ArkOS: Building the Anti-Cloud

angry tapir writes "arkOS is a Linux distribution that runs on the Raspberry Pi. It's an initiative of the CitizenWeb Project, which promotes decentralization and democratization of the Internet. arkOS is aiming to aid this effort by making it super-simple for people to host their own email, blogs, storage and other services from their own home, instead of relying on cloud services run by third parties. about the project."

Home servers?

[Professr3]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

Re:Home servers?

[dyingtolive]

Not to mention committing a felony in the process.

That shit is bananas.

Re:Home servers?

[wvmarle]

What felony?

Re:Home servers?

Capital murder.

Re:Home servers?

[Captain+Splendid]

What's in YOUR wallet?

Re:Home servers?

So ditch Comcast?

Re:Home servers?

that isn't an option is many areas

Re:Home servers?

[AHuxley]

Re: felony in the process.
Yes the ability to get admin rights or add code while the owner is away/sleeping would be tempting as part of a larger offensive military cyber capacity.
With tasks been outsourced to private security firms and "jokes" about individuals on "lists" this could get interesting:
http://arstechnica.com/tech-policy/2013/10/ex-nsa-chief-jokes-about-hunting-down-snowden-advocates-targeted-killings/
http://www.zerohedge.com/contributed/2013-10-02/chief-dhs-privacy-officer-government-called-privacy-office-terrorists
Maybe that ideological or privacy news related home sever makes a list too?

Re:Home servers?

[icebike]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.

Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.

Seems sort of odd.

Re:Home servers?

[girlintraining]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

Click. Click. Aaaand it's now a tor service. Because fuck you, Comcast. -_- They have a long history of screwing up people's internet. I just configure the router to pipe all traffic to a VPN, encrypt it, and call it a day. They get exactly zero bytes of unencrypted traffic. Go ahead and try and say anything about my traffic other than "It always goes from point A, to point B, and while the packets vary in length, the bandwidth usage is the same 24/7/365. Because I use QoS on my router and purposefully stuff my Torrent client full of things, even if I don't need them, just to keep the pipe full. Sortof a quiet fuck you to traffic analysis techniques. -_-

Re:Home servers?

[Burz]

Use I2P. Then its all just encrypted P2P traffic.

Re:Home servers?

[hawkinspeter]

Ssshhh! Don't you know the first rule of i2p?

Re:Home servers?

[davester666]

No.

One of these things increases usage without your ISP receiving additional money

The other one increases usage with your ISP receiving additional money, without requiring them to pay for the buildout or even the electricity to actually provide the service.

Re:Home servers?

[fuzzyf]

If this, or anything simmilar, becomes a success then Comcast might just have to adjust their TOS :) Where I live it is fairly common to use VPN into your home network, so if they scan open ports they will find one. But it seems like they don't really care as long as you don't use it for comercial purposes. But it's not Comcast..

Re:Home servers?

[Burz]

Ssshhh! Don't you know the first rule of i2p?

The first rule of I2P is the more people use it, the more secure they are.

Re:Home servers?

[Karmashock]

the charge business extra for this privilege. If they give it away to consumers then business... especially small business will ask... "why are we paying more"... and that is why comcast etc have a hissy fit about this sort of thing.

Re:Home servers?

[FuzzNugget]

Which is a complete bullshit stipulation, given that "server" and "client" are really just a way of expressing which machine is initiating a connection.

In a perfect world, net neutrality would outlaw such clauses.

Also, I wish I could find the link, but do you not remember the guy who crossed out certain terms in the EULA for a product and it was determined reasonable by a court of law? Makes sense: it's not really an "agreement" unless both parties are making compromises.

Re:Home servers?

[wvmarle]

Will work fine for a few days.

After that you have reached your data limit for the month.

Re:Home servers?

[n0dna]

Comcast stop capping their customers a while ago. I still double check every time Steam has one of their holiday sales though. :)

Re:Home servers?

It won't for me, not because it can't, but because Comcast is granted a regional monopoly by the local government.

Re:Home servers?

[OakDragon]

The free market fails!

Re:Home servers?

[L4t3r4lu5]

It gets faster, too. The more nodes there are, the more paths to spread the load.

I still find IRC has lag over i2p, though. It's barely useable for anything.

Re:Home servers?

[jacook]

Hi! I'm the dev on this project that was quoted in the article. We obviously can't specifically encourage anyone to break the ToS of their ISP. We will do our best to make the restrictions known to people before they decide to do something. The tool is there, if they choose to use it then that is their responsibility for what they do with it. I figure that, as long as we are interested in practical decentralization, this is the best that anyone can do.

Re:Home servers?

[jacook]

Hi! I'm the dev on this project that was quoted in the article. Tor Hidden Service support is high-priority for me, coming within the next few months. :) Thanks.

Re:Home servers?

[RevWaldo]

And Google Fiber: https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers

Wait, what!? But they're the good guys!

.

Re:Home servers?

[AdamWill]

Well, if you do that, all you've done is move the problem. If you want to host your own mail, you need a connection _somewhere_ which will allow incoming SMTP traffic on port 25, because that's how email works.

Re:Home servers?

[AdamWill]

"In a perfect world, net neutrality would outlaw such clauses."

True, but in a perfect world, everyone would understand how to run a mail server, and how to avoid malware.

