Initial attempt at improving the website

doc/EN/homeserver.org

@@ -0,0 +1,80 @@
+#+TITLE:
+#+AUTHOR: Bob Mottram
+#+EMAIL: bob@robotics.uk.to
+#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
+#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+OPTIONS: ^:nil toc:nil
+#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
+
+#+BEGIN_CENTER
+[[file:images/logo.png]]
+#+END_CENTER
+
+#+BEGIN_CENTER
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
+#+END_CENTER
+
+The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
+
+First you will need to create an image.
+
+#+begin_src bash
+sudo su
+apt-get -y install build-essential git python-docutils mktorrent \
+vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info \
+mbr qemu-user-static binfmt-support u-boot-tools qemu
+git clone https://github.com/bashrc/freedombone
+cd freedombone
+git checkout stockholm
+make install
+freedombone-image -t i386 -s 7.8G --onion yes
+#+end_src
+
+This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
+
+List what drives are on your system with:
+
+#+begin_src bash
+ls /dev/sd*
+#+end_src
+
+Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
+
+You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
+
+#+begin_src bash
+dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
+#+end_src
+
+And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.
+
+As the system boots for the first time the login is:
+
+#+begin_src bash
+username: fbone
+password: freedombone
+#+end_src
+
+You will then be shown a large new password. It's *very important* that you write this down somewhere before going further, because you'll need this to log in later.
+
+You'll be asked to set a username and a "real" name (or nickname), then the rest of the installation will be automatic. Again, it takes a while, so go and do something less boring instead.
+
+When it's installed on your local system open a terminal and run:
+
+#+begin_src bash
+ssh myusername@freedombone.local -p 2222
+#+end_src
+
+Use the password you wrote down earlier to log in.
+
+Select the *administrator control panel* with up and down cursor keys, space bar and enter key. You might need to re-enter your password. Then select *About*. You'll see a list of sites and their onion addresses.
+
+On your local system open a *Tor compatible browser* and enter your blog's onion address. If it's all working then you should see your new blog.
+
+*Congratulations! You have now become a citizen of the free internet. Use your new powers wisely.*
+
+Of course, this is just one way in which you can install the Freedombone system. If you have a single board computer (SBC) such as a BeagleBone Black or OLinuxino you can make disk images for those too. You can even create clearnet sites if you have your own domain name. ARM boards with closed proprietary boot blobs are not supported. For more details run:
+
+#+begin_src bash
+man freedombone-image
+#+end_src

doc/EN/index.org

@@ -10,71 +10,20 @@
 [[file:images/logo.png]]
 #+END_CENTER
 
-#+BEGIN_EXPORT html
- <center>
- <table style="width:50%; border:0">
-  <tr>
-    <td><center><a href="variants.html">Variants</a></center></td>
-    <td><center><a href="installation.html">Install</a></center></td>
-    <td><center><a href="usage.html">Use</a></center></td>
-    <td><center><a href="backups.html">Backups</a></center></td>
-    <td><center><a href="mirrors.html">Mirrors</a></center></td>
-  </tr>
-  <tr>
-    <td><center><a href="code.html">Code</a></center></td>
-    <td><center><a href="controlpanel.html">Control Panel</a></center></td>
-    <td><center><a href="related.html">Related</a></center></td>
-    <td><center><a href="faq.html">F.A.Q.</a></center></td>
-    <td><center><a href="support.html">Contact/Support</a></center></td>
-  </tr>
-</table>
-</center>
-#+END_EXPORT
-
-With the right technology the internet can be a space for free expression, exploration, cooperation, learning and fun. A place to connect with others are share experiences. It doesn't have to be a gloomy surveillance prison owned and run by a diabolical synthesis of money-grabbing megacorporations and prurient government spooks brandishing "bulk/general warrants". Freedombone is designed to help you surmount the contemporary digital privacy conundrums and to increase your online autonomy. It's a self-hosted home server configuration which can be installed onto any computer capable of running [[https://www.debian.org/][Debian]], so if you have an old laptop or netbook which you can leave turned on then you can use Freedombone to provide your own internet services, such as blogging, wiki, email, chat and social networking and have independence from the well known internet companies.
-
-#+BEGIN_EXPORT html
- <center>
- <b>Four Scenarios</b>
- <table style="width:95%; border:0">
-  <tr>
-    <td><center><h6>Home server</h6>Plugged into your home wifi router. Add a few friends and family as users</center></td>
-    <td><center><h6>Home server + Hotspot</h6>Also provides a wifi hotspot to extend your home network</center></td>
-    <td><center><h6>Server in your pocket</h6>Roaming wireless server with services accessible via onion addresses</center></td>
-    <td><center><h6>Mesh node</h6>Dynamic networks which don't depend on the conventional internet. Distributed, scalable and fully encrypted</center></td>
-  </tr>
-  <tr>
-  </tr>
-</table>
-</center>
-#+END_EXPORT
-
-This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of [[https://www.youtube.com/watch?v=XZmGGAbHqa0][titanic server warehouses]] owned by a tiny number of individuals and it's what is sometimes refered to as [[https://mediagoblin.org/news/userops.html]["userops"]] - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
-
-With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "/no reasonable expectation of privacy/" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it.
-
-#+BEGIN_QUOTE
-"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we don’t control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." -- Lucas Nussbaum
-#+END_QUOTE
-
-Today everyone is concerned about privacy on the internet. Wanting privacy doesn't necessarily mean you have "something to hide". It just means having the ability to choose /what information to share, with whom and under what conditions/ and therefore being able to shape your own life story. The loss of ability to choose via the "involuntary sharing" which many people experience when using communications systems built by the well known internet companies, means that you're no longer really running your own affairs and that others may begin to exert an improper amount of influence over you. Mass surveillance is perhaps the ultimate in involuntary sharing and it's only through the use of freedom respecting software together with a solid determination to overcome state and corporate abuses of technology that we can hope to get to the kind of internet in which respect for human dignity is built in as a core feature.
-
 #+BEGIN_CENTER
-[[file:images/nocloud.png]]
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
 #+END_CENTER
 
-Another problem is the precariousness of the terms of service. Except in rare cases such terms are not easy to read, so many people end up clicking through terms which if explained more clearly they would never agree to. Over the past decade many internet users have had the unpleasant experience of having their blogs, videos or other web content inexplicably removed, typically due to some ill-defined terms of service violation or a false accusation of copyright infringement. There have been valiant attempts to improve the readability of terms of service documents, using icons or clearer language, and to generate a sort of marketplace in which people would choose what web systems they use based on the terms documents - to make the privacy/autonomy bargaining more explicit. These efforts were well-intentioned, but have conclusively failed. Even in the best case, that approach doesn't take into account the coercive network effects or large web systems.
+So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
 
-You can bypass all of these dilemmas and take back ownership of your internet content with Freedombone.  Originally based upon the Beaglebone Black, Freedombone is a small and cheap home server which enables you to use email, have your own web site and do social networking without any built-in spying and without having to agree to any legal terms of service other than those of your ISP.  It provides independence and security in an era where those things are in short supply.
+Want to make a community mesh network which doesn't depend upon the internet? You can do that too.
 
