ArkOS: Building the Anti-Cloud

angry tapir writes "arkOS is a Linux distribution that runs on the Raspberry Pi. It's an initiative of the CitizenWeb Project, which promotes decentralization and democratization of the Internet. arkOS is aiming to aid this effort by making it super-simple for people to host their own email, blogs, storage and other services from their own home, instead of relying on cloud services run by third parties. about the project."

Home servers?

[Professr3]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

Re:Home servers?

Capital murder.

Re:Home servers?

[Captain+Splendid]

What's in YOUR wallet?

Re:Home servers?

So ditch Comcast?

Re:Home servers?

[icebike]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.

Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.

Seems sort of odd.

Re:Home servers?

[girlintraining]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

Click. Click. Aaaand it's now a tor service. Because fuck you, Comcast. -_- They have a long history of screwing up people's internet. I just configure the router to pipe all traffic to a VPN, encrypt it, and call it a day. They get exactly zero bytes of unencrypted traffic. Go ahead and try and say anything about my traffic other than "It always goes from point A, to point B, and while the packets vary in length, the bandwidth usage is the same 24/7/365. Because I use QoS on my router and purposefully stuff my Torrent client full of things, even if I don't need them, just to keep the pipe full. Sortof a quiet fuck you to traffic analysis techniques. -_-

Re:Home servers?

[Burz]

Use I2P. Then its all just encrypted P2P traffic.

Re:Home servers?

[hawkinspeter]

Ssshhh! Don't you know the first rule of i2p?

Re:Home servers?

[Karmashock]

the charge business extra for this privilege. If they give it away to consumers then business... especially small business will ask... "why are we paying more"... and that is why comcast etc have a hissy fit about this sort of thing.

Re:Home servers?

[wvmarle]

Will work fine for a few days.

After that you have reached your data limit for the month.

Re:Home servers?

[n0dna]

Comcast stop capping their customers a while ago. I still double check every time Steam has one of their holiday sales though. :)

Re:Home servers?

It won't for me, not because it can't, but because Comcast is granted a regional monopoly by the local government.

Re:Home servers?

[L4t3r4lu5]

It gets faster, too. The more nodes there are, the more paths to spread the load.

I still find IRC has lag over i2p, though. It's barely useable for anything.

Re:Home servers?

[jacook]

Hi! I'm the dev on this project that was quoted in the article. We obviously can't specifically encourage anyone to break the ToS of their ISP. We will do our best to make the restrictions known to people before they decide to do something. The tool is there, if they choose to use it then that is their responsibility for what they do with it. I figure that, as long as we are interested in practical decentralization, this is the best that anyone can do.

Re:Home servers?

[jacook]

Hi! I'm the dev on this project that was quoted in the article. Tor Hidden Service support is high-priority for me, coming within the next few months. :) Thanks.

Re:Home servers?

[AdamWill]

"In a perfect world, net neutrality would outlaw such clauses."

True, but in a perfect world, everyone would understand how to run a mail server, and how to avoid malware.

Having worked for an ISP's AUP department, I really can see both sides of the argument. Most people with internet connections really don't have a fucking clue what they're doing, and ISPs have to deal with that _somehow_. The problem is really the 'lack of a free market' one: if there was a proper market, there'd be a geek provider in each area, providing pipes to geeks with appropriate levels of support (not the 'have you checked that it's plugged in' level, but the 'oh yeah, that router's been down since 23:32, sorry, we can text you when it's back up if you like', 'sure we can configure your reverse DNS, where do you want it to point?' level), and allowing server traffic. And it'd cost...whatever that cost to run, plus a modest profit margin. And then geeks wouldn't have to care what mass-market providers did, because they wouldn't use them.

Still, you can always get a Comcast business account, which allows server traffic in its ToS and doesn't block ports. Costs more than it ought to, but that's your option.

Re:Home servers?

[charlesnw]

Geek providers with exactly that level of service exist. They are called colocation providesr. They exist in pretty much every major city. I host with Joes Data Center in Kansas City Mo. Pretty much equidistant from the entire CONUS. They have 24x7 smart hands/NOC, cameras covering the entire floor, badge access etc. Reverse DNS? Check. Smart technical folks I can call? Check. Redundant power/fiber? Check. On top of all that I have fully redundant servers,network,PDU. Plus out of band Cyclades. Yeah I could set all that up in my house, but it's just not worth it.

