
Librem One – A growing bundle of ethical services - noahth
https://librem.one/
======
nickelcitymario
Lots of great criticism on this thread. Lots of great reasons to maybe stay
away from Purism.

However...

What I personally think is really interesting here is the bundle. I don't want
to pay $10/month for a Twitter clone. I don't want to pay it for VPN. I don't
want to pay it for email, or file storage, or contact manager, or payment
system.

But as a bundle?

$10/month to actually solve all of my digital privacy concerns?

That's a rather appealing proposition. I'm not sold Librem One truly solves
this, for all the reasons in this HN thread. But I think the idea that I could
make a single Netflix-sized monthly payment to simply solve privacy across-
the-board is something I could get behind. And I'm cheap AF.

They're onto something.

~~~
oever
ISPs could offer this bundle as part of the internet connection like they
(used to) offer an email account and web page.

~~~
nickelcitymario
That is a FANTASTIC idea.

The challenge, at least in my neck of the woods, is that all the independent
ISPs got purchased by bigger players who aren't exactly in a rush to be
innovative.

------
1023bytes
This is quite dishonest, they make it seem like they develop the apps
themselves. But they don't and they give no credit to the actual original
apps.

Librem Chat = Riot.im

Librem Social = Mastodon (specifically the Tusky app)

Librem Mail = K9 Mail

Librem Tunnel = OpenVPN

~~~
jaydouken
This is something that I've noticed too. I really want to like this but they
are claiming to charge people for apps that they don't own and are already
free. If they said that they simply take care of all complicated hosting or
simplified the process I'd be more optimistic about this.

~~~
Mediterraneo10
> I really want to like this but they are claiming to charge people for apps
> that they don't own and are already free.

Selling people collections of software (which you didn’t code yourself, you
simply repackaged) on floppy disk or tape was an old-school practice in the
Free Software world and generally considered perfectly fair.

~~~
mimixco
Those were disks you installed and ran yourself. This is a hosted product that
runs in a (not free) data center. It's perfectly legit to charge for the
service of hosting an open source or free app.

------
cyphar
It's a bit of a shame that Librem Tunnel doesn't use WireGuard, though I
imagine they'll switch once it's in mainline.

Otherwise, seems like a pretty neat idea -- it could open the door to more
lay-people using open protocols like Matrix without everyone jumping on
Matrix.org for free or having to self-host. I am interested to see how the
Librem Files/Backup system will work if it comes about (I would guess
NextCloud but if they have a better solution I'd like to see it since I've had
my fair share of pain with self-hosting NextCloud). It looks like there would
be some kind of cohesive management of all these services, which I think is a
great example of the usefulness (for users) that open standards can have.

It does bother me a bit that the apps are clearly mild reskins and there is no
mention of the original app creators -- obviously this helps with brand
recognition but seems a little bit dishonest. Really, you're paying for
hosting (which is totally fine), and it should be clearer that they're just
giving you mostly-consistent apps that work with their service out-of-the-box.

I also am doubtful the Librem Pay idea will pan out though. The number of real
businesses which accept $x-coin is effectively zero for most people.

~~~
craftyguy
> It's a bit of a shame that Librem Tunnel doesn't use WireGuard, though I
> imagine they'll switch once it's in mainline.

It's a bit of a shame that WireGuard still requires out of tree components to
work.. I'm rooting for it to get accepted/merged, but until it does it just
becomes a greater risk to build a business off of it.

~~~
cyphar
It's in the process of being merged into net-next and mainline right now[1]
and most of the hangups are around the new crypto library that WireGuard
uses[2].

But honestly though, the risk is identical to any other kernel module -- the
author and future subsystem maintainer ensures it builds and works with all
new and old kernels, and releases snapshots very regularly. Almost all
distributions have packages for WireGuard which are automatically rebuilt with
new kernel releases.

There are arguments against using it because it's still (on paper) pre-1.0
software but given it's had fairly widespread use for the past 3 years and no
security nightmares it's shown to be quite a bit more secure than

[1]: [https://marc.info/?l=linux-
netdev&m=155323912319537&w=2](https://marc.info/?l=linux-
netdev&m=155323912319537&w=2) [2]:
[https://lwn.net/Articles/770750/](https://lwn.net/Articles/770750/)