Having worked for an ISP's AUP department, I really can see both sides of the argument. Most people with internet connections really don't have a fucking clue what they're doing, and ISPs have to deal with that _somehow_. The problem is really the 'lack of a free market' one: if there was a proper market, there'd be a geek provider in each area, providing pipes to geeks with appropriate levels of support (not the 'have you checked that it's plugged in' level, but the 'oh yeah, that router's been down since 23:32, sorry, we can text you when it's back up if you like', 'sure we can configure your reverse DNS, where do you want it to point?' level), and allowing server traffic. And it'd cost...whatever that cost to run, plus a modest profit margin. And then geeks wouldn't have to care what mass-market providers did, because they wouldn't use them.

Still, you can always get a Comcast business account, which allows server traffic in its ToS and doesn't block ports. Costs more than it ought to, but that's your option.

Re:Home servers?

I've been hosting my own mail server on a home account for about a year and a half. The telecom that I use (starts with an A) unblocked port 25 for me no questions asked when I asked them to. I was a bit surprised, actually.

Re:Home servers?

[charlesnw]

Geek providers with exactly that level of service exist. They are called colocation providesr. They exist in pretty much every major city. I host with Joes Data Center in Kansas City Mo. Pretty much equidistant from the entire CONUS. They have 24x7 smart hands/NOC, cameras covering the entire floor, badge access etc. Reverse DNS? Check. Smart technical folks I can call? Check. Redundant power/fiber? Check. On top of all that I have fully redundant servers,network,PDU. Plus out of band Cyclades. Yeah I could set all that up in my house, but it's just not worth it.

Re:Home servers?

[RenderSeven]

I thought the first rule of I2P is "dont talk about I2P"?

Re:Home servers?

[dyingtolive]

What felony you commit by violating a TOS?

Ask Aaron Swartz.

Re:Home servers?

[wvmarle]

Just looked him up on Wikipedia, and no notice of him actually committing a felony. He was charged, but never convicted, and not even mention of it being related to a TOS. And the charge was not for a felony, instead "... with intention to commit felony".

So again: what felony for violating TOS are you talking about?

Re:Home servers?

[lister+king+of+smeg]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.

Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.

Seems sort of odd.

If they actively scan for open ports you could set-up port-knocking where they would have to ping certain ports in a specific order and use encrypted payload that changes based on when it sent so that it is not vulnerable to them replaying it.

Re:Home servers?

[girlintraining]

Comcast stop capping their customers a while ago.

Well, yes and no. Comcast still contacts people, but in most, but not all markets, the cap was removed. They still throttle and use shaping technologies, which is why my QoS is setup the way it does; On paper, I have almost twice as much bandwidth as I can reliably get without triggering a transient bandwidth clamp-down on my service. Weeks of careful experimentation has revealed that Comcast only provides unmetered access at about 75% of your rated line speed. Go above that, and at certain times of the day, it'll start buffering your downloads, becoming bursty, etc. -- by placing you in a lower priority queue. For people who use VoIP or Netflix, this can ruin your internet experience.

But yeah, in the strictest sense... there aren't any caps. YMMV.

Re:Home servers?

[dyingtolive]

You must be looking at a different Wikipedia than I am.

Source: http://en.wikipedia.org/wiki/Aaron_Swartz

"Federal prosecutors later charged him with two counts of wire fraud and 11 violations of the Computer Fraud and Abuse Act,[16] carrying a cumulative maximum penalty of $1 million in fines, 35 years in prison, asset forfeiture, restitution and supervised release.[17]" Emphasis mine

Let's go one step further:

Source: http://www.ask.com/question/is-wire-fraud-a-felony

"Yes, wire fraud is a felony as it has been considered a federal crime in the United States since 1872. The punishment can be up to 20 years in prison."

I don't really know what else to say. This was on account of the whole JSTOR thing. In case you've been under a rock, here's a freebie: http://www.newyorker.com/online/blogs/newsdesk/2013/03/fixing-the-worst-law-in-technology-aaron-swartz-and-the-computer-fraud-and-abuse-act.html.

Re:Home servers?

[viperidaenz]

You haven't seen the latest South Park episode have you?

Re:Home servers?

[Burz]

Its self-defeating if people don't know about it or use it.

Re:Home servers?

[R.Mo_Robert]

It won't for me, not because it can't, but because Comcast is granted a regional monopoly by the local government.

Mediacom (consistently ranked poorly in customer satisfaction) has the same here, but surely you have other Internet options. I use DSL from CenturyLink. (Yes, I know, connection speeds. But that doesn't matter when the other doesn't work, and in practice, they aren't that different.)

Re:Home servers?

[wvmarle]

That's charged, not convicted.

Besides, still no word where the TOS come in play.

Home server not the fix-all

[wvmarle]

I'm running my own server for mail, my web site, and various other little bits.

Not running from home: bandwidth is a primary issue, especially my uplink is too slow. My host has at least some 100 Mbit for me, maybe more - shared of course with many other sites but it's there for those bursts, so the few people daily that visit my site have a quick response.

Other concerns are dynamic IP (will need dynDNS, not sure how well that works), uptime, power use, hardware management... I pay some USD 350 a year for my virtual server. All in. Fixed IP, fast hardware, fast bandwidth, reliable connection - more reliable than from home with our over-sensitive RCD. More than enough for a small setup, a couple dozen mails a day, a dozen or so web site visitors a day. Not going to run that from home: more work, more cost, more trouble.

Re:Home server not the fix-all

[Captain+Splendid]

Seconded. I've run various servers for various purposes for years at home, but for the shit that just needs to work all the time with minimal fuss, paying someone else to do it is the smarter and cheaper choice.

