free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Initial attempt at improving the website

This commit is contained in:
Bob Mottram 2016-08-09 16:20:12 +01:00
parent b09014c35a
commit 09c770c402
6 changed files with 579 additions and 647 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
doc/EN/homeserver.org Normal file
View File

@ -0,0 +1,80 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@robotics.uk.to
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
#+END_CENTER
The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
First you will need to create an image.
#+begin_src bash
sudo su
apt-get -y install build-essential git python-docutils mktorrent \
vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info \
mbr qemu-user-static binfmt-support u-boot-tools qemu
git clone https://github.com/bashrc/freedombone
cd freedombone
git checkout stockholm
make install
freedombone-image -t i386 -s 7.8G --onion yes
#+end_src
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
List what drives are on your system with:
#+begin_src bash
ls /dev/sd*
#+end_src
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
#+begin_src bash
dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
#+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.
As the system boots for the first time the login is:
#+begin_src bash
username: fbone
password: freedombone
#+end_src
You will then be shown a large new password. It's *very important* that you write this down somewhere before going further, because you'll need this to log in later.
You'll be asked to set a username and a "real" name (or nickname), then the rest of the installation will be automatic. Again, it takes a while, so go and do something less boring instead.
When it's installed on your local system open a terminal and run:
#+begin_src bash
ssh myusername@freedombone.local -p 2222
#+end_src
Use the password you wrote down earlier to log in.
Select the *administrator control panel* with up and down cursor keys, space bar and enter key. You might need to re-enter your password. Then select *About*. You'll see a list of sites and their onion addresses.
On your local system open a *Tor compatible browser* and enter your blog's onion address. If it's all working then you should see your new blog.
*Congratulations! You have now become a citizen of the free internet. Use your new powers wisely.*
Of course, this is just one way in which you can install the Freedombone system. If you have a single board computer (SBC) such as a BeagleBone Black or OLinuxino you can make disk images for those too. You can even create clearnet sites if you have your own domain name. ARM boards with closed proprietary boot blobs are not supported. For more details run:
#+begin_src bash
man freedombone-image
#+end_src

79
doc/EN/index.org
View File

@ -10,71 +10,20 @@
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<table style="width:50%; border:0">
<tr>
<td><center><a href="variants.html">Variants</a></center></td>
<td><center><a href="installation.html">Install</a></center></td>
<td><center><a href="usage.html">Use</a></center></td>
<td><center><a href="backups.html">Backups</a></center></td>
<td><center><a href="mirrors.html">Mirrors</a></center></td>
</tr>
<tr>
<td><center><a href="code.html">Code</a></center></td>
<td><center><a href="controlpanel.html">Control Panel</a></center></td>
<td><center><a href="related.html">Related</a></center></td>
<td><center><a href="faq.html">F.A.Q.</a></center></td>
<td><center><a href="support.html">Contact/Support</a></center></td>
</tr>
</table>
</center>
#+END_EXPORT
With the right technology the internet can be a space for free expression, exploration, cooperation, learning and fun. A place to connect with others are share experiences. It doesn't have to be a gloomy surveillance prison owned and run by a diabolical synthesis of money-grabbing megacorporations and prurient government spooks brandishing "bulk/general warrants". Freedombone is designed to help you surmount the contemporary digital privacy conundrums and to increase your online autonomy. It's a self-hosted home server configuration which can be installed onto any computer capable of running [[https://www.debian.org/][Debian]], so if you have an old laptop or netbook which you can leave turned on then you can use Freedombone to provide your own internet services, such as blogging, wiki, email, chat and social networking and have independence from the well known internet companies.
#+BEGIN_EXPORT html
<center>
<b>Four Scenarios</b>
<table style="width:95%; border:0">
<tr>
<td><center><h6>Home server</h6>Plugged into your home wifi router. Add a few friends and family as users</center></td>
<td><center><h6>Home server + Hotspot</h6>Also provides a wifi hotspot to extend your home network</center></td>
<td><center><h6>Server in your pocket</h6>Roaming wireless server with services accessible via onion addresses</center></td>
<td><center><h6>Mesh node</h6>Dynamic networks which don't depend on the conventional internet. Distributed, scalable and fully encrypted</center></td>
</tr>
<tr>
</tr>
</table>
</center>
#+END_EXPORT
This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of [[https://www.youtube.com/watch?v=XZmGGAbHqa0][titanic server warehouses]] owned by a tiny number of individuals and it's what is sometimes refered to as [[https://mediagoblin.org/news/userops.html]["userops"]] - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "/no reasonable expectation of privacy/" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it.
#+BEGIN_QUOTE
"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we dont control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." -- Lucas Nussbaum
#+END_QUOTE
Today everyone is concerned about privacy on the internet. Wanting privacy doesn't necessarily mean you have "something to hide". It just means having the ability to choose /what information to share, with whom and under what conditions/ and therefore being able to shape your own life story. The loss of ability to choose via the "involuntary sharing" which many people experience when using communications systems built by the well known internet companies, means that you're no longer really running your own affairs and that others may begin to exert an improper amount of influence over you. Mass surveillance is perhaps the ultimate in involuntary sharing and it's only through the use of freedom respecting software together with a solid determination to overcome state and corporate abuses of technology that we can hope to get to the kind of internet in which respect for human dignity is built in as a core feature.