-#+BEGIN_QUOTE
-"The deepest problem is that the system architecture that has evolved in recent years holds masses of information on many people with no intelligence value, but with vast potential for political abuse." -- Ross Anderson
-#+END_QUOTE
+But how?
 
-Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for /all kinds of nefariousness/ and in any future wars they're bound to be amongst the first facilities to receive the "/shock and awe/" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
+ * [[./homeserver.html][To make a home server]]
+ * [[./mesh.html][To make a mesh network]]
 
-An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "/bulk intercept/" or "/warrantless wiretapping/". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by [[https://bettercrypto.org][bettercrypto.org]] . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively [[https://en.wikipedia.org/wiki/Free_software][free software]] is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
+After installation it's possible that you might want some advice on how to run your server and set up apps to work nicely with it.
 
-#+BEGIN_CENTER
-This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
-#+END_CENTER
+ * [[./usage.html][General usage]]
+ * [[./faq.html][Frequently Asked Questions]]

doc/EN/mesh.org

@@ -10,193 +10,60 @@
 [[file:images/logo.png]]
 #+END_CENTER
 
-#+BEGIN_EXPORT html
-<center>
-<h1>Mesh Network</h1>
-</center>
-#+END_EXPORT
-
-| [[What is a mesh network?]] |
-| [[The Freedombone Mesh]]    |
-| [[Installation]]            |
-| [[Wifi adaptors]]           |
-| [[Using the mesh]]          |
-| [[Further reading]]         |
-
-* What is a mesh network?
-The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
-
-The client/server and mesh network models have advantages and disadvantages. If the server in a client/server system fails then you can have catastrophic service outages which affect many users. If a peer in a mesh network fails then the other peers may be mostly unaffected and communications can continue. The disadvantage of mesh networks is that each peer relays data for other peers and so the bandwidth usage by each peer may be higher than for a client in a client/server system. However, with modern hardware that's not much of an issue.
-
-Mesh networks are useful for building local and highly resillient communications infrastructure which can be put together rapidly, in situations where the ordinary internet is either unavailable or untrustworthy.
-
-Example use cases would be:
-
- * Conferences / Exhibitions
- * Local community networks, not run by telcos or ISPs
- * Emergency services / Disaster relief
- * Camp sites
- * War zones
- * Scientific expeditions to remote areas
- * Onboard smaller ships without satellite internet, captain/crew communications
- * Underground (mines or caves)
- * Protests / Occupations of buildings
- * Eventually in space for manned missions to other planets, moons or asteroids
-
-* The Freedombone Mesh
-The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
-* Installation
-** Two types of system
-Installation is split into two categories, /routers/ and /user devices/.
-
-A router is a computer which is dedicated to moving network traffic and building out the mesh infrastructure. It's not primarily intended to have a user interface. Hardware such as the Beaglebone Black is ideal for this, because it's small, inexpensive and doesn't consume much electrical power and so can be fitted in any location where an electricity supply is available.
-
-Small computers acting as mesh routers can also be battery operated or solar powered so that the network need not be statically sited. They could be included in a backpack for camping, fitted within moving vehicles, strapped to protest placards or attached to [[https://www.youtube.com/watch?v=Wwsy9MThwns][large tethered helium balloons]] (like weather balloons) to help provide a local and transient communications system.
-
-/User devices/ are the computers with which you would typically access the internet - laptops, desktop machines, netbooks or any other device which can run a Debian-based distro (eg. Ubuntu) with a working wifi connection.
-** Installing on routers
-Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
-
-Some recommended hardware:
-
- * Beaglebone Black
- * 5V power supply
- * Ethernet cable (for installation of the software)
- * 8GB microSD card, or larger
- * Wireless N USB Adapter TPE-N150USB
+#+BEGIN_CENTER
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
+#+END_CENTER
 
-If you are using the Beaglebone Black then you'll need to install the Debian image to the microSD card. You can find details of how to do that [[./installation.html][here]].
+Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, scientific expeditions and off-world space colonies. All the cool stuff. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
 
-Connect your system to your internet router with an ethernet cable, then ssh into it and type:
+First you will need to create an image.
 
-#+BEGIN_SRC bash
-su
-apt-get update
-apt-get install git build-essential dialog
+#+begin_src bash
+sudo su
+apt-get -y install build-essential git python-docutils mktorrent \
+vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info \
+mbr qemu-user-static binfmt-support u-boot-tools qemu
 git clone https://github.com/bashrc/freedombone
 cd freedombone
+git checkout stockholm
 make install
-#+END_SRC
-
-At this point if you are using a system or dongle with an Atheros AR9271 wifi chipset then you may want to install some pre-compiled firmware (you can compile it from source, but it takes a long time - especially on the Beaglebone Black). If you need to do that then see the wifi adaptor notes below.
-
-Then to begin the install:
-
-#+BEGIN_SRC bash
-freedombone menuconfig
-#+END_SRC
-
-Select the "/mesh (router)/" install variant, give an ESSID or just hit enter for the default. If discression is important then use an ESSID similar to those already in the area. The ESSID must be the same on every mesh peer. Assign this mesh peer a name. In order to avoid confusions it's important that the name should be unique on the network and contain no spaces. So maybe a word followed by some numbers, or the name of the place where the router will be installed.
-
-If you're installing on a Beaglebone Black then after a while the system will reboot and you will need to ssh in again and run:
-
-#+BEGIN_SRC bash
-cd freedombone
-freedombone -c freedombone.cfg
-#+END_SRC
-
-The reboot is needed in order to enable zram and the hardware random number generator.
-** Installing on user devices
-Typically on a laptop with a Debian-based distro installed, open a terminal and type:
-
-#+BEGIN_SRC bash
-sudo apt-get update
-sudo apt-get install git build-essential dialog
-git clone https://github.com/bashrc/freedombone
-cd freedombone
-sudo make install
-freedombone menuconfig
-#+END_SRC
-
-Select the "/mesh (user device)/" variant and set the same ESSID as you did for the routers, or just hit enter for the default.
-
-An important point is that on older Debian-based systems, such as Ubuntu 14.04 or Trisquel 7, you may need to install a more recent version of /batctl/. An example is as follows.
-
-#+BEGIN_SRC bash
-sudo apt-get remove --purge batctl
-wget http://mirrors.kernel.org/ubuntu/pool/universe/b/batctl/batctl_2014.1.0-2_amd64.deb
-sudo dpkg -i batctl_2014.1.0-2_amd64.deb
-#+END_SRC
-* Wifi adaptors
-There are a small number of wifi adaptors which are compatible with a fully free software stack.
-** Atheros AR9271
-To install the firmware for this:
-
-#+BEGIN_SRC bash
-cd freedombone/drivers
-sha256sum ath9k_htc_driver_bbb.tar.gz
-7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1
-tar -xvzf ath9k_htc_driver_bbb.tar.gz
-mv *.fw /lib/firmware
-cd ..
-#+END_SRC
-* Using the mesh
-The following sections only apply to /client devices/. Mesh /routers/ are only for routing network traffic and operating [[https://en.wikipedia.org/wiki/BitTorrent_tracker][trackers]] and [[https://en.wikipedia.org/wiki/Distributed_hash_table][distributed hash tables]] for bootstrapping purposes.
-
-** Switching from internet to mesh mode
-To join the mesh network open a terminal and type:
-
-#+BEGIN_SRC bash
-meshweb
-#+END_SRC
-
-If you want to have your system as a permanent mesh peer then you could add that command to your startup applications so that it activates whenever the computer starts up.
-
-A web page should appear in your browser, which then allows you to access communication services on the mesh. These pages should update automatically, so that if peers enter or leave the network the lists will change accordingly.
-
-If for any reason things don't seem to be updating you can force an update by issuing the command:
-
-#+BEGIN_SRC bash
-zeronetavahi
-#+END_SRC
-** Chat
-If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The [[https://github.com/Tox/toxic][Toxic]] client is installed by default, but you may also want to install [[https://github.com/tux3/qTox][qTox]] for a more conventional-looking user experience.
+freedombone-image -t i386 -v meshclient
+#+end_src
 
