[homepage.git] / blog / tags / freedombox / index.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
          "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
  <head>
    <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
    <title>Petter Reinholdtsen: Entries Tagged freedombox</title>
    <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
    <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
    <link rel="alternate" title="RSS Feed" href="freedombox.rss" type="application/rss+xml" />
  </head>
  <body>
    <div class="title">
 <h1>
     <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
     
 </h1>
 
</div>


    <h3>Entries tagged "freedombox".</h3>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html">Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine</a>
      </div>
      <div class="date">
        14th March 2014
      </div>
      <div class="body">
        <p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox
project</a> is working on to providing the software and hardware for
making it easy for non-technical people to host their data and
communication at home, and being able to communicate with their
friends and family encrypted and away from prying eyes.  It has been
going on for a while, and is slowly progressing towards a new test
release (0.2).  And what day could be better than the Pi day to
announce that the new version will provide "hard drive"/SD card/USB
stick images for Dreamplug, Raspberry Pi and VirtualBox (or any other
virtualization system), and can also be installed using a Debian
installer preseed file.  The Debian based Freedombox is now based on
Debian Jessie, where most of the needed packages used are already
present.  Only one, the freedombox-setup package, is missing.  To try
to build your own boot image to test the current status, fetch the
freedom-maker scripts and build using
<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a>
with a user with sudo access to become root:

<pre>
git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
  freedom-maker
sudo apt-get install git vmdebootstrap mercurial python-docutils \
  mktorrent extlinux virtualbox qemu-user-static binfmt-support \
  u-boot-tools
make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
</pre>

<p>Root access is needed to run debootstrap and mount loopback
devices.  See the README for more details on the build. If you do not
want all three images, trim the make line.  But note that thanks to <a
href="https://bugs.debian.org/741407">a race condition in
vmdebootstrap</a>, the build might fail without the patch to the
kpartx call.</p>

<p>If you instead want to install using a Debian CD and the preseed
method, boot a Debian Wheezy ISO and use this boot argument to load
the preseed values:</p>

<pre>
url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a>
</pre>

<p>But note that due to <a href="https://bugs.debian.org/740673">a
recently introduced bug in apt in Jessie</a>, the installer will
currently hang while setting up APT sources.  Killing the
'<tt>apt-cdrom ident</tt>' process when it hang a few times during the
installation will get the installation going.  This affect all
installations in Jessie, and I expect it will be fixed soon.</p>

Give it a go and let us know how it goes on the mailing list, and help
us get the new release published. :) Please join us on
<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
irc.debian.org)</a> and
<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
mailing list</a> if you want to help make this vision come true.</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/Teaching_vmdebootstrap_to_create_Raspberry_Pi_SD_card_images.html">Teaching vmdebootstrap to create Raspberry Pi SD card images</a>
      </div>
      <div class="date">
        27th October 2013
      </div>
      <div class="body">
        <p>The
<a href="http://packages.qa.debian.org/v/vmdebootstrap.html">vmdebootstrap</a>
program is a a very nice system to create virtual machine images.  It
create a image file, add a partition table, mount it and run
debootstrap in the mounted directory to create a Debian system on a
stick.  Yesterday, I decided to try to teach it how to make images for
<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi</a>, as part
of a plan to simplify the build system for
<a href="https://wiki.debian.org/FreedomBox">the FreedomBox
project</a>.  The FreedomBox project already uses vmdebootstrap for
the virtualbox images, but its current build system made multistrap
based system for Dreamplug images, and it is lacking support for
Raspberry Pi.</p>