#+BEGIN_CENTER
[[file:images/nocloud.png]]
#+END_CENTER
Another problem is the precariousness of the terms of service. Except in rare cases such terms are not easy to read, so many people end up clicking through terms which if explained more clearly they would never agree to. Over the past decade many internet users have had the unpleasant experience of having their blogs, videos or other web content inexplicably removed, typically due to some ill-defined terms of service violation or a false accusation of copyright infringement. There have been valiant attempts to improve the readability of terms of service documents, using icons or clearer language, and to generate a sort of marketplace in which people would choose what web systems they use based on the terms documents - to make the privacy/autonomy bargaining more explicit. These efforts were well-intentioned, but have conclusively failed. Even in the best case, that approach doesn't take into account the coercive network effects or large web systems.
You can bypass all of these dilemmas and take back ownership of your internet content with Freedombone. Originally based upon the Beaglebone Black, Freedombone is a small and cheap home server which enables you to use email, have your own web site and do social networking without any built-in spying and without having to agree to any legal terms of service other than those of your ISP. It provides independence and security in an era where those things are in short supply.
#+BEGIN_QUOTE
"The deepest problem is that the system architecture that has evolved in recent years holds masses of information on many people with no intelligence value, but with vast potential for political abuse." -- Ross Anderson
#+END_QUOTE
Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for /all kinds of nefariousness/ and in any future wars they're bound to be amongst the first facilities to receive the "/shock and awe/" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "/bulk intercept/" or "/warrantless wiretapping/". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by [[https://bettercrypto.org][bettercrypto.org]] . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively [[https://en.wikipedia.org/wiki/Free_software][free software]] is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
#+END_CENTER
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
Want to make a community mesh network which doesn't depend upon the internet? You can do that too.
But how?
* [[./homeserver.html][To make a home server]]
* [[./mesh.html][To make a mesh network]]
After installation it's possible that you might want some advice on how to run your server and set up apps to work nicely with it.
* [[./usage.html][General usage]]
* [[./faq.html][Frequently Asked Questions]]

205
doc/EN/mesh.org
View File

@ -10,193 +10,60 @@
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Mesh Network</h1>
</center>
#+END_EXPORT
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
#+END_CENTER
| [[What is a mesh network?]] |
| [[The Freedombone Mesh]] |
| [[Installation]] |
| [[Wifi adaptors]] |
| [[Using the mesh]] |
| [[Further reading]] |
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, scientific expeditions and off-world space colonies. All the cool stuff. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
* What is a mesh network?
The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
First you will need to create an image.
The client/server and mesh network models have advantages and disadvantages. If the server in a client/server system fails then you can have catastrophic service outages which affect many users. If a peer in a mesh network fails then the other peers may be mostly unaffected and communications can continue. The disadvantage of mesh networks is that each peer relays data for other peers and so the bandwidth usage by each peer may be higher than for a client in a client/server system. However, with modern hardware that's not much of an issue.
Mesh networks are useful for building local and highly resillient communications infrastructure which can be put together rapidly, in situations where the ordinary internet is either unavailable or untrustworthy.
Example use cases would be:
* Conferences / Exhibitions
* Local community networks, not run by telcos or ISPs
* Emergency services / Disaster relief
* Camp sites
* War zones
* Scientific expeditions to remote areas
* Onboard smaller ships without satellite internet, captain/crew communications
* Underground (mines or caves)
* Protests / Occupations of buildings
* Eventually in space for manned missions to other planets, moons or asteroids
* The Freedombone Mesh
The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
* Installation
** Two types of system
Installation is split into two categories, /routers/ and /user devices/.
A router is a computer which is dedicated to moving network traffic and building out the mesh infrastructure. It's not primarily intended to have a user interface. Hardware such as the Beaglebone Black is ideal for this, because it's small, inexpensive and doesn't consume much electrical power and so can be fitted in any location where an electricity supply is available.
Small computers acting as mesh routers can also be battery operated or solar powered so that the network need not be statically sited. They could be included in a backpack for camping, fitted within moving vehicles, strapped to protest placards or attached to [[https://www.youtube.com/watch?v=Wwsy9MThwns][large tethered helium balloons]] (like weather balloons) to help provide a local and transient communications system.
/User devices/ are the computers with which you would typically access the internet - laptops, desktop machines, netbooks or any other device which can run a Debian-based distro (eg. Ubuntu) with a working wifi connection.
** Installing on routers
Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
Some recommended hardware:
* Beaglebone Black
* 5V power supply
* Ethernet cable (for installation of the software)
* 8GB microSD card, or larger
* Wireless N USB Adapter TPE-N150USB
If you are using the Beaglebone Black then you'll need to install the Debian image to the microSD card. You can find details of how to do that [[./installation.html][here]].
Connect your system to your internet router with an ethernet cable, then ssh into it and type:
#+BEGIN_SRC bash
su
apt-get update
apt-get install git build-essential dialog
#+begin_src bash
sudo su
apt-get -y install build-essential git python-docutils mktorrent \
vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info \
mbr qemu-user-static binfmt-support u-boot-tools qemu
git clone https://github.com/bashrc/freedombone
cd freedombone
git checkout stockholm
make install
#+END_SRC
freedombone-image -t i386 -v meshclient
#+end_src
At this point if you are using a system or dongle with an Atheros AR9271 wifi chipset then you may want to install some pre-compiled firmware (you can compile it from source, but it takes a long time - especially on the Beaglebone Black). If you need to do that then see the wifi adaptor notes below.