-You can obtain Tox IDs for users on the network via the initial web page.
+If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is *NOT RECOMMENDED* because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
 
-To launch the [[https://github.com/Tox/toxic][Toxic client]] in a terminal type:
+#+begin_src bash
+freedombone-image -t i386 -v meshclient --insecure yes
+#+end_src
 
-#+BEGIN_SRC bash
-toxic
-#+END_SRC
+This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
 
-The first time you will be asked whether you wish to encrypt the data file used for your settings. Select "no" for this, otherwise the system will not be able to obtain your public key and broadcast it to other peers in the network. Even if you select "yes" the system will still be usable, but it will not be so easy for other peers on the network to find you unless you have previously exchanged your Tox ID via some out-of-band method.
+List what drives are on your system with:
 
-Then to add a new friend:
+#+begin_src bash
+ls /dev/sd*
+#+end_src
 
-#+BEGIN_SRC bash
-/nick mynickname
-/add <friend Tox ID>
-#+END_SRC
+Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
 
-Your friend will need to approve the request, and then you can chat via text or voice using /CTRL-o/ and /CTRL-p/ to switch between screens and cursor keys plus Enter to select users.
+You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
 
-Another thing worth knowing is that if you were already using a Tox client before running the /meshweb/ command then it's a good idea to close and reopen it, so that the list of bootstrap nodes is updated. The same also applies when exiting the mesh and returning to the internet.
+#+begin_src bash
+dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
+#+end_src
 
-A note for the security-conscious is that broadcasting Tox IDs via the network (using Avahi) is convenient but not highly secure. An adversary could maybe join the network and create decoy peers to try to disrupt the communications and have messages going to the wrong places. For the best security exchange Tox IDs in advance by some method other than looking them up from the initial mesh web page.
-** Blogging
-The Freedombone mesh uses a fully decentralized blogging system called [[https://github.com/HelloZeroNet/ZeroBlog][ZeroBlog]]. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
+And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
 
-All blogs on the mesh are public, so any user joining the mesh can read any other blog. Network traffic is encrypted between peers, so passive snooping will be hard, and also the integrity of data is checked via certificates so that you can be reasonably confident that nefarious content has not been added or removed from the data stream while in transit through the network.
+On first boot you'll be asked to set a username, and then you can open the chat client and select the *users* icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
 
-This type of content creation and delivery provides a good template for what the conventional internet should ultimately be like if it is to be robust, trustworthy and resistant to censorship or damage.
+Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
 
-To add a new blog entry click the /new post/ button, edit the title and content (clicking /save/ at the bottom of the screen after each). Then when you are done click on the /publish/ button at the bottom of the screen. And that's all there is to it.
-** Other services
-It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
-** Turning off the mesh
-If you wish to return to the internet then open a terminal and type:
+No logs, no masters.
 
-#+BEGIN_SRC bash
-sudo batman stop
-#+END_SRC
+You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
 
-After a few seconds your usual internet wifi connection should be re-established.
-* Further reading
-For much more extensive details about deploying wireless networks there is an excellent book called [[https://wndw.net][Wireless Networking in the Developing World]] which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
+#+begin_src bash
+freedombone-image -t beaglebone -v mesh
+#+end_src
 
-#+BEGIN_EXPORT html
-<center>
-Return to the <a href="index.html">home page</a>
-</center>
-#+END_EXPORT
+The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.