Re:Home server not the fix-all

[isama]

I've got my stuff on a "kimsufi" server at OVH. i pay less than 100$ per year, I don't even remember how much :D

Re:Home server not the fix-all

I run a home-based website. Dynamic IPs aren't a problem. First, if you're always connected your IP almost never changes. Second, routers with updated firmware (like DD-WRT) can update your dnyDNS provider automatically. I use dyn.com (I'm not sure if you can still sign up for their free service).

The main problem with self-hosting will be your ISP. You may or may not have to change your website's port every once-in-a-while to get around blocking. In addition, many consumer IPs are blocked by stupid net filtering software. Other than that, it's nice having everything completely under my control. The website runs off an old laptop I wasn't using. There's no dynamic content, so CPU power isn't an issue. My server runs Hiawatha (discovered from the Puppy Linux community, thanks guys) which is easier to setup than Apache.

Re:Home server not the fix-all

the funny thing is that on slashdot somebody will actually mod this informative

Re:Home server not the fix-all

[icebike]

You could host your own website or blog on your home service and never miss the bandwidth.
So assuming you weren't going to disconnect your home Internet, all for the price of zero dollars per year.
You could host your family photos an pithy blog on a wall wart sized appliance.

Till your ISP steps in. Too many ISPs forbid this for no rational reason.

Re:Home server not the fix-all

So put your server at NSA then, like everyone else. Just don't come complaining when you get shot in the head for emailing the wrong person.

The Government doesn't need a reason; they shoot first and rationalize later. Police especially enjoy murdering car crash victims and evading justice. God bless America!

Re:Home server not the fix-all

[rs79]

You just have bad software.

If you had decent software, you'd be eager and happy to have a home server. Your problem after all isn't a hardware issue now is it?

So... what's the six things you'd need for you to consider this easy?

Re:Home server not the fix-all

[TheSeatOfMyPants]

Till your ISP steps in. Too many ISPs forbid this for no rational reason.

It's because blocking/forbidding it means they don't have to spend money having their IT staff help anyone running into difficulties hosting things. It's much easier for them if everyone obediently consumes.

It's also because they can -- far too few tech-oriented people consider it more important to have an ultra-fast connection than it is to be able to use it as they see fit. I feel the *minor* inconvenience of slower speeds on DSL is worth knowing my ISP lets me do what I wish (even if I don't use it much) and doesn't have a bandwidth cap, participate in the RIAA/MPAA schemes or do similar obnoxious crap. It's not like the minor extra time needed to download a Linux distro (or whatever) has a real impact on my life...

Re: Home server not the fix-all

[sevenisloud]

I know none of this will help you sir, but I wanted to address some of these concerns for people in the UK, like me. I've been running a home server for a while now (and recently switched to a Raspberry Pi, mostly for the power savings). Anyway... For your Internet connection, I highly recommend Plusnet's fibre broadband, if you're lucky enough to live in an area where it's available. For £20/month (plus line rental) I get around 20mbps upstream. I've had their fibre broadband for about 6 months now without any downtime. They have no issues with me running a server, and offer a static ip for a one-of setup fee of £5 (which they say will make it easier to host your own website, etc, thus taking care of any worries about falling foul of their tos). Their sister company just-the-name will sell you a .co.uk domain for £9/2 years. In case you wonder, no I don't work for them, I'm just very impressed by their service.

Re:Home server not the fix-all

[thegarbz]

more reliable than from home with our over-sensitive RCD.

RCDs are rarely over sensitive. They have a pre-defined trip point and a pre-defined trip time. Odds are far greater that you have some gear somewhere in your house that is leaking current into the earth and that you're already very close to the trip point. If you have an old fridge or oven I would look there first. Pool pumps or any other electro-magnetic devices are good culprits too.

Nothing to do with home servers, just some advice of where you may start looking for a potential problem. If it is the RCD, get it tested and replaced.

Re: Home server not the fix-all

[wvmarle]

Thanks, not living in UK. Would have two decades ago though... it's one of your former colonies. Now part of China.

To make matters worse, at my home only ADSL available. No fibre.

Re:Home server not the fix-all

[wvmarle]

Most of our electronics are reasonably new. Our old washing machine used to be a real issue, we have a new one now. Fridge maybe a decade old, no more. Really I've been searching a few times really hard when the problem occurred: power would go down all of a sudden, and just wouldn't go on again. Once I had to switch off all power groups, switch them on one by one, finally find out there are two that each would trip the breaker. That's strange, you'd expect one. Anyway in the end I never found the culprit. Narrow it down to a single group: unplug everything, connect power, plug it all in one by one to see which device causes problems: and then nothing happens?!

Most recent was a few trips due to the rice cooker not being dry enough after a thorough washing. Took two days, now it's fine again :-) But had to walk down to reset the power a few times. That makes sense.

Re:Home server not the fix-all

[agentgonzo]

I don't think his 'overly sensitive RCD' can be fixed with decent software.

Re:Home server not the fix-all

[xaxa]

Too many ISPs forbid this for no rational reason.

Can they not be convinced?

My ISP (Plusnet) is a division of the old state monopoly (BT), and they even have a page on how to set up a home email server: http://www.plus.net/support/email/smtp_mail.shtml

I don't run a home email server -- it's too much effort to filter spam -- but there's been a web server running on port 80 for the past year. My mum has another web server in her house (for family photos), with a competing ISP (o2?) and that's been running for almost 10 years.

Re:Home server not the fix-all

[wvmarle]

At home i'd have to pay the electricity for a server that's up all the time, and maybe buy a separate computer for it.