If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is *NOT RECOMMENDED* because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
Then to begin the install:
#+begin_src bash
freedombone-image -t i386 -v meshclient --insecure yes
#+end_src
#+BEGIN_SRC bash
freedombone menuconfig
#+END_SRC
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
Select the "/mesh (router)/" install variant, give an ESSID or just hit enter for the default. If discression is important then use an ESSID similar to those already in the area. The ESSID must be the same on every mesh peer. Assign this mesh peer a name. In order to avoid confusions it's important that the name should be unique on the network and contain no spaces. So maybe a word followed by some numbers, or the name of the place where the router will be installed.
List what drives are on your system with:
If you're installing on a Beaglebone Black then after a while the system will reboot and you will need to ssh in again and run:
#+begin_src bash
ls /dev/sd*
#+end_src
#+BEGIN_SRC bash
cd freedombone
freedombone -c freedombone.cfg
#+END_SRC
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
The reboot is needed in order to enable zram and the hardware random number generator.
** Installing on user devices
Typically on a laptop with a Debian-based distro installed, open a terminal and type:
You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
#+BEGIN_SRC bash
sudo apt-get update
sudo apt-get install git build-essential dialog
git clone https://github.com/bashrc/freedombone
cd freedombone
sudo make install
freedombone menuconfig
#+END_SRC
#+begin_src bash
dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
#+end_src
Select the "/mesh (user device)/" variant and set the same ESSID as you did for the routers, or just hit enter for the default.
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
An important point is that on older Debian-based systems, such as Ubuntu 14.04 or Trisquel 7, you may need to install a more recent version of /batctl/. An example is as follows.
On first boot you'll be asked to set a username, and then you can open the chat client and select the *users* icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
#+BEGIN_SRC bash
sudo apt-get remove --purge batctl
wget http://mirrors.kernel.org/ubuntu/pool/universe/b/batctl/batctl_2014.1.0-2_amd64.deb
sudo dpkg -i batctl_2014.1.0-2_amd64.deb
#+END_SRC
* Wifi adaptors
There are a small number of wifi adaptors which are compatible with a fully free software stack.
** Atheros AR9271
To install the firmware for this:
Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
#+BEGIN_SRC bash
cd freedombone/drivers
sha256sum ath9k_htc_driver_bbb.tar.gz
7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1
tar -xvzf ath9k_htc_driver_bbb.tar.gz
mv *.fw /lib/firmware
cd ..
#+END_SRC
* Using the mesh
The following sections only apply to /client devices/. Mesh /routers/ are only for routing network traffic and operating [[https://en.wikipedia.org/wiki/BitTorrent_tracker][trackers]] and [[https://en.wikipedia.org/wiki/Distributed_hash_table][distributed hash tables]] for bootstrapping purposes.
No logs, no masters.
** Switching from internet to mesh mode
To join the mesh network open a terminal and type:
You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
#+BEGIN_SRC bash
meshweb
#+END_SRC
#+begin_src bash
freedombone-image -t beaglebone -v mesh
#+end_src
If you want to have your system as a permanent mesh peer then you could add that command to your startup applications so that it activates whenever the computer starts up.
A web page should appear in your browser, which then allows you to access communication services on the mesh. These pages should update automatically, so that if peers enter or leave the network the lists will change accordingly.
If for any reason things don't seem to be updating you can force an update by issuing the command:
#+BEGIN_SRC bash
zeronetavahi
#+END_SRC
** Chat
If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The [[https://github.com/Tox/toxic][Toxic]] client is installed by default, but you may also want to install [[https://github.com/tux3/qTox][qTox]] for a more conventional-looking user experience.
You can obtain Tox IDs for users on the network via the initial web page.
To launch the [[https://github.com/Tox/toxic][Toxic client]] in a terminal type:
#+BEGIN_SRC bash
toxic
#+END_SRC
The first time you will be asked whether you wish to encrypt the data file used for your settings. Select "no" for this, otherwise the system will not be able to obtain your public key and broadcast it to other peers in the network. Even if you select "yes" the system will still be usable, but it will not be so easy for other peers on the network to find you unless you have previously exchanged your Tox ID via some out-of-band method.
Then to add a new friend:
#+BEGIN_SRC bash
/nick mynickname
/add <friend Tox ID>
#+END_SRC
Your friend will need to approve the request, and then you can chat via text or voice using /CTRL-o/ and /CTRL-p/ to switch between screens and cursor keys plus Enter to select users.
Another thing worth knowing is that if you were already using a Tox client before running the /meshweb/ command then it's a good idea to close and reopen it, so that the list of bootstrap nodes is updated. The same also applies when exiting the mesh and returning to the internet.
A note for the security-conscious is that broadcasting Tox IDs via the network (using Avahi) is convenient but not highly secure. An adversary could maybe join the network and create decoy peers to try to disrupt the communications and have messages going to the wrong places. For the best security exchange Tox IDs in advance by some method other than looking them up from the initial mesh web page.
** Blogging
The Freedombone mesh uses a fully decentralized blogging system called [[https://github.com/HelloZeroNet/ZeroBlog][ZeroBlog]]. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
All blogs on the mesh are public, so any user joining the mesh can read any other blog. Network traffic is encrypted between peers, so passive snooping will be hard, and also the integrity of data is checked via certificates so that you can be reasonably confident that nefarious content has not been added or removed from the data stream while in transit through the network.
This type of content creation and delivery provides a good template for what the conventional internet should ultimately be like if it is to be robust, trustworthy and resistant to censorship or damage.
To add a new blog entry click the /new post/ button, edit the title and content (clicking /save/ at the bottom of the screen after each). Then when you are done click on the /publish/ button at the bottom of the screen. And that's all there is to it.