website/EN/homeserver.html

@@ -0,0 +1,385 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+<head>
+<!-- 2016-08-09 Tue 16:19 -->
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<title></title>
+<meta name="generator" content="Org-mode" />
+<meta name="author" content="Bob Mottram" />
+<meta name="description" content="Turn the Beaglebone Black into a personal communications server"
+ />
+<meta name="keywords" content="freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber" />
+<style type="text/css">
+ <!--/*--><![CDATA[/*><!--*/
+  .title  { text-align: center;
+             margin-bottom: .2em; }
+  .subtitle { text-align: center;
+              font-size: medium;
+              font-weight: bold;
+              margin-top:0; }
+  .todo   { font-family: monospace; color: red; }
+  .done   { font-family: monospace; color: green; }
+  .priority { font-family: monospace; color: orange; }
+  .tag    { background-color: #eee; font-family: monospace;
+            padding: 2px; font-size: 80%; font-weight: normal; }
+  .timestamp { color: #bebebe; }
+  .timestamp-kwd { color: #5f9ea0; }
+  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
+  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
+  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
+  .underline { text-decoration: underline; }
+  #postamble p, #preamble p { font-size: 90%; margin: .2em; }
+  p.verse { margin-left: 3%; }
+  pre {
+    border: 1px solid #ccc;
+    box-shadow: 3px 3px 3px #eee;
+    padding: 8pt;
+    font-family: monospace;
+    overflow: auto;
+    margin: 1.2em;
+  }
+  pre.src {
+    position: relative;
+    overflow: visible;
+    padding-top: 1.2em;
+  }
+  pre.src:before {
+    display: none;
+    position: absolute;
+    background-color: white;
+    top: -10px;
+    right: 10px;
+    padding: 3px;
+    border: 1px solid black;
+  }
+  pre.src:hover:before { display: inline;}
+  /* Languages per Org manual */
+  pre.src-asymptote:before { content: 'Asymptote'; }
+  pre.src-awk:before { content: 'Awk'; }
+  pre.src-C:before { content: 'C'; }
+  /* pre.src-C++ doesn't work in CSS */
+  pre.src-clojure:before { content: 'Clojure'; }
+  pre.src-css:before { content: 'CSS'; }
+  pre.src-D:before { content: 'D'; }
+  pre.src-ditaa:before { content: 'ditaa'; }
+  pre.src-dot:before { content: 'Graphviz'; }
+  pre.src-calc:before { content: 'Emacs Calc'; }
+  pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
+  pre.src-fortran:before { content: 'Fortran'; }
+  pre.src-gnuplot:before { content: 'gnuplot'; }
+  pre.src-haskell:before { content: 'Haskell'; }
+  pre.src-java:before { content: 'Java'; }
+  pre.src-js:before { content: 'Javascript'; }
+  pre.src-latex:before { content: 'LaTeX'; }
+  pre.src-ledger:before { content: 'Ledger'; }
+  pre.src-lisp:before { content: 'Lisp'; }
+  pre.src-lilypond:before { content: 'Lilypond'; }
+  pre.src-matlab:before { content: 'MATLAB'; }
+  pre.src-mscgen:before { content: 'Mscgen'; }
+  pre.src-ocaml:before { content: 'Objective Caml'; }
+  pre.src-octave:before { content: 'Octave'; }
+  pre.src-org:before { content: 'Org mode'; }
+  pre.src-oz:before { content: 'OZ'; }
+  pre.src-plantuml:before { content: 'Plantuml'; }
+  pre.src-processing:before { content: 'Processing.js'; }
+  pre.src-python:before { content: 'Python'; }
+  pre.src-R:before { content: 'R'; }
+  pre.src-ruby:before { content: 'Ruby'; }
+  pre.src-sass:before { content: 'Sass'; }
+  pre.src-scheme:before { content: 'Scheme'; }
+  pre.src-screen:before { content: 'Gnu Screen'; }
+  pre.src-sed:before { content: 'Sed'; }
+  pre.src-sh:before { content: 'shell'; }
+  pre.src-sql:before { content: 'SQL'; }
+  pre.src-sqlite:before { content: 'SQLite'; }
+  /* additional languages in org.el's org-babel-load-languages alist */
+  pre.src-forth:before { content: 'Forth'; }
+  pre.src-io:before { content: 'IO'; }
+  pre.src-J:before { content: 'J'; }
+  pre.src-makefile:before { content: 'Makefile'; }
+  pre.src-maxima:before { content: 'Maxima'; }
+  pre.src-perl:before { content: 'Perl'; }
+  pre.src-picolisp:before { content: 'Pico Lisp'; }
+  pre.src-scala:before { content: 'Scala'; }
+  pre.src-shell:before { content: 'Shell Script'; }
+  pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
+  /* additional language identifiers per "defun org-babel-execute"
+       in ob-*.el */
+  pre.src-cpp:before  { content: 'C++'; }
+  pre.src-abc:before  { content: 'ABC'; }
+  pre.src-coq:before  { content: 'Coq'; }
+  pre.src-groovy:before  { content: 'Groovy'; }
+  /* additional language identifiers from org-babel-shell-names in
+     ob-shell.el: ob-shell is the only babel language using a lambda to put
+     the execution function name together. */
+  pre.src-bash:before  { content: 'bash'; }
+  pre.src-csh:before  { content: 'csh'; }
+  pre.src-ash:before  { content: 'ash'; }
+  pre.src-dash:before  { content: 'dash'; }
+  pre.src-ksh:before  { content: 'ksh'; }
+  pre.src-mksh:before  { content: 'mksh'; }
+  pre.src-posh:before  { content: 'posh'; }
+  /* Additional Emacs modes also supported by the LaTeX listings package */
+  pre.src-ada:before { content: 'Ada'; }
+  pre.src-asm:before { content: 'Assembler'; }
+  pre.src-caml:before { content: 'Caml'; }
+  pre.src-delphi:before { content: 'Delphi'; }
+  pre.src-html:before { content: 'HTML'; }
+  pre.src-idl:before { content: 'IDL'; }
+  pre.src-mercury:before { content: 'Mercury'; }
+  pre.src-metapost:before { content: 'MetaPost'; }
+  pre.src-modula-2:before { content: 'Modula-2'; }
+  pre.src-pascal:before { content: 'Pascal'; }
+  pre.src-ps:before { content: 'PostScript'; }
+  pre.src-prolog:before { content: 'Prolog'; }
+  pre.src-simula:before { content: 'Simula'; }
+  pre.src-tcl:before { content: 'tcl'; }
+  pre.src-tex:before { content: 'TeX'; }
+  pre.src-plain-tex:before { content: 'Plain TeX'; }
+  pre.src-verilog:before { content: 'Verilog'; }
+  pre.src-vhdl:before { content: 'VHDL'; }
+  pre.src-xml:before { content: 'XML'; }
+  pre.src-nxml:before { content: 'XML'; }
+  /* add a generic configuration mode; LaTeX export needs an additional
+     (add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
+  pre.src-conf:before { content: 'Configuration File'; }
+
+  table { border-collapse:collapse; }
+  caption.t-above { caption-side: top; }
+  caption.t-bottom { caption-side: bottom; }
+  td, th { vertical-align:top;  }
+  th.org-right  { text-align: center;  }
+  th.org-left   { text-align: center;   }
+  th.org-center { text-align: center; }
