to say to you "we can talk privately".

That's the first guarantee, a secure cryptographic connection (A).

and (B) I can authenticate to you that I am who I say I am.

So not only can nobody listen, but you know who you're talking to.

You're not secretly talking to the government, when really you're talking to me.

The problem with SSL, the big problem with SSL, is that the system for signing certificates relies

on a trust hierachy that goes back to a cartel of companies who have the server certificates,

who have the ability to do this "guarantee". So when the website says to you "I guarantee I am who I

am", you say "I don't know you, I don't trust you". And they say "Oh, but this other company, I paid

them money, and so they'll guarantee that I am me."

Which is a really interesting idea - because I also don't know this company, why would I trust that company?

I mean, the company is just old enough and influential enough that they could actually get their

authority into my browser. So really my browser is willing to accept at face-value that this website

is who it says it is, but I don't necessarily accept that.

And then, we have the problem of self-signed certificate. Where if they say, none of those authorities

in your browser trust me, I trust myself and look, I've signed a piece of paper -

I swear I am who I say I am.

And that, is not trustworthy at all, right?

That's just him saying again "No, really! I'm me!".

So this is a problem, because the FreedomBoxes are not going to trust the SSL cartel,

and they are not going to trust each other, so they can't just sort of swear to each other that

they are who they are.

So we think we've solved this. I'm not going to say we've solved it, because we're just starting to tell

people about this idea, and I'm sure people will have reasons why the idea can be improved.

But there is a technology called MonkeySphere, that allows you to take an SSH key and wrap it around a

PGP key, and use a PGP key to authenticate SSH connections.

It's really neat technology that allows you to replace SSH trust with PGP trust.

And we looked at that, and we thought, why can't we do that with SSL?

So one thing we're going do with browsing is take an SSL certificate, an X.509 certificate,

and wrap it around a PGP key and send it through the normal SSL layer mechanisms

but when it gets to the other end, smart servers and smart browsers will open it up and use PGP mechanisms

to figure out how to trust people, to verify the connections, to sign the authentication of the identity

of the browser, of the server.

This allows us to replace the SSL cartel with the web of trust, the keyservers.

We're replacing a tiny group of companies that control everything with keyservers, community infrastructure.

Anyone can set up a keyserver, and you can decide which one you want to trust.

They share information.

The web of trust is built on people, telling each other that they trust each other.

Again, you can decide who to trust and how much you want to trust them.

This is emblematic of our approach. We've identified structures that are unreliable because

they are centralized, because they are controlled by interests that are not the same interests

as our interests.

And we've decided to replace them wherever we can with structures that rely on people,

that rely on human relationships, that rely less on the notion that you can buy trust, and more on the

notion that you earn trust, by being trustworthy, by having people vouch for you over time.

So that's our approach to encrypted browsing. It's also our approach to encrypted messaging.

We're doing Jabber for a lot of message passing, XMPP, and we're securing that again with PGP.

Everywhere we can we're going to try to use the PGP network, because it already exists...

as I said, we're not trying to invent anything new.

PGP already exists and it does a really good job. So we're taking the PGP trust system and we're

going to apply it to things like XMPP and make sure that we can do message passing in a way

that we can trust.

Once we have XMPP we have a way to send text, a way to send audio, sure...

but also you can send structured data.

Through that same channel. And you can send that data to buddy lists.

So the system starts to look like a way to pass data in a social way. And we think this is the

beginning of the social layer of the box.

At the bottom of the box we have a belief that the technology should be social

from the ground up.

And so we're building structures that allow it to be social,

that assume you want to connect with friends in a network of freedom,

perhaps FreedomBoxes, perhaps other kinds of software, other kinds of technology.

And we're designing with that in mind.

With that in mind, we think we get certain benefits technologically which I'll get into later.

We think we can simply things like key management, through methods like this.

By privacy I also mean that we can install a proxy server, privoxy,

we think the answer is privoxy here,

privoxy on the box, so you can point your browser at the box, surf the web on the box,

and strip ads, strip cookies, stop Google from tracking you from website to website to website,

to remove, the constant person sitting at your side, spying, recording, listening to everything you do.

In that vein, we don't just want to block ads and reject cookies,

we want to do something new, relatively new.

We think we want to munge your browser fingerprint, that unique pattern of data that is captured by your

user-agent string and what plugins you have, and all that stuff

that forms a unique profile of you that allows people to track your browser, companies to track your

browser as you hop along the web, even if they don't know anything about you.

It can sort of tie you to the browser, make profiles about your browser.

And that turns out to be a very effective way of figuring out who you are.

So even without a cookie, even without serving you with an ad, once they're talking to you they can

uniquely identify you, or relatively uniquely.

But it's relatively early in the browser fingerprint arms race.

We think that with a very little bit of changing, we can foil the recording.

and win this round at least.

And instead of having one profile where they gather all of your data, you will present to services

as a different person every time you use the service. So they cannot build profiles of you over time.

That's what privacy looks like in our context. We're looking for cheap ways to foil the tracking.

We're looking for easy things we can do, because we believe there's a lot of low-hanging fruit.

And we'll talk about that more in a minute.

Freedom is our value, freedom is the thing we are aiming for,

freedom from centralized structures like the pipes.

Now mesh networking, I have mesh networking in my slides. That is a lie.

We are not doing mesh networking.

The reason we are not doing mesh networking is because I do not know <i>anything</i> about mesh networking

and one of the reaons I came here was to meet people who know a lot about mesh networking

and I see people in this audience who know a lot about mesh networking.

If you want to turn that lie into the truth, the way you do that

is by continuing on your projects, making mesh networking awesome,

to the point where I can say yes, we're going to put that in this box.

Then eventually, by the time this box is ready to do real

things for real people, we're really hoping that the mesh story

coheres, where we've identified the protocol and the technology and the people who are going to help

us. If you think you might be one of those people, we want to talk to you.

So yes, we are going to do mesh networking,

and that might be a lie

but I hope not.

