Hacker News new | past | comments | ask | show | jobs | submit login
FreedomBox (freedombox.org)
251 points by phantom_oracle on Apr 9, 2018 | hide | past | web | favorite | 59 comments

The copy and design of the landing page led me to believe that FreedomBox is an actual box that has all that great software preloaded and ready to go. Which made the unlabeled download button jarring. The text should be changed to something like:

FreedomBox is designed to [run on/create] your own inexpensive server at home. It [includes/is built with] free software and offers an increasing number of services ranging from a calendar or jabber server to a wiki or VPN.

There was indeed, as I understand it, a plan to sell all set up hardware, ready to go. The original stuff got delayed when the main developer had his house burn down in a forest fire or something. But the software is usable.

Apparently, they were selling some all-set-to-go boxes at LibrePlanet…

>Apparently, they were selling some all-set-to-go boxes at LibrePlanet…

They weren't as far as I know. They had a one-off prototype running at their booth, but that model never made it to production.

I don't mean some custom thing, it was an existing off-the-shelf product with FreedomBox preconfigured… I mean, I heard this from someone who went to LibrePlanet and came home with a FreedomBox they specifically got there.

You can install it on any kind of hardware that runs debian.

They even have some links to suggested computers: https://wiki.debian.org/FreedomBox/QuestionsAndAnswers#HARDW...

Even if these things were dead simple, I cannot see any of my non-technical friends using products like these. It is simply prohibitively complicated compared to dropbox - that "just works". I even recall a comment on here when Dropbox launched saying something like "why not configure an FTP server to do this". This is that FTP server.

Also, personally, I would never host any content on-prem at my home. It is far too easy for my internet to go down, and I'd rather my personal website be under somebody else's control (say, an S3 bucket) than get physical hardware to the server hosting the bits.

Dead on. And the comment you referenced is one of my favorite all-time HN comments…

"For a Linux user, you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem."

This is a perfect example of when tech-minded people get blinded to how complicated some things are for the masses.

"For a Linux user"

No, if you're capable of doing all that, you're a Linux sysadmin, not a user. Too many tech folk blur those lines, but there's a huge difference (and yes, I know the dropbox comment has been beaten to death over the years - I just never got my 2 cents in before!)

I am a Linux user and I am struggling to set up a home network between 3 computers. Okay, I am a part time Linux user, I have to use Windows for work. Havings said that I do work in IT so am definitely not an end user. My Samba installation somehow didn't work, VNC also didn't work and eventually I just used SSH. One of these days I am going to have to sit down with my router manual and set static IP address for machine as I use as the "server". I solve enough problems at work and I just don't feel like learning Samba to set up my home network. If I feel like this I can imagine how the "normal" user feels.

I'm guessing the overlap between linux sysadmins and linux users is much larger (not counting phones etc) than the overlap between windows sysadmins and windows users, though :)

I am technical and I struggle to find a use for my home server. The most common uses I always find are:

- Media server: I primarily use streaming services or physical media

- File sharing: I rarely ever share files between computers, and if I need to, I just scp them on my home network.

- Web hosting: box is too small/old to reliably do this, plus I have cloud hosting already

I do use it for private SVN and have plans to set up a VPN server, but other than that, it feels like unless I cast off every existing service I have, it wouldn't be worth it.

Although, casting off every existing service is enticing in an idealistic sort of way...

I think the key would be to embed it to some existing appliance; like a router, game console, or other "always-on" and connected device.

I don't see the home server being the prime selling point. Everyone needs a router, so if you created a router that was dead simple to configure and use, had some cool extra features, integrated well with your home gadgets ("Alexa, turn off the WiFi", "Alexa, setup a guest wifi network for the next 8 hours") and on top of this acted like a home server, people would buy it.

At least from a consumer product perspective.

The router I got from my ISP already has quite some stuff built in. For example, I can enable DynDNS, plug in a drive via USB providing a SMB network drive, and enable a secondary guest WiFi.