<p>Armed with the knowledge on how to build "foreign" (aka non-native
architecture) chroots for Raspberry Pi, I dived into the vmdebootstrap
code and adjusted it to be able to build armel images on my amd64
Debian laptop.  I ended up giving vmdebootstrap five new options,
allowing me to replicate the image creation process I use to make
<a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">Debian
Jessie based mesh node images for the Raspberry Pi</a>.  First, the
<tt>--foreign /path/to/binfm_handler</tt> option tell vmdebootstrap to
call debootstrap with --foreign and to copy the handler into the
generated chroot before running the second stage.  This allow
vmdebootstrap to create armel images on an amd64 host.  Next I added
two new options <tt>--bootsize size</tt> and <tt>--boottype
fstype</tt> to teach it to create a separate /boot/ partition with the
given file system type, allowing me to create an image with a vfat
partition for the /boot/ stuff.  I also added a <tt>--variant
variant</tt> option to allow me to create smaller images without the
Debian base system packages installed.  Finally, I added an option
<tt>--no-extlinux</tt> to tell vmdebootstrap to not install extlinux
as a boot loader.  It is not needed on the Raspberry Pi and probably
most other non-x86 architectures.  The changes were accepted by the
upstream author of vmdebootstrap yesterday and today, and is now
available from
<a href="http://git.liw.fi/cgi-bin/cgit/cgit.cgi/vmdebootstrap/">the
upstream project page</a>.</p>

<p>To use it to build a Raspberry Pi image using Debian Jessie, first
create a small script (the customize script) to add the non-free
binary blob needed to boot the Raspberry Pi and the APT source
list:</p>

<p><pre>
#!/bin/sh
set -e # Exit on first error
rootdir="$1"
cd "$rootdir"
cat &lt;&lt;EOF > etc/apt/sources.list
deb http://http.debian.net/debian/ jessie main contrib non-free
EOF
# Install non-free binary blob needed to boot Raspberry Pi.  This
# install a kernel somewhere too.
wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update \
    -O $rootdir/usr/bin/rpi-update
chmod a+x $rootdir/usr/bin/rpi-update
mkdir -p $rootdir/lib/modules
touch $rootdir/boot/start.elf
chroot $rootdir rpi-update
</pre></p>

<p>Next, fetch the latest vmdebootstrap script and call it like this
to build the image:</p>

<pre>
sudo ./vmdebootstrap \
    --variant minbase \
    --arch armel \
    --distribution jessie \
    --mirror http://http.debian.net/debian \
    --image test.img \
    --size 600M \
    --bootsize 64M \
    --boottype vfat \
    --log-level debug \
    --verbose \
    --no-kernel \
    --no-extlinux \
    --root-password raspberry \
    --hostname raspberrypi \
    --foreign /usr/bin/qemu-arm-static \
    --customize `pwd`/customize \
    --package netbase \
    --package git-core \
    --package binutils \
    --package ca-certificates \
    --package wget \
    --package kmod
</pre></p>

<p>The list of packages being installed are the ones needed by
rpi-update to make the image bootable on the Raspberry Pi, with the
exception of netbase, which is needed by debootstrap to find
/etc/hosts with the minbase variant.  I really wish there was a way to
set up an Raspberry Pi using only packages in the Debian archive, but
that is not possible as far as I know, because it boots from the GPU
using a non-free binary blob.</p>

<p>The build host need debootstrap, kpartx and qemu-user-static and
probably a few others installed.  I have not checked the complete
build dependency list.</p>

<p>The resulting image will not use the hardware floating point unit
on the Raspberry PI, because the armel architecture in Debian is not
optimized for that use.  So the images created will be a bit slower
than <a href="http://www.raspbian.org/">Raspbian</a> based images.</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/A_Raspberry_Pi_based_batman_adv_Mesh_network_node.html">A Raspberry Pi based batman-adv Mesh network node</a>
      </div>
      <div class="date">
        21st October 2013
      </div>
      <div class="body">
        <p>The last few days I have been experimenting with
<a href="http://www.open-mesh.org/projects/batman-adv/wiki">the
batman-adv mesh technology</a>.  I want to gain some experience to see
if it will fit <a href="https://wiki.debian.org/FreedomBox">the
Freedombox project</a>, and together with my neighbors try to build a
mesh network around the park where I live.  Batman-adv is a layer 2
mesh system ("ethernet" in other words), where the mesh network appear
as if all the mesh clients are connected to the same switch.</p>

