 I have the pleasure to welcome Bidale Garby. He's a Debian project member since 1994. He's probably the one that is in this project in Debian, the longest of all our participants here. I think Ian Jackson actually probably deserves that credit. I'm pretty sure Ian was involved before I was, but sometime in 1994, right, for both of us? I think so. I mean, the two of us have certainly been around the project almost since the beginning. Yeah. So he's around since almost since the beginning, and we're talking about Freedom Box since Debian 10 in New York. There was an amazing talk there that introduced this concept, and Bidale is going to talk about what Freedom Box is today, and welcome Bidale. Great. Thank you. So a couple of questions before I start. I know that we invited people who are not here for the whole week to come today. How many of you are here just for today? Awesome. This is great. Welcome to Debian Conf, and I've seen that many of you must live somewhere relatively close by if you were able to come just for the day. Thank you for sharing such a beautiful view and beautiful weather and a beautiful country with us. We've been having a great time this week, or at least I've been having a great time this week. Everybody else has been too. Part of the reason that I've been having such a great time this week is it's been an excellent chance for me to get away from the things that have been going on in my life recently. I've talked to many of you who've been here all week about what's been going on, but even for those of you who haven't talked to me, this is what I came home to in the middle of June. Really big forest fire in Colorado, the worst in the state's history. Approximately 500 houses destroyed. Mine was one of them. That's where my house used to be. For those in Germany, I apologize so much. There's not one but two porches that were destroyed in this fire. So this is unfortunately what has been taking a lot of my attention for the last few weeks. Yesterday, they began the process of tearing out the foundations and getting the site cleaned up so that we can begin the process of building again. As you can see amazingly, even only two months approximately after this fire happened, there's already a lot of green around there. Things growing on the ground, the trees coming back. So I think we'll have a nice house and rest again maybe a year from now. But I show these both because this is my last time as a presenter this week and I've been talking to many of you about what's been going on and I thought I would show you a picture so that you could see what I'm talking about. But it's also by way of setting a little bit of context for the progress or lack thereof that I have been able personally to drive in the Freedom Box community within the last couple of months. I had personally really intended for this summer to be the time where I focused very hard on getting us to what we've been describing as our one use. For obvious reasons, that just hasn't been possible. Fortunately, there are lots of other people working on the project continuing to make progress and so what I would like to do today is give you an overview of what this project is about. Particularly for those of you who are here just today, who are not regular participants in the DEBCONF series. Out of curiosity, how many of you have not seen a presentation about Freedom Box before? Quite a few of you, okay. So I feel pretty good about the material I selected today. I'm going to give you some background about the project, why it needs to exist trying to accomplish. I'll talk a little bit about the current status and about the kind of help we need to make further progress going forward to complete this project and meet the objectives that my good friend, Evan Moglen, began to establish for us at DEBCONF several years ago in New York. So what's the problem? Out of curiosity, how many of you have a Facebook account? Yeah, Google+, Flickr? Yeah, okay. I could go on, but the point is very clear. Even for those of us knowledgeable in the world of free software, these large social networking services have become an important part of many people's lives. And in particular, I have very good friends and family members for whom this has been a major enabler of a new kind of interaction with their friends and family over a geographically distributed area. For those of us involved in the free software world, particularly those of us involved in a project like DEBCON, this is not such a revelation. We've been on mailing lists with each other for a couple of decades. We've been sharing photos. We've been talking with each other about things other than just free software. But for many, many people in the larger society, these services have brought a new set of capabilities. In fact, I should mention that the reason I have this week been wearing different bright tie-dye t-shirts every day is because a good friend of mine started a page on Facebook after the fire called tie-dyes for B-dale and solicited people to send me appropriately sized tie-dye t-shirts. And I've now received 19 or 20, I'm not entirely sure. And I thank everyone involved for doing that. It's really a wonderful thing. But this is the kind of thing that my friend would not have known how to do before the existence of social networking services like Facebook. Unfortunately, the problem is we're all putting more and more of the direct and indirect information about our lives into these kinds of services at a time when our lives are under increased scrutiny. You've all seen the news reports recently, right? It's not just those of us who are sort of concerned and paranoid, who it turns out should be worried about these things. Our governments really are looking very hard at our information, the information about who we associate with, what we do, and so forth. And whether we're immediately concerned about this or not, it's something that I think is going to be an increasing source of concern. And the real problem in my mind is that for-profit companies, companies like Facebook and Google and so forth, no matter how noble their intentions and no matter how wonderful the words in their terms of service must operate under the legal context of the countries and jurisdictions in which