We want you to have the freedom to own your data

that means data portability, that means that your data sits on your box and never goes to a third party.

It only goes to the people you want it to go to.

Fine-grained access control. Your data, your structures, you decide where it goes.

That's a user-interface problem,

that's a user permission problem,

an access control problem.

Access control is a solved problem.

Doing it through a convenient user-interface, that's not solved... so that's work to be done.

That's a big chunk of our todo list.

We want you to own your social network

Before Facebook there was a thing called MySpace, which was... I'm not even sure it exists anymore.

Before MySpace there was Tribe.

Before Tribe there was Friendster.

Friendster is now like a... "gaming network".

I don't know what it is but they still send me email

Which is the only reason I know they're still alive.

Before Friendster was the original social network.

We called this social network "the internet".

We talked directly to each other,

we used email, an instant messenger and IRC.

We talked to people using the structures that were out there.

It wasn't centralized in one service, we had a lot of ways of meeting each other

and passing messages.

What we lacked was a centralized interface.

So when we say "own your social network" we mean use the services of the internet,

own the pieces that talk to each other.

Hopefully we'll provide you with a convenient interface to do that.

But the actual structures, the places where your data live,

that is just the same pieces that we know how to use already.

We are not going to try to reinvent how you talk to people,

we're just going to make it so that the pipes are secure.

A big part of freedom, a big part of privacy,

is anonymity.

Tor can provide anonymity.

But we don't have to go all the way to Tor.

Tor is expensive, in terms of latency.

Tor is difficult to manage...

I don't know how many people have tried to use Tor, to run all their traffic through Tor.

It's hard. For two reasons.

For one, the latency... it takes a very long time to load a web page.

And two, you look like a criminal. To every website that you go to.

My bank shut down my account when I used Tor.

Because suddenly, I was coming from an IP address in Germany that they had detected in the past

efforts to hack them on.

So they closed my account, well I had to talk to them about it,

it did all get solved in the end.

PayPal as well closed my account down.

So that was the end of my ability to use Tor.

So we can't just run all our traffic through Tor.

It's too slow, and the network has weird properties in terms of how you present to websites,

that frankly, are scary.

Because if I look like a criminal to the bank, I don't want to imagine what I look like to my own government.

But we can do privacy in other ways.

If you are a web user, in China, and you want to surf the internet,

with full access to every website you might go to, and with privacy from your government,

so that you don't get a knock on your door from visiting those websites,

we can do that without Tor.

We don't need Tor to do that. We can do that cheaply.

Because all you need to do in that situation is get your connection out of China.

Send your request for a web page through an encrypted connection to a FreedomBox in...

Austria, America, who knows?

Just get the request away from the people who physically have the power to control you.

And we can do that cheaply, that's just SSH port forwarding.

That's just a little bit of tunneling, that's just a little bit of VPN.

There's a lot of ways to do that sort of thing,

to give you anonymity and privacy in your specific context

without going all the way into something like Tor.

Now there are people who are going to need Tor.

They will need it for their use case.

But not every use case requires that level of attack.

And so one of the things we're trying to do is figure out how much privacy and anonymity you need,

and from whom you need it.

If we can do that effectively we can give people solutions

that actually work for them. Because if we just tell people

to use Tor, we're going to have a problem.

They're not going to use it, and they won't get any privacy at all.

And that's bad.

So we want to allow people to do anonymous publishing,

and file-sharing, and web-browsing and email.

All the communications you want to do.

The technology to do that already exists,

we could do all of that with Tor.

The next piece of our challenge is to figure out how to do it without Tor.

To figure out what pieces we need Tor for, and to figure out

what pieces we can do a little bit more cheaply.

Security.

Without security, you don't have freedom and privacy and anonymity.

If the box isn't secure,

you lose.

We're going to encrypt everything.

We're going to do something that's called social key management, which I'm going to talk about.

I do want to talk about the Debian-based bit.

We are based on a distribution of Linux called Debian,

because it is a community-based distribution.

It is made by people who care a lot about your

freedom, your privacy, and your ability to speak anonymously.

And we really believe that the best way to distribute this

software is to hand it to the Debian mirror network and let

them distribute it. Because they have mechanisms

to make sure that nobody changes it.

If we were to distribute the software to you directly, we

would become a target. People would want to change the

software as we distribute it on our website.

They would want to crack our website and distribute their

version of the package.

We don't want to be a target, so we're not going to give you software.

We're going to give it to Debian, and let them give you the software.

And at the same time you get all of the Debian guarantees about freedom.

The Debian Free Software Guidelines.

They're not going to give you software unless it comes

with all of the social guarantees that are required to participate in the Debian community.

So we're very proud to be using Debian in this manner,

and working with Debian in this manner.

And we think that's the most effective way we can guarantee that we're going to live up to

our promises to you, because it provides a mechanism whereby if we fail to live up to our promises,

we cannot give you something that is broken. Because Debian won't let us,

they just won't distribute it.

There are problems with security.

There are things we can't solve.

One...

Physical security of the box.

We haven't really talked much internally about whether we can encrypt the filesystem on this box.

I don't quite see a way to do it.

It doesn't have an interface for you to enter a password effectively.

By the time you've brought an interface up you'd be running untrusted code.

I don't know a way to do it.

If anyone can think of a way that we can effectively encrypt the filesystem, I'd love to hear it.

But, on top of that, if we do encrypt the filesystem,

then the thing cannot be rebooted remotely, which is a downside.

So there are trade-offs at every step of the way.

If we can figure out some of these security issues, then we can be ahead of the game.

But I think the encrypting the filesystem is the only way to guarantee the box is secure, even if it's

not physically secure.

So I think that's a big one.

If you have ideas about that, please come and talk to me after the talk.

I promised I would talk about social key management, and here it is.

So we're building the idea of knowing who your friends are

into the box at a somewhat low level.

To the point where things that are on the box can assume it is there,

or ask you if it's there, or rely on it as a matter of course in some cases.