Also it allows me to acces my mail and files from just about anywhere, at high speed, without worries. My uplink from home is simply too slow - also an issue for web visitors, this way their pages load much faster.

Re:Home server not the fix-all

[thegarbz]

It may be a slight intermittent fault pushing you over the edge. If you have a friend who's an electrician or EE see if he can bring over a clampmeter and clamp around both the active and neutral cables going through your RCD. Both at the same time will give you a measure of earth leakage.

It's common for some devices to leak. In our case we had a dodgy beer fridge leaking ~30mA and our RCD tripped at 40mA (country standard, not sure how things work were you life). Turns out there was an ants nest amidst all the wiring inside the fridge. The fault was never enough to diagnose by turning things off and on but I found it when measuring the leakage current while turning things off and on.

Something to consider if the outages are causing any problems.

Re:Home server not the fix-all

[wvmarle]

Will see, it's been a while that we had a spontaneous cut. Usually can just switch it on and everything is fine.

Re:Home server not the fix-all

[aurb]

Colocation for Raspberry Pi? I'm sure there are services like that.

Re: Home server not the fix-all

[wagnerrp]

But, why an RPi? It's a painfully low end piece of hardware. At least get something like a BeagleBone or one of the A10 boards. They've got the same power envelope, trading graphics that you won't use for a better CPU, more memory, better interconnects, and they don't cost significantly more.

Re:Home server not the fix-all

[jacook]

Hi! I'm the dev on this project that was quoted in the article. There are lots of concerns hosting things from home (or self-hosting in general) but arkOS hopes to cut those down as much as it possibly can. While it is not a "perfect" solution, I hope it will come to bridge the gap for a lot of people, in terms of tech skill, time and money required to host their own data. A fully-integrated dynamic DNS system is in the works, and getting an overview of usage/service statistics is already possible with some improvements to be made in the future. And of course, as long as you are using arkOS on the RPi, you have hardware limitations - you obviously can't host 10 PHP sites for all of your friends at the same time. In the future arkOS will be ported to other platforms so it can run on more powerful hardware and VPSes.

Re:Home server not the fix-all

[wvmarle]

And: what people expect from it.

For a personal web site, I'd love to play with it. Doesn't matter too much if it goes wrong, if it's slow (due to limited uplink speed), or goes down because someone tripped over the cable. I guess there are plenty of uses for such a server; and for many low-bandwidth uses your home connection will be more than good enough.

But for business, not so much. I used to do this (when I had an office with 20 Mb up/down line); now I went with a cloud server simply for reliability. I want my server to be available, well connected, and just work - so I can take care of the content of my site, so that I know that my e-mails arrive, etc.

Re:Home server not the fix-all

[Captain+Splendid]

I think you replied to the wrong post.

Re:Home server not the fix-all

[UnderCoverPenguin]

Maybe.

Renting a server (virtual or physical), "your" server is still the property of the service provider. This project is about enabling people to avoid the problems associated with that.

Also, I don't think co-location will be much help, either. While you certainly own the server, it's still in the custody of a third party.

Re:Home server not the fix-all

[icebike]

My ISP (Plusnet) is a division of the old state monopoly (BT), and they even have a page on how to set up a home email server: http://www.plus.net/support/email/smtp_mail.shtml [plus.net]

To be fair, they tell you nothing about setting up a home SMTP server, they merely show you how to get your Plushnet mail forwarded to your server after you get it set up. You are on your own as far as getting Postfix or Sendmail up and running.

But at least they are ahead of the game here compared to most US broadband providers.

To bounce back on topic, it is precisely inexpensive consumer devices such as the Raspberry Pi solution discussed and similar very small "wall wart" style computers that can come loaded with everything you need to run a web server, email server, VOIP and VPNs out of the box, after just entering some very basic information. Not much more complex than setting up your cell phone.

Like you, I suspect most users wouldn't want to put up with the Spam, Spam filtering with Spamassassin seems pretty solid, but it is the single biggest consumer of CPU and bandwidth on my home server. (But on the other hand if you pop your mail off of something like Google, directly into your own MDA you bypass most of the spam.)

But for the family photo album, or blogs or messaging, voip, video chat, the types of devices proposed in TFA could become quite popular. Who knows, Maybe Jabber will have a resurgence!

Re:Home server not the fix-all

[sootman]

I've been running a public-facing web server at home for over 10 years. I use DynDNS (I joined right after they were founded; so for a small 'donation' (as it was at the time) I got lifetime service. :D ) and I've used it with different ISPs, and static and dynamic IPs. Name-wise, everything works great.

Bandwidth-wise, I used to have 1.5M down/256k up and it was fine. Not blazing fast or tons of capacity, but for "a couple dozen mails a day, a dozen or so web site visitors a day" even that was plenty. I used to have an image that was in the top 5 matches on images.yahoo.com for 'ac cobra wallapaper' and I sometimes got hundreds of hits a day -- no problem at all. A dozen hits per MINUTE is only one every 5 seconds so ANY web host should be able to handle that easily. I currently have a moderately-priced 18M down/1.5M up fiber-to-the-curb service. (AT&T in Florida.)

The single biggest drawback with home hosting is the possibility of running afoul of your ISP's terms of service. Two big upsides: basically infinite storage (I can watch every single ripped movie or TV show that I own at any time, from anywhere, on any device, for free, because I have a symlink in Apache leading to my media folders) and fast transfers when you're at home to upload new content -- I can drag 2 GB of photos from my CF card right into my gallery web app and the bottleneck is the speed of my card reader.