** Other services
It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
** Turning off the mesh
If you wish to return to the internet then open a terminal and type:
#+BEGIN_SRC bash
sudo batman stop
#+END_SRC
After a few seconds your usual internet wifi connection should be re-established.
* Further reading
For much more extensive details about deploying wireless networks there is an excellent book called [[https://wndw.net][Wireless Networking in the Developing World]] which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT
The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.

385
website/EN/homeserver.html Normal file
View File

@ -0,0 +1,385 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-09 Tue 16:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
<meta name="generator" content="Org-mode" />
<meta name="author" content="Bob Mottram" />
<meta name="description" content="Turn the Beaglebone Black into a personal communications server"
/>
<meta name="keywords" content="freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber" />
<style type="text/css">
<!--/*--><![CDATA[/*><!--*/
.title { text-align: center;
margin-bottom: .2em; }
.subtitle { text-align: center;
font-size: medium;
font-weight: bold;
margin-top:0; }
.todo { font-family: monospace; color: red; }
.done { font-family: monospace; color: green; }
.priority { font-family: monospace; color: orange; }
.tag { background-color: #eee; font-family: monospace;
padding: 2px; font-size: 80%; font-weight: normal; }
.timestamp { color: #bebebe; }
.timestamp-kwd { color: #5f9ea0; }
.org-right { margin-left: auto; margin-right: 0px; text-align: right; }
.org-left { margin-left: 0px; margin-right: auto; text-align: left; }
.org-center { margin-left: auto; margin-right: auto; text-align: center; }
.underline { text-decoration: underline; }
#postamble p, #preamble p { font-size: 90%; margin: .2em; }
p.verse { margin-left: 3%; }
pre {
border: 1px solid #ccc;
box-shadow: 3px 3px 3px #eee;
padding: 8pt;
font-family: monospace;
overflow: auto;
margin: 1.2em;
}
pre.src {
position: relative;
overflow: visible;
padding-top: 1.2em;
}
pre.src:before {
display: none;
position: absolute;
background-color: white;
top: -10px;
right: 10px;
padding: 3px;
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
/* Languages per Org manual */
pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-fortran:before { content: 'Fortran'; }
pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-haskell:before { content: 'Haskell'; }
pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; }
caption.t-above { caption-side: top; }
caption.t-bottom { caption-side: bottom; }
td, th { vertical-align:top; }
th.org-right { text-align: center; }
th.org-left { text-align: center; }
th.org-center { text-align: center; }
td.org-right { text-align: right; }
td.org-left { text-align: left; }
td.org-center { text-align: center; }
dt { font-weight: bold; }
.footpara { display: inline; }
.footdef { margin-bottom: 1em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
.inlinetask {
padding: 10px;
border: 2px solid gray;
margin: 10px;
background: #ffffcc;
}
#org-div-home-and-up
{ text-align: right; font-size: 70%; white-space: nowrap; }
textarea { overflow-x: auto; }
.linenr { font-size: smaller }
.code-highlighted { background-color: #ffff00; }
.org-info-js_info-navigation { border-style: none; }
#org-info-js_console-label
{ font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
JavaScript code in this tag.
Copyright (C) 2012-2013 Free Software Foundation, Inc.
The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
General Public License (GNU GPL) as published by the Free Software
Foundation, either version 3 of the License, or (at your option)
any later version. The code is distributed WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU GPL for more details.
As additional permission under GNU GPL version 3 section 7, you
may distribute non-source (e.g., minimized or compacted) forms of
that code without the copy of the GNU GPL normally required by
section 4, provided you include this license notice and a URL
through which recipients can access the Corresponding Source.
@licend The above is the entire license notice
for the JavaScript code in this tag.
*/
<!--/*--><![CDATA[/*><!--*/
function CodeHighlightOn(elem, id)
{
var target = document.getElementById(id);
if(null != target) {
elem.cacheClassElem = elem.className;
elem.cacheClassTarget = target.className;
target.className = "code-highlighted";
elem.className = "code-highlighted";
}
}
function CodeHighlightOff(elem, id)
{
var target = document.getElementById(id);
if(elem.cacheClassElem)
elem.className = elem.cacheClassElem;
if(elem.cacheClassTarget)
target.className = elem.cacheClassTarget;
}
/*]]>*///-->
</script>
</head>
<body>
<div id="preamble" class="status">
<a name="top" id="top"></a>
</div>
<div id="content">
<div class="org-center">
<div class="figure">
<p><img src="images/logo.png" alt="logo.png" />
</p>
</div>
</div>
<div class="org-center">
<p>
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
</p>
</div>
<p>
The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
</p>
<p>
First you will need to create an image.
</p>
<div class="org-src-container">
<pre class="src src-bash">sudo su
apt-get -y install build-essential git python-docutils mktorrent <span class="org-sh-escaped-newline">\</span>
vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info <span class="org-sh-escaped-newline">\</span>
mbr qemu-user-static binfmt-support u-boot-tools qemu
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
git checkout stockholm
make install
freedombone-image -t i386 -s 7.8G --onion yes
</pre>
</div>
<p>
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
</p>
<p>
List what drives are on your system with:
</p>
<div class="org-src-container">
<pre class="src src-bash">ls /dev/sd*
</pre>
</div>
<p>
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
</p>
<p>
You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the identifier of the USB thumb drive. Don't include any numbers (so for example use <b>sdc</b> instead of <b>sdc1</b>).
</p>
<div class="org-src-container">
<pre class="src src-bash">dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
</pre>
</div>
<p>
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.