Re:Home servers?

[lister+king+of+smeg]

I imagine Comcast will have something to say about this - something like "No more internet for you, TOS-breaker"

This is true, their TOS generally forbid any services (listening ports for inbound connections) which pretty much means you can't host web servers or email servers. They actively scan for these, and contact you if they find them.

Yet, oddly they want to open a public wifi access point on every customer's cable drop so that their customers can have mobile wifi on mobile devices everywhere.

Seems sort of odd.

If they actively scan for open ports you could set-up port-knocking where they would have to ping certain ports in a specific order and use encrypted payload that changes based on when it sent so that it is not vulnerable to them replaying it.

Re:Home servers?

[wvmarle]

That's charged, not convicted.

Besides, still no word where the TOS come in play.

Home server not the fix-all

[wvmarle]

I'm running my own server for mail, my web site, and various other little bits.

Not running from home: bandwidth is a primary issue, especially my uplink is too slow. My host has at least some 100 Mbit for me, maybe more - shared of course with many other sites but it's there for those bursts, so the few people daily that visit my site have a quick response.

Other concerns are dynamic IP (will need dynDNS, not sure how well that works), uptime, power use, hardware management... I pay some USD 350 a year for my virtual server. All in. Fixed IP, fast hardware, fast bandwidth, reliable connection - more reliable than from home with our over-sensitive RCD. More than enough for a small setup, a couple dozen mails a day, a dozen or so web site visitors a day. Not going to run that from home: more work, more cost, more trouble.

Re:Home server not the fix-all

[Captain+Splendid]

Seconded. I've run various servers for various purposes for years at home, but for the shit that just needs to work all the time with minimal fuss, paying someone else to do it is the smarter and cheaper choice.

Re:Home server not the fix-all

[isama]

I've got my stuff on a "kimsufi" server at OVH. i pay less than 100$ per year, I don't even remember how much :D

Re:Home server not the fix-all

the funny thing is that on slashdot somebody will actually mod this informative

Re:Home server not the fix-all

[icebike]

You could host your own website or blog on your home service and never miss the bandwidth.
So assuming you weren't going to disconnect your home Internet, all for the price of zero dollars per year.
You could host your family photos an pithy blog on a wall wart sized appliance.

Till your ISP steps in. Too many ISPs forbid this for no rational reason.

Re:Home server not the fix-all

So put your server at NSA then, like everyone else. Just don't come complaining when you get shot in the head for emailing the wrong person.

The Government doesn't need a reason; they shoot first and rationalize later. Police especially enjoy murdering car crash victims and evading justice. God bless America!

Re:Home server not the fix-all

[TheSeatOfMyPants]

Till your ISP steps in. Too many ISPs forbid this for no rational reason.

It's because blocking/forbidding it means they don't have to spend money having their IT staff help anyone running into difficulties hosting things. It's much easier for them if everyone obediently consumes.

It's also because they can -- far too few tech-oriented people consider it more important to have an ultra-fast connection than it is to be able to use it as they see fit. I feel the *minor* inconvenience of slower speeds on DSL is worth knowing my ISP lets me do what I wish (even if I don't use it much) and doesn't have a bandwidth cap, participate in the RIAA/MPAA schemes or do similar obnoxious crap. It's not like the minor extra time needed to download a Linux distro (or whatever) has a real impact on my life...

Re:Home server not the fix-all

[wvmarle]

At home i'd have to pay the electricity for a server that's up all the time, and maybe buy a separate computer for it.

Also it allows me to acces my mail and files from just about anywhere, at high speed, without worries. My uplink from home is simply too slow - also an issue for web visitors, this way their pages load much faster.

Re:Home server not the fix-all

[aurb]

Colocation for Raspberry Pi? I'm sure there are services like that.

Re:Home server not the fix-all

[wvmarle]

And: what people expect from it.

For a personal web site, I'd love to play with it. Doesn't matter too much if it goes wrong, if it's slow (due to limited uplink speed), or goes down because someone tripped over the cable. I guess there are plenty of uses for such a server; and for many low-bandwidth uses your home connection will be more than good enough.

