| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | (LONG) A new kind of BBS? |
Introduction ~~~~~~~~~~~~ Back in the mid-90's, the public Internet was a *vast* improvement over the mail-order catalogs, gigantic mail rooms, and expensive toll-free phone numbers that businesses were paying for, so the quick move of commerce to the Internet made a whole lot of economic sense. (And it *was* quick: it only took about 10 years for everyone to go the web.) But it also drowned out the needs of normal non-business people who just want to communicate with each other for whatever reason, such that now the only way to do it is to pay for your own infrastructure (above and beyond what you already pay for Internet access) or rely on a "free" service that is delivering your eyeballs to marketers and the history of your entire life to governments and nosy employers. Recently, Eben Moglen presented a speech titled "Freedom in the Cloud" touting the idea of a "freedom box", a way for users to restore the peer-to-peer nature of the Internet. Basically a gumstix or Sheevaplug that just needs power and a net connection, the freedom box would automatically hook up to the local Internet, update dynamic DNS to be reachable, and then serve people's private social stuff without letting the server logs go to corporations / governments. It's a very nice idea. There is a transcript here: http://www.softwarefreedom.org/events/2010/isoc-ny/FreedomInTheCloud-transcript.html It also made me think of BBSes because BBSes are great for local-low-latency, remote-high-latency networks. (So is UUCP for that matter.) They are store-and-forward, and *what* they forward is lean-and-mean. Raw text email, not HTML/MIME with attached images and such. BBSes also predate TCP/IP and do not need to understand IPv4 vs IPv6, they just need a pipe/socket/port with something on the other end. So let's imagine such a box... End User Experience ~~~~~~~~~~~~~~~~~~~ Plug in the box, and it automatically connects up to wifi and then one or more darknets. The box represents "you" but it's also a fully modern "BBS". It is designed for multiple users, but practically it will serve only a few users -- your various identities and perhaps others in your household -- just like a modern desktop computer does. You can connect to the box in several ways: * Point your web browser at it to see your personal email, shared forums, local and remote files, and inter-BBS applications (games, posting walls, etc.) * Point your POP/IMAP email client at it and download messages or request remote files. * Point your ssh BBS client at it and see a text-based interface to the same information. Read messages, play games, chat, etc. right off the text interface, or transfer messages to your offline reader for later use. Also request files from other nodes and share your files with other users. The BBS knows about your identity(ies), it knows about other BBSes, but it has no knowledge about how to route things between nodes. Instead it relies on darknet technology (I2P and others) and makes *all* of its (virtual) connections point-to-point. There is no star topology or recording of message paths required to respond to a message. From the BBS's perspective, every node is adjacent. You queue a message, your local node connects to the remote side, delivers, done. Just like your normal email client, except that there is no ISP to log the message and the message is seamlessly encrypted to the recipient's BBS key. When you travel, you just take the box with you. Or put it in your friend's house for a week: you'll be able to find your digital self from anywhere. Pros and Cons ~~~~~~~~~~~~~ What are the wins? 1. True peer to peer: you no longer need an ISP's outbound SMTP server, web-based email provider, unblocked ports, etc., to keep you connected to your friends. You *are* your own ISP within the darknet. 2. Privacy and security: * Email no longer has to be externally routable or in HTML/MIME format. - Everything outside the raw body text can be stripped out (no more viruses propagating in email). - Email can be re-categorized: brief (SMS-like), normal, or long (file transfer). One email message can be 56GB in size - it'll get there eventually. (BBSes know all about partial file transfers and crash recovery.) - Email can be encrypted by default. * Darknet technology completely separates the nodes from the content (no more IP addresses in the "Received:" headers of an email message). It becomes easy to communicate with everyone on the same darknet, yet exceedingly difficult to track down that communication to a single IP address. 3. User friendliness: the command line is too low level, but the BBS sysop level is about right. Imagine some of the options on the "configure your node" screen: * Enable: [ ] POP3 [ ] IMAP [ ] WWW [ ] Text console * Allow darknet users to login to this node directly? ( ) Yes ( ) No * New users: ( ) Always ( ) Require Activation ( ) Never * Allow users to see user list: ( ) Yes ( ) No Compare this to configuring daemons, adding new users, etc. Some of these options are very hard to do on Unix at all (such as disallow user listing since most Unix'es require /etc/passwd be readable). The BBS users list is also distinct from the underlying operating system's user list - the former matches with human names and aliases while the latter can be humans, services, roles, etc. What are the losses? 1. Near-real-time: the darknet will impose latency, making things like IRC and IM slower than their public Internet counterparts. (But maybe not all that much slower: I2P has IM-like services.) 2. Central naming and searching services: how will you know who to ask for, or what is available on other nodes? Individual darknets such as I2P have their naming services, but how will one voluntarily link themselves across multiple darknets and/or the public Internet? What doesn't change? 1. Mass archiving of received data. Expect every public forum post on every darknet to appear on Google, Yahoo, Bing, etc., including the BBS user and node names. All it takes is one rogue node in the darket to do that, or one user who allowed their HTTPS server to accept public connections (say from their cell phone) and their local username/password got intercepted. 2. The public Internet. We'll still go to Amazon, eBay, Google, etc., to find and participate in the lifeblood of commerce. And that's fine: those sites serve an important public function and require vast resources to scale. Why BBS Concepts and Technology? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ BBSes are actually a great fit here: 1. They understand the notion of multiple users where each user means a human being. 