Uptime: I trust my computer as much as any. If it breaks, it's faster & easier to fix when it's in my closet than when it's colocated somewhere. If it's a real "cloud" place... hell, even Amazon and Microsoft's Azure have had notable outages. (And when THEY go down, you are 100% SOL until THEY fix it. Which they want to do, fast, because they have so many customers, but because they're so huge and complex, sometimes the downtime is significant, despite all their resources.)

Power: I've got a UPS. Electricity is pretty reliable where I live. Since my home phone is now digital, my telco sent me a dedicated UPS for the router ("modem") because I'm no longer using POTS with its magical self-powering capabilities.

The $350 you spend each year would pay for a new Linux box or used Mac mini... every single year. Since I'd pay for my Internet service no matter what, and run it off a Mac mini that's always on anyway, I basically get a hosted website* with infinite storage and "enough" bandwidth for nothing more than the cost of the domains, and electricity. (Which on a Mini is practically like a night-light.)

* multiple domains, actually.

Re:Home server not the fix-all

[doesnothingwell]

will need dynDNS, not sure how well that works

Don't expect a Dyndns free account to work for longer than a year or so, even following the rules. I don't mind they want paid but if its a "time expirey" free offer, just say so upfront. I was using their client software which which was all up to date and they booted me for inactivity WTF. Still unemployed so, No I can't afford to pay them. I just need to lojack my daughter's laptop so it phones home. Trying http://freedns.afraid.org/ and wget. YMMV

Re:Home server not the fix-all

[lewiscr]

Seconded. I've been doing the same, since 1999. Web spiders are responsible for most of my upstream bandwidth, and I only notice when I'm looking at the log files. None of the 4 ISPs I've had over the years have complained or blocked my service.

The only actual problem I've had is email deliverability. Most destinations would bounce my emails because they came from a Dynamic IP. I configured Postfix to forward everything through Time Warner's mail servers, and I haven't had problems since.

Re:The world's largest botnet

[VortexCortex]

Is officially under construction. Once a few of these get owned it will be quick before they're all compromised.

I agree. I mean, Linux runs the majority of web servers. Just look at THAT giant botnet. Best use MS IIS server, on Surface RT -- No one's doing that so it's far safer.

Why stop with the infrastructure?

We could decentralize and democratize the protocol standards as well.

There will be lots

[DrPBacon]

Dr P Linux will hopefully be out by the end of the year ... :)

Re:backups?

[AHuxley]

A usb stick or connected RAID 1 mirrored enclose would allow you to keep your data backed up?
New server, check your data and your back online.

Why not decentralized the network too?

[Burz]

It should come with I2P like TAILS does:

I2P-Bote: Decentralized / anonymized email based on DHT

Tahoe-LAFS on I2P: Decentralized and anonymous file storage

Syndie on I2P: Decentralized and anon blog

and

I2P itself: A general replacement for IP. Like a cross between Tor and bittorrent, where everyone is expected to contibute to bandwidth and so reduce the centralization (and opportunity for attacks) as much as possible and expand the approved uses to anything (instead of just web browsing).

Take away the centralized power of the ISP and government to monitor and control every aspect of your online life.

Re:Why not decentralized the network too?

Take away the centralized power of the ISP and government to monitor and control every aspect of your online life.

The government and the corporations are controlling everyone! Seriously who gives a fuck, its the internet, what are you doing on it that youre so desperate to keep secret and hidden? In the end all you are battling is information freedom and that is a battle you will ultimately lose, you are communicating with the outside world and frankly if you think you can keep that private youre just a naive idiot.

Re:Why not decentralized the network too?

[jacook]

Hi! I'm the dev on this project that was quoted in the article. Definitely plan on including I2P and P2P-connected services to arkOS. And of course if anyone is interested in making their favourite software work with arkOS, they can do so quickly and easily https://github.com/cznweb/genesis

Re:backups?

[AHuxley]

Really depends on what cloud you bought into. Many will offer cpu and bandwidth but as some users have found out other expected benefits may be expensive or lacking.

Re:Good idea- difficult to implement

[SuricouRaven]

The graphics firmware blob and driver module are the only non-free pieces of code in there. The rest of the software is all open-source, and even the schematics (Though not the multi-layered PCB layout) have been published. Very useful schematics too - they show you which polyfuse needs briging if you want any hope of powering a USB hard drive.

Re:Good idea- difficult to implement

[m.alessandrini]

And OSs like this are not tied to a particular hardware. If ported to another platform, probably all you need is copying the home and etc folders.

Great idea, unfortunately...

[sortius_nod]

Until there's widespread FTTP (GPON or AON) it will be more pain than it's worth.

I have run a Linux server for years with just these services on ADSL & ADSL2. Mail is fine, even a Jabber server is fine, even private file hosting is ok, if a bit slow, but once you start hosting websites your ability to actually use your own Internet when you're home is diminished.

I was hoping that the National Broadband Network (NBN) would stay 93% FTTP here in Australia, but unfortunately with the change in government that's looking less & less likely.

Re:Good idea- difficult to implement

[fezzzz]

I recently bought a raspberry Pi with the idea of hosting a web server from home using a Huawei Dongle and the cell phone network. Due to the power wastage, I didn't think it a good idea to use my regular PC for the job.

First you obviously need to get the Huawei Dongle working with wvdial or something similar. This took me perhaps a week.

Then you need to contact your cell phone service provider and ask for an unrestricted APN otherwise they block all connections to your dongle. This took some paperwork, but I managed to get it done.

