intro music
Herald-Angel: So, welcome here on stage
bonsoir taziden and kload
the next talk is on
building a better internet
It all started I think
two years ago at the 30C3
when these two guys were here
inviting us to build our own ISP
and this year they want to invite us to
build something like a better internet
which is a small box I think
they have brought with them.
Yeah, that prevents your ISP from
snooping on your traffic and
enables you to circumvent things like
carrier grade NAT
and all of these oddites
Stage is yours
kload + taziden: Thank you
applause
taziden: Hello everyone, so we are
going to talk to you about
the internet cube, which is this little box
you can see here
maybe you have heard already
about this project with the french name
“La brique Internet”,
but today we are going to stick with
the internet cube.
So let's start with some facts
kload: today we have an Internet
made of big silos
and this is really something
we're incomfortable with
and really something we need to change.
We have… We give information to
a lot of companies, a lot of entities,
governments and stuff that
are having this power to
influence us through this.
So, yeah, it is to say that
we have this princess freedom
we can say that is being held by
some evelish Ganondorf
Like you know that Google, Amazon, Netflix,
Apple, Microsoft, Dropbox, Nasty one, Onclick,
doubleclick.google.ceobase.com
or something like this
and reddit, obviously
and facebook, that's for sure
fact number 2, maybe
t: fact number 2: internet needs diversity
internet is today as kload said
the information is centered in silos
but not only personal information
also the public information
and we can have today
what is your freedom
if the only information you get is from
the top hundread websites
so that's a major problem.
We need more networks,
we need more websites,
we need more information, more sources,
more diversity and obviously
we need more networks.
k: Thankfully we have this
hypertext link to the rescue
of the princess here and
he seems a bit sad with only his shield
so he has to find this artifacts to get
to this old man in the cave and find
I don't know maybe something
maybe an internet cube
applause
Okay, okay, this way is a bit tough.
We have one here and
without further ado,
we'll make a quick demo
so that you have an idea how it works
t: so let's see we have one here
connected on the video
k: we just plugged in just before the conference
so that we can show the [???] at some point
t: let's see what's on there
k: just have to type my domain name,
a very common one
t: yea, it works.
applause
this is where it works,
a device like this
and yeah, I just have my
awesome website on it
I can just have my e-mails,
I mean receive my e-mails.
Yeah, I guess, I hope.
So you can actually send me e-mails on it.
k: let's encrypt is not yet included,
but we're working on it.
t: It is self signed certificates
but propper ciphers and stuff.
Don't worry.
k: You really accept it permanently?
t: I didn't.
So. It is running on the 4G connection here
because I don't know the CCC Network
is kind of spoofing things sometimes
and I will try to receive my e-mails here.
Don't move to much, he's working here.
k: awww, come on
t: Please, Please 4G.
Oh. That's something.
k: The packets are going through
europe and belgium, france also of course
t: That's because HTTPS is slowing up connections
Maybe we won't have e-mails, but I still have
my awesome website on it.
Oh, yes! It works!
Sorry about that.
Yeah!
applause
k: Can you remember the password?
t: I did. Something very strong.
Do you have something funny to say?
k: No. Not after the
talk I gave yesterday, no, sorry.
So, how are you today?
You're doing right?
t: Maybe you can explain that
k: we just plugged it in.
We even put this 4G phone in USB
connected it through USB to the cube
and it worked.
It recognised an internet device on
the USB-device and automatically connected
it to the internet.
This is kind of a plug-and-play thing.
t: Actually we can explain that we switched
to 3G connection because we had issues
during the preperation with the networks here
at the congress. Some people where trying
to spoof certificates.
k: DynDNS or SSL-Certificates, what an idea
t: let's wait a little bit
(whispers) Come on!
chuckles
that was working earlier.
k: of course it was working
Okay, maybe, what we can say about this,
don't try this at home because it's dangerous.
No, it’s … I mean …
Receiving e-mails, actual e-mails
on a 3G connected device.
That can be tricky at some point.
Okay, we can go further now and
just get back to it afterwards.
So, the question is:
How does it actually work?
t: … when it works. chuckles
t: How does it work?
That's the interesting part.
This little box, cube,
what is interesting about this
is that it's the union of three mayor
essential parts: three basic elements that
combine together gives something
very interesting and
the first part is open hardware.