2. They know how to speak to both humans and computers in many ways. They communicate to the end user over modem, telnet, etc., using multiple UI styles (text, WWW, POP, etc.), and they also span multiple messaging networks (DOVE-Net, FidoNet, etc.) BBSes can keep data from different darknets segregated yet still accessible for one user. 3. The data they pass around stays inert: messages and files. Not web pages with hundreds of URIs that require the most complex end-user applications ever devised (web browsers) to view. Browsers which must often leak information all over the public Internet as they fetch web page sub-resources, or worse expose the user to a drive-by exploit made possible through bugs in the JavaScript engine or various plugins. 4. They are already capable of cleaning files of viruses and re-archiving into newer formats. It is a small step from here to also clean EXIF data from images and other privacy leaks. In the modern BBS world, most users are actually sysops. This is often seen as a sign that BBSes and BBS culture are dead/dying. But what if instead BBSes happened to be on the leading cusp of the next digital revolution? BBSes were at the forefront in bringing the masses to the digital world as end users back in the 1980's and 90's. _What we need now is to upgrade those same masses to be their own *sysops* of the digital world._ As Moglen says, let's all run our own servers and control our own logs. All the pieces are present, we just need to bring them together. There will always be a Facebook, LinkedIn, Twitter, etc. for our "public" selves. This idea is to restore to users the ability to have multiple "private" selves that are free to be human and connect to others and share what we want to. The Vision ~~~~~~~~~~ A BBS, carrying libraries for: * ssh server and client * I2P darket integration * POP3 over SSL * IMAP over SSL * RSS over SSL * SFTP * (Optional install) HTTPS server and various apps: configuration, webmail, web torrents, ... * ... others? You tell me ... Most of the BBS concepts remain similar but with some updates. Terminology: * "Administrator", "admin" and "root" have specific meanings that most often involve someone who is NOT a user: either "the IT person" or "the account we should never run as". * Let's bring back the word "sysop" to mean "user who is in personal control of their Internet experience." That's really what most modern BBS sysops are anyway. Message bases: * Message bases are threaded and non-local by default - think Reddit. * Each message base automatically has a corresponding shared file base. * Users can create any shared message base + corresponding file base they want, so they can easily share with friends or others. They just need to advertise their BBS key and message base name for others to pick it up. * Usenet-style killfiles are supported, as are automated spam filters. * All private messages (email) require a public key to encrypt to. The BBS automatically fetches them directly from the other end when they are unavailable. * Private messages can be organized into their own folder trees and tagged for smart folders. File bases: * File bases can be regular or "smart" (automatically generated from tags or other search terms). * A file base can be flagged for a particular file type. Only files that match that general type are allowed in. - Image bases turn into thumbnail photo albums in the web renderer. (Image uploads are automatically stripped of identifying data.) - Text bases turn into news-like headlines. - Music bases play sample snippets of every song. - Video bases generate automatic screenshots from the movie. - etc... * Local file bases have ACLs defining which remote users can request the list of files and individual files. By default nothing is allowed. * Shared file bases can be set to automatically replicate (with appropriate bandwidth limitations). * P2P file bases (torrents) can be associated with local download-only and download-and-share bases. - Torrent swarms traverse through the darknet(s) by default. * File bases are mirrored to disk by default. Moving a file across directories (or creating a symlink) is enough to have it appear in the other file base. Users: * By default, interactive sessions (normal human users - POP/IMAP, webmail, RSS, file bases, text UI, ...) are only allowed from the local subnet. Only non-interactive sessions (messages, files) are allowed through incoming darknet connections. * New users are disabled by default, must be created by the sysop. Cryptography: * The BBS keeps its own list of public keys and notifies the user when any of them change, particularly for email messages. * The BBS advertises its own public keys to anyone who wants it. (This is in addition to the keys necessary for I2P connections.) You can use telnet, HTTP or any number of unencrypted protocols and it will tell you how to access the encrypted interfaces and what key you should expect to see. Summary ~~~~~~~ It's a BBS with (by default) only one or two users, connected to one or more darknets with potentially many other similar systems. It's right in the middle between "client-server" and "peer-to-peer". It's not a "web site" or "application server" requiring complex configuration to work, it's just one program that runs in the background and everything that is enabled "just works". It separates presentation from content. Each user can have their own look and feel and make it perfect for them. Sysops who really want to dig into HTML/CSS can make new themes. It uses only encrypted communications yet still doesn't care about "trusted" CAs, SSL certificates, etc. -- you know, those technologies that allow schools, employers, and governments everywhere to quietly snoop on everything from Blackberry messages to banking sessions. Backups are as simple as copying the entire BBS directory tree to another computer and running it there. Incremental backups are possible with rsync, robocopy, and similar tools. Install it inside a VM. Or make two of them, one for home and one for traveling, and set them to mirror each other. Or put files you really care about on a replicated file base you share with your friends. Its ultimate purpose is to make the Internet more convenient for the end user. Get rid of the need for your ISP to "generously" provide an outgoing email server or unblock particular ports. Provide the ability to publish your opinion and share files without being at the mercy of someone else's infrastructure or forcing your friends to view annoying advertisements. So what do you think? ... MultiMail, the new multi-platform, multi-format offline reader! --- MultiMail/Linux v0.49 --- SBBSecho 2.12-Win32* Origin: Vertrauen - vert.synchro.net (1:103/705) SEEN-BY: 3/0 633/267 640/954 712/0 313 550 620 848 @PATH: 103/705 10/1 261/38 712/848 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.