+  td.org-right  { text-align: right;  }
+  td.org-left   { text-align: left;   }
+  td.org-center { text-align: center; }
+  dt { font-weight: bold; }
+  .footpara { display: inline; }
+  .footdef  { margin-bottom: 1em; }
+  .figure { padding: 1em; }
+  .figure p { text-align: center; }
+  .inlinetask {
+    padding: 10px;
+    border: 2px solid gray;
+    margin: 10px;
+    background: #ffffcc;
+  }
+  #org-div-home-and-up
+   { text-align: right; font-size: 70%; white-space: nowrap; }
+  textarea { overflow-x: auto; }
+  .linenr { font-size: smaller }
+  .code-highlighted { background-color: #ffff00; }
+  .org-info-js_info-navigation { border-style: none; }
+  #org-info-js_console-label
+    { font-size: 10px; font-weight: bold; white-space: nowrap; }
+  .org-info-js_search-highlight
+    { background-color: #ffff00; color: #000000; font-weight: bold; }
+  .org-svg { width: 90%; }
+  /*]]>*/-->
+</style>
+<link rel="stylesheet" type="text/css" href="freedombone.css" />
+<script type="text/javascript">
+/*
+@licstart  The following is the entire license notice for the
+JavaScript code in this tag.
+
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
+
+The JavaScript code in this tag is free software: you can
+redistribute it and/or modify it under the terms of the GNU
+General Public License (GNU GPL) as published by the Free Software
+Foundation, either version 3 of the License, or (at your option)
+any later version.  The code is distributed WITHOUT ANY WARRANTY;
+without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE.  See the GNU GPL for more details.
+
+As additional permission under GNU GPL version 3 section 7, you
+may distribute non-source (e.g., minimized or compacted) forms of
+that code without the copy of the GNU GPL normally required by
+section 4, provided you include this license notice and a URL
+through which recipients can access the Corresponding Source.
+
+
+@licend  The above is the entire license notice
+for the JavaScript code in this tag.
+*/
+<!--/*--><![CDATA[/*><!--*/
+ function CodeHighlightOn(elem, id)
+ {
+   var target = document.getElementById(id);
+   if(null != target) {
+     elem.cacheClassElem = elem.className;
+     elem.cacheClassTarget = target.className;
+     target.className = "code-highlighted";
+     elem.className   = "code-highlighted";
+   }
+ }
+ function CodeHighlightOff(elem, id)
+ {
+   var target = document.getElementById(id);
+   if(elem.cacheClassElem)
+     elem.className = elem.cacheClassElem;
+   if(elem.cacheClassTarget)
+     target.className = elem.cacheClassTarget;
+ }
+/*]]>*///-->
+</script>
+</head>
+<body>
+<div id="preamble" class="status">
+<a name="top" id="top"></a>
+</div>
+<div id="content">
+<div class="org-center">
+
+<div class="figure">
+<p><img src="images/logo.png" alt="logo.png" />
+</p>
+</div>
+</div>
+
+<div class="org-center">
+<p>
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
+</p>
+</div>
+
+<p>
+The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
+</p>
+
+<p>
+First you will need to create an image.
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">sudo su
+apt-get -y install build-essential git python-docutils mktorrent <span class="org-sh-escaped-newline">\</span>
+vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info <span class="org-sh-escaped-newline">\</span>
+mbr qemu-user-static binfmt-support u-boot-tools qemu
+git clone https://github.com/bashrc/freedombone
+<span class="org-builtin">cd</span> freedombone
+git checkout stockholm
+make install
+freedombone-image -t i386 -s 7.8G --onion yes
+</pre>
+</div>
+
+<p>
+This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
+</p>
+
+<p>
+List what drives are on your system with:
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">ls /dev/sd*
+</pre>
+</div>
+
+<p>
+Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
+</p>
+
+<p>
+You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the identifier of the USB thumb drive. Don't include any numbers (so for example use <b>sdc</b> instead of <b>sdc1</b>).
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
+</pre>
+</div>
+
+<p>
+And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.
+</p>
+
+<p>
+As the system boots for the first time the login is:
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">username: fbone
+password: freedombone
+</pre>
+</div>
+
+<p>
+You will then be shown a large new password. It's <b>very important</b> that you write this down somewhere before going further, because you'll need this to log in later.
+</p>
+
+<p>
+You'll be asked to set a username and a "real" name (or nickname), then the rest of the installation will be automatic. Again, it takes a while, so go and do something less boring instead.
+</p>
+
+<p>
+When it's installed on your local system open a terminal and run:
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">ssh myusername@freedombone.local -p 2222
+</pre>
+</div>
+
+<p>
+Use the password you wrote down earlier to log in.
+</p>
+
+<p>
+Select the <b>administrator control panel</b> with up and down cursor keys, space bar and enter key. You might need to re-enter your password. Then select <b>About</b>. You'll see a list of sites and their onion addresses.
+</p>
+
+<p>
+On your local system open a <b>Tor compatible browser</b> and enter your blog's onion address. If it's all working then you should see your new blog.
+</p>
+
+<p>
+<b>Congratulations! You have now become a citizen of the free internet. Use your new powers wisely.</b>
+</p>
+
+<p>
+Of course, this is just one way in which you can install the Freedombone system. If you have a single board computer (SBC) such as a BeagleBone Black or OLinuxino you can make disk images for those too. You can even create clearnet sites if you have your own domain name. ARM boards with closed proprietary boot blobs are not supported. For more details run:
+</p>
+
+<div class="org-src-container">
+
+<pre class="src src-bash">man freedombone-image
+</pre>
+</div>
+</div>
+<div id="postamble" class="status">
+
+<style type="text/css">
+.back-to-top {
+    position: fixed;
+    bottom: 2em;
+    right: 0px;
+    text-decoration: none;
+    color: #000000;
+    background-color: rgba(235, 235, 235, 0.80);
+    font-size: 12px;
+    padding: 1em;
+    display: none;
+}
+
+.back-to-top:hover {
+    background-color: rgba(135, 135, 135, 0.50);
+}
+</style>
+
+<div class="back-to-top">
+<a href="#top">Back to top</a> | <a href="mailto:bob@robotics.uk.to">E-mail me</a>
+</div>
+</div>
+</body>
+</html>

