Running your FreedomBox over Tor

Speaker: Nathan Willis

Track: Cloud and containers

Type: Long talk (45 minutes)

Room: Auditório

Time: Jul 23 (Tue), 10:00

Duration: 0:45

The FreedomBox blend of Debian offers people the chance to run a suite of personal web services free from the control of third parties … but it does still require a traditional Internet connection, complete with all of the privacy and anonymity concerns that entails. That caveat disappears, however, if the FreedomBox has the Tor network as its only connection to the outside world. Entirely by chance, I found myself cut off from own public FreedomBox machine last year, but I soon discovered that Tor-only access has some distinct advantages.

This talk will describe my personal experience installing and running a FreedomBox installation that is accessible only over Tor. Some of the difficulties found in combining FreedomBox and Tor are easily overcome, such as properly configuring multiple Tor hidden “.onion” services and securely distributing cryptographic key material. Other hurdles, however, point to weak points that users would be unwise to fiddle with, such as using long-term cookies with Tor Browser.

The talk will describe the challenges and shortcomings encountered in depth — including Tor hidden-service management en masse, working with Let’s Encrypt, key management, service persistence, remote monitoring, and mobile-device access. It will offer suggestions for expanding what packages FreedomBox offers, and will detail the configuration and preference settings required to use Tor Browser and Tor for Android with essential services.

Whatever the obstacles, however, audience members will see that it is possible to not only combine the user freedom of FreedomBox with the anonymity of the Tor network, but to come away with a stronger system when the two work in concert.