Difference between revisions of "ISXUbuntu"
m (→Outstanding issues) |
(add project re-evaluation) |
||
Line 6: | Line 6: | ||
ISXubuntu will feature anonymous web browsing using [http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29 Tor], ad blocking with [http://en.wikipedia.org/wiki/Privoxy Privoxy], encrypted email with [http://en.wikipedia.org/wiki/Enigmail Enigmail], encrypted instant messaging with [http://en.wikipedia.org/wiki/Off-the-Record_Messaging OTR] and the ability to store a personal home directory and other configuration settings on an encrypted USB flash drive. | ISXubuntu will feature anonymous web browsing using [http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29 Tor], ad blocking with [http://en.wikipedia.org/wiki/Privoxy Privoxy], encrypted email with [http://en.wikipedia.org/wiki/Enigmail Enigmail], encrypted instant messaging with [http://en.wikipedia.org/wiki/Off-the-Record_Messaging OTR] and the ability to store a personal home directory and other configuration settings on an encrypted USB flash drive. | ||
+ | |||
+ | ==Project Status - August 2009== | ||
+ | |||
+ | |||
+ | ===Re-evaluating the scope of the project=== | ||
+ | |||
+ | I do not understand the significance of the hardware as a solution to | ||
+ | the stated problem. It seems to me that the essential issue is that | ||
+ | non-hierarchal (i.e. non-centralized) "externally"-managed web | ||
+ | hosting does not exist. Users want web-hosting but don't have, nor | ||
+ | should they require, the inclination or capacity to manage a | ||
+ | web-server themselves. | ||
+ | |||
+ | A "specialized" piece of hardware to do this is superfluous; it can be | ||
+ | done and done better in software using existing computers. Moreover, | ||
+ | it is not resilient enough: If my hardware or connection go offline I | ||
+ | want my hosted content to persist throughout the downtime. If we are | ||
+ | trying sell convenience I doubt that we will beat the status quo using | ||
+ | something strictly less hands-off. | ||
+ | |||
+ | In effect, what is required is a encrypted distributed data store (the | ||
+ | "people's cloud") that is accessible over HTTP. It is here where | ||
+ | effort should be directed. Potential data-mining can be mitigated by | ||
+ | having only your friends (and possibly friends-of-friends) host your | ||
+ | data. | ||
+ | |||
+ | All of these ideas have existed for years in Freenet and other overlay | ||
+ | networks. Adoption of these previous networks have been hampered by | ||
+ | their anonymity-preserving design requirements which exacts a | ||
+ | significant transfer rate penalty. An overlay network which does not | ||
+ | require anonymity is not subject to these problems. | ||
+ | |||
+ | Two additional benefits are of note: The first is censorship | ||
+ | resistance. Centrally hosted sites are single points of failure and | ||
+ | easy targets to effectively suppress information. Wikileaks is the | ||
+ | notable exception that has survived only by localizing in a | ||
+ | sympathetic country. However, wikileaks itself has noted that this | ||
+ | venue shopping will be a short-lived solution. Worse it has not | ||
+ | prevented the people behind wikileaks from being at high risk from | ||
+ | retaliation from various nation states. Replicating content to | ||
+ | thousands or millions of sites automatically makes the application of | ||
+ | censorship absurd. | ||
+ | |||
+ | The second benefit is amortization of hosting costs of public-service | ||
+ | websites. Some sites, like wikipedia, have enormous hosting costs that | ||
+ | are unsustainble at their current growth rates. Charitable donations | ||
+ | will soon become inadequate. A more cynical point is that these | ||
+ | hosting costs are often used as a pretense to obtain increased salary | ||
+ | funding for executives of these organizations. If the data were | ||
+ | (read-only) cached in a distributed data store the technical costs | ||
+ | would again become manageable (trivial?), funding could be put to use | ||
+ | elsewhere and the application of funding more transparent. | ||
+ | |||
+ | David Solomonoff | ||
==Project Status - August 2008== | ==Project Status - August 2008== |
Revision as of 21:40, 7 February 2010
Contents
Introduction
ISXubuntu is a project of ISOC-NY to create a Linux live CD, based on Ubuntu Linux, which has been optimized for security and privacy while online. The global Internet Society has provided a grant to cover development costs and so that a number of CD's may be distributed free of charge.