~~~
craftyguy
> the risk is identical to any other kernel module

Nope, it's not identical. There's a forcing function (e.g. Linus) to help
motivate maintainers to fix their crap in the kernel tree if it breaks. That
forcing function does not exist for out of tree patches.

~~~
cyphar
If we were talking about the out-of-tree VirtualBox drivers I would agree with
you. But we're not -- WireGuard has proven itself to be incredibly solid for
the past 3 years and supports all kernels since 3.10 (with each commit getting
tested against all of those kernels).

To be honest, that is far more stringent requirements than most subsystems in
the Linux tree. Being in-tree is better for a variety of reasons, but just
because something is in-tree doesn't make it significantly more stable or safe
(I can think of several counter-examples where Linus hasn't motivated
maintainers to fix mistakes and breaking changes).

------
jph
Awesome. Props to the Purism Librem team for excellent ongoing progress on the
superb laptop, new phone, and this new Librem One software offering.

The offering is a bundle of services that respect you and your privacy.
$7.99/mo for a software suite: Librem Chat (Riot), Librem Social (Mastodon),
Librem Mail (K9), Librem Tunnel (OpenVPN), and more services coming soon e.g.
Librem Files, Librem Backup, Librem Contacts, Librem Pay, Librem Dial.

The key value for me is all of these are curated, updated,
available/accountable via one vendor, etc. Other people who prefer free-as-in-
beer versions can still get Riot, Mastodo, K9, OpenVPN, etc. as is.

And if any of you are product managers or technical marketers, have a look at
the Librem products matrix and explanations area-- in my opinion it's the
among the best in the industry:
[https://librem.one/#mce_1](https://librem.one/#mce_1)

~~~
StudentStuff
I'd be wary of Librem Chat being viable long term, Synapse (the server
software for matrix) is a real ram hog, we see it hover at ~2GB of ram with 5
active users and have bumped its VM up to a dozen gigs of ram to deal with it
OOMing (despite having 4GB of ram).

The documented switches like SYNAPSE_CACHE_FACTOR seem to cause wild
oscillations in ram use and worsen the OOM problems, when enabled Synapse
would jump between 500MB and 3.8GB of ram constantly, eventually OOMing.

Edit: Also, the support channels for Synapse exist, but you will rarely get
any response.

~~~
Arathorn
Speaking as the project lead for Matrix; we are continuing to work on
Synapse's RAM use, and it will only get better over time.

One big misconception is that somehow RAM usage is related to the number of
users on your server - instead, it's related to the size & complexity of the
rooms your users are participating in. In other words, one person who joins
thousands of rooms with thousands of users in them will use a lot more RAM
than a server with a thousand users who use it only for small group chats.

The things to check if your Synapse RAM is high are:

* Make sure you're running postgres. Sqlite is not currently usable in production.

* Make sure you're running Python 3.7

* Increase the synapse cache factor a bit.

* Check for and prune extremities ([https://github.com/matrix-org/synapse/issues/1760](https://github.com/matrix-org/synapse/issues/1760)), which will soon be a thing of the past, but we're not there quite yet.

If it's still overloaded, then you need to look at splitting the synapse
master process off into workers ([https://github.com/matrix-
org/synapse/blob/master/docs/worke...](https://github.com/matrix-
org/synapse/blob/master/docs/workers.rst)) or disabling presence.

In terms of whether you get response in the support rooms - whilst the core
team has been preoccupied with infrastructure security over the last few
weeks, the rest of the community is generally happy to help with synapse
tuning and the rooms are far from idle...

