free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Skip bad blocks when writing images

This commit is contained in:
Bob Mottram 2018-05-10 11:43:46 +01:00
parent 0949cad2d2
commit fac5859a3b
16 changed files with 186 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/EN/armbian.org
View File

@ -23,7 +23,7 @@ If you have a single board ARM computer which isn't one of the supported ones th
Download the Armbian image for your board. It must be version 9 (Stretch), otherwise it won't work. Extract the image from its archive, then copy it to a microSD card: Download the Armbian image for your board. It must be version 9 (Stretch), otherwise it won't work. Extract the image from its archive, then copy it to a microSD card:
#+begin_src bash #+begin_src bash
sudo dd bs=32M if=[Armbian .img file] of=/dev/sdX conv=fdatasync sudo dd bs=32M if=[Armbian .img file] of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
Where */dev/sdX* is the path for the microSD drive on your system. Where */dev/sdX* is the path for the microSD drive on your system.

2
doc/EN/homeserver.org
View File

@ -70,7 +70,7 @@ You can now copy the image to the USB thumb drive, replacing *sdX* with the iden
#+begin_src bash #+begin_src bash
dd if=/dev/zero of=/dev/sdX bs=32M count=8 dd if=/dev/zero of=/dev/sdX bs=32M count=8
dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick. And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.

2
doc/EN/installation.org
View File

@ -129,7 +129,7 @@ unxz filename.img.xz
Then copy it to a microSD card. Depending on your system you may need an adaptor to be able to do that. Then copy it to a microSD card. Depending on your system you may need an adaptor to be able to do that.
#+BEGIN_SRC bash #+BEGIN_SRC bash
sudo dd bs=32M if=filename.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=filename.img of=/dev/sdX conv=fdatasync,noerror
#+END_SRC #+END_SRC
Where *sdX* is the microSD drive. You can check which drive is the microSD drive using: Where *sdX* is the microSD drive. You can check which drive is the microSD drive using:

8
doc/EN/mesh_images.org
View File

@ -42,7 +42,7 @@ wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz.si
gpg --verify freedombone-meshclient-i386.img.xz.sig gpg --verify freedombone-meshclient-i386.img.xz.sig
unxz freedombone-meshclient-i386.img.xz unxz freedombone-meshclient-i386.img.xz
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8 sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
To get a number of systems onto the mesh repeat the /dd/ command to create however many bootable USB drives you need. To get a number of systems onto the mesh repeat the /dd/ command to create however many bootable USB drives you need.
@ -56,7 +56,7 @@ wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.
gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
unxz freedombone-meshclient-insecure-i386.img.xz unxz freedombone-meshclient-insecure-i386.img.xz
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8 sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
** Router images ** Router images
@ -75,7 +75,7 @@ gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
sha256sum freedombone-mesh_beaglebone-armhf.img.xz sha256sum freedombone-mesh_beaglebone-armhf.img.xz
ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2 ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2
unxz freedombone-mesh_beaglebone-armhf.img.xz unxz freedombone-mesh_beaglebone-armhf.img.xz
sudo dd bs=32M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
If you have a few Beaglebone Blacks to use as routers then repeat the /dd/ command to create however many microSD cards you need. If you have a few Beaglebone Blacks to use as routers then repeat the /dd/ command to create however many microSD cards you need.
@ -120,7 +120,7 @@ You can now copy the image to the USB thumb drive, replacing *sdX* with the iden
#+begin_src bash #+begin_src bash
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8 sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick. And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.

2
doc/EN/release3.org
View File

@ -31,7 +31,7 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden
#+BEGIN_SRC bash #+BEGIN_SRC bash
unxz downloadedimagefile.img.xz unxz downloadedimagefile.img.xz
dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync,noerror
#+END_SRC #+END_SRC
And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store. And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.

2
doc/EN/release31.org
View File

@ -39,7 +39,7 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden
#+BEGIN_SRC bash #+BEGIN_SRC bash
unxz downloadedimagefile.img.xz unxz downloadedimagefile.img.xz
dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync,noerror
#+END_SRC #+END_SRC
And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store. And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.

2
doc/EN/socialinstance.org
View File

@ -32,7 +32,7 @@ wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz.sig
gpg --verify freedombone-pleroma-amd64.img.xz.sig gpg --verify freedombone-pleroma-amd64.img.xz.sig
unxz freedombone-pleroma-amd64.img.xz unxz freedombone-pleroma-amd64.img.xz
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8 sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync sudo dd bs=32M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync,noerror
#+end_src #+end_src
Also note that if the laptop has a removable SSD drive it's possible to copy the image directly to that if you have enough equipment. Also note that if the laptop has a removable SSD drive it's possible to copy the image directly to that if you have enough equipment.