they operate. This means, well, it means that if a government agency comes to their door and legally requests that they provide information about their users, they will do it. Not because they want to, but because they have to or they can't operate in that legal jurisdiction. We all cheer when we hear that some company is pushed back on a government request, but in the long term, companies cannot continue to operate legally in the various jurisdictions unless they obey the law. So no matter how good their terms of service, I think we all have to assume that every permission we ever put into these large, corporately based online social networking sites will eventually be, if not completely public to everyone, then certainly available to anyone with some semblance of authority who wants to have access to it. So what do we do about this? I mean, after all, for me and for many of you, I believe that the fundamental objective has been to use the internet to free people, to liberate them, to give them access to knowledge, the ability to interact and communicate with each other, and to do things they couldn't do before. Not to more easily surveilled in an effect to curtail their freedom. Well, this is what the Freedom Box vision is all about. We have this notion that if instead of using other people's services provided by corporations, we instead could deploy personal servers, running a free software operating system and free software applications, running on cheap, power efficient, I don't care if they're plug computers or something else, but inexpensive, low power, easy to deploy and manage server that you could install in your own homes and then build communication structures on top of that, that this would be a fundamentally different situation. It turns out that in the United States and in many other legal jurisdictions, the legal barrier that must be overcome to get permission to look at your data is much more stringent if that data lives on a server that's in your house, then if it's data that you've chosen voluntarily to put on a quote, unquote public site, this is just true. And so if the data stays on a machine in your home and people who are in your network of friends and associates access it from there, it's much more legally secure than otherwise. And certainly if it's on a machine that you own and operate and have some sense of control of the software for, then you can choose to implement more stringent security controls. You can have finer grained control over who gets to see that information and through cryptographic means, you can do much more serious things to protect that information. So if we were able to do this and to get a large number of devices like this deployed, I believe it would contribute to helping build privacy respecting federated alternatives to these existing social networks. And the idea here is that in Federation we mean that instead of having one company with one cluster of servers providing a service, we instead have lots of people each with their own servers collaborating with each other to provide similar some places better services. And there's been lots of discussion in the Freedom Box world about mesh networking because one of the ideas is that particularly when we were watching things happen after the initial WikiLeaks traffic and what's come to be called the Arab Spring, we saw situations where government authorities were quote unquote turning off the internet. And when that happens, if people have lots of devices that they own themselves that have wireless interfaces and we can use those to build ad hoc networks, maybe there's the opportunity to route around the damage that's being caused to the internet connectivity by these government authorities, even in cases that aren't quite as tough to imagine happening to ourselves as that, there are many situations now where neighbors using different commercial internet service providers have different restrictions placed upon their use. My service provider doesn't want me to go to this site, your service provider doesn't want you to go to that site. If we have the ability to build ad hoc network connections between each other, maybe I can route a little traffic for you, you can route a little traffic for me, and we again route around this damage that exists in the network in the form of filtering and firewalls and so forth. And of course we all know that there are countries in the world that impose these sorts of restrictions and filtering on all of their center net communication. And if we did a really good job of building these things, maybe those sorts of firewalls could be circumvented too. So in the end, the idea is that if we can facilitate people collaborating safely and securely with others, that it's in building these sort of social networks that this could help support demonstration, protest, and mobilization for political change, all at the same time making everything that we do a little more private and a little more secure. So that's the vision that was established by Eben Moglin when we all of this. Not long after DEB CONF 10 in New York, in fact a week or two later, I guess the next week, he and I were together in Boston for the Linux Foundations, LinuxCon North America, and I sat down with Eben and I said, you know, this is a really compelling idea. I like this. What can I do to help? And that led me to join what soon became known as the Freedom Box Foundation, which is a non-profit organization based in the U.S. Eben and I are two of the members of the board of directors, and we very quickly cue some decisions to try and bound the scope of the problem that we were facing. The first thing, decision we made, which in the last year, I've had a lot of reason to question and wonder if we really made the right decision or not, is that we chose to focus on software and not on producing a piece of custom hardware. The idea behind that was that we're basically free software guys. We hang around in projects like Debian that are fundamentally software projects. We know how to do free software. Let's focus on doing the part we know how to do, we know how to distribute, can be distributed cheaply easily. The problem with hardware is it's a huge distraction if what you're trying to build is a software stack. On