Features
ISXubuntu will feature anonymous web browsing using Tor, ad blocking with Privoxy, encrypted email with Enigmail, encrypted instant messaging with OTR and the ability to store a personal home directory and other configuration settings on an encrypted USB flash drive.
Project Status - August 2009
Re-evaluating the scope of the project
I do not understand the significance of the hardware as a solution to the stated problem. It seems to me that the essential issue is that non-hierarchal (i.e. non-centralized) "externally"-managed web hosting does not exist. Users want web-hosting but don't have, nor should they require, the inclination or capacity to manage a web-server themselves.
A "specialized" piece of hardware to do this is superfluous; it can be done and done better in software using existing computers. Moreover, it is not resilient enough: If my hardware or connection go offline I want my hosted content to persist throughout the downtime. If we are trying sell convenience I doubt that we will beat the status quo using something strictly less hands-off.
In effect, what is required is a encrypted distributed data store (the "people's cloud") that is accessible over HTTP. It is here where effort should be directed. Potential data-mining can be mitigated by having only your friends (and possibly friends-of-friends) host your data.
All of these ideas have existed for years in Freenet and other overlay networks. Adoption of these previous networks have been hampered by their anonymity-preserving design requirements which exacts a significant transfer rate penalty. An overlay network which does not require anonymity is not subject to these problems.
Two additional benefits are of note: The first is censorship resistance. Centrally hosted sites are single points of failure and easy targets to effectively suppress information. Wikileaks is the notable exception that has survived only by localizing in a sympathetic country. However, wikileaks itself has noted that this venue shopping will be a short-lived solution. Worse it has not prevented the people behind wikileaks from being at high risk from retaliation from various nation states. Replicating content to thousands or millions of sites automatically makes the application of censorship absurd.
The second benefit is amortization of hosting costs of public-service websites. Some sites, like wikipedia, have enormous hosting costs that are unsustainble at their current growth rates. Charitable donations will soon become inadequate. A more cynical point is that these hosting costs are often used as a pretense to obtain increased salary funding for executives of these organizations. If the data were (read-only) cached in a distributed data store the technical costs would again become manageable (trivial?), funding could be put to use elsewhere and the application of funding more transparent.
David Solomonoff
Project Status - August 2008
- New developer page created, with project schedule and documentation outline
Project Status - June 2008
- Permalink established: http://isoc-ny.org/isxubuntu
- A CVS has been initiated: http://www.isoc-ny.org/cvs/
- An early alpha version without documentation, based on Ubuntu 7.10 can now be downloaded: http://isoc-ny.org/xubuntu-7.10-desktop-i386-custom_CD.iso
- Joseph Shraibman & Alicia Gibb joined the project
Volunteers are needed to help with project.
The project involves bundling and configuring existing software and then testing everything to make sure it works. Skills required to assist with the project include solid familiarity with the Linux/Unix environment and package management tools, and shell scripting with bash. Other scripting languages such as Perl, Python or Ruby would also be helpful.
If you'd like to help with the project you can subscribe to the mailing list: http://lists.isoc-ny.org/listinfo.cgi/isxubuntu-isoc-ny.org h
Outstanding issues
- Existing documentation should be developed into a functioning script that allows further customization and a complete build of a new .iso file.
- Boot time is still too slow on older hardware. This may have to do with the X Window autoconfig.
- Permanently installing the OS to a hard drive doesn't provide the same features and configuration as booting from the CD.
- Currently OpenDNS is used to prevent DNS spoofing. When you attempt to go to a URL that doesn't exist you are redirected to a page of theirs. Disabling this requires setting up a free account with OpenDNS and having a static IP - or a domain name and registering with DynDNS. We need to discuss this further.
- AbiWord - the preferred word processor because it's smaller - does not have a redaction feature. If a user is not careful and gives a file to someone else, it's possible to retrieve all deleted material by hitting "undo".