2
src/freedombone-image
View File

@ -719,7 +719,7 @@ if [[ $IMAGE_TYPE != "qemu"* ]]; then
echo '' echo ''
echo " unxz -k ${PROJECT_NAME}*.img.xz" echo " unxz -k ${PROJECT_NAME}*.img.xz"
echo ' sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8' echo ' sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8'
echo " sudo dd bs=32M if=${PROJECT_NAME}*.img of=/dev/sdX conv=fdatasync" echo " sudo dd bs=32M if=${PROJECT_NAME}*.img of=/dev/sdX conv=fdatasync,noerror"
echo '' echo ''
fi fi

4
website/EN/armbian.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 14:58 --> <!-- 2018-05-10 Thu 11:40 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -260,7 +260,7 @@ Download the Armbian image for your board. It must be version 9 (Stretch), other
</p> </p>
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=[Armbian .img file] <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync <pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=[Armbian .img file] <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>

10
website/EN/homeserver.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-24 Tue 18:17 --> <!-- 2018-05-10 Thu 11:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -243,9 +243,9 @@ for the JavaScript code in this tag.
</div> </div>
<div id="outline-container-org3d2bd4a" class="outline-2"> <div id="outline-container-orgae7f865" class="outline-2">
<h2 id="org3d2bd4a">Home Server</h2> <h2 id="orgae7f865">Home Server</h2>
<div class="outline-text-2" id="text-org3d2bd4a"> <div class="outline-text-2" id="text-orgae7f865">
<p> <p>
The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router. The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
</p> </p>
@ -336,7 +336,7 @@ You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8 <pre class="src src-bash">dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8
dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>