<p>My hardware of choice was the Linksys WRT54GL routers I had lying
around, but I've been unable to get them working with batman-adv.  So
instead, I started playing with a
<a href="http://www.raspberrypi.org/">Raspberry Pi</a>, and tried to
get it working as a mesh node.  My idea is to use it to create a mesh
node which function as a switch port, where everything connected to
the Raspberry Pi ethernet plug is connected (bridged) to the mesh
network.  This allow me to hook a wifi base station like the Linksys
WRT54GL to the mesh by plugging it into a Raspberry Pi, and allow
non-mesh clients to hook up to the mesh.  This in turn is useful for
Android phones using <a href="http://servalproject.org/">the Serval
Project</a> voip client, allowing every one around the playground to
phone and message each other for free.  The reason is that Android
phones do not see ad-hoc wifi networks (they are filtered away from
the GUI view), and can not join the mesh without being rooted.  But if
they are connected using a normal wifi base station, they can talk to
every client on the local network.</p>

<p>To get this working, I've created a debian package
<a href="https://github.com/petterreinholdtsen/meshfx-node">meshfx-node</a>
and a script
<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/build-rpi-mesh-node">build-rpi-mesh-node</a>
to create the Raspberry Pi boot image.  I'm using Debian Jessie (and
not Raspbian), to get more control over the packages available.
Unfortunately a huge binary blob need to be inserted into the boot
image to get it booting, but I'll ignore that for now.  Also, as
Debian lack support for the CPU features available in the Raspberry
Pi, the system do not use the hardware floating point unit.  I hope
the routing performance isn't affected by the lack of hardware FPU
support.</p>

<p>To create an image, run the following with a sudo enabled user
after inserting the target SD card into the build machine:</p>

<p><pre>
% wget -O build-rpi-mesh-node \
    https://raw.github.com/petterreinholdtsen/meshfx-node/master/build-rpi-mesh-node
% sudo bash -x ./build-rpi-mesh-node > build.log 2>&1
% dd if=/root/rpi/rpi_basic_jessie_$(date +%Y%m%d).img of=/dev/mmcblk0 bs=1M
%
</pre></p>

<p>Booting with the resulting SD card on a Raspberry PI with a USB
wifi card inserted should give you a mesh node.  At least it does for
me with a the wifi card I am using. The default mesh settings are the
ones used by the Oslo mesh project at Hackeriet, as I mentioned in
<a href="http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html">an
earlier blog post about this mesh testing</a>.</p>

<p>The mesh node was not horribly expensive either.  I bought
everything over the counter in shops nearby.  If I had ordered online
from the lowest bidder, the price should be significantly lower:</p>

<p><table>

<tr><th>Supplier</th><th>Model</th><th>NOK</th></tr>
<tr><td>Teknikkmagasinet</td><td>Raspberry Pi model B</td><td>349.90</td></tr>
<tr><td>Teknikkmagasinet</td><td>Raspberry Pi type B case</td><td>99.90</td></tr>
<tr><td>Lefdal</td><td>Jensen Air:Link 25150</td><td>295.-</td></tr>
<tr><td>Clas Ohlson</td><td>Kingston 16 GB SD card</td><td>199.-</td></tr>
<tr><td>Total cost</td><td></td><td>943.80</td></tr>

</table></p>

<p>Now my mesh network at home consist of one laptop in the basement
connected to my production network, one Raspberry Pi node on the 1th
floor that can be seen by my neighbor across the park, and one
play-node I use to develop the image building script.  And some times
I hook up my work horse laptop to the mesh to test it.  I look forward
to figuring out what kind of latency the batman-adv setup will give,
and how much packet loss we will experience around the park. :)</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/Oslo_community_mesh_network___with_NUUG_and_Hackeriet_at_Hausmania.html">Oslo community mesh network - with NUUG and Hackeriet at Hausmania</a>
      </div>
      <div class="date">
        11th October 2013
      </div>
      <div class="body">
        <p>Wireless mesh networks are self organising and self healing
networks that can be used to connect computers across small and large
areas, depending on the radio technology used.  Normal wifi equipment
can be used to create home made radio networks, and there are several
successful examples like
<a href="http://www.freifunk.net/">Freifunk</a> and
<a href="http://www.awmn.net/">Athens Wireless Metropolitan Network</a>
(see
<a href="http://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region#Greece">wikipedia
for a large list</a>) around the globe.  To give you an idea how it
work, check out the nice overview of the Kiel Freifunk community which
can be seen from their
<a href="http://freifunk.in-kiel.de/ffmap/nodes.html">dynamically
updated node graph and map</a>, where one can see how the mesh nodes
automatically handle routing and recover from nodes disappearing.
There is also a small community mesh network group in Oslo, Norway,
and that is the main topic of this blog post.</p>