- Develop a security auditing procedure which includes penetration testing with Nessus and checking file permissions. I've done this but a standard procedure needs to included in the build process.
- What else?
- A number of the apps and Mozilla extensions which add the security and privacy features are not signed - this is a developer issue but we should look into it. If we had a lot of resources (like time and money) we could develop our own secure ports of everything we were concerned about the way OpenBSD does.
- Tor is still blocked by some firewalls (such as the NYU campus firewall). How to get around this?
- Email (Enigmail for Thunderbird) and IM (OTR for Pidgin) encryption is installed but not tested
- On-screen keyboard to block keystroke loggers. Is this enough - what else can be done'?
- Apps and OS have been updated recently but Firefox and Thunderbird extensions have not been. Command line installation of Mozilla extensions has been broken in Ubuntu for as long as I've been working on this project so this needs to be done within a running system -- a major nuisance. I'll detail the solutions I've found when I expand this
- Scripts for encrypted home directory on a flash drive need work
- GUI
- Combine scripts to create filesystem, mount and unmount encrypted drive
- Menu to choose device - currently the first mounted flash drive is used.
- Switch from mcrypt to TrueCrypt and add hidden filesystem
- Review licensing and copyright issues for all software and documentation
- Need artwork including logo, splash screens and CD/DVD label
- Privoxy doesn't block all ads - beyond the actual ad blocking it's necessary to block tracking of a users web activity through DNS requests.
- NoScript blocks all Javascripts by default - do we want to create a whitelist of safe sites?
- Check out Free Access Plus (not currently installed) which circumvents state censorship of popular websites
- Similar projects - most don't seem active at this time - we should check them out and see what features we can appropriate
- AnonymOS andOlive OpenBSD- live CD versions of OpenBSD - not active
- ParanoidLinux - a project that's still in the discussion stage
- Rubberhose - a steganographic filesystem, not an OS but some interesting concepts we could consider
- Incognito - very similar but based on KDE and Gentoo Linux
- Mozilla Weave - active but in a very early stage of development. Additional privacy and security for Web 2.0
- Knoppix-3.2 MiB-11b Privacy Edition- if this were an active project ISXubuntu wouldn't be necessary - but it's not
Project Status - December 2007
- Name of Project: Develop security and privacy documentation bundled with software optimized for online security and privacy for end users
- Amount of funds awarded: $10000
- Amount received to date:$3000 - Additional funds for the purchase of a server have not been necessary as one has been obtained for free
- Project Manager: David Solomonoff
- Brief description of project: Develop a bootable Linux CD with privacy-enhancing software preinstalled.
- Progress to date: Produced working prototype, a bootable Linux CD with Tor and other privacy-enhancing software installed. The prototype used Ubuntu Linux version 6.06. Currently working on a new version using Ubuntu 7.10.
- Lessons learned: The original proposal was written very quickly without enough research to determine: a) The technical difficulty of completing the project. Because little or no new software was being developed it seemed much easier than it proved to be. b) Identifying which distribution of Linux to use and then identifying all components to be added. Several other Linux distributions were tried before choosing Ubuntu.
- Issues to overcome: One of the the two project leaders ceased all activity in the organization soon after the grant was received due to personal issues. Since the project manager is also President of the Chapter he has limited time to spend on the project. Additionally, documentation for customizing Ubuntu to the extent we wanted was hard to come by at the time. It has become easier more recently.
- Benefits of the project: Few nontechnical computer users grasp basic online security and privacy issues, particularly problems when used public Wi-Fi hotspots or public computers in places such as libraries. Some of the software to enhance privacy and security is difficult to find and install.
- Anticipated conclusion date: The next version will be completed at the beginning of the new year. It is hoped that additional developers will be recruited. It is seen as an ongoing project and further sources of funding will be possibly be found.
- Anticipated impact in the internet community: Many additional privacy and security issues are created with the use of Web 2.0 services. The goal is for this project to evolve into a complete Linux distribution that addresses those issues on an ongoing basis.