So we can do things with keys that make your keys unlosable.

Right now a PGP key is a hard thing to manage.

Key management is terrible.

Do you guys like PGP? PGP is good.

Does anyone here like key management?

We have one guy who likes key management.

<i>LAUGHTER</i>

He's going to do it for all of you!

So, none of us like key management.

Key management doesn't work, especially if your use-case is home users, naive end-users.

Nobody wants to do key management.

Writing their key down and putting it in a safety deposit box is ludicrous.

It's a very difficult thing to actually convince people to do.

Sticking it on a USB key, putting it in a zip-lock back and burying it in your backyard is paranoid.

I can't believe I just told you what I do with my key.

<i>LAUGHTER</i>

No, you can't ask people to do that.

They won't do it.

You can't protect keys in this manner.

You have to have a system that allows them to sort of, not ever know they have a key.

To not think about their key unless they really want to.

We think we've come up with something that might work.

You take the key,

or a subkey,

you chop it into little bits

and you give that key...

and we're talking about a key of a very long length, so there's a giant attack space

and you can chop it into bits and hand it to people without reducing the search space for a key.

You chop it into bits and hand all the bits to your friends.

Now all your friends have your key, as a group.

Individually, none of them can attack you.

Indicidually, none of them has the power to come root your box,

to access your services and pretend to be you.

As a group, they can do this.

We trust our friends, as a group, more than we trust them as individuals.

Any single one of your friends, if you gave them the key to your financial data and your private online

life that would make you very nervous.

You would worry that they would succumb to temptation to peek,

fall on hard times and want to attack you in some way,

fall out with you, get mad at you.

As an individual, people are sort of fallible in this sense.

But as a group of friends who would have to get together

and affirmatively make a decision to attack you,

we think that's extremely unlikely.

It's so unlikely that there are only a few scenarios where we think it might happen.

One...

if you are ill, and unable to access your box

or you're in jail

or you've passed away

or you've disappeared.

Or... you've gone crazy.

We call this type of event, where all your friends get together and help you,

even if you don't ask them for help,

we call that an intervention.

When your friends sit you down and say,

"you need our help, you can't ask us for it because you're not in a position to ask us for it",

that's an intervention.

If you have a moment in your life, a crisis in your life that is an intervention level event,

that's when you can go to your friends.

If your house burns down, you lose your key and all your data

You go to your friends, and you say "can I have part of my key back?"

"Oh, and give me that data that you have in a cryptographically-sealed box that you can't read."

To all your friends...

"My data please, my key please, ..."

"My data please, my key please, ..."

"My data please, my key please, ..."

You take all those pieces, you get a new box,

you load it all onto your box.

You have the key, you have your entire key, and now you can read your data.

And you haven't lost your digital life.

You have a key that is now unlosable.

Even if you never wrote it down, even if you never buried it in the backyard.

This is a hard problem in key management.

People lose their keys and their passwords to services all the time.

The only way we can think of to make that impossible, is this mechanism.

And of course it's optional.

If you're a person who doesn't trust your friends, even as a group,

or if you're a person who just doesn't have a lot of friends

(let me finish!)

...who doesn't have a lot of friends with FreedomBoxes who can be the backend for this,

you don't have to trust this mechanism.

You can do something else to make your key unforgettable.

But for a lot of naive end-users,

this is the mechanism.

This is the way they are going to never

lose their keys

Because the first time a user gets irretrievably locked out of his FreedomBox,

we lose that user forever.

And we lose all his friends forever.

Because it would scare you to lose such an important group of information.

Social key management.

This is the benefit of building social, of building knowledge

of who your friends are, into the box, at a deep level.

We have never done that before, with a technology

as a community project.

And it opens up new possibilities. This is just one.

There are others.

But it's a field we haven't really thought a lot about.

I think once we get out there and we start doing this kind of

construction, a lot of new uses are going to be found for this architecture.

I encourage you all to think about what changes,

when you can assume that the box has people you can trust, just a little bit,

because right now we live in a world where we are asked

to trust third party services like Facebook with all our photos,

or Flickr with all our photos, or Gmail with all our email.

We are asked to trust them.

We have no reason to trust them.

I mean, we expect that they'll act all right, because they have no reason to destroy us.

But we don't know what's going to happen.

We're effectively giving all our information to people we don't trust at all right now.

How does a network of people we trust, just a little bit,

change the landscape?

I think that's a really interesting question.

This box explores that question,

this box creates new solutions to old problems that previously seemed intractable.

So, I encourage everybody to think about how that might

change the solution to a problem they have with a technological architecture as it exists today.

Here's another problem...

Boxes that know who you are, and know who your friends are,

and know how your friends normally act,

can also know when your friends are acting weird.

If you have a friend who sends you one email a year, who suddenly sends you ten emails in a day,

that look like spam,

you know that box is rooted.

You know that box is weird.

Or if you are using the FreedomBox as your gateway to the internet,

and a box it is serving downstream, starts sending a bunch of spam through it, it knows.

It can say "Oh no! You're acting like a zombie."

"You should get a check-up."

It can shut off mail service to that box, and not let the messages out.

It can make that decision to protect the wider internet to make you a better citizen in the world.

If suddenly your computer starts saying "Hey, I'm in Scotland and I need $5000"...

but we know you're not in Scotland

Maybe this box, because it has contact information,

maybe this box sends you an SMS.

And says "Dude, you've been hacked, go do something about your box."

So the types of things we can do once we assume we have

close relations as opposed to arms-length relations,

the types of things we can do when we trust each other a little bit

and we trust our boxes a little bit, goes way up.

Way up.

And by bringing that infrastructure closer to us,

I mean Gmail is too far away to play that role from a network perspective.

But if the box is in our land, we can do that.

These boxes will only work if they are convenient.

There's an old punk-rock slogan, from the Dead Kennedys,

"Give me convenience, or give me death."

We laugh at that, but that's a belief users have,

and I deduce that based on their behaviour,

because every time there is a convenient web service,

people use it.

