I think the fediverse needs Android like hardware packaging

Submitted ⁨⁨23⁩ ⁨hours⁩ ago⁩ by ⁨j4k3@lemmy.world⁩ to ⁨fediverse@lemmy.world⁩

We need a system like a RockChip processor based single board computer, paired with a trusted protection module, and all fediverse services prepackaged for minimal user input required to self host any fediverse services. All updates should be safely installed over the air via the TPM chip based encryption just like with Graphene OS. All of the necessary connections should be preconfigured to punch a hole for the port into the internet. The hardware should be completely locked down with an immutable base system and SE Linux fully configured. There shouldn’t be any accommodations for obscure edge cases outside of the base configuration. It should not require any further payment or services.

A RockChip RK3588 is fully documented with a 3k3 page long full datasheet. As I understand it, this chip is open hardware, though it still has the ARM proprietary blob (TrustZone), similar to the x86_64 Intel Management Engine, and AMD Platform Security Processor. I have not heard of a similar system present in RISC-V processors, but I also have not seen RISC-V SBCs that are more than alpha prototype dev kits. Unlike other single board computers, the RK series has the documentation required for community based Linux kernel support. No one could pull kernel support that they are the only ones providing using a proprietary datasheet.

There are many RK3588 single board computers available for around $100 already. As a back of the napkin quality idea using baseless imaginary statistics, I bet we could get around 3-5% of regular users to purchase hardware within a year if it was within a $250 price point. This should be set up for one click image and video hosting, threadiverse, mastodon, file sharing, git, blogging, etc.

This is way outside of the scope of a project I am qualified to manage; I am no real developer, just a sloppy hacker type. I’d volunteer to do a hardware design, or at least the bulk of the tedium for someone more experienced with production stuff to review. I would not mind playing the glue between those that have more limited time. If LW has 6k plus active daily users, and 3-5% of these purchased the hardware, the rough margins are nowhere near a viable business. Still, something in the back of my head says the only thing actually impeding internet freedom with the fediverse is the challenge of self hosting, and this is like the issue that Android addressed with mobile hardware. If people could one-time purchase the hardware, and only pay for their regular internet connection, I think they would buy straightforward honest open hardware they fully own.

I don’t know if it is possible, or if the fediverse projects would participate in some kind of automatically updated end point. This was just a fantasy shower thought that I have been mulling over all day. It addresses all of my personal hesitations and insecurities about self hosting, and is simple enough I can imagine my techno illiterate family giving it a try. It is the kind of project I would like to be a part of.

source

Comments

Sort:hotnew top

DFX4509B_2@lemmy.org ⁨5⁩ ⁨hours⁩ ago
A RISC-V equivalent might be better in terms of hardware openness.

source
- j4k3@lemmy.world ⁨3⁩ ⁨hours⁩ ago
  Not in terms of kernel supported encodings and long term kernel support, from what I have seen. I have not looked into this in depth. However, looking at git repo merged pulls, issues raised, and the lack of any consistent hardware commitments or consensus, implies to me that the hardware is very unstable in the long term. When I see any hardware with mostly only base Debian support, it screams that the hardware is on an orphaned kernel and will likely never get to mainline. The same applies to Arch to a lesser degree. Debian has the primary tool chain for bootstrapping and hardware hacking. When it is the primary option supported, I consider the hardware insecure and unsafe to connect to the internet. I’ve seen a few instances where people are talking about the limited forms of encoding support and the incomplete nature of those that do exist. It is far more important to have hardware that will be supported with mainline kernel security updates and is compatible with the majority of encodings. It would be terrible to find out the thing could not support common audio or video codecs. IIRC there was an issue along these lines with the RISC-V PineTab.
  
  I know the primary goto for RISC-V is SiFive, but I have not seen a goto LTS processor from them in terms of third party consistent use.
  
  Plus, while more open is mor betterer, RISC-V is not full proof from a proprietary blob either. The ISA addresses the monopolistic tyranny and extortion of players like Intel, but there is nothing preventing the inclusion of 3rd party proprietary module blocks. The entire point is to create an open market for the sale and inclusion of IP blocks that are compatible with an open standard. Nothing about these blocks is required to be open. I don’t know if such a thing could be set to a negative ring more privileged than the kernel, but I expect this to be the case.
  
  source
silverpill@mitra.social ⁨13⁩ ⁨hours⁩ ago
If the goal is normie-friendly social media with full ownership, it would be better to work on peer-to-peer Fediverse applications.
You can get to a point where you just install an app on your phone and it's yours forever. The foundation for this is already being built: https://codeberg.org/ap-next/ap-next/src/branch/main/nomadpub.md
Self-hosting is nice but it requires an always-online, publicly accessible server and a domain name.
source
- j4k3@lemmy.world ⁨12⁩ ⁨hours⁩ ago
  Most people’s routers are already up 24/7.
  