the other hand, in hindsight, if we had created a cute little piece of hardware and we had run a Kickstarter campaign about a cute piece of hardware that happened to run this awesome pile of software, I think in hindsight it might have been easier sometimes for us to stay focused on what we were trying to accomplish and get something delivered. I don't know, that's looking backwards and I prefer to look forwards. We also chose to focus on servers and services not on client devices. In other words, this is freedom box the server, not freedom box the phone. There are lots of people working on interesting approaches to building completely freedom respecting software stacks for use on phones and other mobile devices. We strongly support and encourage them, but that's not what Freedom Box is trying to do. And I also like to emphasize that we're trying to build a platform for distributed federated social networks. We're not actually trying to build a social network ourselves. In other words, we want to put the software, the operating system, and the applications in place that other people can take that and deploy it to build the kinds of networks that they need or uses. The other big decision we made, and this is where there was much philosophical hand-wringing, was that we would make use of existing infrastructure where it seemed appropriate while trying to work to move away from some of the central infrastructure control points that exist. For example, the domain name system. You maybe don't think about it very often, but this is a completely hierarchical system with a central point of authority. If someone wants to, and they choose to, subvert that authority, either through legal or technical means, control of the mapping of symbolic names to IP addresses, then all of a sudden things go sideways in a hurry. You have very little ability to trust that you know who you're interacting with. There's also this interesting sort of cartel around cryptographic certificates. Every time you use a web browser to talk to a store online and you see the little SSL secured symbol that tells you, oh, this is an encrypted channel and it's okay to use my credit card number to buy something and have it sent to me, the security or the authentication of those keys so that you believe know who you're talking to is actually really running the store you think you're buying it from comes through a set of certificate authorities that again operate very hierarchically, very centrally and frankly have behaviors and approaches that are not necessarily well aligned with our long-term objectives for freedom. And then the other thing was it would have been very easy to say, you know, we don't want to depend on any existing networking at all. Let's ensure that every freedom box is only using, you know, ad hoc kinds of communications. That would have forced us down a path where what we built was not terribly useful in the near term. And so these are all decisions we made that we will take advantage of and use these existing pieces of infrastructure while simultaneously trying to remember that these are potential points of failure around centralized authority or control so that as we try to build protocols and software solutions to implement the features we want, we try to do them in a way that eventually if we wanted to we could walk away from some of these central points of control. So why did we choose Debian for freedom box? Well, for you who've been here at Debian Conf all week I hope the answer is completely obvious. You know, Debian as a project is sort of unique in the world and frankly it's really quite amazing. It's a completely open volunteer organization, very strong technical infrastructure, very international which is important for a project like this where, you know, when you start talking about the behavior of different governments and authorities and different jurisdictions around the world having a presence in many other countries at the same time is a good idea. It's also important to us that Debian's on a lot of different hardware architectures because while I may have some ideas about specific pieces of hardware that we're using as reference platforms for this work one of the reasons for choosing Debian is that, you know, hopefully the software stack we're building can run on sort of any hardware that people happen to have available and then there's this sort of thing I've been saying for years that's more or less true most of the time and that is that all free software eventually gets packaged for Debian and so the notion that many of the components we would like to use would either already exist in Debian or would have a low barrier to convince the developers that this is software which should be packaged for Debian would make some of the work we need to do easier. Then the other decision we really made early on was this notion that we weren't going to just take software from Debian to go build Freedombox. Lots of people out there have built interesting projects in fact many of the things you see on Kickstarter and Indiegogo and so forth use many free software components but one of the conscious decisions we made is we weren't just going to take software from Debian we were going to make sure that what we delivered actually was Debian. The work we're doing would be merged into and become part of the larger Debian project and in fact we have wondered sometimes if what we're doing isn't just trying to raise the availability of security and encrypted communication and so forth in Debian as a whole even more than trying to build a specific software stack for a particular purpose but be that as it may this is a very fundamental objective and we've made some progress towards this certainly the hardware platforms that we care the most about gained the ability to have Debian installed normal Debian installer processes as part of the Weezy release cycle and some of the other hardware platforms we've been looking at either based on Debian already or using Debian derivatives so that part certainly been true most of the software components we're using are already part of Debian with one or two exceptions that I'll talk about in a little while but this also means that any new software that we create will get packaged and