Even if it's not very good with privacy, a lot of people are going to use it.

And conversely, whenever we have web services that are very good at privacy, but aren't very convenient,

comparatively fewer people use them.

We don't think this box works without convenience.

If we don't get the user-interface right then this project

will probably fall over.

It will never gain any sort of critical mass.

So we need a simple interface,

we need a way for users to interact with this box in a minimal way.

They should think about it as little as possible.

That's the hardest problem we face.

Quite frankly.

The technology to do private communication, that exists.

A lot of the people in this room helped to build that infrastructure and technology.

We can put it on the box.

Making it easy and accessible for users, that's hard.

And right now we're trying to figure out what that looks like,

who the designers are going to be.

If you have user interface or user experience design that you want to bring to a project like this,

please, please, come find me.

In order to have convenience, we need to have the thing provide services that are not just

freedom-oriented, we need to use its position in your network as a trusted device

to do things for you that aren't just about privacy.

It needs to do backups.

This is important.

Right now the way people back up their photos is by giving them to Flickr.

The way they back up their email is by giving it to Gmail.

If we don't provide backups, we can never be an effective replacement

for the services that store your data somewhere else.

Even though they're storing it out there in the cloud for their purposes, you get a benefit from it.

We have to replicate that benefit.

So things that we don't think of as privacy features have to

be in the box.

The backups, the passwords, and the keys, you can't forget them.

We would like it to be a music, a video, a photo server,

all the kinds of things you might expect from a convenient box on your network.

All the things that you want to share with other people, this box has to do those things.

And these aren't privacy features, but without them we won't be able to give people privacy.

Our first feature, the thing we are working towards

is Jabber.

It's secure encrypted chat, point-to-point.

That will be the thing we are working on right now.

But in order to do that we need to solve this monkey-spherish SSL problem that I described.

We have code, it needs to get packaged and all that.

Our development strategy, the way we are going to do all the things we said,

because the list of things I have said we're going to do...

I can't believe you're not throwing things at me.

Because it's ludicrous to believe that we can actually do all these things by ourselves.

And we're not.

We're going to let other people make the software.

As much as possible we're going to encourage other people

to build stuff. We're going to use stuff that already exists.

We're going to use Privoxy, we're going to use Prosody, we're going to use Apache.

We're not going to reinvent the web server, we're not going to reinvent protocols.

I really hope that by the time this project is mature, we haven't invented any new protocols.

Maybe we'll use new protocols, but I don't want to be

generating new things that haven't been tested, and then putting them in FreedomBox.

I want to see things in the real world, tested, gain credibility and take them.

The less we invent, the better.

As far as timelines go, by the time we have it ready, you'll know why you need it.

People right now are figuring out that privacy is important.

They're seeing it over and over again.

In Egypt, the at the start of the Arab spring, one of the things the government did to try to

tamp down the organisation was to convince companies to shut off cell networks,

to prevent people from talking to each other.

In America they did the same thing in San Francisco I hear.

Turned off the cell towers to prevent people from organising to meet for a protest.

With Occupy Wall Street, you're starting to see infiltration,

you're starting to see people going and getting information

that Occupy Wall Street is talking about and turning it over

to the authorities, the police, the FBI.

So the need for privacy as we enter a new age of increased activism, we hope,

of increased activity, of social activity,

I think the need for a lot of this privacy stuff is going to become clear.

As the technology for invading your privacy improves,

the need for technology to protect your privacy will become stark and clear.

Our two big challenges as I said are user experience,

and the one I didn't say was paying for developers, paying for designers.

Those are the hard parts that we're working on.

And if we fail, we think that's where we fail.

Software isn't on that list, as I said software is already out there.

So you can have a FreedomBox.

If you like that box that we've been passing around the audience, you can buy one from Globalscale.

If you don't want the box, it's just Debian, it's just Linux, it's just packages.

Throw Debian on a box, we will have packages available through the normal Debian mechanisms.

You don't even have to use our repository.

In fact, I don't think we're going to have a repository.

You're just going to download it and install it the same way you normally do it if you're technologically

capable of doing that.

I grabbed a bunch of photos from Flickr,

my colleague Ian Sullivan took that awesome picture of the FreedomBox.

And that's how you reach me.

<i>APPLAUSE</i>

Thanks James, please sit down.

We are up for questions from the audience for James.

Please raise your hand if you have any questions about the FreedomBox.

Hello, thanks that was a very interesting presentation.

Thank you.

Your boss Eben Moglen, he has given a speech at a committee of the US congress

I believe, which has received a lot of attention

and in Iran during the green movement the US state department

I believe has told Twitter to reschedule maintainence so that

the opposition could keep using Twitter during the attempted revolution

and Hilary Clinton has given a very popular speech about

how America would support the promotion of internet freedom

and I think things such as the New America Foundation are

funding and supporting projects such as the Commotion mesh networking project

that we've already heard about before.

So in other words there's a link between politics and technology sometimes,

and in the past I believe certain influential Americans such

Rupert Murdoch or George W. Bush have viewed modern communication technologies as a way to

promote U.S. foreign policy and to spread democracy and freedom in the world.

So my question is, what is your relationship with your government?

That's a really good question.

So one of the things that we sort of figured out from the beginning was that

if we had close relationships with the U.S. government,

people outside of the U.S. might have difficulty trusting us,

because nobody wants to tell all their secrets to the American government.

So we were thinking about what that really looks like in the context of a box that could be used globally.

We are working very hard to engineer a device that does not require you to trust us.

I'm not asking for your trust.

I'm not asking for your trust, I'm asking for your help.

All the code we write you'll be able to see it, you'll be able to

audit it, you'll be able to make your own decisions about what it does,

you'll be able to test it if it trustworthy or not,

and if you decide that it is not, you can tell everyone,

and they won't use it.

So from a trust perspective, it doesn't matter what our relationship is with anybody.

So that's the first thing.