  We should be able to do our own DNS. Who cares if it is on the wider clearweb. You are paying for an IP address with your internet connection. If you are running a server with verified hardware and signed code, all we need is a half dozen nodes mirroring our own DNS. There must be a backup proxy for the few terrible providers that cause issues with IP. The addresses are not static, but they do not change very often. At worse, you hit a manual button to reset or wait 10 minutes before the DNS updates.
  
  source
frongt@lemmy.zip ⁨22⁩ ⁨hours⁩ ago
Why?

And even if you magically required this going forward, what would stop someone from forking the project and removing that requirement?

source
- j4k3@lemmy.world ⁨18⁩ ⁨hours⁩ ago
  Because 99.9% of people will never self host. They would much rather just buy a product that is not setup as a scam. The scam part is less important to most people than the lack of effort required.
  
  This isn’t a thing to get into for the money. It would be about the FOSS aspect. Doing something like this would not break even for the time and labor involved. It might be worth doing for positive digital neighbors, but I am not at all interested in doing anything for negative or rude people.
  
  I come from a background of being a buyer for a chain of bike shops where I spent millions of dollars based upon knowledge of how such markets work. The entry level customer is all that really matters. The extra stuff is just to woo them into the store.
  
  In a place like this, if you engage, you’re actually irrelevant. If you want to target growth, get a lurker to engage for the first time. Getting some random lurkers to buy into the hardware to self host because they care about software freedom is far far more effective than the current ecosystem. When servers are not updated, and people shut down because of administration, it says this is not viable for the average person with a life. So make this easy for the individual. It is such an obvious thing to do.
  
  The present system is basically like go compile OpenWRT for your router and people whining about how it is not fucking hard. It is not, but most people just do nor care to try it. They just want to buy a device, plug it in, and be done. Half of these devices are on factory original passwords. This is the real scope of what people are capable of and expect. The mismatch is easily solved by packing the fediverse as a device. The alternates are great for the 0.1%. I am not talking about you all. I am talking about something that could go from 0.1% to 5% of the fediverse is self hosted, and likely much larger. The whole endeavor would be like a coop socialist kind of thing from the ground up.
  
  source
  - frongt@lemmy.zip ⁨17⁩ ⁨hours⁩ ago
    That’s a lot of words to not answer the question. I still don’t understand why you’d need to implement this requirement.
    
    source
    -> View More Comments
veeesix@lemmy.ca ⁨22⁩ ⁨hours⁩ ago
It’s already hard enough to get people to donate even $20 towards fediverse projects like Lemmy or Mastodon.

source
solrize@lemmy.ml ⁨19⁩ ⁨hours⁩ ago
Wtf this makes no sense. Just use the existing software.

source
- j4k3@lemmy.world ⁨15⁩ ⁨hours⁩ ago
  It is not about the people that already host. It is about enabling many more by giving them an option to buy a path of least resistance. In exchange, it creates a potential revenue source in a completely untapped demographic. The subscription/donations demographic is like a very unique and niche market. The vast majority of people do not exist within that space. Most people do not have the financial stability to engage like this. It is not that they are unable to accumulate adequate funds, it is that their pay fluctuates over time and their baseline constraints are far more stressful than spending from times of surplus and opportunity. Catering only to those with such surplus and gatekeeping the complexity of self hosting is massively limiting adoption.
  
  The rule in managing a chain of retail stores is that, no matter how you select products to stock in stores, it is impossible to only select products that will all sell on one platform. How you manage the overburden always determines your long term success. You must employ other platforms and demographics to prioritize the mobility of cash flow.
  
  Similarly but inverted, this place has a slice of all demographics. Efforts tailored to the various subsets should tap entirely new potential. A fool imagines they can convert the unstable poor*'r* into a reliable stable income source via donations. Someone like myself has means but not a situation that is compatible. If I have some tangible thing to purchase, I can make that happen. I do not have any subscriptions in life for anything at all. Heck, I won’t even shop on any of my devices I use regularly because I only buy what I intend to go looking to purchase with intent. That is not common, but what is common are spontaneous people that need time to align their finances with their desires. That person is likely to dread paying $5 every month compared to $250 in May when they get a couple thousand dollars on a tax return. Expecting the public to float the stability is stupid. That is not how the real world works. Real businesses always float the overhead. I’m talking about how to free the masses to self host everything for the cost of a nice router spent once with no techno leet filter.
  
  source
  - solrize@lemmy.ml ⁨14⁩ ⁨hours⁩ ago
    I still can’t make any sense of that. How about a 1 click vps install, or a disc image for a raspberry pi if someone wants to host at home? Special hardware is a nightmare to build and use. Is there ONE person here who would buy and deploy a thing like this? I know I wouldn’t.
    
    source
    -> View More Comments
hendrik@palaver.p3x.de ⁨22⁩ ⁨hours⁩ ago
What’s the encryption and signing on a hardware level for? I mean dependent on what’s that good for and who controls it, it’s trusted computing, or treacherous computing as Stallman calls it…

I think the overall idea is nice, though. We had these project ideas since the SheevaPlug. Or the FreedomBox. There are some niche hardware projects as well like the Home Assistant Green. But none of those match exactly with your proposal.

source