~~~
StudentStuff
Looks like we are using sqlite and Python 3.5.3, synapse cache factor is
currently not set in our config, any pointers for how to migrate to Postgres?
This box has basically been given to me after the person who set it up gave up
in frustration.

~~~
Arathorn
[https://github.com/matrix-
org/synapse/blob/master/docs/postg...](https://github.com/matrix-
org/synapse/blob/master/docs/postgres.rst) has the details.

Fwiw, we're addressing the sqlite issue by stopping servers from federating
for now if they are on sqlite ([https://github.com/matrix-
org/synapse/pull/5078](https://github.com/matrix-org/synapse/pull/5078)).
Sorry you got bitten by this.

~~~
StudentStuff
It happens, guessing SQLite was default at one point or suggested by the
install guide that was followed. Kinda surprised it has survived thus far,
never really thought of SQLite as something for high volume, multi-user
messaging.

Gonna go try the migration guide here :P

~~~
krferriter
SQLite is definitely not ideal for high volume and high transaction frequency.
Postgres will be better at that. I have used it for quickly getting a single
table database up that I can just dump into and then query through linearly
afterwards. It is better than dumping to JSON or some other purely textual
serialization.

------
cblades
This is really frustrating, and basically the exact same thread as happened a
while back with another list of "ethical alternatives".

You can't call something ethical without going into detail about what you
mean. and:

Policy No Ads No Tracking We respect you

is not useful.

The value in ethics is in the conversation around what is ethical, not in a
big, friendly "this is ethical" sticker.

This is as useful as "do no evil", and from the vague wording on the landing
page, I'd imagine the people behind librem don't think google is very ethical
right now.

~~~
marcus_holmes
isn't "ethical" one of those subjective terms though?

so... no-one can say their product/service is "ethical" without getting into a
semantic argument about what "ethical" means

or... anyone can call their product/service "ethical" and it's up to the buyer
to work out if their definition of that agrees

~~~
cblades
That's my point. The value is in the discussion around what's considered
ethical, not in the label.

What I would like is for services like this to provide, up-front, a more
complete discussion of how they've arrived at their recommendations, and what
criteria they consider.

~~~
marcus_holmes
that's reasonable, I guess... though I can see a point where they want to sell
things, rather than engage in endless discussions about everyone's opinion of
what "ethical" means ;)

------
ocdtrekkie
I like Librem, though I am a little concerned here. I prefer if hardware and
services comes from different companies. Even well intentioned, it can be easy
for a company to fall into vertical integration... Imagine a Librem 5 working
best with their own service, and support for alternatives being a little
weaker or less prioritized.

~~~
_red
>I like Librem, though I am a little concerned here. I prefer if hardware and
services comes from different companies

I actually agree 100% with you, however I think at this stage of the market
development, its enough to have a 3rd choice who's apps and services are open.

Librem is facing the "Grandmother problem". In order for this concept to
actually succeed, it eventually needs regular folks to buy it. Its not enough
to tell thousands of grandmothers to "buy our phone hardware and simply
download and install any of the dozens of confusing and competing software
stacks by following these 20 instructions on github". It needs to be marketed
and sold as coherent integrated product, otherwise just buy an old Samsung and
root it yourself....

~~~
ocdtrekkie
I definitely agree re: Grandmother problem, but I'd rather it configure
services for you they aren't selling you. There's no shortage of services that
already exist Librem could make easy to work with.

------
diggan
First sentence is "Purism is a Social Purpose Corporation (SPC), which means
we put social good above exploiting people". I've never heard of a SPC before
(probably because I'm not from the US) so had to look it up. It seems it's
still a for-profit corporation, just that it "enables, but does not require,
considering social or environmental issues in decision making".

Which means that "which means we put social good above exploiting people"
should really be "which means we can put social good above exploiting people"
as it's not a requirement.

