Friday, November 20, 2015

Time to end the cloud computing model.

The cloud is not your friend.  There are security and surveillance issues that make using a 3rd party system untenable for anyone that cares about their privacy. And on top of the government monitoring everything we do on the internet, corporations freely consolidate everything we do as well, recording nearly every mouse movement and keystroke we do on social media sites for big data analysis.

What we need to do is to pull our data and our processing of that data back onto computer systems that we control, so that we can decide what we share and with whom.  If the government wants our data, they can get a warrant and ask us for the data.  Even though you must hand the data over in either case, at least with a warrant the data can only be used for a specific purpose, in support of already existing probable cause, and not be used as a giant fishing expedition.

I propose we use the raspberry pi version 2, or similar system, as a computing platform for this endeavor.  Even smart phones are getting good enough to support such a project.  We need to build a set of web applications running on the box facing the Internet that will provide a way to securely and directly share emails, messages, social media posts, voice, and video with a set of friends.  No stops on a central server for the data, so there would be no ability for that service to be required to collect the data and hand it over en masse, and no ability to screen the data and data mine it for personal information.  Because only a few hundred friends at most would be hitting these sites then it would be low volume.

From your own point of view you would see a facebook or GPlus like web site of a list of posts and messages from your friends.  It would be possible to have dozens of different apps to view this data in many different ways, and the apps each could allow user customization of many features.

You could read and comment on these posts and the comments would flow back to your friends site in the background and then back out to all their friends.  You could record a voice or video message for a friend to pick up later, or you could directly connect with messaging, voice, or video if both of you are online.

The one weakness to this model that I see is that you may still need a central directory that everyone can register with when the box comes online to find your friends current IP address before you can directly connect with them.  But a central site could be compromised and the meta data about the boxes connected could be leaked with just a sealed letter from the government.

Each time you connect to the internet your ip address can change. As long as just one boxes ip address changes then it could easily just connect back up to the previous ip addresses all their friends. We may need to use mutual friends whose address has not changed to reconnect two people whose ip addresses have both changed.

A way to dynamically update a dns address on a server could work, and use the existing infrastructure for the name to ip address resolution.  Anyone logging DNS requests could build up a list of your friends from the names you request.