put in Debian and most importantly regardless of how successful we really are at delivering some particular software stack that we call FreedomBox 1.0 or something like that work that we've done is available will be available other people can use it other people can build similar or different devices using some of the same ideas and this has all been very very important to us and I think it's been going pretty well though one of the challenges I've personally faced is some of the other people very enthusiastic about FreedomBox are not Debian developers and they don't have a lot of experience building and packaging software for distribution in ways that we in Debian are accustomed to and so a lot of the work that I've personally been doing has been trying to address that along with several folks that are they're here in the room so what sort of challenges have we faced? Well there have been some the first one honestly is that there are an awful lot of binary blobs in the world we chose a hardware platform to be our initial reference platform that I'll talk a little bit more about in a minute and one of the consequences of that choice is that even though it was at the time sort of a best-in-class solution in the plug server world it still had some GPL violations embedded in every device that was being shipped and Kate sort of put two and two together in your head immediately having a project that Evan Moghlin's name is associated with where there are obvious GPL violations in the firmware is kind of a non-starter so in hindsight I probably spent way too much time trying to work on this and trying to get all of the bits of firmware and in system administration tools for the Dream Plug GPL free and packaged and into Debian it probably would have been smarter to remind myself that this is supposed to be a software project and not a hardware or hardware enabling project and to focus things higher up in the stack but be that as it may at Debian Conf in Bania Luca we went nuts and got lots of work done and then last year at Debian Conf in Nicaragua I got some very important help at fixing up some of the last problems to make it possible to do a Debian installer installs on the Dream Plug hardware and that's all been you know work that's been done and done well but it took a lot of time and was a big distraction the other significant challenge is that very early on we realized that we needed to have some technical mechanism to serve as the basis for our Deon authentication model and when we looked around in the free software community we saw no better choice at the time than the use of open PGP keys you know these are the keys that we use in Debian for our key signing activities and they're the keys we use to sign to authenticate uploads that we make to the archive the problem with all of this you know and there was I think a very high correlation between some of the early adopters of the Freedom Box concept and people who were willing to work on it and people who already had you know some experience using open PGP keys in the free software community the problem is that you know the GPG user interface is horrible and the recipes that one has to learn and remember in order to use it effectively are very challenging but in addition to that most of the existing applications that use some kind of network based security particularly anything that uses the SSL security model really assumes the existence of this sort of central certificate authority and trying to work around that is really fairly difficult it's a huge conceptual disconnect and it's harder than it seems to fix because it's not just a case for example with the path that you can go create a different security module plugin a variation of an existing one and have it sort of trivially align correctly because what's meant by the assertions that the server is asking for on a particular connection don't necessarily align conceptually well with the kinds of things that we're interested in having asserted and frankly key signature and certificate content just comes in a lot of different forms they are all sort of understandable comprehensible but some of the standards are fairly dense and trying to deal with how do you wrap this kind of certificate material in this kind of wrapper so that you can pass it through this kind of channel there's just a lot of work and frankly the people who are qualified to get this stuff right are all busy because this is important it is complicated and most of them are consultants who are making lots of money when they're not working on Freedom Box so I mentioned that we picked some reference hardware let me talk just briefly about that to give you if nothing else to give you kind of a sense of the class of devices of hardware devices that we're thinking about when we talk about Freedom Box you know as I mentioned before you know fundamentally anything that can run Debian ought to be possible to use as a Freedom Box hardware but the initial reference design that we have been working towards is really targeted for this device called the Dream Plug from Global Scale Technologies it uses a Marvell arm-based system on chip I'll show you some more specs in a second I assume most of you have heard about the Raspberry Pi it's really been just sort of an amazing thing to watch really cute really inexpensive little server runnix there are a bunch of problems with the Pi but it's just so cheap it's hard to ignore and then something I've been very excited about for the last few months is a project called Novena that I'll talk about in a minute it's the first hardware design that I personally have seen in recent times that promises to be completely Freedom Respecting hardware and meet the kinds of needs we have for something like Freedom Box so first of all the Dream Plug as I mentioned it uses a Marvell Kirkwood processor this is in the same general performance class it's sort of a slow desktop or notebook it's not by any means providing the same level of performance as a current Intel or AMD processor but it's enough to run some credible web services and to do a useful amount of encryption and so forth these devices have they have enough memory they have a couple of wired network interfaces they have a wireless interface that wireless