website/EN/index.html

@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2016-08-08 Mon 17:50 -->
+<!-- 2016-08-09 Tue 16:18 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@@ -242,96 +242,37 @@ for the JavaScript code in this tag.
 </div>
 </div>
 
- <center>
- <table style="width:50%; border:0">
-  <tr>
-    <td><center><a href="variants.html">Variants</a></center></td>
-    <td><center><a href="installation.html">Install</a></center></td>
-    <td><center><a href="usage.html">Use</a></center></td>
-    <td><center><a href="backups.html">Backups</a></center></td>
-    <td><center><a href="mirrors.html">Mirrors</a></center></td>
-  </tr>
-  <tr>
-    <td><center><a href="code.html">Code</a></center></td>
-    <td><center><a href="controlpanel.html">Control Panel</a></center></td>
-    <td><center><a href="related.html">Related</a></center></td>
-    <td><center><a href="faq.html">F.A.Q.</a></center></td>
-    <td><center><a href="support.html">Contact/Support</a></center></td>
-  </tr>
-</table>
-</center>
-
-<p>
-With the right technology the internet can be a space for free expression, exploration, cooperation, learning and fun. A place to connect with others are share experiences. It doesn't have to be a gloomy surveillance prison owned and run by a diabolical synthesis of money-grabbing megacorporations and prurient government spooks brandishing "bulk/general warrants". Freedombone is designed to help you surmount the contemporary digital privacy conundrums and to increase your online autonomy. It's a self-hosted home server configuration which can be installed onto any computer capable of running <a href="https://www.debian.org/">Debian</a>, so if you have an old laptop or netbook which you can leave turned on then you can use Freedombone to provide your own internet services, such as blogging, wiki, email, chat and social networking and have independence from the well known internet companies.
-</p>
-
- <center>
- <b>Four Scenarios</b>
- <table style="width:95%; border:0">
-  <tr>
-    <td><center><h6>Home server</h6>Plugged into your home wifi router. Add a few friends and family as users</center></td>
-    <td><center><h6>Home server + Hotspot</h6>Also provides a wifi hotspot to extend your home network</center></td>
-    <td><center><h6>Server in your pocket</h6>Roaming wireless server with services accessible via onion addresses</center></td>
-    <td><center><h6>Mesh node</h6>Dynamic networks which don't depend on the conventional internet. Distributed, scalable and fully encrypted</center></td>
-  </tr>
-  <tr>
-  </tr>
-</table>
-</center>
-
-<p>
-This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of <a href="https://www.youtube.com/watch?v=XZmGGAbHqa0">titanic server warehouses</a> owned by a tiny number of individuals and it's what is sometimes refered to as <a href="https://mediagoblin.org/news/userops.html">"userops"</a> - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
-</p>
-
-<p>
-With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "<i>no reasonable expectation of privacy</i>" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it.
-</p>
-
-<blockquote>
-<p>
-"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we don’t control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." &#x2013; Lucas Nussbaum
-</p>
-</blockquote>
-
-<p>
-Today everyone is concerned about privacy on the internet. Wanting privacy doesn't necessarily mean you have "something to hide". It just means having the ability to choose <i>what information to share, with whom and under what conditions</i> and therefore being able to shape your own life story. The loss of ability to choose via the "involuntary sharing" which many people experience when using communications systems built by the well known internet companies, means that you're no longer really running your own affairs and that others may begin to exert an improper amount of influence over you. Mass surveillance is perhaps the ultimate in involuntary sharing and it's only through the use of freedom respecting software together with a solid determination to overcome state and corporate abuses of technology that we can hope to get to the kind of internet in which respect for human dignity is built in as a core feature.
-</p>
-
 <div class="org-center">
-
-<div class="figure">
-<p><img src="images/nocloud.png" alt="nocloud.png" />
+<p>
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
 </p>
 </div>
-</div>
 
 <p>
-Another problem is the precariousness of the terms of service. Except in rare cases such terms are not easy to read, so many people end up clicking through terms which if explained more clearly they would never agree to. Over the past decade many internet users have had the unpleasant experience of having their blogs, videos or other web content inexplicably removed, typically due to some ill-defined terms of service violation or a false accusation of copyright infringement. There have been valiant attempts to improve the readability of terms of service documents, using icons or clearer language, and to generate a sort of marketplace in which people would choose what web systems they use based on the terms documents - to make the privacy/autonomy bargaining more explicit. These efforts were well-intentioned, but have conclusively failed. Even in the best case, that approach doesn't take into account the coercive network effects or large web systems.
+So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
 </p>
 
 <p>
-You can bypass all of these dilemmas and take back ownership of your internet content with Freedombone.  Originally based upon the Beaglebone Black, Freedombone is a small and cheap home server which enables you to use email, have your own web site and do social networking without any built-in spying and without having to agree to any legal terms of service other than those of your ISP.  It provides independence and security in an era where those things are in short supply.
+Want to make a community mesh network which doesn't depend upon the internet? You can do that too.
 </p>
 
-<blockquote>
 <p>
-"The deepest problem is that the system architecture that has evolved in recent years holds masses of information on many people with no intelligence value, but with vast potential for political abuse." &#x2013; Ross Anderson
+But how?
 </p>
-</blockquote>
 
-<p>
-Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for <i>all kinds of nefariousness</i> and in any future wars they're bound to be amongst the first facilities to receive the "<i>shock and awe</i>" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
-</p>
+<ul class="org-ul">
+<li><a href="./homeserver.html">To make a home server</a></li>
+<li><a href="./mesh.html">To make a mesh network</a></li>
+</ul>
 
 <p>
-An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "<i>bulk intercept</i>" or "<i>warrantless wiretapping</i>". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by <a href="https://bettercrypto.org/">bettercrypto.org</a> . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively <a href="https://en.wikipedia.org/wiki/Free_software">free software</a> is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
+After installation it's possible that you might want some advice on how to run your server and set up apps to work nicely with it.
 </p>
 
-<div class="org-center">
-<p>
-This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
-</p>
-</div>
+<ul class="org-ul">
+<li><a href="./usage.html">General usage</a></li>
+<li><a href="./faq.html">Frequently Asked Questions</a></li>
+</ul>
 </div>
 <div id="postamble" class="status">
 

website/EN/mesh.html

@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2016-08-08 Mon 17:50 -->
+<!-- 2016-08-09 Tue 16:19 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@@ -242,392 +242,102 @@ for the JavaScript code in this tag.
 </div>
 </div>
 