But for business, not so much. I used to do this (when I had an office with 20 Mb up/down line); now I went with a cloud server simply for reliability. I want my server to be available, well connected, and just work - so I can take care of the content of my site, so that I know that my e-mails arrive, etc.

Re:The world's largest botnet

[VortexCortex]

Is officially under construction. Once a few of these get owned it will be quick before they're all compromised.

I agree. I mean, Linux runs the majority of web servers. Just look at THAT giant botnet. Best use MS IIS server, on Surface RT -- No one's doing that so it's far safer.

Why stop with the infrastructure?

We could decentralize and democratize the protocol standards as well.

Re:backups?

[AHuxley]

A usb stick or connected RAID 1 mirrored enclose would allow you to keep your data backed up?
New server, check your data and your back online.

Why not decentralized the network too?

[Burz]

It should come with I2P like TAILS does:

I2P-Bote: Decentralized / anonymized email based on DHT

Tahoe-LAFS on I2P: Decentralized and anonymous file storage

Syndie on I2P: Decentralized and anon blog

and

I2P itself: A general replacement for IP. Like a cross between Tor and bittorrent, where everyone is expected to contibute to bandwidth and so reduce the centralization (and opportunity for attacks) as much as possible and expand the approved uses to anything (instead of just web browsing).

Take away the centralized power of the ISP and government to monitor and control every aspect of your online life.

Re:backups?

[AHuxley]

Really depends on what cloud you bought into. Many will offer cpu and bandwidth but as some users have found out other expected benefits may be expensive or lacking.

Re:Good idea- difficult to implement

[fezzzz]

I recently bought a raspberry Pi with the idea of hosting a web server from home using a Huawei Dongle and the cell phone network. Due to the power wastage, I didn't think it a good idea to use my regular PC for the job.

First you obviously need to get the Huawei Dongle working with wvdial or something similar. This took me perhaps a week.

Then you need to contact your cell phone service provider and ask for an unrestricted APN otherwise they block all connections to your dongle. This took some paperwork, but I managed to get it done.

Once incoming connections are allowed, you can start hosting your website. The first proper request to my website activated the dongle's maximum power usage and this resulted in a power brown-out and the PI crashed. After upping the power supply from 700 mA to 1000 mA, this problem was solved.

NOIP and dyndns solved my dns problems easily.

The last problem I haven't solved yet is routing to my Pi with the cell phone networks. About 10% of the time, it finds a route, but the rest of the time it only finds the IP address. I will buy another sim card and see if it improves my situation, but in the mean time I've resorted to Amazon's cloud offering.

Re:The world's largest botnet

[hairyfeet]

Logical disconnect....because one instance, where the servers are admined by guys making high five figures on up and have had many many years of education and experience don't get pwned its the OS that deserves credit?

Bullshit. I don't care if the OS is Linux,Windows, or OS/2 Warp if you put well educated admins on them they will be safe, bad admins and they will be pwned. For what happens to Linux when it is faced with clueless users one merely has to look at Android, which passed its million infection mark over the summer, beating the time it took windows to reach that number by a good half a decade.

Moral of the story? FOSS isn't fairy dust and thinking because an OS is open magically makes it more secure is just that,magical thinking. The vast majority of infections on ANY platform are caused by PEBKAC and Linux has enjoyed many years of security by obscurity on the desktop and highly educated admins on the server. Takes those away? It gets pwned just like Windows and OSX.

Google already says no.

[wjcofkc]

The TOS for Google Fiber says NO SERVERS... at all. Kind of lame when you consider they initially called Google Fiber an experiment to see what people would do with all that bandwidth. This sounds ideal. Google Fiber will be available to me very soon, but I may just have to pass it up. I don't like that they have already drastically changed the game by excluding servers.

Re:violation of net neutrality

[PopeRatzo]

If you want to run your own server, get an appropriate connection for that.

By "appropriate" do you mean, "one that Comcast deems appropriate" or one that is technically appropriate?

Believe it or not, there was a time, before ownership of the internet was turned over to the big telecoms, when you could host whatever kind of service you wanted on your internet connection. Back when there were these things called "ISPs" that you paid and they gave you bandwidth and that was pretty much the end of it.

Net neutrality

[ortholattice]

To me, it seems that providers that prohibit home servers (either by TOS or by actually blocking e.g. port 80) are in violation of FCC-10-201 (net neutrality).

