Greetings. This is a guide that is not designed for those who think that there is no possibility for freedom, or who think that choice (as a philosophical construct or a reality, or however you view it) is simply dead, or anything like that. This is really for those who still consider that that your own individual actions can make a difference, and that your choices play a part in what we are doing now, that will in turn influence what we leave for those who come after us.
This guide will (in part) present the idea that we can “open source” and “decentralize” most things that many of us now assume to come from a relatively centralized organization or source, and further will establish that this effort relies on you, and it is something that can help address numerous societies’ need to adjust to a world that is undergoing exponentially increasing levels of change.
Overview of Related “Guide Posts”
Not long ago (May of 2013), from this collective a blog post was published titled “Encryption for Beginners in an Era of Total Surveillance.” In case the message was not clear from back in May of 2013, it is emphasized here that at least that portion of the title, “Total Surveillance” was (and is) intended to be read literally. At that time, the system known as OTR, included within the recommended tools, was the best privacy tool openly available to anyone. Recognizing that more tools needed to be examined and that there was little information available on the potential for decentralized communication models, another post was released (August of 2013) titled “Darknet for Beginners: Nightweb, I2P, Tor over Meshnet, and More.” Diversification and decentralization were emphasized. As part of that August post, a link was provided to WhisperSystem’s suggestions that OTR needed to be simplified and improved, and since then, proposals have been advanced that go even farther to improve security and privacy associated with OTR and tools that are based on it. This is particularly evident in WhisperSystem’s TextSecure and the CyanoGen Mod “easy-install” operating system for your Android.
Changes to this Blog to Emphasize Decentralized Systems
A recent change to this blog: The big blue button at the top of the page anywhere on this site now provides you with a link to the Hyperboria network, including instructions on how to join the network. (If your mobile app doesn’t let you see the big blue button, click here to link to Hyperboria.) This is not the only open mesh network system out there, but it is in broad use and is growing. If you want to see the internet decentralized and shifted away from the most obvious methods of control and surveillance, you must do your part, and help build and sustain alternative networks. Fortunately, this is not hard to do, and many people have laid the groundwork for you and provided simple and helpful instructions that will work with any of a variety of open and free operating systems for your device. This was alluded to in a previous post, “Darknet for Beginners,” in which a map of the Hyperboria network was shown along with a link to a hyperboria-based (decentralized) (free!) e-mail and domain name service. In the spirit of sharing (and decentralization), a description of how to use Tor over OpenGarden’s meshnet was included in the “Darknet for Beginners” post, as well. With a little more effort, you can help set up or develop a Linux-based Open Mesh network. Almost any device that exists can be connected to a decentralized meshnet that you create, easily, using any of the proposals mentioned above.
As the year proceeds, the content of this blog (and any microblogging activity associated with it) will be gradually decentralized using systems that will be described below.
With that in mind, this post will move along to a review of the situation as it currently exists and provide you with a general (and open source) guide to what you can do about it, if you so choose.
Open Source Processors: Part of the Answer to a ‘Control Problem’
It’s been understood for a long time that corporate and / or corporation-state (“governmental”) controls of the processor industry (and related software developments) are increasingly problematic. As you buy mobile devices, laptop computers, and other items which include processors, you are directly funding device development which includes provision of known backdoors into your communications. Reports from experienced security professionals suggest that using public-domain encryption and open source products (as opposed to products provided commercially) will help combat the problems associated with the ‘total surveillance’ we are experiencing today. However, for these techniques to work, more people (that’s you!) need to actually use the many free and open source solutions that are out there and available. Some responses to this have been in the form of presentations by developers of the concept of a decentralized exokernel operating system. There’s the Linux kernel, which is an ever-evolving thing, changing partially in response to security and development discussions spawned from leaks about the surveillance industry. Some have taken to building and selling Linux-friendly PCs, albeit in low volume. The OpenRISC processor, from the Open Cores project, was supported in Linux by its 3.1 release. (ORSoC has owned the Open Cores site since 2007.) By April of 2013, ORSoC and KNCMiner partnered to develop bitcoin mining products with an emphasis on open source processor (open core) development. Some people decide that they want to support open source efforts individually with their time and monetary support. One example is that of an engineer and a Linux user, who after observing reports about files released by Snowden, decided to “support the technical development of secure open source operating systems” by becoming an individual member of the Linux Foundation. For mobile, straight from #30c3 comes an open source project called ‘SIMTester,’ intended as a “tool to test SIM cards for various vulnerabilities.” Finally, we have heard that some developers who are working in an ‘open core’ context have announced withdrawal of support for certain chip types (including chips or companies that were known to be compromised due to pressures from the surveillance industry). Though the status of this effort is unclear, what is clear is that a fundamental shift in how commonplace systems are built and distributed is well underway.
These efforts are reflective of the larger issue that choices we make in the computer marketplace will (often whether or not we want them to) support activities that we do not intend to, nor wish to support at all, including, but not limited to, surveillance backdoors into software and hardware. If the corporation-state is adapting to exponential technological development in this manner, you should be taking steps to adapt and counter this as best you can, and it is thought that this guide will help you do so with freely available tools.
For this reason, a renewed effort is necessary to re-orient your choices (whether you are obtaining something for free or purchasing it) towards open source products, and this standard should also be applied to the hardware that we purchase now or in the future. The following suggestions are provided here as a starting point for this effort:
– Support or develop open source processors. consider using the Open Core project as a starting point
– Learn more about OpenRISC development, participate in discussion about it
– Become part of, or create, open source collaborative efforts (some examples: Open Source Initiative, Open Daylight, the Open Source Hardware Association (OSHWA), Open Source Firmware (DD-WRT, Tomato), etc.)
– Make informed buying choices: Purchase new hardware (any computer equipment, mobile included) only from sources that have committed to open source development of that hardware. (Some suggestions to get you started in looking at possible open source hardware purchasing choices are listed at the bottom of this post.) Encourage firms that you prefer to buy computer equipment from to become open source implementers, and explain you want them to gain your trust by committing to open source development beginning at the microcontroller and microprocessor level of any hardware they sell (in other words, that you buy).
– Don’t accept half-measures. Interact with the open source community and entities that you purchase from, but emphasize that anyone who sells chips or computer equipment must allow free operating systems to include binary firmware in a manner consistent with open source standards.
– If you know code and are a developer: Build it and they will come!
– If you don’t know code and can’t yet build systems: Learn how to code for free!
Finally, and most critically:
– Leave closed-source, commercially available systems behind. Transition to operating systems (OS’s) that meet the standard of being both free and open source. Make efforts to support, or adapt, to an increasingly decentralized society and world. While you do so, make sure that part of your effort in this process is to help others.
Some Open Source Systems: a Review
This portion of the post will focus on free, open source operating systems that are worthy of your consideration, with some remarks on their performance and utility.
Before you make a switch to any of the operating systems shown below, schedule a backup of your data, preferably to an external hard drive that you have or can obtain, rather than a cloud source. If you are backing up data from your mobile device (phone or other) to a hard drive, make sure your battery is charged fully before you begin, and try this instructional, which covers the bases for almost any mobile device you might have (and includes guidance for how to do this either to an external hard drive or by using ‘the cloud’). Again, avoid doing cloud-based backup if possible, and backup to something that is truly external to what you are using. Backups made in recovery are not safe unless they are made to a true external sdcard. Don’t plug into a USB hub for the process of backup, connect directly. If you want to return the device to its stock setting, make preparations for doing so before you begin any new install. Read and follow any backup instructions that are particular to your device. If you will be exchanging files between Android and Linux devices, you may want to read these notes on Android-Linux swaps before you begin, or try this.
If there are some programs that you absolutely must have, and those programs actually require your older, proprietary operating system in order to run at all, consider using VirtualBox so that you can use more than one operating system on the same computer (such as if you want to switch to Ubuntu as a primary operating system, but you also want to keep a copy of Windows on your computer that you may need to use to operate a particular program).
Please remember that if you are on Windows XP or Vista, you are already overdue to make these switches, because not only are the systems you are using hopelessly compromised, but the company that makes your operating system is turning “security updates” completely off. (Mainstream support has already ended, extended “support” continues until April 2014 for XP and until April 2017 for Vista, but you really should not wait even another month to make the switch – and it shouldn’t be to the next version of Windows.) In a way, this “end of support” bit may actually be a good thing: It presents a “Window” of opportunity to turn some Windows users (you!) into free and open source operating system users. Did I mention that remaining with Windows would be strange and cultish? That to use it for the rest of 2014 (or beyond) would make no sense?
Well, now I have. (Relevant: Planning your Migration Away from XP / Vista)
If you are using Apple regularly, once again, I ask you to leave the strange and cultish corporate system, not only because it regularly steals your data (including your fingerprints) and allows firms to sell information to armies across the world, but because it is not open source, it is not free, and you are not helping anyone (not even yourself) by using it. (As an aside, it is really amusing to watch Apple call the NSA “malicious hackers” for being able to put spyware on all of Apple’s products, given that Apple is stealing and selling all its users’ data anyway.)
It is assumed here that free and open source operating systems will not spread widely unless they can provide a semblance of security as well as ease of use. (Related and Recommended: There is only one mode, and it is secure.)
With that said, let’s proceed to:
The Operating Systems
Cyanogen Mod. Pros: Probably the most privacy-conscious operating system at this time that you can easily install on your Android. Includes security / privacy features that are (in part) the work of a partnership between Cyanogen and WhisperSystems folk. Cons: May not work on all Android cell phones (a list of supported devices is here).
CentOS, an enterprise-class Linux distribution. Any words I have on this would surely pale in comparison to the explanation and step-by-step guide provided by @lilithlela, so I’ll say no more. Read the guide and see if CentOS is for you.
Raspbian for Raspberry Pi, and more: If you are into or have a Raspberry Pi, this article is a must-read on the subject of operating systems. Take your pick of the systems the author mentions. I also recommend ArkOS for Raspberry Pi – which is still in development at the time of this post, but is definitely worth examining.
Ubuntu or Ubuntu for Android. Pros: Ease of use, works with your existing PC or Mac computer (and allows you to run Ubuntu either as sole operating system or alongside your current operating system), automatic updates, and for mobile, greatly expands what you can do with a mobile phone or other device. Most recent version(s) allow you to do full disk encryption.
Cons: Disclosure of data to third parties needs to be reduced.
Suggestion (that you can use right now) to fix privacy issues associated with your Ubuntu OS are shown at the FixUbuntu site. You can also change the desktop environment to partially address these issues. You can also check this handy page which (in part) tells you how to disable Ubuntu’s / Canonical’s shopping suggestions.
Additional Note: You may (or may not) wish to use Indicator Synapse for Ubuntu, which is a search indicator that indexes files and items.
SteamOS. Pros: If you are into gaming, have a dedicated rig for that purpose, and you want a system that is (well, sort of) open source, SteamOS will likely be right up your alley. It is designed to auto-update from Valve SteamOS repositories. Cons: The Steam client, and some of its drivers, are in fact proprietary. Its graphics support is “in progress.” Steam for the Linux client is also used on Ubuntu, so you may not even need SteamOS to have use of its features.
(The following operating systems come from a list discovered via the posts of @Samurai_Lucy.
Some of the operating systems mentioned below have also been reviewed with respect to privacy considerations by TechRadar, here. Various operating systems shown below are also presented in a side-by-side review by @lilithlela.)
The Amnesic Live Incognito System (Tails). Pros: Can be run on a USB stick, DVD, or SD card. Has privacy features which are arguably better than those that could be achieved using Tor on a laptop. Comes with pre-configured web browser, instant messaging client, email client, office suite, image and sound editor. Recommended for journalists by @ioerror at the most recent Chaos Communications Congress (#30c3).
Cons: Earlier versions, such as 0.21 and others, had numerous security holes. If you are using an earlier version, stop now and get the most recent version.
I2P does not start by default in Tails, though it is accessible through a menu.
Ubuntu Privacy Remix (UBR). Pros: Does not let you connect to the internet. It sits on a non-writable CD that you can create by download and verification, and ignores all local hard drives and assorted network hardware. This is the tool of someone who is really trying to keep what is happening on a machine private by default. Cons: Does not let you connect to the internet. While its version 10.04r3 is ready for use, its most recent version, 12.04r1, is in beta at the time of this post.
Liberté Linux. Pros: Like Tails and UBR, can be run on on any machine you have that can accept a USB stick, DVD, or SD card. Requires only 192 MB of RAM to run. Uses Hardened Gentoo. Can be used in what the developers refer to as “hostile environments.” Can be booted in anonymous or “non-anonymous” modes. (A tutorial by @lilithlela on how to run Liberté on a USB, written for most Apple / Mac users, is shown here. If an Apple / Mac machine is what you have to work with, @lilithlela‘s guide will be useful until you can migrate to a Linux box, or make an open source machine.)
Cons: I2P is disabled by default and normally has to be enabled by modifying kernel parameters in the boot menu. Routes your I2P traffic through Tor. (If you are an I2P user, it’s possible that you may not appreciate these aspects of Liberté, but if you never use I2P, this may be a non-issue for you.)
Whonix. Pros: Does a good job of using Tor for its intended purpose. Whonix only allows connections through Tor.
Cons: Documentation maze. In some cases, you may need to watch a video just to figure out how to start it.
Ipredia. Pros: Doesn’t require much to make it work, and so long as you have 10 GB of hard drive space for the installation, the rest is simple and straightforward. Has desktop or LXDE (lightweight edition) choices, the latter of which will work well on older hardware. Works well with I2P and various P2P applications.
Cons: Not Tor-friendly.
Where Decentralized and Free Open Source Systems are Going
There are some things I’m going to recommend here because there is a transformation underway in terms of how it’s often been assumed that content should be distributed. As people move towards a more decentralized sort of existence, Tent suggests that you can (and should be able to, mostly easily) set up and host your own content, including for your microblogging of status posts. Thinking with Tent is a bit different than what most are used to, but it is clearly a very positive development. This says, “think protocol, rather than service. Think like you own your data… it’s yours, take care of it.”
((Jan. 5 2014 edit:)) The Open Source concept allows us not to merely become better custodians and creators of the systems we use. It also allows us to peer into them and find out what we do or don’t want to see them become. One recent example is the suggestion for a deeper examination of SELinux / SEAndroid code contributors by examining what are known as “commits.” (See also the pastebin link to this proposal.) Regardless of who the contributors are now or in the future, any proposed or actual changes can be seen by all (and reversed if necessary) in an open source system. In contrast, proprietary or closed source systems do not offer this ability. It is not simply crowdfunding that can help to preserve open source, it is the fact that open source systems by design permit anyone to see any changes that occur in them. This is particularly true in the context of projects using traditional open source licenses, and may also hold true for certain proposals developed in the “unlicense context.”
Projects like Open Worm and Open Source Brain are interesting, because you can’t help but wonder if open source projects will eventually be set free to independently roam the web, and if so, how would these projects be interpreted? As instances of malware? As something akin to biological life in the wild? Might something like this already exist in the internet as a distributed system that we are not yet aware of?
Contiki advertises itself as an ‘Open Source OS for the internet of things.’ It’s suggested here simply that you examine this project and take part in improving it if you are a developer. (There’s a mailing list for developers here.)
Additional thoughts: Decentralizing, giving, transforming, and “open sourcing” the financial system
What are we doing here, exactly?
I’ll be blunt. Unless we can find a way of changing the giving process so that it can be done as as a natural part of our financial system — a transformation that would happen in a way that would remove almost all barriers to giving that presently exist in the financial structures — then there may be no point in continuing to use any financial system at all. A close examination of bitcoin — a decentralized protocol that I support – reveals that (as of December 2013) less than a thousand people own more than half of all bitcoins. If, as @ggreenwald has indicated, technology — rather than self-imposed government regulations and oversight — is key to restricting power of organizations such as the NSA (paraphrased), then what sort of technology must we create for our future? If, as a post from @ROARMAG_org suggests, “only radical autonomy from the state” can carry us forward, how exactly do we do that?
The only way we can ensure that such a transformation might actually happen is to build it ourselves.
Recently (on December 3, 2013) I made a proposal on github that reflects this direction. It’s drawn a bit of interest, but its future depends on whether you want to see it happen and whether developers pick it up and make it a reality.
It’s called the ABIS protocol. Briefly described, it’s a protocol concept intended to further decentralization, expansion of a giving economy, and the creation of a new social good. If you like it, share it, fork it, play with it, build it.
With that, I’ll leave you with some ytcracker. Enjoy the future – you’re making it.
“find way to keep the power built in check” -ytcracker
DNS / Certificate Authority issues: Some Open Source, Decentralized Solutions
TACK – “proposal for a dynamically activated public key pinning framework” providing “a layer of indirection away from Certificate Authorities, but is fully backwards compatible with existing CA certificates”
Gnu Name System – a “decentfully decentralized PKI and censorship-resistant replacement for DNS”
Namecoin – a “decentralized peer-to-peer DNS for .bit and data storage system”
Open Source Currency
Dark Wallet – “Your keys. Your privacy. Your sovereignty.”
Paper Wallets How-to for Bitcoin, Litecoin, etc.
KryptoKit – Secure messaging, in-browser wallet, more
Multibit – A wallet that can be installed on almost any machine with any operating system you have
Open (Source!) Bitcoin ATM. Yes, you can make it yourself. Instructions are on Github.
Proof of existence – Certify a document, upload at bitcoin blockchain
Unsystem projects described at bitcointalk
Environmental Concerns about Bitcoin
SolarMiner box designed to be powered off solar energy
Building your own solar bitcoin (or othercoin) miner
Android SDK release – an open source solution for micropayments (a Bitmonet / Coinbase collaboration on Github)
Audacity: free, open source, cross-platform software to record / edit sounds
BitTorrent Chat Alpha, a review [via @lilithlela, by Lucian Constantin (IDG News Service) in Infoworld
Highlighting existing code or making your own by publishing “gists”
FreeBSD Improvements are here, with more ‘randomness’ to improve cryptography/privacy
Free Software Foundation – free software directory (very comprehensive, covers almost any subject imaginable)
Open Source Software Directory – Searchable, more than 1000 applications.
GnuPG fundraiser (open source privacy) hit 90% of its funding goal in 24 hours (now over 150%)
Kali Linux – Backtrack evolved. Open source OS for serious pentesters (fresh version)
LibreOffice – a replacement for Microsoft Office offering compatibility with the proprietary MS Office
List (not all-inclusive) of open source software
Making an ebook the Open Source Way (see also: Anthologize, uses (open source!) WordPress to turn online content into an ebook)
Project Byzantium – “ad-hoc wireless mesh networking for the zombie apocalypse”
The Redecentralize Interviews
Support Freedom of the Press effort to fund encryption tools for journalists (and others)
TAHOE-LAFS. Free and open source system for decentralizing data across multiple servers. On Github.
Trsst – In development. Successfully crowdfunded, open source social communication project well suited to replace Twitter and its (Goldman Sachs, Morgan Stanley, JP Morgan Chase, BofA Merrill Lynch, Deutsche Bank) underwriters (remember, Goldman Sachs (amongst other things it has done) funded NY’s Domain Awareness, tied to trapwire)
See also Twister (in development, decentralized P2P microblogging platform) and Status (in development, free and open source social powered by StatusNet).
Iredmail – (Just an example) of an open source mail (server) solution, works on almost any open source OS.
Mailpile – Successfully crowdfunded open source mail client. Like Trsst, in development, soon to be everywhere.
Open Source Organic Food – post by @NanaSilvergrim, comments via @AnonyOdinn
(Some suggestions for possible open source hardware purchasing choices, as well as some links to analyses of ‘quantum developments,’ are shown below. Rather than recommendations to endorse or purchase any item or event, these links should be examined as starting points in a search for more information which you can continue, expand upon, and share.)
Make, Play, Live
PCB Etching – making your own board
Making Homemade CPUs, from scratch
RepRap and the RepRap Buyers’ Guide (open source printing, making a 3-D printer, etc.)
Making your own Extruder for a 3-D printer project, via Makezine
Making Your Own Pi-Wallet
Open Source Electronics: Year in Review
Spark: open source hardware for internet connection and more
Spark Core (at Seeed)
Solarminer (using Raspberry Pi B hardware)
Sparkfun and getting started with embedded system design
Open Source Guide for Embedded Systems (look at the hardware)
Open Source Ecology – presents ‘Global Village Construction Set’
Open Source Guide with more open source systems: focuses on business, written for European audience.
Example of Open Source Quantum Key Distribution *(Yes, Quantum Crypto Been “Open Sourced” since 2010)
Public Keys and Private Keys in Quantum Cryptography, by Ido Bregman (2008)
Entanglement-based Quantum Routers, by X.-Y. Chang, Y.-X. Wang, C. Zu, K. Liu, L.-M. Duan (2012/2013)
Network-Centric Quantum Communications (lightweight encryption, forward security), by Richard J. Hughes, Jane E. Nordholt, Kevin P. McCabe, Raymond T. Newell, Charles G. Peterson, Rolando D. Somma (2013)
Cryptographic security of the quantum key distribution from the triangle inequality, by Pawel Kurzynski, Marcin Markiewicz, Dagomir Kaszlikowski (18 Dec. 2013)
Better Crypto (participate, and make it so)
The ‘Safe Curves’ Project (falls under the category of efforts to make ‘Better Crypto’)
CLEO 2014 (8-13 June 2014, Deadline for submittal of papers 22 Jan. 2014)
Sharing Economy Group (Periodic Meetups)
Sharing Cities: Contributors to this endeavor (depending on your level of contribution) can receive as a perk, one of the following books: Sharing is Good, Zero to Maker, The More Beautiful World Our Hearts Know is Possible, Sacred Economics, Open Source Everything, Present Shock, or The Freelancer’s Bible.