The second thing is that right now we don't have much of a relationship with the U.S. government.

Jacob Applebaum is somewhat famous for his work with Julian Assange on Wikileaks,

and his work on Tor, and security in general,

his efforts to provide you with freedom and privacy.

He is a guy who was recently revealed in the Wall Street Journal that the U.S. government has been spying

on. And he is on our team, he's on our technical advisory committee.

He's one of the people we go to for help when we need to understand security on the box.

So right now our position with the American government is that we're not really related except in

so much that we are a bunch of people who really care about these issues,

which maybe occasionally makes us targets. Which gives us a reason to use a box like this.

Coupled with that, there is a program in America - you were talking about Hilary Clinton saying

she was going to encourage technologies that will spread democracy.

So the way America encourages things is by spending money on it.

That's our typical way to support programs. We fund different things.

We don't generally have feel-good campaigns, we just pay people to make good work, or try to.

So the U.S. state department has a program to provide funding for projects like the FreedomBox.

We have not applied for that funding.

I don't know if we will.

However I do know that they have given funding to some very good and genuine projects that are

run by people I trust, so I try not to be cynical about that.

I imagine at some point that through a direct grant or a sub-grant or something,

some state department money might support some aspect of work that is related to us.

I mean, we might take work from a project that is state department funded,

just because it's quick work.

Have I answered your question?

Yes, thanks.

Hi, well you always have tension if you talk about privacy

since 9/11 you know, I heard this in America very often,

"we have to be careful", every body is suspicious and stuff.

So how do you react when people like the government say well,

you are creating a way to support terrorism, whatever.

That's a good question, and it's a common question.

Frankly every time I do this talk, it's one of the first questions that come up.

The answer is really simple.

The fact is, this box doesn't create any new privacy technology.

It just makes it easier to use and easier to access.

People who are committed to terrorism or criminal activity, they have sufficient motivation that they

can use the technology that exists. Terrorists are already using PGP.

They're already using Tor.

They're already using stuff to hide their data.

At best we are helping stupid terrorists.

<i>LAUGHTER</i>

Granted, I'm not excited about that, but I don't that's a sufficient reason to deny common people

access to these technologies.

And more importantly than the fact that terrorists and criminals have access to this technology,

governments have access to this technology.

The largest corporations have access to this technology.

Every bank, the same encryption methods that we are using is the stuff that protects trillions of dollars

in value that banks trade every day.

This is technology that is currently being used by everyone except us.

All we're doing is levelling the playing field.

The same technology that hides data from us, that causes a complete lack of transparency in a downward

direction, we can have to level the playing field a little bit.

More questions?

Thank you for your presentation.

Could we add to challenges, maybe we could produce it in a non-communist dictatorship?

Because I saw the label "Made in China", so I think it is just

paradox to produce something like the FreedomBox in this country, and I would also like to be independent

from producing in China. So that's just something for a challenge I think.

That's a really good question and important point.

So, we're not a hardware project. Hardware is really really hard to do right and do well.

We have some hardware hackers on our project.

Our tech lead Bdale Garbee does amazing work with satellites and model rockets and altimeters,

and he's brilliant. But this is not a hardware project.

All we can do is use hardware that already exists.

When the world makes hardware in places other than China, we will use that hardware.

Right now, we don't have a lot of options.

And we're not going to deny everybody privacy because we don't have a lot of hardware options.

When we have those options we'll take them.

In the meantime, if you are a person who really cares about this issue,

don't buy a FreedomBox.

Take the software, go find a computer that isn't made in China,

<i>LAUGHTER</i>

and go put the software on that box.

If you want a solution that is run on computers that don't exist, I can't help you with that.

If you want a solution that runs, I might be able to help you with that.

But yes, I agree that that is a real issue, and we are thinking about that.

We believe that there is an open hardware project story here.

And one thing we've been doing is working with the manufacturer of the box,

to get the code free, to make sure we know what's in it,

so that there are no binary blobs in the box,

so we have some assurances that we actually do have freedom.

At some point though, we do believe that somebody will solve the open hardware problem for us.

We're not going to be the hardware project, but there are people trying to do this in an open way.

RaspberryPi for example. They're not quite right for our use-case, but those kinds of projects

are starting to exist, and they're starting to be really good.

In a few years, maybe that will be the thing we move onto.

Now, I'm guessing that even an open hardware project like RaspberryPi does their manufacturing in

a place like China. And that's a big problem.

When the world is ready with a solution to that, we will be ready to accept that solution and adopt it

of course.

Any more questions for James? or statements?

This is more of a statement than a question I guess,

but should the FreedomBox start being made in China there will be a lot more of them coming out of

the back door and enabling privacy for people that don't get

it, but also as soon as it starts getting manufactured I'd imagine you may,

because you're not in it for the money as you told me last night,

you may be looking forward to how easy it will be to copy,

and with things like MakerBot, making a case, making a bot is easy,

you can do it in your bedroom now with 3D printers.

So there will be a bag of components, a board, made by some online place that is really into this,

and you can assemble these at home.

So you've just got to get it out there first I think, and lead the way.

Yeah, I think that's quite right in that we are not the only place to get a box like this.

I mean, we're putting it on a specific box to make it easy, but there will be lots of places that make

boxes, and hopefully there will be places where working conditions are acceptable to everybody.

And at that point you can make your own boxes,

you can put them on any box you can find.

The point of Free Software is not to lock you into a service,

a technology, a software, a structure or a box.

We're not going to lock you into anything, that's one thing we're extremely clear about.

If you manage to make a box like this at home, I would really love to hear about it.

If you can spin up a MakerBot to make a case,

and you have a friend who can etch boards,

and you make a box like this at home,

that would be big news and a lot of people would want to know about it.

More statements or questions? Yes...

So, if you lose your box and get a new one, how is it going to reauthenticate to the boxes of your friends?

I think I didn't get that one.

Yeah, so, the good thing about friends is that they don't actually know you by your PGP key.