So, what's the purpose of a SPC instead of just a for-profit company? A for-
profit can also consider social and environmental issues, AFAIK.

~~~
impostir
My layman's understanding is that it allows managers to choose their stated
ethics over profits. Traditionally, investors could sue the company for not
pursuing above all else.

~~~
rosser
Those cases are almost always dismissed summarily, unless the plaintiff can
demonstrate fraud or other kinds of bad faith. The "Business Judgement Rule"
[0] requires courts to give a very wide latitude to the officers of a
corporation.

The idea that "fiduciary duty" requires directors to pursue profit "above all
else" is flatly false, and has led to untold amounts of misunderstanding and
meaningless noise since whichever fool monkey first uttered it.

[0]
[https://en.wikipedia.org/wiki/Business_judgment_rule](https://en.wikipedia.org/wiki/Business_judgment_rule)

------
robrtsql
> Librem Mail. Main Features: Safe (We delete unencrypted emails after 30
> days)

I don't understand encrypted email very much at all. Is encryption on emails
that I have received controlled by the sender? Almost all of the transactional
emails I have received (receipts, confirmation numbers, etc) are probably
unencrypted, right? This doesn't sound desirable.

~~~
groovybits
PGP is a two-party system. The sender has a public/private keypair, and the
recipient has a public/private keypair.

The sender encrypts a message with the sender's priv key and the recipient's
pub key.

The recipient decrypts the message with the the sender's pub key and the
recipient's priv key.

> Almost all of the transactional emails I have received (receipts,
> confirmation numbers, etc) are probably unencrypted, right?

Totally up to your email provider and a sender's email provider. Your provider
may choose to send/accept email over TLS, which is also encrypted. Gmail, for
example, does this.

~~~
jolmg
> The sender encrypts a message with the sender's priv key and the recipient's
> pub key.

You just need the recipient's public key to encrypt. Are you thinking about
the sender adding a cryptographic signature, too?

> The recipient decrypts the message with the the sender's pub key and the
> recipient's priv key.

You don't need the sender's public key, just the recipient's private key to
decrypt. Though, if there's also a cryptographic signature from the sender,
then you would need the sender's public key to verify the signature.

~~~
groovybits
I was attempting to explain in a simplified manner, since OP said that they
did not know much about email encryption. But if you want to be semi-technical
about it:

Both the sender's and recipient's public keys are required to calculate a
shared secret. That shared secret is then used to encrypt the message. The
recipient's priv key is used to decrypt the message.

Edit: Validating a digital signature is typically part of the process when
using all-in-one software (eg: Thunderbird's Enigmail extension). That is why
I mention the use of private keys. Again, an oversimplification on my part in
response to OP's statement "Is encryption on emails that I have received
controlled by the sender?", which is false.

See:
[https://tools.ietf.org/html/rfc4880#section-2.1](https://tools.ietf.org/html/rfc4880#section-2.1)

------
cameronhowe
I support their effort of making free software more accessible. But saying "no
ads" and then lists PIA as the only other vpn when they have partnered up with
them dishonest [ [https://puri.sm/posts/purism-becomes-pia-first-oem-
partner/](https://puri.sm/posts/purism-becomes-pia-first-oem-partner/) ]

~~~
groovybits
I was also confused by the competition chart[1]

Regarding the VPN row, I don't think this is a case of being dishonest -
meaning, Purism is lying. Rather, this chart simply feels like it was created
hurriedly.

What motive would they have for saying they are in competition with PIA, when
PIA is most likely the service behind Librem Tunnel. Perhaps someone goofed.

Edit: My suspicion that this page was rushed is seemingly confirmed when I
see:

"In the Press As mentioned in:"

But there is nothing there.