</p>
<p>
As the system boots for the first time the login is:
</p>
<div class="org-src-container">
<pre class="src src-bash">username: fbone
password: freedombone
</pre>
</div>
<p>
You will then be shown a large new password. It's <b>very important</b> that you write this down somewhere before going further, because you'll need this to log in later.
</p>
<p>
You'll be asked to set a username and a "real" name (or nickname), then the rest of the installation will be automatic. Again, it takes a while, so go and do something less boring instead.
</p>
<p>
When it's installed on your local system open a terminal and run:
</p>
<div class="org-src-container">
<pre class="src src-bash">ssh myusername@freedombone.local -p 2222
</pre>
</div>
<p>
Use the password you wrote down earlier to log in.
</p>
<p>
Select the <b>administrator control panel</b> with up and down cursor keys, space bar and enter key. You might need to re-enter your password. Then select <b>About</b>. You'll see a list of sites and their onion addresses.
</p>
<p>
On your local system open a <b>Tor compatible browser</b> and enter your blog's onion address. If it's all working then you should see your new blog.
</p>
<p>
<b>Congratulations! You have now become a citizen of the free internet. Use your new powers wisely.</b>
</p>
<p>
Of course, this is just one way in which you can install the Freedombone system. If you have a single board computer (SBC) such as a BeagleBone Black or OLinuxino you can make disk images for those too. You can even create clearnet sites if you have your own domain name. ARM boards with closed proprietary boot blobs are not supported. For more details run:
</p>
<div class="org-src-container">
<pre class="src src-bash">man freedombone-image
</pre>
</div>
</div>
<div id="postamble" class="status">
<style type="text/css">
.back-to-top {
position: fixed;
bottom: 2em;
right: 0px;
text-decoration: none;
color: #000000;
background-color: rgba(235, 235, 235, 0.80);
font-size: 12px;
padding: 1em;
display: none;
}
.back-to-top:hover {
background-color: rgba(135, 135, 135, 0.50);
}
</style>
<div class="back-to-top">
<a href="#top">Back to top</a> | <a href="mailto:bob@robotics.uk.to">E-mail me</a>
</div>
</div>
</body>
</html>

113
website/EN/index.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:50 -->
<!-- 2016-08-09 Tue 16:18 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -242,96 +242,37 @@ for the JavaScript code in this tag.
</div>
</div>
<center>
<table style="width:50%; border:0">
<tr>
<td><center><a href="variants.html">Variants</a></center></td>
<td><center><a href="installation.html">Install</a></center></td>
<td><center><a href="usage.html">Use</a></center></td>
<td><center><a href="backups.html">Backups</a></center></td>
<td><center><a href="mirrors.html">Mirrors</a></center></td>
</tr>
<tr>
<td><center><a href="code.html">Code</a></center></td>
<td><center><a href="controlpanel.html">Control Panel</a></center></td>
<td><center><a href="related.html">Related</a></center></td>
<td><center><a href="faq.html">F.A.Q.</a></center></td>
<td><center><a href="support.html">Contact/Support</a></center></td>
</tr>
</table>
</center>
<p>
With the right technology the internet can be a space for free expression, exploration, cooperation, learning and fun. A place to connect with others are share experiences. It doesn't have to be a gloomy surveillance prison owned and run by a diabolical synthesis of money-grabbing megacorporations and prurient government spooks brandishing "bulk/general warrants". Freedombone is designed to help you surmount the contemporary digital privacy conundrums and to increase your online autonomy. It's a self-hosted home server configuration which can be installed onto any computer capable of running <a href="https://www.debian.org/">Debian</a>, so if you have an old laptop or netbook which you can leave turned on then you can use Freedombone to provide your own internet services, such as blogging, wiki, email, chat and social networking and have independence from the well known internet companies.
</p>
<center>
<b>Four Scenarios</b>
<table style="width:95%; border:0">
<tr>
<td><center><h6>Home server</h6>Plugged into your home wifi router. Add a few friends and family as users</center></td>
<td><center><h6>Home server + Hotspot</h6>Also provides a wifi hotspot to extend your home network</center></td>
<td><center><h6>Server in your pocket</h6>Roaming wireless server with services accessible via onion addresses</center></td>
<td><center><h6>Mesh node</h6>Dynamic networks which don't depend on the conventional internet. Distributed, scalable and fully encrypted</center></td>
</tr>
<tr>
</tr>
</table>
</center>
<p>
This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of <a href="https://www.youtube.com/watch?v=XZmGGAbHqa0">titanic server warehouses</a> owned by a tiny number of individuals and it's what is sometimes refered to as <a href="https://mediagoblin.org/news/userops.html">"userops"</a> - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
</p>
<p>
With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "<i>no reasonable expectation of privacy</i>" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it.
</p>
<blockquote>
<p>
"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we dont control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." &#x2013; Lucas Nussbaum
</p>
</blockquote>
<p>
Today everyone is concerned about privacy on the internet. Wanting privacy doesn't necessarily mean you have "something to hide". It just means having the ability to choose <i>what information to share, with whom and under what conditions</i> and therefore being able to shape your own life story. The loss of ability to choose via the "involuntary sharing" which many people experience when using communications systems built by the well known internet companies, means that you're no longer really running your own affairs and that others may begin to exert an improper amount of influence over you. Mass surveillance is perhaps the ultimate in involuntary sharing and it's only through the use of freedom respecting software together with a solid determination to overcome state and corporate abuses of technology that we can hope to get to the kind of internet in which respect for human dignity is built in as a core feature.