Sorry, I didn't specify it, if you want a grand security and you want distribution to more than 12 friends,

so let's say a hundred, and they're like, all over the world.

You are probably going to reach them through the internet to get your key parts back,

and you are probably not going to be able to use the FreedomBox to get a new one because

it has to be authenticated.

So how do you do?

Well, you at that point...

if you don't have a FreedomBox, the FreedomBox can't provide you with a solution to that problem.

What you're going to have to do,

is perhaps call your friends.

Have a conversation with them,

convince them that you are the person you say you are.

Reference your shared experiences, maybe they know your voice,

maybe they just know who you are by the way that you act and the way that you talk.

There's not going to be any one way that we get our keys back.

If you lose your key, yeah, we're not saying that's never going to be a problem.

And I wouldn't recommend splitting your key up among a hundred people,

because that's a lot of people to ask for your key back.

The mechanism I have in mind is not that you get a little bit of your key from

everyone you know, it's that you spread out the key among

a lot of people, and you need a certain number of those people.

So maybe it's five of seven of your friends.

So you give seven people the key, but any five of them could give you a whole key.

So in case you can't reach somebody you can still manage to do it.

And we can make that access control as fine-grained as we want,

but a hundred would be overwhelming.

We wouldn't do that. Sure, you could do it if you wanted,

but I don't think you'll have a hundred friends you could trust that much.

Maybe you do, I don't.

More questions, statements?

Yes?

Erm, it's just a wish... but have you thought about the idea of using the FreedomBox to create

a community where you can exchange not only data but like

products or services, so that would maybe like, change the system?

One of the things we want to do with the FreedomBox is

create a thing that looks a lot like your current social networking,

minus the advertising and the spying.

A way to talk to all your friends at once.

Once you have a place, a platform, where you can communicate

with your friends, you can build on that platform

and you can create structures like that.

If we make a thing that has programmable interfaces, so

you can make apps for it, you can make an app like that,

if that's important to you.

What people do with the communication once they have it,

we don't have any opinions about.

We want them to do everything that's important to them.

And I think something like that could be important,

and yeah, that would be amazing if that were to emerge.

Some things I believe are easier to do in a centralized architecture than a decentralized one,

for example search, or services that require a lot of bandwidth.

I don't see how you can run something like YouTube on the FreedomBox.

So is your utopian vision one where everything is decentralized,

or is it ok to have some centralized pieces in a future network?

Look, if you're going to grant me my utopia then of course everything is decentralized.

But we don't live in a utopia, I don't have magic.

We actually have in our flowchart a box labeled "magic routing",

because routing is hard to do in a decentralized way...

You need someone to tell you where the IPs are.

And that's hard to do in a decentralized way.

We haven't solved it, and we don't think we're going to fully solve it.

We hope someone else solves it first of all.

But second of all, we don't know where the compromises are.

Some things are not possible to decentralize.

We're going to decentralize as much as we can,

but we're not committing to doing anything impossible.

If you can't run YouTube off this box,

which I disagree with by the way,

then you won't, because it's impossible.

If you want to run YouTube on this box you turn all your

friends into your content delivery network,

and all your friends parallelize the distribution of the box,

you share the bandwidth.

It's ad-hoc, BitTorrent-like functionality.

Yes, that technology doesn't exist yet, I just made all that up,

but we can do it.

The parts that are hard though, the things like the routing,

there will be real compromises.

There will be real trade-offs.

There will be places where we'll say, you know what, we have

to rely on the DNS system.

Everybody in this room knows that the DNS system has some

security problems, some architectural problems that make it

a thing we would ideally not have to rely on.

But you know what? This project is not going to be able to replace DNS.

There are plenty of alternate DNS proposals out there, but we are not going to

just chuck the old DNS system, because we want people

to be able to get to the box, even if they don't have a box.

We want you to be able to serve services to the public.

We are going to use a lot of structures that are less than ideal.

We're assuming that TCP/IP is there...

in the normal use case you're using the internet backbone

to do your communication.

The mesh routing story we talked about is not how you do

your normal use. That's an emergency mode if there's a crisis, a political instability, a tsunami,

if you can't get to your regular internet because it has failed you in some way because

it has become oppressive or inaccessible.

Then you would use something like the mesh network.

But in the normal course of business, you are using

a thing that is less than ideal, and that's a trade-off.

We can't as a project protect you from everything.

We are going to look for the places where we can make

effective protection. We are going to try and make it clear

the limits of that protection. And we're going to give you

everything we can.

And then, as we move forward, when opportunities to solve new problems present themselves,

we'll take them.

Well I have to add before when we had the talk, unfortunately German you couldn't

understand a lot.

I didn't understand it but I could tell that it was occurring at a very high level of technical competence

and that there was a lot of good information there.

And I'm really hoping that you'll take the video of it and put it up on universalsubtitles.org, or some

other service where people can subtitle it. And hopefully there'll be an English version and I'll get

to see it. I think there was a lot of really good information in there.

What's universalsubtitles.org?

Universalsubtitles.org is a great website. It's kind of like, you put a video up, and anyone can

add subtitles to as much or as little as they want.

And then other people can change the subtitles, and you can do it in as many languages as you want.

So you don't have to ask someone for a favour, "hey, will you subtitle my video?"

that's 20 minutes long or an hour long. You tell a community of people "we need help subtitling",

and everyone goes and subtitles 3 minutes in their favourite languages.

It's a very effective way to crowdsouce subtitling, and it's a very effective way to just share information.

We have a lot of videos with good information that are locked into languages that not everyone speaks.

So this is a way to get around that.

As FreedomBox, we use that project.

And I believe, if I'm not mistaken, I haven't looked in a while,

that it's all Free software that they are using. So you can download it and start your own if you want.

So back to my previous question - in the talk in the afternoon we heard about mesh networking

we talked about that, and it's actually not just being used in

emergency situations but people are really using it.