We need to do this to achieve
what we are describing.
We need to have an open hardware that is cheap,
low voltage, that is hackable,
with specifications online and so far
the best match we had only makes Hamboard,
but open hardware is just one element and
you need to have free software
running on top
of this open hardware and that's something
kload has been working on
for a long time now
k: for like 3 years we worked on a software
called YunoHost which is basically
a Debian based distribution that aims
to facilitate or to ease the installation
and the management, the handling
of services on the server
easing the user creation, management,
the backup creation, the domain creation
the extention of the server capabilities
with applications and stuff.
So that's regarding the software part.
You can find further information on the website
YunoHost.org and we had those 2 components
cool hardware, open and
olimex is quite a cool manufacturer
and we had this software which works on
that board but we needed something
in order to solve this network issue
that obviously is a pain in the ass when you
are trying to host yourself.
It's like how can I make my server open
on the internet and that's
how the third component comes up.
We need, actually …
We chose to add to this a VPN connection
to a trustworthy provider.
t: Two years ago I was here at the congress
giving a talk about inviting you to build
your own ISPs and when you are running
such ISPs you should communicate and
help each other in order
for the networks to grow
and this networks to have them
everywhere, actually.
We met with Freifunk and so.
That was really great and we at the time
presented a tool called db.ffdn.org
and you can find on this site a whole bunch
of internet access providers,
non-profit ones, that are enabling us
with this cube to provide VPN access with
public endpoints which means you can have
your personal data or your public data
accessible through the Internet
through trusted connection,
going through a friendly ISP
and that's something that's not possible
with the most of the commercial ISPs
that are blocking port 25,
that are doing silly stuff,
that are doing discrimination on the network
and that do not want us to do self hosting.
That's the 3rd element that I've seen
missing in most of the projects about
this kind of matter.
It's how do you …
You can trust the hardware,
you can work on the hardware,
you can work on the software,
but the missing link is always, I think,
the third is one about the connection
to the Internet.
Combined together this
3 elements give what we think is
kind of only trinity like
and it makes the internet cube.
k: those 3 parts are very legit in the
sense that it now comes as a plug and play
device, something really plug and play
even though it is a bit slow sometimes but…
t: depends on the network
k: depends on the network, but this question
of having friendly ISPs is
really complicated to solve.
Self hosting is becoming
really complicated.
Now having this 3 parts
really makes the cube plug and play
and the cool part is adding a WiFi antenna
on it and you have actually this initial
network broadcasted through all your house,
every place you go you have this wifi,
we have one though, we have a
non-discriminant network being
broadcasted as they all say, they have WiFi.
t: it's overrated
k: We have also this possibilities to
broadcast a virtual network at home
and just by connecting to it
your commercial non-trustworthy ISP
is not able to read what you are doing
off your connection anymore.
There is those very 2 parts
having a virtual network at home
and having a personal cell
working right away
t: that's the very interesting thing
about all this
is that you have two major parts like
connecting to the cube and your data
from everywhere on the internet
and also at your home, or whereever
you are you can connect to the internet
through a trusted channel and
of course this is what we came up with
but I think there are many, many
other things we can do and maybe
you are all wondering how do you get one?
a working one of course
and that's an interesting question
it's easy for French people or
Belgian to have one because there are
non profit local ISPs providing this cubes
nearby that as I say
the local part is very important
what you should do is maybe think about
building your own ISP providing VPN access
such as we do and also all the parts,
all the documentation,
all the software and so on
is online and we really invite people
to build their own.
If you have questions about building your
own ISP and providing
public IPs to friends and
to people around you,
ask us, we can help you
It's really what we want to do.
It's really to have more networks,
to have more projects like this
k: the thing that we often miss here is that
it is not as difficult as we think to build
an actual VPN provider.
We've done it a lot in France,
we've done quite, I don't know
how many members are in the federation?
t: in the federation,
we have a federation of
non-profit internet access providers
and I think
like 2 years ago we where like 21 and now
we have 28 organisations
k: 28 non-profit organisations made by
just passionists over France so
we have knowledges of how we can
build one and if you want to do so just
just ask us
t: We have gathered enough knowledge to
help you bootstrap something.
t: one thing is:
before the internet cube project
came up, we were not so much interested in
building VPN service.