124
website/EN/installation.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 14:58 --> <!-- 2018-05-10 Thu 11:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -242,9 +242,9 @@ for the JavaScript code in this tag.
</p> </p>
</div> </div>
<div id="outline-container-orgaaffe7e" class="outline-2"> <div id="outline-container-org0efb25a" class="outline-2">
<h2 id="orgaaffe7e">Installation</h2> <h2 id="org0efb25a">Installation</h2>
<div class="outline-text-2" id="text-orgaaffe7e"> <div class="outline-text-2" id="text-org0efb25a">
<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides"> <table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">
@ -253,11 +253,11 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#org85992f0">Building an image for a Single Board Computer or Virtual Machine</a></td> <td class="org-left"><a href="#org2cd3e1a">Building an image for a Single Board Computer or Virtual Machine</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orga435974">Checklist</a></td> <td class="org-left"><a href="#org5d4ef71">Checklist</a></td>
</tr> </tr>
<tr> <tr>
@ -265,36 +265,36 @@ for the JavaScript code in this tag.
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgaaffe7e">Installation</a></td> <td class="org-left"><a href="#org0efb25a">Installation</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgdbb804d">Social Key Management - the 'Unforgettable Key'</a></td> <td class="org-left"><a href="#orgc0e0af3">Social Key Management - the 'Unforgettable Key'</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgc7f7e79">Final Setup</a></td> <td class="org-left"><a href="#org4972be7">Final Setup</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org5c56524">Keydrives</a></td> <td class="org-left"><a href="#org4d05e8a">Keydrives</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org27e42b6">On Client Machines</a></td> <td class="org-left"><a href="#org98d9c42">On Client Machines</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org24fb926">Administering the system</a></td> <td class="org-left"><a href="#orga8b9ab1">Administering the system</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
</div> </div>
<div id="outline-container-org85992f0" class="outline-2"> <div id="outline-container-org2cd3e1a" class="outline-2">
<h2 id="org85992f0">Building an image for a Single Board Computer or Virtual Machine</h2> <h2 id="org2cd3e1a">Building an image for a Single Board Computer or Virtual Machine</h2>
<div class="outline-text-2" id="text-org85992f0"> <div class="outline-text-2" id="text-org2cd3e1a">
<p> <p>
You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command. You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command.
</p> </p>
@ -372,9 +372,9 @@ If the image build fails with an error such as "<i>Error reading from server. Re
</div> </div>
</div> </div>
<div id="outline-container-orga435974" class="outline-2"> <div id="outline-container-org5d4ef71" class="outline-2">
<h2 id="orga435974">Checklist</h2> <h2 id="org5d4ef71">Checklist</h2>
<div class="outline-text-2" id="text-orga435974"> <div class="outline-text-2" id="text-org5d4ef71">
<p> <p>
Before installing Freedombone you will need a few things. Before installing Freedombone you will need a few things.
</p> </p>
@ -388,17 +388,17 @@ Before installing Freedombone you will need a few things.
</ul> </ul>
</div> </div>
</div> </div>
<div id="outline-container-org81afcd3" class="outline-2"> <div id="outline-container-org648a2ec" class="outline-2">
<h2 id="org81afcd3">Installation</h2> <h2 id="org648a2ec">Installation</h2>
<div class="outline-text-2" id="text-org81afcd3"> <div class="outline-text-2" id="text-org648a2ec">
<p> <p>
There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine. There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
</p> </p>
</div> </div>
<div id="outline-container-org8cf2237" class="outline-3"> <div id="outline-container-orgeabe1ff" class="outline-3">
<h3 id="org8cf2237">On a Laptop, Netbook or Desktop machine</h3> <h3 id="orgeabe1ff">On a Laptop, Netbook or Desktop machine</h3>
<div class="outline-text-3" id="text-org8cf2237"> <div class="outline-text-3" id="text-orgeabe1ff">
<p> <p>
If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands: If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
</p> </p>
@ -417,9 +417,9 @@ freedombone menuconfig
</div> </div>
</div> </div>
<div id="outline-container-orge5e5408" class="outline-3"> <div id="outline-container-org2277749" class="outline-3">
<h3 id="orge5e5408">On a single board computer (SBC)</h3> <h3 id="org2277749">On a single board computer (SBC)</h3>
<div class="outline-text-3" id="text-orge5e5408"> <div class="outline-text-3" id="text-org2277749">
<p> <p>
Currently the following boards are supported: Currently the following boards are supported:
</p> </p>
@ -466,7 +466,7 @@ Then copy it to a microSD card. Depending on your system you may need an adaptor
</p> </p>
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=filename.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync <pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=filename.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -498,9 +498,9 @@ Using the password 'freedombone'. Take a note of the new login password and then
</div> </div>
</div> </div>
<div id="outline-container-org9ae9946" class="outline-3"> <div id="outline-container-orgef276e5" class="outline-3">
<h3 id="org9ae9946">As a Virtual Machine</h3> <h3 id="orgef276e5">As a Virtual Machine</h3>
<div class="outline-text-3" id="text-org9ae9946"> <div class="outline-text-3" id="text-orgef276e5">
<p> <p>
Qemu is currently supported, since it's s fully free software system. You can run a 64 bit Qemu image with: Qemu is currently supported, since it's s fully free software system. You can run a 64 bit Qemu image with:
</p> </p>
@ -517,42 +517,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
</div> </div>
</div> </div>
<div id="outline-container-orgdbb804d" class="outline-2"> <div id="outline-container-orgc0e0af3" class="outline-2">
<h2 id="orgdbb804d">Social Key Management - the 'Unforgettable Key'</h2> <h2 id="orgc0e0af3">Social Key Management - the 'Unforgettable Key'</h2>
<div class="outline-text-2" id="text-orgdbb804d"> <div class="outline-text-2" id="text-orgc0e0af3">
<p> <p>
During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
</p> </p>
</div> </div>
<div id="outline-container-orgea070ec" class="outline-3"> <div id="outline-container-orgff8e6b8" class="outline-3">
<h3 id="orgea070ec">You have the gnupg keyring on an encrypted USB drive</h3> <h3 id="orgff8e6b8">You have the gnupg keyring on an encrypted USB drive</h3>
<div class="outline-text-3" id="text-orgea070ec"> <div class="outline-text-3" id="text-orgff8e6b8">
<p> <p>
If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments. If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org08d572c" class="outline-3"> <div id="outline-container-orgbc0b5a6" class="outline-3">
<h3 id="org08d572c">You have a number of key fragments on USB drives retrieved from friends</h3> <h3 id="orgbc0b5a6">You have a number of key fragments on USB drives retrieved from friends</h3>
<div class="outline-text-3" id="text-org08d572c"> <div class="outline-text-3" id="text-orgbc0b5a6">
<p> <p>
If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org5c56524">Keydrives</a>. If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org4d05e8a">Keydrives</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgf13618c" class="outline-3"> <div id="outline-container-org9e2a636" class="outline-3">
<h3 id="orgf13618c">You can specify some ssh login details for friends servers containing key fragments</h3> <h3 id="org9e2a636">You can specify some ssh login details for friends servers containing key fragments</h3>
<div class="outline-text-3" id="text-orgf13618c"> <div class="outline-text-3" id="text-org9e2a636">
<p> <p>
Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled. Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
</p> </p>
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgc7f7e79" class="outline-2"> <div id="outline-container-org4972be7" class="outline-2">
<h2 id="orgc7f7e79">Final Setup</h2> <h2 id="org4972be7">Final Setup</h2>
<div class="outline-text-2" id="text-orgc7f7e79"> <div class="outline-text-2" id="text-org4972be7">
<p> <p>
Any manual post-installation setup instructions or passwords can be found in /home/username/README. Any manual post-installation setup instructions or passwords can be found in /home/username/README.
</p> </p>
@ -670,16 +670,16 @@ On your internet router, typically under firewall settings, open the following p
</div> </div>
</div> </div>
<div id="outline-container-org5c56524" class="outline-2"> <div id="outline-container-org4d05e8a" class="outline-2">
<h2 id="org5c56524">Keydrives</h2> <h2 id="org4d05e8a">Keydrives</h2>
<div class="outline-text-2" id="text-org5c56524"> <div class="outline-text-2" id="text-org4d05e8a">
<p> <p>
After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this: After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
</p> </p>
</div> </div>
<div id="outline-container-orga8df9a9" class="outline-3"> <div id="outline-container-orgb0f3640" class="outline-3">
<h3 id="orga8df9a9">Master Keydrive</h3> <h3 id="orgb0f3640">Master Keydrive</h3>
<div class="outline-text-3" id="text-orga8df9a9"> <div class="outline-text-3" id="text-orgb0f3640">
<p> <p>
This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run: This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run:
</p> </p>
@ -694,9 +694,9 @@ Select <i>Administrator controls</i> then <i>Backup and Restore</i> then <i>Back
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgfbd6e5b" class="outline-3"> <div id="outline-container-orgf3d73dc" class="outline-3">
<h3 id="orgfbd6e5b">Fragment keydrives</h3> <h3 id="orgf3d73dc">Fragment keydrives</h3>
<div class="outline-text-3" id="text-orgfbd6e5b"> <div class="outline-text-3" id="text-orgf3d73dc">
<p> <p>
This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands: This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands:
</p> </p>
@ -716,9 +716,9 @@ Fragments are randomly assigned and so you will need at least three or four keyd
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org27e42b6" class="outline-2"> <div id="outline-container-org98d9c42" class="outline-2">
<h2 id="org27e42b6">On Client Machines</h2> <h2 id="org98d9c42">On Client Machines</h2>
<div class="outline-text-2" id="text-org27e42b6"> <div class="outline-text-2" id="text-org98d9c42">
<p> <p>
You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security. You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
</p> </p>
@ -736,9 +736,9 @@ freedombone-client
</div> </div>
</div> </div>
<div id="outline-container-org24fb926" class="outline-2"> <div id="outline-container-orga8b9ab1" class="outline-2">
<h2 id="org24fb926">Administering the system</h2> <h2 id="orga8b9ab1">Administering the system</h2>
<div class="outline-text-2" id="text-org24fb926"> <div class="outline-text-2" id="text-orga8b9ab1">
<p> <p>
To administer the system after installation log in via ssh, become the root user and then launch the control panel. To administer the system after installation log in via ssh, become the root user and then launch the control panel.
</p> </p>