</p>
<div class="org-center">
<div class="figure">
<p><img src="images/nocloud.png" alt="nocloud.png" />
</p>
</div>
</div>
<p>
Another problem is the precariousness of the terms of service. Except in rare cases such terms are not easy to read, so many people end up clicking through terms which if explained more clearly they would never agree to. Over the past decade many internet users have had the unpleasant experience of having their blogs, videos or other web content inexplicably removed, typically due to some ill-defined terms of service violation or a false accusation of copyright infringement. There have been valiant attempts to improve the readability of terms of service documents, using icons or clearer language, and to generate a sort of marketplace in which people would choose what web systems they use based on the terms documents - to make the privacy/autonomy bargaining more explicit. These efforts were well-intentioned, but have conclusively failed. Even in the best case, that approach doesn't take into account the coercive network effects or large web systems.
</p>
<p>
You can bypass all of these dilemmas and take back ownership of your internet content with Freedombone. Originally based upon the Beaglebone Black, Freedombone is a small and cheap home server which enables you to use email, have your own web site and do social networking without any built-in spying and without having to agree to any legal terms of service other than those of your ISP. It provides independence and security in an era where those things are in short supply.
</p>
<blockquote>
<p>
"The deepest problem is that the system architecture that has evolved in recent years holds masses of information on many people with no intelligence value, but with vast potential for political abuse." &#x2013; Ross Anderson
</p>
</blockquote>
<p>
Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for <i>all kinds of nefariousness</i> and in any future wars they're bound to be amongst the first facilities to receive the "<i>shock and awe</i>" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
</p>
<p>
An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "<i>bulk intercept</i>" or "<i>warrantless wiretapping</i>". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by <a href="https://bettercrypto.org/">bettercrypto.org</a> . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively <a href="https://en.wikipedia.org/wiki/Free_software">free software</a> is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
</p>
<div class="org-center">
<p>
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
</p>
</div>
<p>
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
</p>
<p>
Want to make a community mesh network which doesn't depend upon the internet? You can do that too.
</p>
<p>
But how?
</p>
<ul class="org-ul">
<li><a href="./homeserver.html">To make a home server</a></li>
<li><a href="./mesh.html">To make a mesh network</a></li>
</ul>
<p>
After installation it's possible that you might want some advice on how to run your server and set up apps to work nicely with it.
</p>
<ul class="org-ul">
<li><a href="./usage.html">General usage</a></li>
<li><a href="./faq.html">Frequently Asked Questions</a></li>
</ul>
</div>
<div id="postamble" class="status">

364
website/EN/mesh.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:50 -->
<!-- 2016-08-09 Tue 16:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -242,391 +242,101 @@ for the JavaScript code in this tag.
</div>
</div>
<center>
<h1>Mesh Network</h1>
</center>
<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">
<colgroup>
<col class="org-left" />
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#orgb58230b">What is a mesh network?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org63d1e2d">The Freedombone Mesh</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgeed93d2">Installation</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org6cf0cea">Wifi adaptors</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orga905ad2">Using the mesh</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org1e64c42">Further reading</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-orgb58230b" class="outline-2">
<h2 id="orgb58230b">What is a mesh network?</h2>
<div class="outline-text-2" id="text-orgb58230b">
<div class="org-center">
<p>
The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
</p>
<p>
The client/server and mesh network models have advantages and disadvantages. If the server in a client/server system fails then you can have catastrophic service outages which affect many users. If a peer in a mesh network fails then the other peers may be mostly unaffected and communications can continue. The disadvantage of mesh networks is that each peer relays data for other peers and so the bandwidth usage by each peer may be higher than for a client in a client/server system. However, with modern hardware that's not much of an issue.
</p>
<p>
Mesh networks are useful for building local and highly resillient communications infrastructure which can be put together rapidly, in situations where the ordinary internet is either unavailable or untrustworthy.
</p>
<p>
Example use cases would be:
</p>
<ul class="org-ul">
<li>Conferences / Exhibitions</li>
<li>Local community networks, not run by telcos or ISPs</li>
<li>Emergency services / Disaster relief</li>
<li>Camp sites</li>
<li>War zones</li>
<li>Scientific expeditions to remote areas</li>
<li>Onboard smaller ships without satellite internet, captain/crew communications</li>
<li>Underground (mines or caves)</li>
<li>Protests / Occupations of buildings</li>
<li>Eventually in space for manned missions to other planets, moons or asteroids</li>
</ul>
</div>
</div>
<div id="outline-container-org63d1e2d" class="outline-2">
<h2 id="org63d1e2d">The Freedombone Mesh</h2>
<div class="outline-text-2" id="text-org63d1e2d">
<p>
The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
</p>
</div>
</div>
<div id="outline-container-orgeed93d2" class="outline-2">
<h2 id="orgeed93d2">Installation</h2>
<div class="outline-text-2" id="text-orgeed93d2">
</div><div id="outline-container-org17d2702" class="outline-3">
<h3 id="org17d2702">Two types of system</h3>
<div class="outline-text-3" id="text-org17d2702">
<p>
Installation is split into two categories, <i>routers</i> and <i>user devices</i>.
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, scientific expeditions and off-world space colonies. All the cool stuff. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
</p>
<p>
A router is a computer which is dedicated to moving network traffic and building out the mesh infrastructure. It's not primarily intended to have a user interface. Hardware such as the Beaglebone Black is ideal for this, because it's small, inexpensive and doesn't consume much electrical power and so can be fitted in any location where an electricity supply is available.
</p>
<p>
Small computers acting as mesh routers can also be battery operated or solar powered so that the network need not be statically sited. They could be included in a backpack for camping, fitted within moving vehicles, strapped to protest placards or attached to <a href="https://www.youtube.com/watch?v=Wwsy9MThwns">large tethered helium balloons</a> (like weather balloons) to help provide a local and transient communications system.