It really came up like this with
people from the YunoHost project
with the Olimex hardware we discovered
with the people involved
in the non-profit ISPs
and this very combination gives something
that I think is very, very cool
and very inspiring.
There are many things to do with it
many hacks to invent or things to …
k: Of course, this hardware is kind of
like a Rasberry Pi, it has potentially …
all of the potential
You can do domadig [?] with it.
We have made pirate boxes quite often,
maybe if you went to camp you
probably have seen me going around
with a big ad sign and this actually on
my head because I was sharing documents.
t: You also did it in Tunisia?
k: Yeah, in Tunisia, too.
We did it quite a few times
The thing is: you can build piratebox,
you can as a router, a wifi router,
you can imagine having some kind of
tor gateway, maybe one day routing all
the traffic instead of VPN
routing it through tor.
This is something we can
imagine with the …
t: with people using it
as a way to stream radio
from the place
k: Yea, as a streaming device...
t: It's one interesting thing
that there is a
battery, so you can just... really
have it on your backpack.
You can recharge it
with a solar panel as it's low voltage and
it's really something interesting and
we came up with this by tinkering.
We hope that
we will ... you will advance
other things to do
over creative, stupid, crazy ideas
and that's why we are here. So...
k: Yeah, if you want to have
more information though
you have this... this is
actually our domain.
That you figured out.
It's like "internetcube.be"
and you have all the information
all the documentation, mailing list, IRC,
every channel of communication
t: Yeah, you can contact us
to share actions
to see what can be improved,
because for us it fits in our use cases,
but it may be that there are other use cases
with when you are in Tunisia or other countries,
there are certainly other things
to do with it.
k: Yeah, anyway. If you want to talk about
this,
we are in CCC until the end, probably.
And so, yeah, we'd be glad to
answer your questions now, or we can look
at my mails. Okay! Questions?
applause
Herald: Okay, Merci beaucoup, taziden et kload
and do we have questions from the stream viewers
or from the audience?
That is not the case,
so thank you for your talk!
t: Thank you! Thank you!
applause
Herald: Okay, there is a question! Where?
Microphone 3!
Question: So thank you for the talk!
I don't have much knowledge about your
technology so far, so excuse if the question
is misplaced.
How does it compare to the Tor network
in terms of
anonymous access and stuff?
k: It actually doesn't compare to the
Tor network. We can not compare that.
t: But in terms of anoynmity: it doesn't
make you anonymous.
it's quite the opposite, actually.
The only thing that this box can do is
when you connect to it in the WiFi
in your house, everything that you do
all your connection, internet connection
is not readable any more for your actual
your commercial ISP.
Your connection becomes readable for
your local friendly organisation that
gives you this access.
Question: So you have to worry about your
end to end connections.
t: yeah! So as always.
Herald: So now I see people lining up.
Microphone 2 please!
Question: Hi, can it
send emails to Gmail
or is it just within your network?
And how does it work because the
filter home ISP usually at large providers?
You have to have a trusted IP to send
email to Gmail and others.
t: Yes, the ISP—the local ISP—gives you an
actual IP address on the this box
and this box can definitely send emails
to Gmail and receive emails from Gmail.
It's just easily …
it is linked to one of your domain.
So it is your domain that you are using.
Here it was various.expert
but you can definitely have
a more standard domain
But yes, with that you can receive emails
to your_nickname@your_domain.
Yes, definitely.
Herald: And there is a question
at microphone 4?
Question: Hi, I am originating for Tunisia,
so I am a little bit interested
in what you did in Tunisia
and during the Tunisian Arab spring revolution
it was that mesh networks, AIDA mesh network,
was that something you did or?
t: No not we! You want to answer maybe...
k: No you...
t: No, I will... sorry. No we didn't make
mesh network but this is really something
we can imagine with those kind of devices
but this is not what we did in Tunisia.
In Tunisia we just had those devices
as pirateboxes to distribute documents
and that's it.
Questioner: Thank you!
Herald: Okay, I don't see anybody
at the mics, right?
Okay then thanks again!
t: Thank you!
k: Thanks!
applause
subtitles created by c3subtitles.de
Join, and help us!