interface with this Marvell Micro Access Point is one of the things that was really difficult to deal with from a licensing standpoint the firmware for that we finally have sort of reverse engineered drivers that do almost everything right but in any case you know it's an interesting little piece of hardware this is kind of what one looks like I used to bring one to show off and sort of sling around the whole thing with the power supplies about that big I don't have any of them anymore for obvious reasons but this is what one would look like as I mentioned the Raspberry Pi is another target we've been looking at simply because they've become so immensely popular and that popular in the hacking community lots of people have been buying them for different reasons in the U.S. you can get a reasonably well-equipped one for you know $35 or something like this they run this Debian derivative called Raspbian by default there's been some discussion here at DEBCONF this week about what the opportunities might be for getting Raspbian sort of folded more closely back into Debian I'm very encouraged to see interest in that I think it's completely plausible to use one of these as a personal server they are really underpowered from a computational perspective but for providing some file service for doing some web service for things like that with the appropriate peripherals they can work in order to use one as a router you probably need to let at least one more network interface because they don't have a lot but there's actually been some commercial interest in using the Raspberry Pi and appropriate peripherals to build a commercial product based on the Freedom Box software stack and so this is something that as a consequence we've been paying quite a bit of attention to but as I mentioned something I've been really excited about since about the beginning of the year is this project called Navina Andrew Bunny Wang is the one who's been working on this and he describes this as an open-source laptop project and in fact what he's building is a hardware that you could very credibly build a completely open design laptop around with a high resolution graphics display and so forth this set of specs is from the original version of the board that he started showing off in around January of this year he's very recently gone to a new revision of the board and the specifications have changed slightly I haven't gotten an update on the slide yet but when I looked at the board I said oh gee if you just ignore the graphics interface that's a really amazing piece of free hardware with good cryptographic hardware acceleration really good hardware random number generator lots of other things we'd really like to have and given who some of Bunny's friends are and the inputs he's been having from various communities about features we'd like to see in this hardware when or if he gets to the point where he's comfortable building a lot of these and selling them to other people in a maybe in a Raspberry Pi-ish kind of way I think this is going to be a really impressive platform to run things like freedom box software on and the thing that will make me happy is that this hardware would allow us to run an entirely free software stack all the way from where to the top no binary blobs at all so we've been working on this project for a while and of course we were naive when we started because we said you know most of the things we want those of us in the free software community already do many of us run our own servers or we have you know virtual servers in a data center somewhere and we run our own email things and we put up our own web servers and we use SSH to securely interact with all of these things and we know how to encrypt our email pipes and you know if we were if everyone on the planet were just as geeked we are then we wouldn't have this problem right and so gee how hard could it possibly be to pick and choose some of the software that we already use and bring it together and you know build a solution that more people could use well the challenge is that if you really want this to be something that you could put in a box and sell it retail and have the proverbial my mother goes and buys one kind of experience be successful then you have to you have to think beyond the geeky box we have to figure out how to make these things that we already had to do on some days be things that all sorts of people can be successful using every day and that's turned out to be a really significant challenge so the objectives we set for our 1.0 milestone are in some ways really quite simple and yet they embody an immense amount of sort of setting the tone and picking the right technologies and getting the base infrastructure pieces right it's sort of a conceptual level the objectives we set for 1.0 is we wanted a software stack that would be more accessible to less geeky people we wanted to broaden our original hardware support from just the dream plug to some of the other things I've been talking about and we wanted to really firmly establish the lower levels of the software stack that would establish this open PGP key based trust model so the things we decided to do to implement each of those is that we chose a python based dynamic user interface building environment built by James Vaseel that's called plinth as the basis of our user interface and we started to figure out how to hook the various pieces of software that we wanted to use into this plinth based user interface we changed the way we began to change the way our image building tools worked so that instead of just specifying lists of packages we instead started to construct meta packages which would eventually all live in the Debian distribution so that you could someday apt get install freedom box and have the right software components present and configure it and have the user interface available to be able to configure that regardless of what hardware you started and from the open PGP key trust model standpoint we focused in on this tool called monkey sphere which some of you in Debian I'm sure are familiar with it's a way of using GPG keys as the root of trust for other cryptographic kinds of interactions for example you can do things like base SSH connections on open PGP keys instead