50
website/EN/mesh_images.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 14:59 --> <!-- 2018-05-10 Thu 11:42 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -242,17 +242,17 @@ for the JavaScript code in this tag.
</p> </p>
</div> </div>
<div id="outline-container-org86cebe1" class="outline-2"> <div id="outline-container-org88941bb" class="outline-2">
<h2 id="org86cebe1">Mesh Network: Images</h2> <h2 id="org88941bb">Mesh Network: Images</h2>
</div> </div>
<div id="outline-container-org144a10d" class="outline-2"> <div id="outline-container-org34ed0e9" class="outline-2">
<h2 id="org144a10d">Pre-built Disk Images</h2> <h2 id="org34ed0e9">Pre-built Disk Images</h2>
<div class="outline-text-2" id="text-org144a10d"> <div class="outline-text-2" id="text-org34ed0e9">
</div> </div>
<div id="outline-container-org4231464" class="outline-3"> <div id="outline-container-orga324d59" class="outline-3">
<h3 id="org4231464">Writing many images quickly</h3> <h3 id="orga324d59">Writing many images quickly</h3>
<div class="outline-text-3" id="text-org4231464"> <div class="outline-text-3" id="text-orga324d59">
<p> <p>
There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the <b>dd</b> command is used for writing to the target drive, but to write to multiple drives you can use a tool such as <a href="https://wiki.gnome.org/Apps/MultiWriter">GNOME MultiWriter</a>. There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the <b>dd</b> command is used for writing to the target drive, but to write to multiple drives you can use a tool such as <a href="https://wiki.gnome.org/Apps/MultiWriter">GNOME MultiWriter</a>.
</p> </p>
@ -280,9 +280,9 @@ The MultiWriter tool is also available within mesh client images, so that you ca
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org47d0e94" class="outline-3"> <div id="outline-container-org9b92baa" class="outline-3">
<h3 id="org47d0e94">Client images</h3> <h3 id="org9b92baa">Client images</h3>
<div class="outline-text-3" id="text-org47d0e94"> <div class="outline-text-3" id="text-org9b92baa">
<div class="figure"> <div class="figure">
<p><img src="images/mesh_netbook.jpg" alt="mesh_netbook.jpg" width="100%" align="center" /> <p><img src="images/mesh_netbook.jpg" alt="mesh_netbook.jpg" width="100%" align="center" />
@ -300,7 +300,7 @@ wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz.si
gpg --verify freedombone-meshclient-i386.img.xz.sig gpg --verify freedombone-meshclient-i386.img.xz.sig
unxz freedombone-meshclient-i386.img.xz unxz freedombone-meshclient-i386.img.xz
sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8 sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8
sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-meshclient-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-meshclient-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -319,22 +319,22 @@ wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.
gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
unxz freedombone-meshclient-insecure-i386.img.xz unxz freedombone-meshclient-insecure-i386.img.xz
sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8 sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8
sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-meshclient-insecure-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-meshclient-insecure-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orge2c765f" class="outline-3"> <div id="outline-container-org792d65a" class="outline-3">
<h3 id="orge2c765f">Router images</h3> <h3 id="org792d65a">Router images</h3>
<div class="outline-text-3" id="text-orge2c765f"> <div class="outline-text-3" id="text-org792d65a">
<p> <p>
Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do. Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
</p> </p>
</div> </div>
<div id="outline-container-org0194fde" class="outline-4"> <div id="outline-container-orgf97e65d" class="outline-4">
<h4 id="org0194fde">Beaglebone Black</h4> <h4 id="orgf97e65d">Beaglebone Black</h4>
<div class="outline-text-4" id="text-org0194fde"> <div class="outline-text-4" id="text-orgf97e65d">
<div class="figure"> <div class="figure">
<p><img src="images/mesh_router.jpg" alt="mesh_router.jpg" width="50%" align="center" /> <p><img src="images/mesh_router.jpg" alt="mesh_router.jpg" width="50%" align="center" />
@ -353,7 +353,7 @@ gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
sha256sum freedombone-mesh_beaglebone-armhf.img.xz sha256sum freedombone-mesh_beaglebone-armhf.img.xz
ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2 ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2
unxz freedombone-mesh_beaglebone-armhf.img.xz unxz freedombone-mesh_beaglebone-armhf.img.xz
sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-mesh_beaglebone-armhf.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-mesh_beaglebone-armhf.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -369,9 +369,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
</div> </div>
</div> </div>
<div id="outline-container-orgfcd1440" class="outline-2"> <div id="outline-container-org6e61f7f" class="outline-2">
<h2 id="orgfcd1440">Building Disk Images</h2> <h2 id="org6e61f7f">Building Disk Images</h2>
<div class="outline-text-2" id="text-orgfcd1440"> <div class="outline-text-2" id="text-org6e61f7f">
<p> <p>
It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it. It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
</p> </p>
@ -426,7 +426,7 @@ You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8 <pre class="src src-bash">sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8
sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>