<p>I've wanted to check out mesh networks for a while now, and hoped
to do it as part of my involvement with the <a
href="http://www.nuug.no/">NUUG member organisation</a> community, and
my recent involvement in
<a href="https://wiki.debian.org/FreedomBox">the Freedombox project</a>
finally lead me to give mesh networks some priority, as I suspect a
Freedombox should use mesh networks to connect neighbours and family
when possible, given that most communication between people are
between those nearby (as shown for example by research on Facebook
communication patterns).  It also allow people to communicate without
any central hub to tap into for those that want to listen in on the
private communication of citizens, which have become more and more
important over the years.</p>

<p>So far I have only been able to find one group of people in Oslo
working on community mesh networks, over at the hack space
<a href="http://hackeriet.no/">Hackeriet</a> at Husmania.  They seem to
have started with some Freifunk based effort using OLSR, called
<a href="http://oslo.freifunk.net/index.php?title=Main_Page">the Oslo
Freifunk project</a>, but that effort is now dead and the people
behind it have moved on to a batman-adv based system called
<a href="http://meshfx.org/trac">meshfx</a>.  Unfortunately the wiki
site for the Oslo Freifunk project is no longer possible to update to
reflect this fact, so the old project page can't be updated to point to
the new project.  A while back, the people at Hackeriet invited people
from the Freifunk community to Oslo to talk about mesh networks.  I
came across this video where Hans Jørgen Lysglimt interview the
speakers about this talk (from
<a href="https://www.youtube.com/watch?v=N2Kd7CLkhSY">youtube</a>):</p>

<p><iframe width="420" height="315" src="https://www.youtube.com/embed/N2Kd7CLkhSY" frameborder="0" allowfullscreen></iframe></p>

<p>I mentioned OLSR and batman-adv, which are mesh routing protocols.
There are heaps of different protocols, and I am still struggling to
figure out which one would be "best" for some definitions of best, but
given that the community mesh group in Oslo is so small, I believe it
is best to hook up with the existing one instead of trying to create a
completely different setup, and thus I have decided to focus on
batman-adv for now.  It sure help me to  know that the very cool
<a href="http://www.servalproject.org/">Serval project in Australia</a>
is using batman-adv as their meshing technology when it create a self
organizing and self healing telephony system for disaster areas and
less industrialized communities.  Check out this cool video presenting
that project (from
<a href="https://www.youtube.com/watch?v=30qNfzJCQOA">youtube</a>):</p>

<p><iframe width="560" height="315" src="https://www.youtube.com/embed/30qNfzJCQOA" frameborder="0" allowfullscreen></iframe></p>

<p>According to the wikipedia page on
<a href="http://en.wikipedia.org/wiki/Wireless_mesh_network">Wireless
mesh network</a> there are around 70 competing schemes for routing
packets across mesh networks, and OLSR, B.A.T.M.A.N. and
B.A.T.M.A.N. advanced are protocols used by several free software
based community mesh networks.</p>

<p>The batman-adv protocol is a bit special, as it provide layer 2
(as in ethernet ) routing, allowing ipv4 and ipv6 to work on the same
network.  One way to think about it is that it provide a mesh based
vlan you can bridge to or handle like any other vlan connected to your
computer.  The required drivers are already in the Linux kernel at
least since Debian Wheezy, and it is fairly easy to set up.  A
<a href="http://www.open-mesh.org/projects/batman-adv/wiki/Quick-start-guide">good
introduction</a> is available from the Open Mesh project.  These are
the key settings needed to join the Oslo meshfx network:</p>