And especially, the philosophy that everyone becomes part of the net as not just a consumer

but providing part of the net, it certainly is like that that they

can share data among each other, they don't necessarily need

to go into the internet.

So, I would imagine the FreedomBox, with mesh networking,

we could essentially create a large network of many many

people using it.

We also talked about the mesh networking like FunkFeuer in Graz or Vienna

but it would be interesting to get them on mobile devices,

so that you could walk through the street,

theoretically people have these devices, and you could walk

through and it would automatically mesh and connect you.

So FreedomBox if applied to that, you told me this interesting example, you could screw them to

light posts on the street, so maybe elaborate on that,

maybe it could have an effect and give a lot of coverage.

The reason why we currently envision mesh,

and no decisions have been made, right,

but just in the way we think about it when we talk to each other,

and the reason why we think mesh networking is not your daily

mode of use is that the performance degradation is not acceptable to most end-users.

If mesh networking reaches the point where it is acceptable

if you're in a place where there's enough nodes, and you

have a density that you can move around then sure, that

can make a lot of sense. But for a lot of people who

exist as a person not near a lot of FreedomBoxes, they're

going to need the regular internet.

So yeah, we think mesh will be great where you have that

density, when the mesh technology is mature.

When that happens, we could have the most easy access

to municipal wifi by using the power in all the street

lights. Put a FreedomBox up in the top of every street lamp.

Unscrew the light bulb, screw in the FreedomBox, and screw the light bulb back on top.

So you still get light, we're not going to plunge you into darkness.

You still get light, but then you have a mesh node. Right there.

And you could do every 3rd or 4th street light down town, and you could cover

an area rather effectively.

It is a way to get simple municipal wifi without running

any fibre. And every time you have fibre you can link to it.

Like any time you're near fibre you can link to it and you'll

get your information out of that little mesh and into the regular network.

We could have municipal wifi with much lower infrastructure costs than most people currently think of

when they think of municipal wifi. And we can do it through mesh nodes.

And if we did it through mesh nodes we would be providing that service not only to people who have

FreedomBoxes, that just looks like wifi, it just looks like a regular connection.

You might need to do some fancy hopping, but it's not...

the mesh boxes themselves will do the fancy hopping, your phone itself won't have to do it.

While we are talking about phones,

I want to say that I'm not sure how phones fit into the FreedomBox.

I'm pretty sure there is a way that phones fit into FreedomBoxes,

but you can't trust your phone.

With the so-called smartphones it's not a phone actually but a little computer, no?

Yes, your phone, a smartphone is a little computer but

it's not a computer that you can trust, because

even if you replace the software on your phone,

with Free software, it's almost impossible to actually replace all the binary drivers,

it's almost impossible to go all the way down to the metal.

It's very hard to get a phone that is completely trustworthy

all the way down to the bottom of the stack.

So that's a problem we haven't quite figured out how to solve.

And pretty soon it's going to be impossible to put Free software on phones.

The days of jailbreaking your iPhone and rooting your Android phone might

very well come to an end. There is a proposal right now called UEFI.

It's a standard. We currently use EFI, this would be UEFI.

I don't know what it stands for, it's a new thing.

And what this proposal is, is that before your computer,

before the BIOS will load a bootloader on your computer

that BIOS has to authenticate, sorry, that bootloader has

to authenticate to the BIOS. It has to be signed by someone

the BIOS trusts, someone the BIOS manufacturer trusts.

And the person who puts the BIOS in your phone can decide who it trusts,

and they can decide they don't trust anyone except themselves.

If Apple sells you an iPhone with a BIOS that requires a

signed operating system, it might be very hard for you to

get another version of the operating system on there.

The proposals for this stuff are really in the realm of laptops and computers, that's where it's starting,

but believe me, technology spreads.

And if you want to be able to put Linux on a computer that you buy, on a laptop you buy,

very soon you might have a very difficult time doing that.

The standard is there, the companies paying attention to it

are not paying attention to it for our purposes.

They want to make sure that they can control what is on your computer.

So this is, you know, another political fight that we're going to engage in,

not the FreedomBox, but the community.

We're going to have to have this fight. UEFI. Look it up.

Start thinking about it. This is going to be a big piece of the puzzle for freedom in computing over

the next few years.

We're going to have some problems and we're going to have to find some solutions.

But wouldn't such an initiative, wouldn't that create a good market for companies who actually

would supply Linux on such devices, on the phone and on the laptop market.

I'm sure there are companies supplying that.

Absolutely.

And if the market in freedom were good enough to support

large-scale manufacturing and all that other stuff then we might get that.

And we might get that anyway.

I mean, the standard will include as many keys as you want,

so we might get the freedom.

But the manufacturers will have a really convenient way to turn the freedom off.

I think there will be a lot of boxes where you will have freedom.

But there will also be a lot where right now we think we can get Free software onto it,

where we won't be able to anymore.

It's going to be a narrowing of the market.

I don't think our freedom is going to completely disappear from devices.

But a lot of devices, if you buy the device without thinking about freedom, assuming you can have it,

you might get it home and discover that you can't.

Ok, we want to give the floor again to the audience for more questions or statements.

Ok, there in the back, one more.

Yeah, one more time, so...

Nowadays, where you can hardly really save your PC, laptop, whatever, against malware...

Isn't it really, a red carpet for hackers to, if you have social networks and circles of friends,

one gets some malware on his PC, mobile device, whatever,

has a FreedomBox, authenticates to his friends, the state is secure

wouldn't that open doors?

Sure, well, the human error is not one we can control for.

But someone who has a key that you trust is not necessarily someone who you let run arbitrary code

on your FreedomBox.

You might trust them to the point of having message passing with them, and trusting who they are

and what they say, but you don't necessarily trust the technology that they have and the

code that they have to be free of malware.

You'll still have to do all the things you currently do.

Right now if somebody sends you a file, it could have malware in it.

We're not making that easier, or better, or more likely to happen.

I think what we are doing is completely orthogonal to that problem.