64
website/EN/mobile.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-24 Tue 16:29 --> <!-- 2018-05-06 Sun 12:52 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -246,9 +246,9 @@ for the JavaScript code in this tag.
Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone. Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone.
</p> </p>
<div id="outline-container-orgc9f2368" class="outline-2"> <div id="outline-container-org9dc2155" class="outline-2">
<h2 id="orgc9f2368">Open</h2> <h2 id="org9dc2155">Open</h2>
<div class="outline-text-2" id="text-orgc9f2368"> <div class="outline-text-2" id="text-org9dc2155">
<p> <p>
Use a Linux based phone operating system. Typically this will mean Android, but could also mean LineageOS or Replicant. LineageOS is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by LineageOS. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one. Use a Linux based phone operating system. Typically this will mean Android, but could also mean LineageOS or Replicant. LineageOS is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by LineageOS. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
</p> </p>
@ -263,27 +263,27 @@ In the end it comes down to the fact that <i>if the source code for the device c
</div> </div>
</div> </div>
<div id="outline-container-org1da5240" class="outline-2"> <div id="outline-container-org7c6d63e" class="outline-2">
<h2 id="org1da5240">Remove</h2> <h2 id="org7c6d63e">Remove</h2>
<div class="outline-text-2" id="text-org1da5240"> <div class="outline-text-2" id="text-org7c6d63e">
<p> <p>
So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of <i>surveillance capital</i>. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge. So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of <i>surveillance capital</i>. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orge6cd0f0" class="outline-2"> <div id="outline-container-orgab4c572" class="outline-2">
<h2 id="orge6cd0f0">Encrypt</h2> <h2 id="orgab4c572">Encrypt</h2>
<div class="outline-text-2" id="text-orge6cd0f0"> <div class="outline-text-2" id="text-orgab4c572">
<p> <p>
Encrypt your phone. This can usually be done via <b>Settings/Security</b> and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on. Encrypt your phone. This can usually be done via <b>Settings/Security</b> and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org149be87" class="outline-2"> <div id="outline-container-orgdfcb9ed" class="outline-2">
<h2 id="org149be87">Apps</h2> <h2 id="orgdfcb9ed">Apps</h2>
<div class="outline-text-2" id="text-org149be87"> <div class="outline-text-2" id="text-orgdfcb9ed">
<p> <p>
Installing <b>F-droid</b> and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls. Installing <b>F-droid</b> and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
</p> </p>
@ -294,18 +294,18 @@ Avoid using the Open Whisper Systems Signal app if you can, no matter what "expe
</div> </div>
</div> </div>
<div id="outline-container-orgd1ea4fa" class="outline-2"> <div id="outline-container-orgb5c91b6" class="outline-2">
<h2 id="orgd1ea4fa">Lock</h2> <h2 id="orgb5c91b6">Lock</h2>
<div class="outline-text-2" id="text-orgd1ea4fa"> <div class="outline-text-2" id="text-orgb5c91b6">
<p> <p>
Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called <b>Locker</b>, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data. Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called <b>Locker</b>, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org98e33e6" class="outline-2"> <div id="outline-container-org5f95f04" class="outline-2">
<h2 id="org98e33e6">Onion</h2> <h2 id="org5f95f04">Onion</h2>
<div class="outline-text-2" id="text-org98e33e6"> <div class="outline-text-2" id="text-org5f95f04">
<p> <p>
Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not <i>theoretically</i> impossible but at least <i>very hard</i> for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read. Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not <i>theoretically</i> impossible but at least <i>very hard</i> for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read.
</p> </p>
@ -316,26 +316,26 @@ In F-droid under the <b>repositories</b> menu you can enable the <b>guardian pro
</div> </div>
</div> </div>
<div id="outline-container-org0b855a4" class="outline-2"> <div id="outline-container-orge1a5092" class="outline-2">
<h2 id="org0b855a4">Email</h2> <h2 id="orge1a5092">Email</h2>
<div class="outline-text-2" id="text-org0b855a4"> <div class="outline-text-2" id="text-orge1a5092">
<p> <p>
The easiest way to access email is by installing the <a href="./app_mailpile.html">Mailpile</a> app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky. The easiest way to access email is by installing the <a href="./app_mailpile.html">Mailpile</a> app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org4eecc0f" class="outline-2"> <div id="outline-container-org0baa293" class="outline-2">
<h2 id="org4eecc0f">Services</h2> <h2 id="org0baa293">Services</h2>
<div class="outline-text-2" id="text-org4eecc0f"> <div class="outline-text-2" id="text-org0baa293">
<p> <p>
For information on configuring various apps to work with Freedombone see the <a href="./apps.html">apps section</a>. Also see advice on chat apps in the <a href="./faq.html">FAQ</a>. For information on configuring various apps to work with Freedombone see the <a href="./apps.html">apps section</a>. Also see advice on chat apps in the <a href="./faq.html">FAQ</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org0f96cf1" class="outline-2"> <div id="outline-container-org1db3043" class="outline-2">
<h2 id="org0f96cf1">Battery</h2> <h2 id="org1db3043">Battery</h2>
<div class="outline-text-2" id="text-org0f96cf1"> <div class="outline-text-2" id="text-org1db3043">
<p> <p>
Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app. Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
</p> </p>
@ -354,9 +354,9 @@ It's also recommended to disable battery optimisations for Conversations and Orb
</div> </div>
</div> </div>
<div id="outline-container-orgb6d0da7" class="outline-2"> <div id="outline-container-org9f7fc2d" class="outline-2">
<h2 id="orgb6d0da7">Blocking bad domains</h2> <h2 id="org9f7fc2d">Blocking bad domains</h2>
<div class="outline-text-2" id="text-orgb6d0da7"> <div class="outline-text-2" id="text-org9f7fc2d">
<p> <p>
You can block known bad domains by editing the <b>/system/etc/hosts</b> file on your device. It is possible to use extensive ad-blocking hosts files used by other ad-blocking systems such as pi-hole, but merely blocking Facebook and Google Analytics will protect you against much of the corporate surveillance which goes on. Even if you don't have a Facebook account this may still be useful since they will still try to create a "ghost profile" of you, so the less data they have the better. You can block known bad domains by editing the <b>/system/etc/hosts</b> file on your device. It is possible to use extensive ad-blocking hosts files used by other ad-blocking systems such as pi-hole, but merely blocking Facebook and Google Analytics will protect you against much of the corporate surveillance which goes on. Even if you don't have a Facebook account this may still be useful since they will still try to create a "ghost profile" of you, so the less data they have the better.
</p> </p>
@ -410,6 +410,8 @@ Now edit the hosts file which was pulled and append:
127.0.0.1 www.google-analytics.com 127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com 127.0.0.1 google-analytics.com
127.0.0.1 ssl.google-analytics.com 127.0.0.1 ssl.google-analytics.com
127.0.0.1 telemetry.mozilla.org
127.0.0.1 incoming.telemetry.mozilla.org
</pre> </pre>
</div> </div>