<p><table>
<tr><th>Setting</th><th>Value</th></tr>
<tr><td>Protocol / kernel module</td><td>batman-adv</td></tr>
<tr><td>ESSID</td><td>meshfx@hackeriet</td></tr>
<td>Channel / Frequency</td><td>11 / 2462</td></tr>
<td>Cell ID</td><td>02:BA:00:00:00:01</td>
</table></p>

<p>The reason for setting ad-hoc wifi Cell ID is to work around bugs
in firmware used in wifi card and wifi drivers.  (See a nice post from
VillageTelco about
"<a href="http://tiebing.blogspot.no/2009/12/ad-hoc-cell-splitting-re-post-original.html">Information
about cell-id splitting, stuck beacons, and failed IBSS merges!</a>
for details.)  When these settings are activated and you have some
other mesh node nearby, your computer will be connected to the mesh
network and can communicate with any mesh node that is connected to
any of the nodes in your network of nodes. :)</p>

<p>My initial plan was to reuse my old Linksys WRT54GL as a mesh node,
but that seem to be very hard, as I have not been able to locate a
firmware supporting batman-adv.  If anyone know how to use that old
wifi access point with batman-adv these days, please let me know.</p>

<p>If you find this project interesting and want to join, please join
us on IRC, either channel
<a href="irc://irc.freenode.net/#oslohackerspace">#oslohackerspace</a>
or <a href="irc://irc.freenode.net/#nuug">#nuug</a> on
irc.freenode.net.</p>

<p>While investigating mesh networks in Oslo, I came across an old
research paper from the university of Stavanger and Telenor Research
and Innovation called
<a href="http://folk.uio.no/paalee/publications/netrel-egeland-iswcs-2008.pdf">The
reliability of wireless backhaul mesh networks</a> and elsewhere
learned that Telenor have been experimenting with mesh networks at
Grünerløkka in Oslo.  So mesh networks are also interesting for
commercial companies, even though Telenor discovered that it was hard
to figure out a good business plan for mesh networking and as far as I
know have closed down the experiment.  Perhaps Telenor or others would
be interested in a cooperation?</p>

<p><strong>Update 2013-10-12</strong>: I was just
<a href="http://lists.alioth.debian.org/pipermail/freedombox-discuss/2013-October/005900.html">told
by the Serval project developers</a> that they no longer use
batman-adv (but are compatible with it), but their own crypto based
mesh system.</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/Videos_about_the_Freedombox_project___for_inspiration_and_learning.html">Videos about the Freedombox project - for inspiration and learning</a>
      </div>
      <div class="date">
        27th September 2013
      </div>
      <div class="body">
        <p>The <a href="http://www.freedomboxfoundation.org/">Freedombox
project</a> have been going on for a while, and have presented the
vision, ideas and solution several places.  Here is a little
collection of videos of talks and presentation of the project.</p>

<ul>

<li><a href="http://www.youtube.com/watch?v=ukvUz5taxvA">FreedomBox -
2,5 minute marketing film</a> (Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=SzW25QTVWsE">Eben Moglen
discusses the Freedombox on CBS news 2011</a> (Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=Ae8SZbxfE0g">Eben Moglen -
Freedom in the Cloud - Software Freedom, Privacy and and Security for
Web 2.0 and Cloud computing at ISOC-NY Public Meeting 2010</a>
(Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=vNaIji_3xBE">Fosdem 2011
Keynote by Eben Moglen presenting the Freedombox</a> (Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=9bDDUyJSQ9s">Presentation of
the Freedombox by James Vasile at Elevate in Gratz 2011</a> (Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=zQTmnk27g9s"> Freedombox -
Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New
York City in 2012</a> (Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=tkbSB4Ba7Ck">Introduction
to the Freedombox at Freedombox Hackfest New York City in 2012</a>
(Youtube)</li>

<li><a href="http://www.youtube.com/watch?v=z-P2Jaeg0aQ">Freedom, Out
of the Box! by Bdale Garbee at linux.conf.au Ballarat, 2012</a> (Youtube) </li>