Once incoming connections are allowed, you can start hosting your website. The first proper request to my website activated the dongle's maximum power usage and this resulted in a power brown-out and the PI crashed. After upping the power supply from 700 mA to 1000 mA, this problem was solved.

NOIP and dyndns solved my dns problems easily.

The last problem I haven't solved yet is routing to my Pi with the cell phone networks. About 10% of the time, it finds a route, but the rest of the time it only finds the IP address. I will buy another sim card and see if it improves my situation, but in the mean time I've resorted to Amazon's cloud offering.

Seems like the percloud, just

[mfioretti_en]

Can't believe I only discovered this project today, when it's been running, it seems, for at least 6 months. Anyway, it seems very similar to what I just proposed, the percloud http:per-cloud.com With the difference, if I'm not mistaken, that the percloud would be an easier to use, preconfigured, locked down version of arkOS. Am I right?

Re:No offense, but had to laugh

[game+kid]

...or PWS?

Re:The world's largest botnet

[tommituura]

As much as I appreciate the joke, GP is right - and it has nothing to do with the OS the system is running, even though I'd wager Linux to still be more secure choice in that front. It's about who do you suppose is going to keep the system up-to-date? Following security news about the latest remote exploit in $HTTP_SERVER, or other parts of the system?

Giving a typical home computer user a "plug-and-play" server machine to host his/her own web pages at home and expecting anything like responsible and competent administration is silly. By trying to make it super simple to set up a server, they seem to be catering to the crowd that uses "password" as password, leaves their wifi just because that's the way it came from ISP, etc etc etc.

If they are trying to make their security idiot-proof, I sincerely wish them all the luck. Not holding my breath on that one though...

Not a home server, but...

[fuzzyf]

I've been thinking about setting up a home server for some time now, but then I took a step back and think about what I really wanted to achieve. What I really would like (I'm not on facebook) is a simple way to share information with my family (who lives all over the country) and friends. And I'd prefer it not be hosted on the internet or with a company that makes money of my information.

Just a simple way to share information with a select few people.
A full fledge home server would be overkill, and it would have to serve as a host to others in my family also. That would be too much work. But a raspberry pi in each home, working as something inbetween a home server and just a vpn with some bells and whistles might do the trick.

Maybe it's time to start coding something at home again :)

Re:Not a home server, but...

[fuzzyf]

I'm capable to both configure and run a server, but as I see it this should be solved in a different way than just run a full home server. I wouldn't want to run a server for everyone, and most people can't do it themselves. So it would need to be something a bit simpler.

Keeping it simple enough that enyone could just plug a device like this into their network and have everything just work.
Preferably without too much framework software. Running gigabytes of software to do something this simple is just a security risk.

But as you say, If something like this became successfull it would be a target for google, facebook and quite a few other companies.

btw:
I'm a professional developer and I run Gentoo as my main OS on my laptop :)

Re:The world's largest botnet

[hairyfeet]

Logical disconnect....because one instance, where the servers are admined by guys making high five figures on up and have had many many years of education and experience don't get pwned its the OS that deserves credit?

Bullshit. I don't care if the OS is Linux,Windows, or OS/2 Warp if you put well educated admins on them they will be safe, bad admins and they will be pwned. For what happens to Linux when it is faced with clueless users one merely has to look at Android, which passed its million infection mark over the summer, beating the time it took windows to reach that number by a good half a decade.

Moral of the story? FOSS isn't fairy dust and thinking because an OS is open magically makes it more secure is just that,magical thinking. The vast majority of infections on ANY platform are caused by PEBKAC and Linux has enjoyed many years of security by obscurity on the desktop and highly educated admins on the server. Takes those away? It gets pwned just like Windows and OSX.

violation of net neutrality

[dutchwhizzman]

Open access to the internet entails being able to offer services just as much as being able to use them. By prohibiting users to run their own services they are violating net neutrality. When is the class action suit coming?

Re:violation of net neutrality

[PopeRatzo]

If you want to run your own server, get an appropriate connection for that.

By "appropriate" do you mean, "one that Comcast deems appropriate" or one that is technically appropriate?

Believe it or not, there was a time, before ownership of the internet was turned over to the big telecoms, when you could host whatever kind of service you wanted on your internet connection. Back when there were these things called "ISPs" that you paid and they gave you bandwidth and that was pretty much the end of it.

Re:violation of net neutrality

[wvmarle]

The amount of money you paid to those ISPs (which were for sure part of those big telecoms you love to hate so much) was definitely a lot more than what you pay now, for a lot less bandwidth. If you were in a building they happened to have a line running to. You couldn't get those connections at home.

If you want to run servers, you're likely to use a lot more bandwidth than an average user. Makes sense you have to pay for that. Ask your ISP for a business account which has fixed IP and is allowed to run servers, you'll pay more, but still it'll be a lot less than you paid back in the day.

All in all, believe it or not, we're much better off now than back then.

Re:violation of net neutrality

[PopeRatzo]

All in all, believe it or not, we're much better off now than back then.

It depends on criteria and perspective.

Ask your ISP for a business account

You mean, "Ask your telecom for a business account", don't you? Are there still such thing as "ISPs"?

Re:violation of net neutrality

[petermgreen]

Are there still such thing as "ISPs"?

There are but many home/small buisness customers are pretty much forced into using an ISP that is vertically integrated with the provider of their access connection and have very few choices (often only one) for reasonablly performing access connections. This seems to be especially a problem in the USA.

Afaict enterprise customers who pay for dedicated bandwidth can still usually choose their infrastructure and internet providers seperately in most places.