I agree that the killer feature is still missing. That could maybe be storage-management (NAS) or HTPC (Kodi). People seem to buy such devices.

On the other hand there are nice features already: VPN Server, Seedbox, Ad-blocking-proxy

I have a home box that I access with x2go. I can browse the internet, download stuff, or do whatever I want without touching the office network. I can disconnect a session and reconnect from a different pc.

I also have my server configured to route out via a vpn.

Looking for a way to do better remote access to Linux boxes - Microsoft's RDP completely nails it on Windows, I used to quite like NX, but don't hear much about it these days, how do you find x2go, particularly from a server configuration perspective?

X2go is super easy to use, pretty much install and go. You need a client, I've used the linux and windows client. Both work well. I think you can make their python client work without windows admin rights, but it's been awhile since I tried that.

I browse websites with it, and unless it's very image heavy, it's as smooth as a local browser. If you have large images, scrolling can get choppy. Same with videos, they can be choppy.

I've set up a homeserver for more than a year now. The only real use is being my always running SyncThing instance.

I run a nonprofit that teaches people how to code and for the past year we have hosted our own server / content at our offices. our students ssh into our server to write code and host their apps / content from there. Sometimes, Ive noticed that even though it feels like internet is down, upload still works and students can still ssh into our server remotely. In the past year we haven't had any issues at all, except for the time we accidentally tripped the power cord. Hosting your own content might be alot more reliable than you think :)

One of the things I've noticed with on-prem equipment at work, is that when the Internet has gone down in the past, most people don't actually... notice. The scenario is obviously very different than a home user, because multiple users can still communicate amongst the organization with outside Internet down, but there's huge benefits to being on-prem that have gotten disregarded or forgotten about.

A consumer-grade UPS on my home PC and network equipment has reliably kept my home setup reliably up and connected for all except for ISP outages.

I think this is for people who don't want to share their data with Dropbox, or don't want to pay for Dropbox. There is a tradeoff (simplicity), and the idea is to reduce that tradeoff by making it simpler.

The question is not would your most non-technical friend adopt this, but would the marginally non-technical friend adopt this.

I would do it if it were easy "enough."

How often does your internet go down?

I have been hosting a Nextcloud instance with a FreeNAS backend (for ZFS). If anything, that has been far more convenient then Dropbox ever was (better bandwidth at home, as much space as I want), and I control my data. I think there has been one instance in the past two years where I actually had an interruption to my internet.

>Even if these things were dead simple, I cannot see any of my non-technical friends using products like these. It is simply prohibitively complicated compared to dropbox - that "just works". I even recall a comment on here when Dropbox launched saying something like "why not configure an FTP server to do this". This is that FTP server.

This is the problem with every attempt at decentralized, federated social media as well IMO. To be sure, the privacy concerns of a centralized service will never really go away. But the benefits of centralization on the web are massive from a UX standpoint. This seems like a solvable problem. It seems to me like it shouldn't be too hard for a company to be verifiably private in their handling of your data.

The only way you will get verifiability of handling of private data is for homomorphic encryption to finally have an efficient open implementation.

Doesn't the rise of containers and cloud companies which will host and run them make this easier? if not now, later on? companies like Digital Ocean are pretty close to the one click upload container and run it model.

i.e you have companies which will securely and redundantly host a (encrypted?) container, which gets backed up and so on, and runs the freedombox of your choice.

So you have control/freedom/ponies and the cloud compute becomes just plumbing.