<li><a href="https://archive.fosdem.org/2013/schedule/event/freedombox/">Freedombox
1.0 by Eben Moglen and Bdale Garbee at Fosdem 2013</a> (FOSDEM) </li>

<li><a href="http://www.youtube.com/watch?v=e1LpYX2zVYg">What is the
FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus
2013</a> (Youtube)</li>

</ul>

<p>A larger list is available from
<a href="https://wiki.debian.org/FreedomBox/TalksAndPresentations">the
Freedombox Wiki</a>.</p>

<p>On other news, I am happy to report that Freedombox based on Debian
Jessie is coming along quite well, and soon both Owncloud and using
Tor should be available for testers of the Freedombox solution. :) In
a few weeks I hope everything needed to test it is included in Debian.
The withsqlite package is already in Debian, and the plinth package is
pending in NEW.  The third and vital part of that puzzle is the
metapackage/setup framework, which is still pending an upload.  Join
us on <a href="irc://irc.debian.org:6667/%23freedombox">IRC
(#freedombox on irc.debian.org)</a> and
<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
mailing list</a> if you want to help make this vision come true.</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <div class="entry">
      <div class="title">
        <a href="http://people.skolelinux.org/pere/blog/Recipe_to_test_the_Freedombox_project_on_amd64_or_Raspberry_Pi.html">Recipe to test the Freedombox project on amd64 or Raspberry Pi</a>
      </div>
      <div class="date">
        10th September 2013
      </div>
      <div class="body">
        <p>I was introduced to the
<a href="http://www.freedomboxfoundation.org/">Freedombox project</a>
in 2010, when Eben Moglen presented his vision about serving the need
of non-technical people to keep their personal information private and
within the legal protection of their own homes.  The idea is to give
people back the power over their network and machines, and return
Internet back to its intended peer-to-peer architecture.  Instead of
depending on a central service, the Freedombox will give everyone
control over their own basic infrastructure.</p>

<p>I've intended to join the effort since then, but other tasks have
taken priority.  But this summers nasty news about the misuse of trust
and privilege exercised by the "western" intelligence gathering
communities increased my eagerness to contribute to a point where I
actually started working on the project a while back.</p>

<p>The <a href="https://alioth.debian.org/projects/freedombox/">initial
Debian initiative</a> based on the vision from Eben Moglen, is to
create a simple and cheap Debian based appliance that anyone can hook
up in their home and get access to secure and private services and
communication.  The initial deployment platform have been the
<a href="http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx">Dreamplug</a>,
which is a piece of hardware I do not own.  So to be able to test what
the current Freedombox setup look like, I had to come up with a way to install
it on some hardware I do have access to.  I have rewritten the
<a href="https://github.com/NickDaly/freedom-maker">freedom-maker</a>
image build framework to use .deb packages instead of only copying
setup into the boot images, and thanks to this rewrite I am able to
set up any machine supported by Debian Wheezy as a Freedombox, using
the previously mentioned deb (and a few support debs for packages
missing in Debian).</p>

<p>The current Freedombox setup consist of a set of bootstrapping
scripts
(<a href="https://github.com/petterreinholdtsen/freedombox-setup">freedombox-setup</a>),
and a administrative web interface
(<a href="https://github.com/NickDaly/Plinth">plinth</a> + exmachina +
withsqlite), as well as a privacy enhancing proxy based on
<a href="http://packages.qa.debian.org/privoxy">privoxy</a>
(freedombox-privoxy).  There is also a web/javascript based XMPP
client (<a href="http://packages.qa.debian.org/jwchat">jwchat</a>)
trying (unsuccessfully so far) to talk to the XMPP server
(<a href="http://packages.qa.debian.org/ejabberd">ejabberd</a>).  The
web interface is pluggable, and the goal is to use it to enable OpenID
services, mesh network connectivity, use of TOR, etc, etc.  Not much of
this is really working yet, see
<a href="https://github.com/NickDaly/freedombox-todos/blob/master/TODO">the
project TODO</a> for links to GIT repositories.  Most of the code is
on github at the moment.  The HTTP proxy is operational out of the
box, and the admin web interface can be used to add/remove plinth
users.  I've not been able to do anything else with it so far, but
know there are several branches spread around github and other places
with lots of half baked features.</p>