1: [https://librem.one/wp-content/uploads/2019/03/competitive-
ta...](https://librem.one/wp-content/uploads/2019/03/competitive-
table-1024x1024.png)

~~~
mattl
It's PIA, look at their Google Play screenshot.

[https://lh3.googleusercontent.com/R3_hK1xk1oBWLb_jXB9EsWETnO...](https://lh3.googleusercontent.com/R3_hK1xk1oBWLb_jXB9EsWETnOGYxOzjKygN2r7V6DGaoqWS8_f7So48HSFIytBaZi4=w1247-h1263)

~~~
groovybits
Yep. In that case, I wonder why they would list PIA as competition at all.

~~~
mattl
That whole diagram is full of weirdness. No mention of Dropbox or Box, no
mention of Office 365, etc.

------
yakcyll
They are really shaping up to become a proper major hardware and service
provider. If what they are saying about their values actually promises
permanence, I'll seriously consider switching to their hardware soon.

------
reifnir
It looks as though the mail service won't support custom domains.

~~~
reifnir
Got a reply from my question asking about custom domains: Hello,

On Tuesday, 30 April 2019 at 23:29, [me] wrote: > Hi there, will you support
custom email domains? I'd love to migrate from > Google Apps!

We're looking into it, but cannot say nothing for sure for now.

> -[me]

Kind regards,

\-- [support person] Purism support

------
vertex-four
Something's a bit odd - is the client software they've developed not FLOSS?

~~~
sucrose
...the Corporation [“Purism, SPC”] is organized for the following purposes
(collectively referred to as “Specific Social Purpose):

..."The Corporation will only use and distribute free/libre and open source
software in the kernel, OS, and software in its products."...

[https://puri.sm/about/social-purpose/](https://puri.sm/about/social-purpose/)

------
bovermyer
I signed up for the free version to reserve my name.

However, I'm going to hold off on paying for the service until I see how it
evolves over the next year or two.

------
adontz
I think what we really need, the enabler of migration is, and always was,
decent collaborative office suite. Acceptable collaboration level evolves over
time, that's true, but otherwise requirements are the same.

There is no point is free/ethical/etc file storage if I still have to use
Microsoft Office to edit files, which is neither free nor very collaborative.
Text editors are relatively easy to replace. Google Sheets are really really
hard to replace. Even Microsoft Excel seems somewhat inferior to Google Sheets
to me now.

------
cs702
No calendar syncing/sharing/inviting/joining?

Not even as a planned app?

------
numbers
Nice idea but a bit too utopian to work IMO.

First, most users will never want to pay for a service, especially things like
chat, email, social. What I mean by that is, the market is already there for
social apps that allow completely free usage by using user data, think
Facebook, Twitter, Instagram, etc.

Second, asking users to pay for a service at about $8/mo is pretty steep.
Purism/librem aren't building all the apps themselves.

~~~
ufo
You aren't paying for the apps here, you are paying for the online services.
$8 per month is not too different from what you would pay for a hosted email
these days. IMO, the cost sounds reasonable once you consider that it is a
bundle.

------
jo-wol
What about mass surveillance and gag orders, are they gonna be handled in an
ethical way?

------
komali2
> Purism will generally not contact you for any reason except in the following
> situations:

> "A lawful request for account information was received"

Maybe sometimes, but the US government has an unconstitutional tool up its
belt it has been using freely since 2001:

[https://www.law.cornell.edu/uscode/text/18/2709](https://www.law.cornell.edu/uscode/text/18/2709)

> 18 U.S. Code § 2709. Counterintelligence access to telephone toll and
> transactional records

> (c) Prohibition of Certain Disclosure.—

> If a certification is issued under subparagraph (B) and notice of the right
> to judicial review under subsection (d) is provided, __no wire or electronic
> communication service provider that receives a request under subsection (b),
> or officer, employee, or agent thereof, shall disclose to any person that
> the Federal Bureau of Investigation has sought or obtained access to
> information or records under this section. __

TLDR: If the FBI tells them not to, they can 't tell you they've given your
information away.

In the interest of full disclosure, I believe they should warn people about
this.