22
website/EN/release3.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 14:59 --> <!-- 2018-05-10 Thu 11:42 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -242,9 +242,9 @@ for the JavaScript code in this tag.
</p> </p>
</div> </div>
<div id="outline-container-org9121f8f" class="outline-2"> <div id="outline-container-org2899a71" class="outline-2">
<h2 id="org9121f8f">Building an internet run by the users, for the users</h2> <h2 id="org2899a71">Building an internet run by the users, for the users</h2>
<div class="outline-text-2" id="text-org9121f8f"> <div class="outline-text-2" id="text-org2899a71">
<p> <p>
The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries. The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries.
</p> </p>
@ -265,9 +265,9 @@ Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 20
</div> </div>
</div> </div>
<div id="outline-container-org68d06a3" class="outline-2"> <div id="outline-container-org7b166be" class="outline-2">
<h2 id="org68d06a3">Installation</h2> <h2 id="org7b166be">Installation</h2>
<div class="outline-text-2" id="text-org68d06a3"> <div class="outline-text-2" id="text-org7b166be">
<p> <p>
The simplest way to install is from a pre-made disk image. Images can be <a href="https://freedombone.net/downloads/v3">downloaded here</a>. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. The simplest way to install is from a pre-made disk image. Images can be <a href="https://freedombone.net/downloads/v3">downloaded here</a>. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
</p> </p>
@ -278,7 +278,7 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">unxz downloadedimagefile.img.xz <pre class="src src-bash">unxz downloadedimagefile.img.xz
dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=downloadedimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=downloadedimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -323,9 +323,9 @@ More detailed installation instructions are linked from <a href="./index.html">t
</div> </div>
</div> </div>
<div id="outline-container-org976059e" class="outline-2"> <div id="outline-container-org9e708b0" class="outline-2">
<h2 id="org976059e">Upgrading from a previous install</h2> <h2 id="org9e708b0">Upgrading from a previous install</h2>
<div class="outline-text-2" id="text-org976059e"> <div class="outline-text-2" id="text-org9e708b0">
<p> <p>
To upgrade from the Debian Jessie version first create a master keydrive. Go to the <b>Administrator control panel</b> and select <b>Backup and restore</b> then <b>Backup GPG key to USB (master keydrive)</b>. Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting <b>Backup data to USB drive</b> and using another LUKS encrypted USB drive. To upgrade from the Debian Jessie version first create a master keydrive. Go to the <b>Administrator control panel</b> and select <b>Backup and restore</b> then <b>Backup GPG key to USB (master keydrive)</b>. Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting <b>Backup data to USB drive</b> and using another LUKS encrypted USB drive.
</p> </p>