of some other kind of key material and some of the work that's been going on funded by the freedom box foundation over the last year in small ways here and there has been to try and make monkey sphere more relevant for more kinds of cryptographic interactions so plinth let me talk just a little bit about that this is intended to provide a web based front end user interface for freedom box so the idea is when you first get one of these it might physically be a lot like a little network access point or router or something in terms of what it looks like and when you first interact with it you would do so through a web based user interface and by being the first person who talked to it over probably a nicely secured local network connection you'd have the ability to engage in some initial cryptographic interactions that set up your relationship with your box but the plinth interface based on the sort of notion of pluggable forms and menus means that we can build software packages we can take various applications in Debian or build new Debian packages that each deliver some file fragment containing some Python code that uses the plinth interface libraries and at runtime all of those get slurped together to sort of create the user interface for the set of software that's only present I won't belabor the details of how this is all implemented but I will mention that this is one piece of technology we're really nothing quite like what we wanted already existed packaged in Debian we looked at different user interface toolkits and nothing really had the right characteristics the problem is the guy who wrote plinth at the time was not a Debian developer and he also didn't really I think think very hard about or understand some of the challenges that we would face in trying to package the software in the way that he built it so I've spent more time than I had really intended working with him and with others to restructure this it's been rebuilt into Debian packages but at this point it has not yet been uploaded into the archive to the best of my knowledge so that's one of the things that's still an item to do but the content elements to hook various applications into plinth are something that people have been working on from an image building standpoint I started out building a scripting engine called Freedom Maker that was designed to build images for initially just for the dream plug and then Nick Day who's been working very closely with me on this a lot over the last few months started maintaining a shiny branch in the Git repository that incorporated many more applications than I was comfortable putting into our base reference image the work that's been going on recently there is adding support for more hardware targets and as I mentioned restructuring it so that it uses meta-packages to manage the dependency information instead of direct package lists in the monkey sphere world as I mentioned this was originally developed for use with SSH it actually works quite well in that context Dan Gilman working on this ModGinu TLS for Apache in the process I gather he became the new upstream maintainer for ModGinu TLS and found himself therefore instead of just implementing the things we needed for Freedom Box also sort of chasing down and trying to find and fix many of the outstanding bugs that existed and so forth so this is kind of a work in process but what it what this module allows you to do is it allows you to use client X509 certificate based around an open PGP identity to authenticate yourself to a webber doesn't sound all that terribly exciting or complicated but what it means is we now have the mechanism by which the initial connection with your Freedom Box can be established at the time you first turn it on by an appropriate exchange of correctly signed and annotated open PGP keys and then from thence forward any time you talk to your Freedom Box from anywhere on the planet you can be absolutely certain it's your box you're talking to and it can be absolutely certain you are you interacting with it there's been lots and lots of work that's gone on to think through how we extend from that to having boxes interact with each other so that you could give a message to your box telling it to send it to me and based on information in the public key servers your box could figure out which box I trust to deliver that message to me and so forth there's a lot left to do here but the base monkey sphere interactions with Apache and SSH are all working quite well so the services we really hope to deliver in a 1.0 release as I said are really quite simple immensely powerful in some ways how many of you are running Privoxy now quite a few Privoxy do you use it it's an interesting tool it's a non-caching proxy server the purpose of which is to allow you to filter out all sorts of weird stuff by which I mean you can choose to strip cookies you can do ad filtering you can do all sorts of protecting yourself from bad sites on the web stuff one of the things that has been done in the context of the FreedomBox project is to build an immensely big Privoxy config that captures lots and lots of information to try and build a safer net use experience if you are using your FreedomBox as a path for client devices to reach the rest of the internet in other words you can take an unprotected Microsoft Windows or Apple or random Linux client and by routing your web traffic through the FreedomBox provided Privoxy interface you can provide a safer web browsing experience even without modifying the client device we've been working on a couple of different PN technologies for client connections there's a tool called FreedomBuddy that helps to do service negotiation between different FreedomBoxes helps you find other boxes and do things with them and then as I mentioned both SSH and HTTPS working with open PGP keys so there's some other little tricks that we have in mind lots of things that we'd like to do but those are the fundamental things that would cause us to believe that it was possible for us to declare a 1.0 release so what can you do to help well as I mentioned my own rigidity to spend a lot of time on the project this summer has caused me to think even harder about what the right ways are to get other folks to help the first