(Yall probably have heard about this in the form of Warrant Canaries:
[https://en.wikipedia.org/wiki/Warrant_canary](https://en.wikipedia.org/wiki/Warrant_canary))

I like the message, I like the intent, I like what Librem does. I like that
they're going to have data after this seeing just how many people are willing
to pay money for privacy. I am. I'll probably pay for this software
regardless. It's just a shame our own governments are standing between us and
actual privacy - I'm starting to wonder who is serving who these days.

~~~
seba_dos1
FWIW, Purism does publish their warrant canaries: [https://puri.sm/warrant-
canary/](https://puri.sm/warrant-canary/)

------
Zash
No mention of Chatty, the SMS and XMPP client?

~~~
craftyguy
They want you to use matrix, not SMS or XMPP.

------
jclay
I find the “ethical” framing around this to be rather problematic.

I hate ads and care about my privacy as much as anyone else here. However, the
argument that a free ad-supported product X available to anyone in the world
with an internet connection is _less_ ethical than product Y which requires a
monthly payment for access seems tenuous at best. Especially when you consider
that the price is out of the question for those in developing countries.

This is a luxury purchase, not an ethical one.

~~~
abc-xyz
I really don't get your point.. user tracking for the purpose of serving ads
(or any other purpose for that matter) and putting up paywalls (that allow
certain users/bots to crawl content) is both unethical.. why does it matter
which of the two is the most unethical? You can easily have ethical ads and
paywalls, e.g. duckduckgo.

~~~
jclay
Maybe the term paywall isn’t the right one. I’m referring to the premise that
you must pay the monthly fee to use the product and whether that is really any
more ethical than ad supported products that are free for anyone in the world
to use regardless of income.

~~~
ufo
Ad supported products are not free, as you actually pay with your data. It is
very insidious.

~~~
jclay
Sure, but it must also be recognized that this is true only if you value your
data.

In our bubbles we all certainly do. But in the context of a resident in a
developing country who can’t afford to pay, the trade off of allowing access
to your data rather than no access at all seems more ethical.

~~~
noahth
It might be enlightening for you to apply this line of reasoning to historical
forms of exploitation. But no, it is not ethical to exploit someone just
because they can't afford alternatives.

------
aurora72
I'm too much disappointed with this bullshit, because it's coming from a
company which I really appreciated 'n respected. AFAIK, Purism hasn't yet
delivered the Librem 5 phone. If that's case, then it's a priority violation.
Now, the best Purism can do is abort this bullshit and pay all the backers
their money back before it's too late.

~~~
ncmncm
It is not clear to me that the two are competing for resources. Getting a
phone working requires completely different staff from bringing up online
services, and a steady cash flow can lift the pots on all the burners.

~~~
aurora72
To me, it still looks like a priority or some other kind of problem. Sorry :)
Let's assume all of this as a "good intentioned mistake" and hope that Purism
abolish this ASAP.

------
Klonoar
Privacy isn't fixed by technical products, it needs to be fixed at a legal
level.

The existence of crypto near any product makes me immediately do a double take
anymore, because there are tax implications there that you're kinda forcing on
people.

The design of these apps needs to be much more refined if you want to charge
money for them. I'm usually willing to give a bit on it when it's for the
right cause, but... this stuff feels so off that it's tough to look at. If
you're gonna play in the iOS app store, you need to be willing to invest in
this.

End hot takes, I guess. I want Purism to succeed but I feel like they're just
making the same mistakes every "year of the Linux desktop" scenario made,
wherein they're not competing on the features that draw eyeballs. It doesn't
need to be the focus, but you can't neglect it either.

~~~
iagovar
Exactly, I won't trust a company based in the US my privacy, no matter how
cool it is.

Maybe for stuff that requires convenience but not security. I don't trust any
five eyes country neither.

I currently use Swiss and Romanian services for my business, and while the
experience is not as smooth as, say, Gmail or Digital Ocean, it's good enough.

~~~
dddw
swiss I understand, how are the privacy laws in Romania