Re: violation of net neutrality

Really? Odd, I'll have to inform Concast of that. I pay $80 a month for business Internet, I do run my own servers, VPN in. To comcast. At my house.

Re:violation of net neutrality

[icebike]

Actually some game engines don't chew up that much data when running as a server. We routinely run a small FPS game engine at night because we don't need the bandwidth in the evening.

There seem to always be 4 to 8 people rocketing away in there after 7pm.

Re:Three words: Network Address Translation

[Arashi256]

Yup, this is exactly what I do. I'm with Be (now part of Sky) and I get a static IP address for £20 pm. The BeBox (router) has all the capabilities for port forwarding although I found the interface to be dumbed down for firewall configuration which actually made it harder to set up for me :) Been running a CentOS server for all sorts of things for 5 years with no hassles from the ISP.

Google already says no.

[wjcofkc]

The TOS for Google Fiber says NO SERVERS... at all. Kind of lame when you consider they initially called Google Fiber an experiment to see what people would do with all that bandwidth. This sounds ideal. Google Fiber will be available to me very soon, but I may just have to pass it up. I don't like that they have already drastically changed the game by excluding servers.

Re:Google already says no.

[fuzzyf]

How do they define "server"?
It is any open port? even VPN into your router?

Re:Google already says no.

[OneSizeFitsNoone]

I wonder if a Tor relay node would fit the TOS.

"about the project"

[Hougaard]

Great copy paste job boys :)

Re:"about the project"

[CoolGopher]

I've got a really cool idea! We should totally get slashdot to get someone to read and tidy up the posts before they're well posted. You know, edit them to make them more readable. We could even give those people a title, say, "editor"....

Net neutrality

[ortholattice]

To me, it seems that providers that prohibit home servers (either by TOS or by actually blocking e.g. port 80) are in violation of FCC-10-201 (net neutrality).

This was brought up before on Slashdot http://tech.slashdot.org/story/13/07/30/2322253/google-argues-against-net-neutrality with specific reference to Google Fiber's TOS prohibition of incoming ports. The complaint is described in http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf . I wish someone would pursue this against all major providers, not just Google Fiber.

There is simply no valid reason to prohibit incoming ports. This issue is not bandwidth - most home servers use far less than say streaming video. In any case if it's abused, the providers can use their existing procedures to deal with bandwidth abusers.

This is really at the heart of network neutrality. The only reason I can see for prohibiting incoming ports is to prevent individuals from competing with commercial interests that provide network services. Personally, it really PO's me that my ISP blocks ports 80 and 443. I keep my files on a home server, and although I can access them via ssh, many public wifi services (e.g. at hospitals) block every port, in and out, except 80 and 443. I can't really complain about the public wifi (well, I can complain, but they'll just tell me that it's a free courtesy they're under no obligation to provide, so if you don't like it, don't use it). So, to access my personal files, I need to use a 3rd party's commercial server (cloud or VPN) that allows port 80.

(As for the dynamic DNS, that hasn't been a serious problem for me - my ISP keeps it fixed as long as my cable modem is powered and connected, and the IP only changes when I restart the cable modem. Anyway, that is a secondary and minor problem.)

Re:Net neutrality

[Gothmolly]

You know you can tunnel SSH over proxies, right? And you can tunnel SOCKS over that SSH session?

Re:Net neutrality

[ortholattice]

I'm not sure you understand the problem. The outgoing service (free public wireless) allows only outgoing ports 80 and 443, whether I'm using ssh, http, or whatever. The destination (my home) blocks incoming ports 80 and 443. It is impossible to get from one to the other without going through a commercial 3rd-party service, which is the point of my complaint.

This is amazing!

[kenh]

You mean I can run a server out of my home?! That's amazing!

How is this easier than spinning up a TurnkeyLinux appliance on an old Pentium 4 (or better) desktop you can get for free in almost any part of the country?

Let's see - I need to buy the RaspberryPi, a case, and a power brick at a (practical) minimum, which puts the system in the $75+ range - compared to a repurposed desktop that will cost around $0. Of course, the difference is in the monthly power bill - the old Pentium 4 desktop will use much more power. You could avoid that expense by running your appliances under, say, VirtualBox if you normally keep your desktop on 24x7....

Oh yeah, the TOS of most ISPs would preclude any server type work on a residential account, at least that is the case here in the US.

Re:This is amazing!

[fuzzyf]

Don't be so negative about someone trying to get more people to run a linux installation.
Most people would never get a Pentium 4 for free and then start installing and configuring a webserver on it
But buying a ready configured Raspberry Pi and pluggin it in.. that is doable for many.

The obvious benefints are less noise, power usage, space needed and the ability to hide it behind the TV.
But don't underestimate the amount of PR a project like this could get.

Re:This is amazing!

[weilawei]

Tried running a media server (not public facing) on an old P4 a friend gave me. $40 on the next electric bill. Guess which machine got donated to someone else?

Re:This is amazing!

[weilawei]

Speaking as someone who got a free desktop P4 and ran a (headless) intranet server on it, the cost of the power by the second month would easily cover the purchase of a dedicated RPi or BeagleBone. By the end of the year, you could've bought at least 12 more efficient systems for the cost of just running the single P4. I turned mine off and then later donated it to another friend.

Missing something?

[TheSkepticalOptimist]

When did people not have the opportunity to host their own content?

For anybody that has ever hosted their own email server, Raspberry Pi is NOT the right platform to do this on. While you can easily set up an email server on any Linux distro, the reality is that you need something a little bit more powerful than Raspberry Pi to process the ten's of thousands of spam messages a minute you are going to get. And don't think that just because you are "clever" enough to set up your own email server that you will be immune to spam.