From https://wiki.debian.org/FreedomBox/Features:

With FreedomBox, you can:

    Access your FreedomBox from the public Internet (Pagekite, Tor, Dynamic DNS)

    Connect securely to your FreedomBox (OpenVPN)

    Chat with friends (?XMPP, Quassel, Matrix)

    Host a conference call (Mumble, repro)

    Publish a blog (Ikiwiki)

    Host a personal or community wiki (MediaWiki)

    Block ads while browsing the web (Privoxy)

    Check your email (Roundcube)

    Transfer large files (Deluge, Transmission)

    Read news (Tiny Tiny RSS)

    Sync your calendar and contacts (Radicale)

    Stay connected to IRC chat (Quassel)

    Host a multiplayer block sandbox (Minetest)

    Collaboratively edit a text document (infinoted)

    Keep your files synchronized to your FreedomBox (Syncthing)

    Circumvent censorship using a socks5 proxy (Shadowsocks) 
System and Configuration

    Configure system name and interface language (Configure)

    Obtain a certificate for your domain (Let's Encrypt)

    Add users and set access privileges (Users and Groups)

    Use a single login for Plinth, XMPP, Ikiwiki and SSH

    Manage network connections over Ethernet, Wi-Fi, or PPPoE (Networks)

    Upgrade software packages automatically (Software Upgrades)

    Run diagnostic tests (Diagnostics)

    View which services are allowed through the firewall (Firewall)

    Configure time zone and network time service (Date and Time)

    Configure service discovery (Service Discovery)

    View disk information or expand a partition (Disks)

    Create and restore filesystem snapshots (Snapshots)

    Provide DNS service for your local network (bind)

    Do system administration from a web interface (Cockpit)

For those wondering, the blue box looks at the top [1] like a SolidRun Cubox-i [2], based on the Freescale i.MX 6 SoC, which has pretty good Linux support.

[1] https://freedombox.org/images/boxfoto.jpg

[2] https://www.solid-run.com/nxp-family/cubox-i/

Yay, another distro. /s

Seriously though, software isn't the issue here, hardware is. Anybody with the skills can slap Linux on an old computer and turn it into a server. It's packaging it up into something you can sell to the non-technical that's the real win.

I wish free software advocates would take more lessons from Jobs instead of blindly idealizing Woz.

FreemdomBox is a Debian package. It isn't another distro.

They are focusing on exactly what you are saying, putting together a UI that non-technicals can use.

I don't think you understood the parent's core point. The "masses" aren't going to find or buy an old server and install Debian and FreedomBox on it, and then set it up to run headless in a corner of their house. That's not in the area of technical expertise of most people. They might, however, buy a pre-built, pre-installed appliance that just needs to be plugged in and have a web browser pointed at it to get started.

Philosophically speaking, the more and more that products are sold with one purpose on a closed platform, the more and more of these products that are going to end up in the junk yards when they can't be extended or repurposed beyond what the manufacturer wanted (or ever thought) possible.

> They might, however, buy a pre-built, pre-installed appliance that just needs to be plugged in and have a web browser pointed at it to get started.

Don't forget about setting up the freaking wi-fi network. Apple, Google make it reasonably seamless to setup their devices from an app, say. Most third-party devices aren't as easy to setup. I have to manually enter my wi-fi password in my Tivo, eg.

> Philosophically speaking, the more and more that products are sold with one purpose on a closed platform, the more and more of these products that are going to end up in the junk yards when they can't be extended or repurposed beyond what the manufacturer wanted (or ever thought) possible.

This doesn't have to be the case, though. There's nothing stopping FreedomBox from selling a pre-made hardware solution that just has the software loaded on it that anyone can load onto a vanilla server of their choosing. (And it seems they actually do this, though it's not obvious from their website.)

freedombox is actually based on debian - so they select some packages and configure them to work nicely together, and add a nice web configuration page.

Still a lot of work, but not as much as creating your own distro from scratch.

As is well known, few people will take the trouble to deploy this at home, especially non-technical users. Why not provide one-click (or two- or three-click) deployment to hosting, either a VPS or cloud like Amazon? Data could be encrypted end-to-end so that the hosting provider can't access it, at least in some cases (server-side searches become tricky). 'Create our own private Instagram, iTunes, and more for $x/month, with just a few clicks!'