</p>
<p>
<i>User devices</i> are the computers with which you would typically access the internet - laptops, desktop machines, netbooks or any other device which can run a Debian-based distro (eg. Ubuntu) with a working wifi connection.
</p>
</div>
</div>
<div id="outline-container-org437bcfa" class="outline-3">
<h3 id="org437bcfa">Installing on routers</h3>
<div class="outline-text-3" id="text-org437bcfa">
<p>
Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
</p>
<p>
Some recommended hardware:
</p>
<ul class="org-ul">
<li>Beaglebone Black</li>
<li>5V power supply</li>
<li>Ethernet cable (for installation of the software)</li>
<li>8GB microSD card, or larger</li>
<li>Wireless N USB Adapter TPE-N150USB</li>
</ul>
<p>
If you are using the Beaglebone Black then you'll need to install the Debian image to the microSD card. You can find details of how to do that <a href="./installation.html">here</a>.
</p>
<p>
Connect your system to your internet router with an ethernet cable, then ssh into it and type:
First you will need to create an image.
</p>
<div class="org-src-container">
<pre class="src src-bash">su
apt-get update
apt-get install git build-essential dialog
<pre class="src src-bash">sudo su
apt-get -y install build-essential git python-docutils mktorrent <span class="org-sh-escaped-newline">\</span>
vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info <span class="org-sh-escaped-newline">\</span>
mbr qemu-user-static binfmt-support u-boot-tools qemu
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
git checkout stockholm
make install
freedombone-image -t i386 -v meshclient
</pre>
</div>
<p>
At this point if you are using a system or dongle with an Atheros AR9271 wifi chipset then you may want to install some pre-compiled firmware (you can compile it from source, but it takes a long time - especially on the Beaglebone Black). If you need to do that then see the wifi adaptor notes below.
</p>
<p>
Then to begin the install:
If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is <b>NOT RECOMMENDED</b> because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
</p>
<div class="org-src-container">
<pre class="src src-bash">freedombone menuconfig
<pre class="src src-bash">freedombone-image -t i386 -v meshclient --insecure yes
</pre>
</div>
<p>
Select the "<i>mesh (router)</i>" install variant, give an ESSID or just hit enter for the default. If discression is important then use an ESSID similar to those already in the area. The ESSID must be the same on every mesh peer. Assign this mesh peer a name. In order to avoid confusions it's important that the name should be unique on the network and contain no spaces. So maybe a word followed by some numbers, or the name of the place where the router will be installed.
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
</p>
<p>
If you're installing on a Beaglebone Black then after a while the system will reboot and you will need to ssh in again and run:
List what drives are on your system with:
</p>
<div class="org-src-container">
<pre class="src src-bash"><span class="org-builtin">cd</span> freedombone
freedombone -c freedombone.cfg
<pre class="src src-bash">ls /dev/sd*
</pre>
</div>
<p>
The reboot is needed in order to enable zram and the hardware random number generator.
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
</p>
</div>
</div>
<div id="outline-container-orgf341f46" class="outline-3">
<h3 id="orgf341f46">Installing on user devices</h3>
<div class="outline-text-3" id="text-orgf341f46">
<p>
Typically on a laptop with a Debian-based distro installed, open a terminal and type:
You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the identifier of the USB thumb drive. Don't include any numbers (so for example use <b>sdc</b> instead of <b>sdc1</b>).
</p>
<div class="org-src-container">
<pre class="src src-bash">sudo apt-get update
sudo apt-get install git build-essential dialog
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
sudo make install
freedombone menuconfig
<pre class="src src-bash">dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
</pre>
</div>
<p>
Select the "<i>mesh (user device)</i>" variant and set the same ESSID as you did for the routers, or just hit enter for the default.
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
</p>
<p>
An important point is that on older Debian-based systems, such as Ubuntu 14.04 or Trisquel 7, you may need to install a more recent version of <i>batctl</i>. An example is as follows.
On first boot you'll be asked to set a username, and then you can open the chat client and select the <b>users</b> icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
</p>
<p>
Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
</p>
<p>
No logs, no masters.
</p>
<p>
You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
</p>
<div class="org-src-container">
<pre class="src src-bash">sudo apt-get remove --purge batctl
wget http://mirrors.kernel.org/ubuntu/pool/universe/b/batctl/batctl_2014.1.0-2_amd64.deb
sudo dpkg -i batctl_2014.1.0-2_amd64.deb
</pre>
</div>
</div>
</div>
</div>
<div id="outline-container-org6cf0cea" class="outline-2">
<h2 id="org6cf0cea">Wifi adaptors</h2>
<div class="outline-text-2" id="text-org6cf0cea">
<p>
There are a small number of wifi adaptors which are compatible with a fully free software stack.
</p>
</div>
<div id="outline-container-org9b951f8" class="outline-3">
<h3 id="org9b951f8">Atheros AR9271</h3>
<div class="outline-text-3" id="text-org9b951f8">
<p>
To install the firmware for this:
</p>
<div class="org-src-container">
<pre class="src src-bash"><span class="org-builtin">cd</span> freedombone/drivers
sha256sum ath9k_htc_driver_bbb.tar.gz
7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1
tar -xvzf ath9k_htc_driver_bbb.tar.gz
mv *.fw /lib/firmware
<span class="org-builtin">cd</span> ..
</pre>
</div>
</div>
</div>
</div>
<div id="outline-container-orga905ad2" class="outline-2">
<h2 id="orga905ad2">Using the mesh</h2>
<div class="outline-text-2" id="text-orga905ad2">
<p>
The following sections only apply to <i>client devices</i>. Mesh <i>routers</i> are only for routing network traffic and operating <a href="https://en.wikipedia.org/wiki/BitTorrent_tracker">trackers</a> and <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed hash tables</a> for bootstrapping purposes.
</p>
</div>
<div id="outline-container-org06320ae" class="outline-3">
<h3 id="org06320ae">Switching from internet to mesh mode</h3>
<div class="outline-text-3" id="text-org06320ae">
<p>
To join the mesh network open a terminal and type:
</p>
<div class="org-src-container">
<pre class="src src-bash">meshweb
<pre class="src src-bash">freedombone-image -t beaglebone -v mesh
</pre>
</div>
<p>
If you want to have your system as a permanent mesh peer then you could add that command to your startup applications so that it activates whenever the computer starts up.
The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
</p>
<p>
A web page should appear in your browser, which then allows you to access communication services on the mesh. These pages should update automatically, so that if peers enter or leave the network the lists will change accordingly.
</p>
<p>
If for any reason things don't seem to be updating you can force an update by issuing the command:
</p>
<div class="org-src-container">
<pre class="src src-bash">zeronetavahi
</pre>
</div>
</div>
</div>
<div id="outline-container-org0086623" class="outline-3">
<h3 id="org0086623">Chat</h3>
<div class="outline-text-3" id="text-org0086623">
<p>
If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The <a href="https://github.com/Tox/toxic">Toxic</a> client is installed by default, but you may also want to install <a href="https://github.com/tux3/qTox">qTox</a> for a more conventional-looking user experience.
</p>
<p>
You can obtain Tox IDs for users on the network via the initial web page.
</p>
<p>
To launch the <a href="https://github.com/Tox/toxic">Toxic client</a> in a terminal type:
</p>
<div class="org-src-container">
<pre class="src src-bash">toxic
</pre>
</div>
<p>
The first time you will be asked whether you wish to encrypt the data file used for your settings. Select "no" for this, otherwise the system will not be able to obtain your public key and broadcast it to other peers in the network. Even if you select "yes" the system will still be usable, but it will not be so easy for other peers on the network to find you unless you have previously exchanged your Tox ID via some out-of-band method.
</p>
<p>
Then to add a new friend:
</p>
<div class="org-src-container">
<pre class="src src-bash">/nick mynickname
/add &lt;friend Tox ID&gt;
</pre>
</div>
<p>
Your friend will need to approve the request, and then you can chat via text or voice using <i>CTRL-o</i> and <i>CTRL-p</i> to switch between screens and cursor keys plus Enter to select users.
</p>
<p>
Another thing worth knowing is that if you were already using a Tox client before running the <i>meshweb</i> command then it's a good idea to close and reopen it, so that the list of bootstrap nodes is updated. The same also applies when exiting the mesh and returning to the internet.
</p>
<p>
A note for the security-conscious is that broadcasting Tox IDs via the network (using Avahi) is convenient but not highly secure. An adversary could maybe join the network and create decoy peers to try to disrupt the communications and have messages going to the wrong places. For the best security exchange Tox IDs in advance by some method other than looking them up from the initial mesh web page.
</p>
</div>
</div>
<div id="outline-container-orgebb5514" class="outline-3">
<h3 id="orgebb5514">Blogging</h3>
<div class="outline-text-3" id="text-orgebb5514">
<p>
The Freedombone mesh uses a fully decentralized blogging system called <a href="https://github.com/HelloZeroNet/ZeroBlog">ZeroBlog</a>. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
</p>
<p>
All blogs on the mesh are public, so any user joining the mesh can read any other blog. Network traffic is encrypted between peers, so passive snooping will be hard, and also the integrity of data is checked via certificates so that you can be reasonably confident that nefarious content has not been added or removed from the data stream while in transit through the network.
</p>
<p>
This type of content creation and delivery provides a good template for what the conventional internet should ultimately be like if it is to be robust, trustworthy and resistant to censorship or damage.
</p>
<p>
To add a new blog entry click the <i>new post</i> button, edit the title and content (clicking <i>save</i> at the bottom of the screen after each). Then when you are done click on the <i>publish</i> button at the bottom of the screen. And that's all there is to it.
</p>
</div>
</div>
<div id="outline-container-org7256cbd" class="outline-3">
<h3 id="org7256cbd">Other services</h3>
<div class="outline-text-3" id="text-org7256cbd">
<p>
It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
</p>
</div>
</div>
<div id="outline-container-orgc4e266c" class="outline-3">
<h3 id="orgc4e266c">Turning off the mesh</h3>
<div class="outline-text-3" id="text-orgc4e266c">
<p>
If you wish to return to the internet then open a terminal and type:
</p>
<div class="org-src-container">
<pre class="src src-bash">sudo batman stop
</pre>
</div>
<p>
After a few seconds your usual internet wifi connection should be re-established.
</p>
</div>
</div>
</div>
<div id="outline-container-org1e64c42" class="outline-2">
<h2 id="org1e64c42">Further reading</h2>
<div class="outline-text-2" id="text-org1e64c42">
<p>
For much more extensive details about deploying wireless networks there is an excellent book called <a href="https://wndw.net/">Wireless Networking in the Developing World</a> which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
</p>
<center>
Return to the <a href="index.html">home page</a>
</center>
</div>
</div>
</div>
<div id="postamble" class="status">