And it seems a lot the the Slashdot denizens seem to have forgotten the bygone era of the "Slashdot Effect", when people and companies used to try and host their own websites which couldn't handle a sudden influx of people that used the RTFA. Even a lot of corporate servers couldn't handle when hundreds of thousands of people suddenly jumped onto their websites all at once back in the day. This is why many corporations and consumers just started using hosted services which have a larger, dynamically scalable infrastructure to handle sudden jumps in traffic.

Finally, with things like Facebook and Twitter and a slew of other social networking services, these all but decimated the "personal blog". Nobody cares to go to www.myblog.com and read some mindless ranting from a conspiracy nut. The problem with "decentralization" is that you will be lost in obscurity.

So, aside from hosting anything more than a hobby website for friends and family to touch base with, good luck.

Re:Three words: Network Address Translation

[Riddler+Sensei]

You misunderstand. People are being NATed BEFORE it reaches their own equipment. Providers doing this claim it is to fight off the dwindling IPv4 supply. It also makes it impossible to get any services through without begging the provider. I'm experiencing this right now as my router is pulling a 10.x.x.x/8 address on its WAN. No amount of port forwarding on my pfSense box is going to work around that. I have a ticket open with my ISP to request a public IP but I have no idea if they're going to tell me to sod off or not.

Re:The world's largest botnet

[jacook]

With all due respect, it's exactly this sort of distrusting end users that gives us the current predicament that we are in. Considering potential end users as "idiots" (I know, it's just a turn of phrase, but it can be representative) is exactly the wrong attitude to have. We should be striving to create software that works well and is secure, instead of feeding the dichotomy of haves and have-nots (i.e. geeks who know how to do everything themselves vs. everyone else that is SOL). There is no reason why this should continue to be the case. It is extremely important to provide secure software for users to use, and that is what I intend to do, as much as possible. There are high technical obstacles to overcome to get this to work properly but they are not insurmountable. So we shouldn't be acting like they are.

Re:The world's largest botnet

[jacook]

Nobody suggested that arkOS would be the perfect solution to all the world's problems. Of course there will be bugs to fix, security issues to track, etc. Just like there are with literally every other operating system. Vigilance is key. But fear of potential problems that apply to every other piece of software ever developed is no reason to discard an idea out of hand.

Any linux distro does this

[Gothmolly]

I get that we're all busy frolicking with our Raspberry Pis, but any Linux distro on an old PC will do this. There's nothing "Pi" about this. You don't need a new distro for this either. Maybe a handful of shell scripts or some kind of GUI to manage all the bits and pieces would be nice, but this is all a solved problem.

Re:Any linux distro does this

[phaggood]

A solution you can pick up for 99 bux at Walmart since 2009 apparently - http://techreport.com/news/16466/marvell-unveils-99-wall-wart-linux-pc

Re:The world's largest botnet

[Kielistic]

You complete disregard that many eyes make all bugs shallow.

Probably because that is entirely false.

Re:The world's largest botnet

[hairyfeet]

Not only is it a myth you can show with basic common sense WHY its a myth.

You have something like 40 MILLION lines of code making up even the thinnest Linux distro, right? Now programs on average with FOSS have two to four releases a year, some like FF even higher.

Now for "many eyes" to be true ALL of what I'm about to post HAS to be true or many eyes is false...1.- you have to have people with the education and experience in both code AND stenography AND obfuscation, for why you have to have that look at the obfuscated C contest to see how even when you know there is malware how well it can be hidden, 2.- those people HAVE to look at not ONLY the code but ALSO all that it interacts with, for why you have to have that look at payload malware where by itself it is harmless but when mixed with a second program turns nasty, and finally 3.- They have to be willing to check not ONLY this one version but EVERY release for both the program AND the subsystems!

The "many eyes" myth works on the fallacy that states because something COULD be done it HAS been done. Well there COULD be vampires in the world but I don't think I need to carry a stake, do you? if I wanted I could wallpaper this page with Linux malware links but I think an even better answer is to show how you can write a Linux virus in 5 easy steps which will work on pretty much ANY distro, how? By exploiting the weakest link, like any virus...the user. And for those that Linux users wouldn't fall for those? look up the "KDE Look Bug" to see thousands of Linux users that got pwned by a screensaver and theme.

Why duplicate Freedom Box?

[MCRocker]

This sounds like the same concept that the Freedom Box Foundation has been working on for a while. It would seem like a better use of resources for these groups to get together and pool their efforts rather than do the same thing twice.

Yahoo Solution?

[tmjva]

Given the hoopla created by Yahoo groups last month this could be a solution for those wanting to bail Yahoo groups.

Re:The world's largest botnet

[cmurf]

I think the biggest barrier is a quality user experience, not technical barriers. As you say the technical barriers are well understood, and not insurmountable. A huge effort, though, is required to get gmail like quality experience without using Google, on the desktop, and my phone, at all times, anywhere in the world. So that necessarily implies the user can opt into more than one hardware unit in order to ensure their data is replicated, and opt into distributed (and encrypted) copies that aren't in their home in case their singular network pipe goes down. I've been inclined to go with "more" cloud service than go it alone mainly because I have one nasty, but necessary, email account that garners so much spam that as a non-expert with spamassassin I just can't tolerate it. Whereas gmail's spam filtering is just so close to 100% correct. So I can appreciate the importance of this project, as well as the work that will be involved.