I know that sacrifices some end-user control philosophically, but in reality it would greatly increase it for those in the great majority who currently have none.

Both use-cases (VPS and homeserver) are valid. As FreedomBox is just a bunch of Debian packages it should be easy to offer it as a base image (or 'apt install freedombox' it yourself).

The similar project YUNOhost advertises both scenarios. https://yunohost.org/#/install

Previous discussion: https://news.ycombinator.com/item?id=10783305 (FreedomBox 0.7 released | Dec 23, 2015 | 36 comments)

I didn't find a changelog, but here's a list of features: https://wiki.debian.org/FreedomBox/Features

I keep an eye on the project, though I haven't tried setting one up so far. I have to say it's a little sad to see that the Contribute link in the site footer throws a 403 (I'd report that to them, but so does the Contact link...)

Both links work for me; They go to debian wiki pages (which could be confusing), is that what you mean?

I was hoping the bluebox on the main page was something you could buy and plug in your wall and have it running the software. Kinda like an appliance.

Here are two potential features Eben Moglen mentioned[1] back in 2010:

* it should know how to go and collect your stuff out of all the social networking places where you've got it

* it should know how to send an encrypted backup of everything to your friends' servers (in the video you can hear two developers making "mmm" noises at that feature)

Eight years later, does Freedombox have either of those two features?

[1] https://www.youtube.com/watch?v=QOEMv0S8AcA

I love this idea, but my two "deal breaker" worries are: (a) data backup, and (b) security. I hate that this is the case, but when comparing a "box-at-home" vs. a "corporate-run service", the corporate-run service is less likely to lose my data and more likely to apply security patches and updates ASAP. Even with 0days and all of the "hackers stole millions of users' data" posts, think the point remains strong; although, I admit that these losses shift the value proposition towards box-at-home.

> I love this idea, but my two "deal breaker" worries are: (a) data backup, and (b) security.

There's no reason why this system couldn't use duplicity with a password to back up to S3 or a similar service.

Since it's just a Debian package, it could use the standard Debian automated-update system to handle security.

re: (b) Security

Security through delegation vs security through obscurity imo here, follow simple things like use non-standard ports and your changes of getting hacked are likely shockingly low even if your behind on patches.

nmap, a standard pen tool, already sees through port mapping and other convenient obscurity tricks, there's just nothing like actually keeping your system up to date

I don't disagree with regards to "nothing like actually keeping your system up to date", but in terms of defense-in-depth, non-standard ports are not a bad idea. IIRC, people who have monitored the volume of attempts to connect on a open standard port and a nonstandard port are different by orders of magnitude. It won't help you much in stopping a dedicated human attacker, but it'll probably drastically reduce the number of automated attempts to attack your network device.

FreedomBox has unattended-upgrades enabled by default.

Google or Amazon should offer something like this as a paid-for service on AWS or Google Cloud. That way I wouldn't have to worry about my network connection at home going down.

What a suitable privacy agreement this could work online--and I'd be okay trusting a contractual agreement to keep my data safe.

This is contrary to their corporate goals so wouldn’t make sense for them...but you could offer it as a paid service hosted on S3.

I'm kind of curious what the little blue system on the front page is. It looks very similar to a CuBox (speaking of; I'm kind of sad there are no iMX6 images), but with slightly different port placement.

I am a happy Synology user. Admin time in minimal. Who has time for that?

is there an alternative to freedombox? looking to buy a portable vpn server which starts as soon as you connect to the router...

Dead butterfly design really ties the look together.

It's not supposed to be a mounted butterfly, it's some sort of overlaid graphic of the idea of a computer box with butterfly wings.

I think the intended reference is http://emilydamstra.com/news/please-enough-dead-butterflies/ (because of the wing positioning).

THANK YOU, that was enlightening.

But speaking of peeves: that article of plain-text with static images doesn't render without JavaScript damnit.

Was this modeled after Belson's Box from SV? lol jk

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact