Steven Cherry: Hi, this is Steven Cherry for IEEE Spectrum’s “Techwise Conversations.”
“The human race has a susceptibility to harm, but Mr. Zuckerberg has attained an unenviable record. He has done more harm to the human race than anybody else his age. Because he harnessed ‘Friday Night,’ that is, ‘Everybody needs to get laid,’ and he turned it into a structure for degenerating the integrity of human personality. And he has to a remarkable extent succeeded with a very poor deal, namely ‘I will give you free Web hosting and some PHP doodads and you get spying for free all the time.’ ”
That was Columbia University law professor Eben Moglen. Moglen thinks he knows a way out of that deal with Facebook—and Google, and Twitter, and everyone else who is, as he calls it, spying on us for free—including the governments using what in George Orwell’s book 1984 was a two-way TV but we nowadays know as the Internet.
Moglen envisions what he calls a Freedom Box—a small [US] $100 device, a sort of reverse firewall that instead of keeping viruses from coming in, keeps our privacy from leaking out. The job of actually getting the Freedom Box from concept to product falls to another lawyer, this one who has some software coding chops as well. My guest today is James Vasile, who is a lawyer with the Software Freedom Law Center in New York City and one of the architects of the Freedom Box.
James, welcome to the podcast.
James Vasile: Hi, thanks for having me.
Steven Cherry: Tell us a little bit more about the Freedom Box. How does it work, and why do our listeners need one?
James Vasile: Well the Freedom Box is a network appliance. It ideally replaces your wireless router. It sits between your computers and the wider net and manages traffic in and out with an eye towards protecting your privacy, your anonymity, and your security. It can offer services so, you know, all the things that Evan has been talking about that Facebook does for you, if instead of relying on Facebook servers to do that, you relied on a server that you controlled, your server could decide who it was going to talk to but also not give away your information to anyone except the people you want to talk to. Right now, when you use Facebook or any other third-party Internet service, you’re entrusting your data to somebody else, and most of these services that you entrust your data to use that data to form profiles of you, to read your messages, to pass your messages on to other people, to respond to government subpoenas if they’re delivered.
Steven Cherry: So maybe you could just say a little bit more about for example how it would make my Facebook experience better. I mean, it seems like the whole point of Facebook is that I’m connected to all of my friends, not just a particular friend. It’s hard for me to see how that doesn’t work if stuff isn’t going through the big Facebook server.
James Vasile: Sure, Facebook is a centralized model. All the data comes into one place and then gets distributed out to all your friends. If instead everybody had a Freedom Box, you could put your data on your own Freedom Box, the Freedom Boxes would talk to each other and send updates around as needed. It would look a lot like RSS feeds of updates and photos and messages, and you could pass that data around to just the people that you want to pass it around to. So you would in effect be talking to the public, but the public in this instance is sort of defined by the people you want to talk to. And instead of everyone having Facebook accounts, everyone could just have Freedom Box accounts, and those accounts would be on boxes either in their own homes or in the hands of people that they trust, family members perhaps.
Steven Cherry: I may be giving away my age here but this is a little bit like how the Usenet news service worked. The news posts just sort of traveled around the Internet like your arms going up in a wave at a football stadium.
James Vasile: Sure. It’s a lot like how e-mail travels today.
Steven Cherry: Very good. So, why not just write some software for desktop computers and smartphones? What do we need a Freedom Box for?
James Vasile: So the reason why the Freedom Box is the essential component of this infrastructure is because it needs to sit in the place of your firewall. It needs to be where the messages are coming in and out, so that it can decide what to do with those messages. It needs to act not just as a client like your desktop computer would but as a server and servers are hard to configure if you’re putting them behind your wireless router. It would be hard for your friends to reach your server to get your data. So in order to make that a thing that everyone else can access we need to move it up the chain of command and out towards the wider Net.
Steven Cherry: Very good. So the Software Freedom Law Center I saw raised $80 000 on the fundraising site Kickstarter, so where’s the project at right now?
James Vasile: Well right now we’ve convened a technical advisory committee. These are people who have deep expertise in the various difficult things that the Freedom Box is going to have to do extremely well. And those people are right now coming up with a road map for development that will lead us to actual software that can be loaded onto boxes, not just Freedom Boxes, I mean, if you want to load this onto your PC that will be an option although you’ll need somewhat more technical knowledge than simply plugging in a box. But we’re at the road-map stage right now. People are planning the architecture and figuring out what existing free and open source software we can pick off the shelf and put in the box to do most of the things that we’re planning on accomplishing.
Steven Cherry: So, how far away do you think we are from having Freedom Boxes in our living rooms?
James Vasile: Man I wish…I would love to say that we’re a year away and that’s still a projection I’d like to make. It’s certainly an optimistic one, but if things keep moving forward we should have something that people can use that will have some basic privacy and security functionality within a year. Whether we’re going to have a full Facebook replacement in a year, I think we’re probably a little more than a year away from making that happen.
Steven Cherry: So just stepping back to the benefits of the Freedom Box, you know, we talked about how it would protect my Facebook-type privacy, but you also envision this as protecting privacy for people in places like China or the Middle East where governments are either filtering the Internet or simply shut down the Internet for periods of time, and not only protect privacy but actually give us more freedom to speak.
James Vasile: Every time you have a computer that is behind a national firewall, that computer is able to speak to people outside of the country, but it can only access IP addresses and websites that the government has decided are okay to access. But it’s very difficult to blacklist every computer out there, and if every Freedom Box were a proxy that allowed people behind restrictive national firewalls to surf the wider Web without restriction, then every single Freedom Box is a crack in the great firewall. Every single Freedom Box is a way to evade government censorship of what you can access on the Internet and so we already have a lot of tools that allow people to proxy their connection through other computers to gain anonymity to evade that sort of censorship. If all the Freedom Boxes were nodes in that network, would allow that kind of proxy-ing, then suddenly the number of proxies would grow to the point that you would not be able to effectively restrict people from accessing them. You would not be able to effectively track that network anymore.
Steven Cherry: And I guess if two Freedom Boxes were close enough to one another, like basically within Wi-Fi transmitting distance, I guess, they could kind of pair up without going through the Internet at all.
James Vasile: Sure. Freedom Boxes can talk directly to each other without the Internet using mesh technology if they’re close enough, and if you get a bunch of them close enough to each other they can all speak directly to each other in an encrypted manner so that they’ll never be carried over a wire that’s sniffed or eavesdropped on, and anyone even in the vicinity who might have an antenna won’t be able to understand the conversation because of the encryption. You will not be able to prevent them from talking to each other and you won’t be able to understand what is being said. In places where the Internet is being used to coordinate democratic uprisings this might be a thing that people would be interested in, right? This is the kind of ability to talk to each other that cannot be shut down at the whim of oppressive local governments. That’s the kind of technology we want to build into the Freedom Box.
Steven Cherry: So it’s a very American idea it seems to me. It’s almost like a libertarian ideal, you know, and it harkens back to the original architecture and philosophy of the Internet I think, but you and Eben Moglen say that this cuts out the dangerous middle layer of the Internet where my data is stored in the cloud and used in ways I don’t really agree with. But aren’t there a lot of conveniences to the cloud, and people seem pretty happy with trading off those conveniences for whatever loss of privacy they have.
James Vasile: Yeah, people are very happy trading off the convenience. But the fact is they don’t really have a lot of other options. There’s nothing competing with the convenience of the cloud right now. Right now if you want to replicate the services you get for free very conveniently in the cloud, you have to set up a server, install software on it, understand how that software works, configure it, make it work, and then hope other people have similar configurations so you can talk to them. At the end of the day this is a barrier that not many people are going to be able to surmount. What we’re trying to do is provide a box that makes all of this turnkey. Provide a finished completed solution that if somebody wants to have all of those services in their own home, under their own control, it can be just as convenient as signing up for something like Facebook or signing up for something like Gmail. We’re hoping that if we can compete with the rest of the world at this convenience level, that people will choose privacy, that people will chose the option that makes it easy for them to communicate but also to communicate in a secure and private manner.
Steven Cherry: There’s a classic two-edged sword with any tool that protects our privacy, and that is that it protects everybody’s privacy including, I don’t know, hackers, terrorists, and all other manner of black-hat people. How do we keep them from getting the benefits of the Freedom Box as well?
James Vasile: Sure, I mean, the way you stop criminal organizations is the way we’ve always stopped criminal organizations: You go after the people and you turn the people. I mean, the vast majority of criminal enterprises that we have managed to subvert, it has all started with subverting the people in those organizations, arresting the people who are doing the bad things, and getting them to give you information about the rest of their friends. It’s true that we do a lot of eavesdropping on people and we do a lot of wiretapping, but the bulk of the law-enforcement effort that goes on is trying to find the people that are willing to testify against their friends and I don’t think that’s going to change all that much.
Steven Cherry: So it’s a little bit like encryption. It just benefits everybody and it’s not like encryption has made hackers and terrorists invulnerable.
James Vasile: Right.
Steven Cherry: Well, very good. James, I think if the Freedom Box works out we’ll all be very grateful for it, and if it doesn’t, in years to come we’ll wish it had. So thanks for trying to make it a reality and thanks for joining us today.
James Vasile: Thank you very much for your time.
Steven Cherry: We’ve been speaking with free-software lawyer and technologist James Vasile about building a peer-to-peer network of cheap, private servers known as Freedom Boxes. For IEEE Spectrum’s “Techwise Conversations,” I’m Steven Cherry.
This interview was recorded 26 May 2011.
Segment producer: Ariel Bleicher; audio engineer: Francesco Ferorelli
Follow us on Twitter @spectrumpodcast
NOTE: Transcripts are created for the convenience of our readers and listeners and may not perfectly match their associated interviews and narratives. The authoritative record of IEEE Spectrum's audio programming is the audio version.