-<center>
-<h1>Mesh Network</h1>
-</center>
-
-<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">
-
-
-<colgroup>
-<col  class="org-left" />
-</colgroup>
-<tbody>
-<tr>
-<td class="org-left"><a href="#orgb58230b">What is a mesh network?</a></td>
-</tr>
-
-<tr>
-<td class="org-left"><a href="#org63d1e2d">The Freedombone Mesh</a></td>
-</tr>
-
-<tr>
-<td class="org-left"><a href="#orgeed93d2">Installation</a></td>
-</tr>
-
-<tr>
-<td class="org-left"><a href="#org6cf0cea">Wifi adaptors</a></td>
-</tr>
-
-<tr>
-<td class="org-left"><a href="#orga905ad2">Using the mesh</a></td>
-</tr>
-
-<tr>
-<td class="org-left"><a href="#org1e64c42">Further reading</a></td>
-</tr>
-</tbody>
-</table>
-
-<div id="outline-container-orgb58230b" class="outline-2">
-<h2 id="orgb58230b">What is a mesh network?</h2>
-<div class="outline-text-2" id="text-orgb58230b">
-<p>
-The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
-</p>
-
-<p>
-The client/server and mesh network models have advantages and disadvantages. If the server in a client/server system fails then you can have catastrophic service outages which affect many users. If a peer in a mesh network fails then the other peers may be mostly unaffected and communications can continue. The disadvantage of mesh networks is that each peer relays data for other peers and so the bandwidth usage by each peer may be higher than for a client in a client/server system. However, with modern hardware that's not much of an issue.
-</p>
-
-<p>
-Mesh networks are useful for building local and highly resillient communications infrastructure which can be put together rapidly, in situations where the ordinary internet is either unavailable or untrustworthy.
-</p>
-
-<p>
-Example use cases would be:
-</p>
-
-<ul class="org-ul">
-<li>Conferences / Exhibitions</li>
-<li>Local community networks, not run by telcos or ISPs</li>
-<li>Emergency services / Disaster relief</li>
-<li>Camp sites</li>
-<li>War zones</li>
-<li>Scientific expeditions to remote areas</li>
-<li>Onboard smaller ships without satellite internet, captain/crew communications</li>
-<li>Underground (mines or caves)</li>
-<li>Protests / Occupations of buildings</li>
-<li>Eventually in space for manned missions to other planets, moons or asteroids</li>
-</ul>
-</div>
-</div>
-
-<div id="outline-container-org63d1e2d" class="outline-2">
-<h2 id="org63d1e2d">The Freedombone Mesh</h2>
-<div class="outline-text-2" id="text-org63d1e2d">
-<p>
-The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
-</p>
-</div>
-</div>
-<div id="outline-container-orgeed93d2" class="outline-2">
-<h2 id="orgeed93d2">Installation</h2>
-<div class="outline-text-2" id="text-orgeed93d2">
-</div><div id="outline-container-org17d2702" class="outline-3">
-<h3 id="org17d2702">Two types of system</h3>
-<div class="outline-text-3" id="text-org17d2702">
-<p>
-Installation is split into two categories, <i>routers</i> and <i>user devices</i>.
-</p>
-
-<p>
-A router is a computer which is dedicated to moving network traffic and building out the mesh infrastructure. It's not primarily intended to have a user interface. Hardware such as the Beaglebone Black is ideal for this, because it's small, inexpensive and doesn't consume much electrical power and so can be fitted in any location where an electricity supply is available.
-</p>
-
-<p>
-Small computers acting as mesh routers can also be battery operated or solar powered so that the network need not be statically sited. They could be included in a backpack for camping, fitted within moving vehicles, strapped to protest placards or attached to <a href="https://www.youtube.com/watch?v=Wwsy9MThwns">large tethered helium balloons</a> (like weather balloons) to help provide a local and transient communications system.
-</p>
-
+<div class="org-center">
 <p>
-<i>User devices</i> are the computers with which you would typically access the internet - laptops, desktop machines, netbooks or any other device which can run a Debian-based distro (eg. Ubuntu) with a working wifi connection.
+This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
 </p>
 </div>
-</div>
-<div id="outline-container-org437bcfa" class="outline-3">
-<h3 id="org437bcfa">Installing on routers</h3>
-<div class="outline-text-3" id="text-org437bcfa">
-<p>
-Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
-</p>
-
-<p>
-Some recommended hardware:
-</p>
-
-<ul class="org-ul">
-<li>Beaglebone Black</li>
-<li>5V power supply</li>
-<li>Ethernet cable (for installation of the software)</li>
-<li>8GB microSD card, or larger</li>
-<li>Wireless N USB Adapter TPE-N150USB</li>
-</ul>
 
 <p>
-If you are using the Beaglebone Black then you'll need to install the Debian image to the microSD card. You can find details of how to do that <a href="./installation.html">here</a>.
+Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, scientific expeditions and off-world space colonies. All the cool stuff. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
 </p>
 
 <p>
-Connect your system to your internet router with an ethernet cable, then ssh into it and type:
+First you will need to create an image.
 </p>
 
 <div class="org-src-container">
 
-<pre class="src src-bash">su
-apt-get update
-apt-get install git build-essential dialog
+<pre class="src src-bash">sudo su
+apt-get -y install build-essential git python-docutils mktorrent <span class="org-sh-escaped-newline">\</span>
+vmdebootstrap xz-utils dosfstools btrfs-tools extlinux python-distro-info <span class="org-sh-escaped-newline">\</span>
+mbr qemu-user-static binfmt-support u-boot-tools qemu
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
+git checkout stockholm
 make install
+freedombone-image -t i386 -v meshclient
 </pre>
 </div>
 
 <p>
-At this point if you are using a system or dongle with an Atheros AR9271 wifi chipset then you may want to install some pre-compiled firmware (you can compile it from source, but it takes a long time - especially on the Beaglebone Black). If you need to do that then see the wifi adaptor notes below.
-</p>
-
-<p>
-Then to begin the install:
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash">freedombone menuconfig
-</pre>
-</div>
-
-<p>
-Select the "<i>mesh (router)</i>" install variant, give an ESSID or just hit enter for the default. If discression is important then use an ESSID similar to those already in the area. The ESSID must be the same on every mesh peer. Assign this mesh peer a name. In order to avoid confusions it's important that the name should be unique on the network and contain no spaces. So maybe a word followed by some numbers, or the name of the place where the router will be installed.
-</p>
-
-<p>
-If you're installing on a Beaglebone Black then after a while the system will reboot and you will need to ssh in again and run:
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash"><span class="org-builtin">cd</span> freedombone
-freedombone -c freedombone.cfg
-</pre>
-</div>
-
-<p>
-The reboot is needed in order to enable zram and the hardware random number generator.
-</p>
-</div>
-</div>
-<div id="outline-container-orgf341f46" class="outline-3">
-<h3 id="orgf341f46">Installing on user devices</h3>
-<div class="outline-text-3" id="text-orgf341f46">
-<p>
-Typically on a laptop with a Debian-based distro installed, open a terminal and type:
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash">sudo apt-get update
-sudo apt-get install git build-essential dialog
-git clone https://github.com/bashrc/freedombone
-<span class="org-builtin">cd</span> freedombone
-sudo make install
-freedombone menuconfig
-</pre>
-</div>
-
-<p>
-Select the "<i>mesh (user device)</i>" variant and set the same ESSID as you did for the routers, or just hit enter for the default.
-</p>
-
-<p>
-An important point is that on older Debian-based systems, such as Ubuntu 14.04 or Trisquel 7, you may need to install a more recent version of <i>batctl</i>. An example is as follows.
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash">sudo apt-get remove --purge batctl
-wget http://mirrors.kernel.org/ubuntu/pool/universe/b/batctl/batctl_2014.1.0-2_amd64.deb
-sudo dpkg -i batctl_2014.1.0-2_amd64.deb
-</pre>
-</div>
-</div>
-</div>
-</div>
-<div id="outline-container-org6cf0cea" class="outline-2">
-<h2 id="org6cf0cea">Wifi adaptors</h2>
-<div class="outline-text-2" id="text-org6cf0cea">
-<p>
-There are a small number of wifi adaptors which are compatible with a fully free software stack.
-</p>
-</div>
-<div id="outline-container-org9b951f8" class="outline-3">
-<h3 id="org9b951f8">Atheros AR9271</h3>
-<div class="outline-text-3" id="text-org9b951f8">
-<p>
-To install the firmware for this:
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash"><span class="org-builtin">cd</span> freedombone/drivers
-sha256sum ath9k_htc_driver_bbb.tar.gz
-7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1
-tar -xvzf ath9k_htc_driver_bbb.tar.gz
-mv *.fw /lib/firmware
-<span class="org-builtin">cd</span> ..
-</pre>
-</div>
-</div>
-</div>
-</div>
-<div id="outline-container-orga905ad2" class="outline-2">
-<h2 id="orga905ad2">Using the mesh</h2>
-<div class="outline-text-2" id="text-orga905ad2">
-<p>
-The following sections only apply to <i>client devices</i>. Mesh <i>routers</i> are only for routing network traffic and operating <a href="https://en.wikipedia.org/wiki/BitTorrent_tracker">trackers</a> and <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed hash tables</a> for bootstrapping purposes.
-</p>
-</div>
-
-<div id="outline-container-org06320ae" class="outline-3">
-<h3 id="org06320ae">Switching from internet to mesh mode</h3>
-<div class="outline-text-3" id="text-org06320ae">
-<p>
-To join the mesh network open a terminal and type:
-</p>
-
-<div class="org-src-container">
-
-<pre class="src src-bash">meshweb
-</pre>
-</div>
-
-<p>
-If you want to have your system as a permanent mesh peer then you could add that command to your startup applications so that it activates whenever the computer starts up.
-</p>
-
-<p>
-A web page should appear in your browser, which then allows you to access communication services on the mesh. These pages should update automatically, so that if peers enter or leave the network the lists will change accordingly.
-</p>
-
-<p>
-If for any reason things don't seem to be updating you can force an update by issuing the command:
+If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is <b>NOT RECOMMENDED</b> because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
 </p>
 