This was brought up before on Slashdot http://tech.slashdot.org/story/13/07/30/2322253/google-argues-against-net-neutrality with specific reference to Google Fiber's TOS prohibition of incoming ports. The complaint is described in http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf . I wish someone would pursue this against all major providers, not just Google Fiber.

There is simply no valid reason to prohibit incoming ports. This issue is not bandwidth - most home servers use far less than say streaming video. In any case if it's abused, the providers can use their existing procedures to deal with bandwidth abusers.

This is really at the heart of network neutrality. The only reason I can see for prohibiting incoming ports is to prevent individuals from competing with commercial interests that provide network services. Personally, it really PO's me that my ISP blocks ports 80 and 443. I keep my files on a home server, and although I can access them via ssh, many public wifi services (e.g. at hospitals) block every port, in and out, except 80 and 443. I can't really complain about the public wifi (well, I can complain, but they'll just tell me that it's a free courtesy they're under no obligation to provide, so if you don't like it, don't use it). So, to access my personal files, I need to use a 3rd party's commercial server (cloud or VPN) that allows port 80.

(As for the dynamic DNS, that hasn't been a serious problem for me - my ISP keeps it fixed as long as my cable modem is powered and connected, and the IP only changes when I restart the cable modem. Anyway, that is a secondary and minor problem.)

Re:violation of net neutrality

[PopeRatzo]

All in all, believe it or not, we're much better off now than back then.

It depends on criteria and perspective.

Ask your ISP for a business account

You mean, "Ask your telecom for a business account", don't you? Are there still such thing as "ISPs"?

Missing something?

[TheSkepticalOptimist]

When did people not have the opportunity to host their own content?

For anybody that has ever hosted their own email server, Raspberry Pi is NOT the right platform to do this on. While you can easily set up an email server on any Linux distro, the reality is that you need something a little bit more powerful than Raspberry Pi to process the ten's of thousands of spam messages a minute you are going to get. And don't think that just because you are "clever" enough to set up your own email server that you will be immune to spam.

And it seems a lot the the Slashdot denizens seem to have forgotten the bygone era of the "Slashdot Effect", when people and companies used to try and host their own websites which couldn't handle a sudden influx of people that used the RTFA. Even a lot of corporate servers couldn't handle when hundreds of thousands of people suddenly jumped onto their websites all at once back in the day. This is why many corporations and consumers just started using hosted services which have a larger, dynamically scalable infrastructure to handle sudden jumps in traffic.

Finally, with things like Facebook and Twitter and a slew of other social networking services, these all but decimated the "personal blog". Nobody cares to go to www.myblog.com and read some mindless ranting from a conspiracy nut. The problem with "decentralization" is that you will be lost in obscurity.

So, aside from hosting anything more than a hobby website for friends and family to touch base with, good luck.

Re: violation of net neutrality

Really? Odd, I'll have to inform Concast of that. I pay $80 a month for business Internet, I do run my own servers, VPN in. To comcast. At my house.

Re:The world's largest botnet

[jacook]

With all due respect, it's exactly this sort of distrusting end users that gives us the current predicament that we are in. Considering potential end users as "idiots" (I know, it's just a turn of phrase, but it can be representative) is exactly the wrong attitude to have. We should be striving to create software that works well and is secure, instead of feeding the dichotomy of haves and have-nots (i.e. geeks who know how to do everything themselves vs. everyone else that is SOL). There is no reason why this should continue to be the case. It is extremely important to provide secure software for users to use, and that is what I intend to do, as much as possible. There are high technical obstacles to overcome to get this to work properly but they are not insurmountable. So we shouldn't be acting like they are.

Any linux distro does this

[Gothmolly]

I get that we're all busy frolicking with our Raspberry Pis, but any Linux distro on an old PC will do this. There's nothing "Pi" about this. You don't need a new distro for this either. Maybe a handful of shell scripts or some kind of GUI to manage all the bits and pieces would be nice, but this is all a solved problem.

Re:Any linux distro does this

[phaggood]

A solution you can pick up for 99 bux at Walmart since 2009 apparently - http://techreport.com/news/16466/marvell-unveils-99-wall-wart-linux-pc