22
website/EN/release31.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 15:00 --> <!-- 2018-05-10 Thu 11:42 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -242,9 +242,9 @@ for the JavaScript code in this tag.
</p> </p>
</div> </div>
<div id="outline-container-org562f1b2" class="outline-2"> <div id="outline-container-orgfdfb344" class="outline-2">
<h2 id="org562f1b2"><b>Version 3.1, 2018-04-15</b></h2> <h2 id="orgfdfb344"><b>Version 3.1, 2018-04-15</b></h2>
<div class="outline-text-2" id="text-org562f1b2"> <div class="outline-text-2" id="text-orgfdfb344">
<p> <p>
Newer and shinier than before, <a href="./index.html">Freedombone</a> 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use <a href="./usage_email.html">email with onion and I2P addresses</a>. New apps are: Newer and shinier than before, <a href="./index.html">Freedombone</a> 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use <a href="./usage_email.html">email with onion and I2P addresses</a>. New apps are:
</p> </p>
@ -281,9 +281,9 @@ The future is decentralized.
</div> </div>
</div> </div>
<div id="outline-container-org0f2b77a" class="outline-2"> <div id="outline-container-orgeaa6884" class="outline-2">
<h2 id="org0f2b77a">Installation</h2> <h2 id="orgeaa6884">Installation</h2>
<div class="outline-text-2" id="text-org0f2b77a"> <div class="outline-text-2" id="text-orgeaa6884">
<p> <p>
The simplest way to install is from a pre-made disk image. Images can be <a href="https://freedombone.net/downloads/v31">downloaded here</a>. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address. The simplest way to install is from a pre-made disk image. Images can be <a href="https://freedombone.net/downloads/v31">downloaded here</a>. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
</p> </p>
@ -294,7 +294,7 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">unxz downloadedimagefile.img.xz <pre class="src src-bash">unxz downloadedimagefile.img.xz
dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=downloadedimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=downloadedimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -339,9 +339,9 @@ More detailed installation instructions are linked from <a href="./installmethod
</div> </div>
</div> </div>
<div id="outline-container-orgf8d3f00" class="outline-2"> <div id="outline-container-org8101180" class="outline-2">
<h2 id="orgf8d3f00">Upgrading from a previous install</h2> <h2 id="org8101180">Upgrading from a previous install</h2>
<div class="outline-text-2" id="text-orgf8d3f00"> <div class="outline-text-2" id="text-org8101180">
<p> <p>
To upgrade from version 3 just go to the <b>administrator control panel</b> and select <b>check for updates</b>. To upgrade from version 3 just go to the <b>administrator control panel</b> and select <b>check for updates</b>.
</p> </p>