thing which I say every time I talk about FreedomBox is please be more conscious about privacy and other freedoms and everything you do if you are operating on the internet and you haven't already created a GPG key now today while you're here and there are lots of other people who are really well connected to the strong set who are part of the Debian project would be a great time to do that and get a few initial signatures so that you're connected in from a more technical standpoint those of you who have time and would like to help us bring some of this to fruition Nick Daly who as I mentioned has been immensely productive and helpful in making things come together has put together a to-do list which I know at least one of the places it's living right now is at that Gatorius URL he's tried to document what the remaining to-do list items are for us to be able to declare a 1.0 release and then there's also some thoughts there towards what needs to happen for the following releases I would strongly encourage any of you with the inclination of the time to go look at that list and if there are things that you are willing and able to do to help us make progress over the next few weeks we'd really appreciate it at the foundation we have done some of the things that have to be done above and beyond just the software a few months ago we hired a technical writer and she's been making progress on putting together some user and integrator documentation I unfortunately have not been paying as much attention to her for the last few weeks as I should have to help make that have that make more progress but our objective originally was to try and get into September of this year with enough software and enough documentation together that we could declare something like a 1.0 release I'm afraid given my distractions recently that that schedule is probably no longer possible but I would really love to see that 1.0 release reached sometime before the end of this calendar year so that we can start to focus on the deployment process getting more people to actually use some of these technologies and help us understand what the most important things are to be working on for the 2.0 and 3.0 releases another thing that I think is really important particularly I personally have had to step back for a little while I know that Jonas and some others of you in the room have continued to be quite active in one way or another but as we start talking about using a web-based graphical interface to configure and administer various services on a box full of Debian packages I think it's really important that we do this in a Debian way and what I mean by that is not having little Python scripts that go directly twiddle values and configuration files when that's the wrong way to do it we have pre-mechanisms we have the ability to call DPKG reconfigure there's underlying mechanisms that will allow us to change the configuration of many of the relevant Debian packages without just whacking config files after the package is installed and I think that that would make some of these things much more maintainable and supportable for the future so to the extent possible I'm hoping that as we implement these user interface fragments they can be done in that kind of way and so those of you who understand Debian packaging even if you haven't been doing much for FreedomBox in the past taking a look at that to-do list and helping us understand how best to implement some of those interfaces so that we don't build support headaches for ourselves in the future would be greatly appreciated and then of course because I'm a member of the board of the foundation I would be remiss if I didn't mention that it is a U.S. non-profit corporation and the result you know financial donations are always welcome so if you want to learn more these are the two best places to go look there is a FreedomBox foundation.org website it mostly has information about the foundation and how to get in contact with us and pointers to some of Eben Moglund's some of my former presentations and so forth most of the technical information lives within the Debian wiki because as I mentioned we're doing all of this work in the context of the Debian project and so that seemed like the right place for all of that to be with that I thank you very much for your time and attention and if we have a couple minutes for questions great I don't know where we are on time yeah thank you Bidale actually the time is over but don't want to be too Swiss so I will allow some questions to Audrey so who has a question I would say particularly folks that have not been here all week if you have questions I'd be happy to answer a couple before we call it quits you have mentioned that a solution to the DNS system is necessary to have a freedom network so have you advanced at least from the conceptual point of view on the on the parallel DNS system so we have talked about this quite a bit but we have not actually I have not and the people working directly with me have not specifically engaged in trying to do work on a parallel replacement DNS system my hope is that by talking about this like this and identifying the issue that we provide some encouragement to the various other people in the free software world and the free culture world who are tackling these problems and as solutions emerge we will be quick to take advantage of them I should be clear that some people ask me sometimes can't you just depend on the existence of the Tor network and use its onion routing and solve a lot of these problems well yeah you know there's issues there in all sorts of directions people ask me similar questions about other technologies and in every case my objective is to figure out how to get the core bit of work we're trying to do done while pointing to these other issues and trying to encourage everyone who's working on them to keep working on them to make good progress because we will adopt good solutions as soon as we see them other questions okay well thank you very much I will be around for the rest of the evening and I'll be happy to talk about this more in the hallways or at the barbecue or whatever as you like okay we will continue in about 10 minutes here with a talk by Keith Packard about flying rockets with Debian