At the same time, if we were to have email services on the box,

and you know we're not quite sure what the email story of a box like this looks like,

we probably would want to include some sort of virus scanning or spam catching,

all the usual filtering tools to give you whatever measure of protection might currently exist.

But the fact someone has a key and you know who they are

I don't think that will ever be the security hole.

Or at least we really hope we can make it so it's not.

If we fail in that then we've missed a trick.

Ok, any more statements or questions?

Ok, so, James, my last question would be...

You can actually buy the box right now?

Yes.

From a company?

Yes.

Maybe you can supply that information. But the software is being developed?

Yes.

Can you give an estimation about the timeline of your project, or the next milestones?

Sure.

So, the boxes are manufactures by a company called Globalscale,

they're about $140 US dollars.

There is a slightly older model called the SheevaPlug that is about $90.

It does just pretty much everything the Dreamplug does.

It has some heat sinking issues, but it's a pretty good box as well,

so if the price point matters to you you can get last year's model and it'll serve you just fine.

The software, right now we have a bare Linux distribution.

We spent a lot of time getting the binary blobs out of the kernel

and making it installable onto this hardware target.

We have a Jabber server, Prosody, that we are modifying to suit our needs.

And that should be ready, time-frame, weeks.

Some short number of weeks.

The Privoxy server, the SSH forwarding, some short number of months.

But those are our roadmap for the short-term future, is Jabber, SSH forwarding, browser proxying.

We also are working on the interface, so we're going to have an interface that you can actually

control some of these services with.

And the first thing we're doing with that interface is probably allowing you to

configure this box as a wireless router.

So it can become your wireless access point if you want it to be.

And your gateway of course.

So user interface in one vertical,

SSH forwarding, browser proxying a little bit out there,

a little bit closer: Jabber, XMPP secure chat.

And once we have that stack, we believe that we're going to build upwards from XMPP towards

perhaps something like BuddyCloud.

We're seriously looking at BuddyCloud and seeing what problems it solves for us

in terms of actually letting users group themselves in ways that they can then do access control

and channels and things of that nature.

And are you actually in contact with the hardware company producing the servers?

Yeah, we've had a number of conversations with them.

They've agreed that when our code is ready this is something

they are very interested in distributing.

More importantly we've had a lot of conversations with

them about freedom.

About why we do what we do, they way we do.

And how they need to act if they want to distribute code for

us and work with our community.

And what that means is we're teaching them how to comply

with the GPL, and we're teaching them how to remove the binary drivers,

and in fact we're doing some of that for them.

But they're Chinese, right?

No. No, Globalscale is not a Chinese company.

Their manufacturing is in China, but they're not a Chinese company.

And we're also talking to Marvel. Marvel makes the system-on-a-chip that goes onto the boards

that Globalscale is integrating into their boxes.

But we're also talking to Marvel about what they can do to better serve the needs of our community.

So a large part of our efforts is to try to convince manufacturers to make

hardware that suits our needs.

This box is a thing that they developed, they invented,

before they ever met us, before they ever heard of us.

And if we can get them enough business,

if by making FreedomBoxes and by putting our software on the box,

that enables them to sell more boxes they will be very happy

and when they design the next generation,

not the next generation of the DreamPlug, but the next generation after whatever they're designing now,

so we're talking a couple of years from now.

We can say to them, look, you're selling a lot of boxes

because you're making a thing that serves the free world very well.

Remove the 8 inch audio jack because our people don't need it.

Add a second wifi radio. Put antenna ports on it.

This box can go from something that looks really good for our purpose to

being something that looks amazingly good for our purpose.

And that will require scale.

And what that means is that the FreedomBox becomes a wedge for

making better hardware for everyone.

But it's not just the FreedomBox. The Tor router project is

also focused on the DreamPlug. They've also decided this is a good box for their purpose.

If you are making a box that is kind of like a FreedomBox but isn't the FreedomBox because

it's more specialised to what you want it for, think about

the DreamPlug as a hardware target. And let us know,

so that when we go to the company, we can say look,

look at all the business you are getting by being people that serve the Free world.

And then, hopefully, we can convince them to make boxes that better serve the Free world.

And that's not a fantasy. We are having those conversations with them,

and they are very receptive.

So I am pretty happy about that aspect we do.

And my last question would be...

since we are now, everything is turning mobile,

it's like we have these computers with an extra phone...

the phone is a small application on these devices.

Is there any plan or any idea or any project to say like, have

a FreedomPhone or Free mobile device?

So the way you connect to this box is kind of how you connect to your router,

port 80, browser.

But another way you could do it would be an app on your cellphone that bluetooths to the box.

I don't actually think the box has bluetooth, but you know,

an app on your cellphone that talks to the box over the network, say.

That's possible, we're thinking about that.

We're thinking about what that looks like for the large population

that exists out there that doesn't have computers.

There's an awful lot of people that only have cellphones, they don't have computers.

And we want them to have freedom too.

So figuring out how we can use a cellphone to talk to the box is a future problem.

We're not working on it right now, but we're certainly talking

about where it fits into the roadmap.

And that's why we are concerned about whether or not you

can trust your phone.

Because if you can trust your FreedomBox, but not the

thing you use to access it then you don't really have the privacy you think you have.

So, figuring out, can you trust your cellphone? Is a big part of the puzzle.

It's a big thing that we don't know how to do yet.

So let me make a little advertisement for another interesting project,

there is a Spanish development, I think it is also produced in China,

but it's called The Geek's Phone.

And they have a compatible Android installation by default,

and they are probably having a similar philosophy to keep the hardware open.

So maybe there is a new cooperation on the horizon.

Oh yeah, we love projects like that.

I don't know a lot about their project, but I have heard of it

and it is on my list of things to look into.

I would love to see that succeed, that would be excellent.

Well James, thank you for your presentation.

I think it was really interesting. And thank you for coming.

James will be back on this stage at 7pm when we have our final discussion on the 20 years of

the world wide web.

Thank you James for coming.

<i>APPLAUSE</i>