52
website/EN/socialinstance.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2018-04-21 Sat 15:00 --> <!-- 2018-05-10 Thu 11:43 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -242,9 +242,9 @@ for the JavaScript code in this tag.
</p> </p>
</div> </div>
<div id="outline-container-org7227583" class="outline-2"> <div id="outline-container-org3ecaca9" class="outline-2">
<h2 id="org7227583">Social Instance</h2> <h2 id="org3ecaca9">Social Instance</h2>
<div class="outline-text-2" id="text-org7227583"> <div class="outline-text-2" id="text-org3ecaca9">
<p> <p>
A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need: A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
</p> </p>
@ -263,9 +263,9 @@ The installation process is the same as usual, with the only difference being th
</div> </div>
</div> </div>
<div id="outline-container-org1d12ef2" class="outline-2"> <div id="outline-container-org9802263" class="outline-2">
<h2 id="org1d12ef2">Copy the image to the USB drive</h2> <h2 id="org9802263">Copy the image to the USB drive</h2>
<div class="outline-text-2" id="text-org1d12ef2"> <div class="outline-text-2" id="text-org9802263">
<p> <p>
Substitute <b>sdX</b> with the device name for your USB drive. Substitute <b>sdX</b> with the device name for your USB drive.
</p> </p>
@ -277,7 +277,7 @@ wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz.sig
gpg --verify freedombone-pleroma-amd64.img.xz.sig gpg --verify freedombone-pleroma-amd64.img.xz.sig
unxz freedombone-pleroma-amd64.img.xz unxz freedombone-pleroma-amd64.img.xz
sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8 sudo dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">count</span>=8
sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-pleroma-amd64.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync sudo dd <span class="org-variable-name">bs</span>=32M <span class="org-variable-name">if</span>=freedombone-pleroma-amd64.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync,noerror
</pre> </pre>
</div> </div>
@ -287,9 +287,9 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the
</div> </div>
</div> </div>
<div id="outline-container-org1acc3f8" class="outline-2"> <div id="outline-container-org20b941f" class="outline-2">
<h2 id="org1acc3f8">Connect the laptop to your internet router</h2> <h2 id="org20b941f">Connect the laptop to your internet router</h2>
<div class="outline-text-2" id="text-org1acc3f8"> <div class="outline-text-2" id="text-org20b941f">
<p> <p>
Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable. Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
</p> </p>
@ -302,9 +302,9 @@ Plug the USB drive into the laptop and connect it to your internet router with t
</div> </div>
</div> </div>
<div id="outline-container-orgc06c32b" class="outline-2"> <div id="outline-container-org7d0a8a8" class="outline-2">
<h2 id="orgc06c32b">Boot the laptop from the USB drive</h2> <h2 id="org7d0a8a8">Boot the laptop from the USB drive</h2>
<div class="outline-text-2" id="text-orgc06c32b"> <div class="outline-text-2" id="text-org7d0a8a8">
<p> <p>
You may need to alter the BIOS settings to get this to work reliably. You may need to alter the BIOS settings to get this to work reliably.
</p> </p>
@ -317,9 +317,9 @@ You may need to alter the BIOS settings to get this to work reliably.
</div> </div>
</div> </div>
<div id="outline-container-orgbe57b0d" class="outline-2"> <div id="outline-container-org0fcdf4a" class="outline-2">
<h2 id="orgbe57b0d">Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop</h2> <h2 id="org0fcdf4a">Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop</h2>
<div class="outline-text-2" id="text-orgbe57b0d"> <div class="outline-text-2" id="text-org0fcdf4a">
<p> <p>
Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings. Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
</p> </p>
@ -332,9 +332,9 @@ Log into your internet router using a non-Tor browser (usually it's on an addres
</div> </div>
</div> </div>
<div id="outline-container-org61c8baa" class="outline-2"> <div id="outline-container-org8e6697d" class="outline-2">
<h2 id="org61c8baa">From another machine ssh into the laptop</h2> <h2 id="org8e6697d">From another machine ssh into the laptop</h2>
<div class="outline-text-2" id="text-org61c8baa"> <div class="outline-text-2" id="text-org8e6697d">
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">ssh fbone@freedombone.local -p 2222 <pre class="src src-bash">ssh fbone@freedombone.local -p 2222
</pre> </pre>
@ -346,18 +346,18 @@ Or alternatively you can log in directly on the laptop. The initial username is
</div> </div>
</div> </div>
<div id="outline-container-orgaaaf930" class="outline-2"> <div id="outline-container-org887dcc4" class="outline-2">
<h2 id="orgaaaf930">Follow the setup procedure</h2> <h2 id="org887dcc4">Follow the setup procedure</h2>
<div class="outline-text-2" id="text-orgaaaf930"> <div class="outline-text-2" id="text-org887dcc4">
<p> <p>
Enter your user details, domain name and dynamic DNS settings. Enter your user details, domain name and dynamic DNS settings.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgbd9fe95" class="outline-2"> <div id="outline-container-org757ee3e" class="outline-2">
<h2 id="orgbd9fe95">When installation is complete</h2> <h2 id="org757ee3e">When installation is complete</h2>
<div class="outline-text-2" id="text-orgbd9fe95"> <div class="outline-text-2" id="text-org757ee3e">
<p> <p>
Navigate to your domain and register a new user. Navigate to your domain and register a new user.
</p> </p>