 <div class="org-src-container">
 
-<pre class="src src-bash">zeronetavahi
+<pre class="src src-bash">freedombone-image -t i386 -v meshclient --insecure yes
 </pre>
 </div>
-</div>
-</div>
-<div id="outline-container-org0086623" class="outline-3">
-<h3 id="org0086623">Chat</h3>
-<div class="outline-text-3" id="text-org0086623">
-<p>
-If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The <a href="https://github.com/Tox/toxic">Toxic</a> client is installed by default, but you may also want to install <a href="https://github.com/tux3/qTox">qTox</a> for a more conventional-looking user experience.
-</p>
 
 <p>
-You can obtain Tox IDs for users on the network via the initial web page.
+This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
 </p>
 
 <p>
-To launch the <a href="https://github.com/Tox/toxic">Toxic client</a> in a terminal type:
+List what drives are on your system with:
 </p>
 
 <div class="org-src-container">
 
-<pre class="src src-bash">toxic
+<pre class="src src-bash">ls /dev/sd*
 </pre>
 </div>
 
 <p>
-The first time you will be asked whether you wish to encrypt the data file used for your settings. Select "no" for this, otherwise the system will not be able to obtain your public key and broadcast it to other peers in the network. Even if you select "yes" the system will still be usable, but it will not be so easy for other peers on the network to find you unless you have previously exchanged your Tox ID via some out-of-band method.
+Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
 </p>
 
 <p>
-Then to add a new friend:
+You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the identifier of the USB thumb drive. Don't include any numbers (so for example use <b>sdc</b> instead of <b>sdc1</b>).
 </p>
 
 <div class="org-src-container">
 
-<pre class="src src-bash">/nick mynickname
-/add &lt;friend Tox ID&gt;
+<pre class="src src-bash">dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
 </pre>
 </div>
 
 <p>
-Your friend will need to approve the request, and then you can chat via text or voice using <i>CTRL-o</i> and <i>CTRL-p</i> to switch between screens and cursor keys plus Enter to select users.
+And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
 </p>
 
 <p>
-Another thing worth knowing is that if you were already using a Tox client before running the <i>meshweb</i> command then it's a good idea to close and reopen it, so that the list of bootstrap nodes is updated. The same also applies when exiting the mesh and returning to the internet.
-</p>
-
-<p>
-A note for the security-conscious is that broadcasting Tox IDs via the network (using Avahi) is convenient but not highly secure. An adversary could maybe join the network and create decoy peers to try to disrupt the communications and have messages going to the wrong places. For the best security exchange Tox IDs in advance by some method other than looking them up from the initial mesh web page.
-</p>
-</div>
-</div>
-<div id="outline-container-orgebb5514" class="outline-3">
-<h3 id="orgebb5514">Blogging</h3>
-<div class="outline-text-3" id="text-orgebb5514">
-<p>
-The Freedombone mesh uses a fully decentralized blogging system called <a href="https://github.com/HelloZeroNet/ZeroBlog">ZeroBlog</a>. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
+On first boot you'll be asked to set a username, and then you can open the chat client and select the <b>users</b> icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
 </p>
 
 <p>
-All blogs on the mesh are public, so any user joining the mesh can read any other blog. Network traffic is encrypted between peers, so passive snooping will be hard, and also the integrity of data is checked via certificates so that you can be reasonably confident that nefarious content has not been added or removed from the data stream while in transit through the network.
+Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
 </p>
 
 <p>
-This type of content creation and delivery provides a good template for what the conventional internet should ultimately be like if it is to be robust, trustworthy and resistant to censorship or damage.
+No logs, no masters.
 </p>
 
 <p>
-To add a new blog entry click the <i>new post</i> button, edit the title and content (clicking <i>save</i> at the bottom of the screen after each). Then when you are done click on the <i>publish</i> button at the bottom of the screen. And that's all there is to it.
-</p>
-</div>
-</div>
-<div id="outline-container-org7256cbd" class="outline-3">
-<h3 id="org7256cbd">Other services</h3>
-<div class="outline-text-3" id="text-org7256cbd">
-<p>
-It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
-</p>
-</div>
-</div>
-<div id="outline-container-orgc4e266c" class="outline-3">
-<h3 id="orgc4e266c">Turning off the mesh</h3>
-<div class="outline-text-3" id="text-orgc4e266c">
-<p>
-If you wish to return to the internet then open a terminal and type:
+You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
 </p>
 
 <div class="org-src-container">
 
-<pre class="src src-bash">sudo batman stop
+<pre class="src src-bash">freedombone-image -t beaglebone -v mesh
 </pre>
 </div>
 
 <p>
-After a few seconds your usual internet wifi connection should be re-established.
+The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
 </p>
 </div>
-</div>
-</div>
-<div id="outline-container-org1e64c42" class="outline-2">
-<h2 id="org1e64c42">Further reading</h2>
-<div class="outline-text-2" id="text-org1e64c42">
-<p>
-For much more extensive details about deploying wireless networks there is an excellent book called <a href="https://wndw.net/">Wireless Networking in the Developing World</a> which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
-</p>
-
-<center>
-Return to the <a href="index.html">home page</a>
-</center>
-</div>
-</div>
-</div>
 <div id="postamble" class="status">
 
 <style type="text/css">