<p>Anyway, if you want to have a look at the current state, the
following recipes should work to give you a test machine to poke
at.</p>

<p><strong>Debian Wheezy amd64</strong></p>

<ol>

<li>Fetch normal Debian Wheezy installation ISO.</li>
<li>Boot from it, either as CD or USB stick.</li>
<li><p>Press [tab] on the boot prompt and add this as a boot argument
to the Debian installer:<p>
<pre>url=<a href="http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat</a></pre></li>

<li>Answer the few language/region/password questions and pick disk to
install on.</li>

<li>When the installation is finished and the machine have rebooted a
few times, your Freedombox is ready for testing.</li>

</ol>

<p><strong>Raspberry Pi Raspbian</strong></p>

<ol>

<li>Fetch a Raspbian SD card image, create SD card.</li>
<li>Boot from SD card, extend file system to fill the card completely.</li>
<li><p>Log in and add this to /etc/sources.list:</p>
<pre>
deb <a href="http://www.reinholdtsen.name/freedombox/">http://www.reinholdtsen.name/freedombox</a> wheezy main
</pre></li>
<li><p>Run this as root:</p>
<pre>
wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
   apt-key add -
apt-get update
apt-get install freedombox-setup
/usr/lib/freedombox/setup
</pre></li>
<li>Reboot into your freshly created Freedombox.</li>

</ol>

<p>You can test it on other architectures too, but because the
freedombox-privoxy package is binary, it will only work as intended on
the architectures where I have had time to build the binary and put it
in my APT repository.  But do not let this stop you.  It is only a
short "<tt>apt-get source -b freedombox-privoxy</tt>" away. :)</p>

<p>Note that by default Freedombox is a DHCP server on the
192.168.1.0/24 subnet, so if this is your subnet be careful and turn
off the DHCP server by running "<tt>update-rc.d isc-dhcp-server
disable</tt>" as root.</p>

<p>Please let me know if this works for you, or if you have any
problems.  We gather on the IRC channel
<a href="irc://irc.debian.org:6667/%23freedombox">#freedombox</a> on
irc.debian.org and the
<a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">project
mailing list</a>.</p>

<p>Once you get your freedombox operational, you can visit
<tt>http://your-host-name:8001/</tt> to see the state of the plint
welcome screen (dead end - do not be surprised if you are unable to
get past it), and next visit <tt>http://your-host-name:8001/help/</tt>
to look at the rest of plinth.  The default user is 'admin' and the
default password is 'secret'.</p>

      </div>
      <div class="tags">
        
        
        Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
        
        
      </div>
    </div>
    <div class="padding"></div>
    
    <p style="text-align: right;"><a href="freedombox.rss"><img src="http://people.skolelinux.org/pere/blog/xml.gif" alt="RSS Feed" width="36" height="14" /></a></p>
    <div id="sidebar">
      


<h2>Archive</h2>
<ul>

<li>2014
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/01/">January (2)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (3)</a></li>

</ul></li>

<li>2013
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (6)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/05/">May (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/06/">June (10)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/07/">July (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/08/">August (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/09/">September (5)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/10/">October (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/11/">November (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (3)</a></li>

</ul></li>

<li>2012
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>

</ul></li>

<li>2011
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>

</ul></li>

<li>2010
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>

</ul></li>

<li>2009
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>

</ul></li>

<li>2008
<ul>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>

<li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>

</ul></li>

</ul>



<h2>Tags</h2>
<ul>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (8)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (14)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (95)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (145)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (10)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (238)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (12)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (6)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (39)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (7)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (7)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (7)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (241)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (161)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (10)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (45)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (69)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (9)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (35)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (44)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (9)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (22)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (39)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>

 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (29)</a></li>

</ul>


    </div>
    <p style="text-align: right">
 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
</p>

  </body>
</html>