Start9/documentation
2
0
Fork 0
mirror of https://github.com/Start9Labs/documentation.git synced 2026-03-26 10:21:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update Open Source / Networks sections

Browse Source
This commit is contained in:
kn0wmad
2022-08-25 12:16:38 -06:00
parent b54aa0e2ce
commit 5192fe4523
2 changed files with 32 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
site/source/learn/concepts/networks.rst
View File

@@ -16,7 +16,7 @@ A Local Area Network (LAN) is a computer network that interconnects computers wi
Devices on a LAN are private and protected, such that only devices connected to the same Ethernet or WiFi network can see or communicate with them.
Your Embassy hosts itself on the LAN and is reachable by visiting its ``embassy.local`` URL in the browser while also connected to the LAN.
Your Embassy is hosted on the LAN and is reachable by visiting its ``embassy.local`` URL (for setup, and ``embassy-xxxxxxxx.local`` after setup) in the browser while also connected to the LAN.
.. note:: Any device connected to a LAN can inspect all communications on that LAN. To avoid snooping, your Embassy's LAN communications are encrypted using :ref:`ssl`, which requires :ref:`additional setup <connecting-lan>`.
@@ -24,9 +24,9 @@ Your Embassy hosts itself on the LAN and is reachable by visiting its ``embassy.
LAN Certificate
---------------
When you visit an SSL secured website (https://), in addition to the connection being secured using SSL/TSL encryption, the website will present your browser with an SSL certificate showing that it (or more accurately ownership of the website's public key) has been authenticated by a recognized Certificate Authority (CA). In the case of your Embassy, this certificate is "self-signed," and as such, the CA is you.
When you visit an SSL website (https://), the connection is secured using SSL/TSL encryption. The website will present your browser with an SSL certificate showing that the owner of the website has been authenticated by a recognized Certificate Authority (CA). In the case of your Embassy, you are the CA and this certificate is self-signed!
Your certificate is created when you initially setup your Embassy, or migrate to a new version, such as 0.3.0.
Your certificate is created when you initially setup your Embassy, or migrate to a new version of the OS, such as 0.3.0.
.. _mdns:
@@ -42,17 +42,17 @@ This domain is not broadcast outside of your local network, so it is as private
SSL
---
Visiting websites on the Tor network is slow. We wanted to provide a better option to access the Embassy at home. That's why we created an address for the Embassy that can be accessed on your Local Area Network.
Remote connections to your Embassy (when you are on the go) are handled via :ref:`tor<tor>`. Visiting websites on the Tor network can be slow and cumbersome. We wanted to provide a better user experience when accessing your Embassy at home. That's why we created an address for the Embassy that can be accessed on your Local Area Network (:ref:`LAN<lan>`).
By default, this ``.local`` address is served like a regular website, over HTTP. Browsers make it noticeable when visiting a site over HTTP in the URL bar - it could be red, show an unlocked lock, or warn that the connection is not secure.
SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy. Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. Its the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. They also verify ownership of a website.
SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy (a happy 'green lock' icon, instead of an angry 'red unlocked' one in the URL bar). Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. This is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. These certificates also verify ownership of a website.
Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify their authenticity. Websites obtain a certificate from a CA then load it onto their websites hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure.
Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify their authenticity. Websites obtain a certificate from a CA then load it onto their website's hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure.
We decided to have the Embassy act as a Certificate Authority. It creates a self-signed certificate, which means that the private key used to sign the digital certificate is the Embassys own private key instead of a third partys.
We decided to have the Embassy act as a Certificate Authority (CA). It creates a self-signed certificate, which means that the private key used to sign the digital certificate is the Embassy's own private key instead of a third party's.
When you setup SSL for your Embassy and device, the certificate communicates to the client (a browser) that the server (the Embassy) demonstrated ownership of the domain (the ``embassy-xxxxxxxx.local`` address) to the certificate authority (created on the Embassy) at the time of certificate issuance (during the setup process). The Embassy dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection!
When you setup SSL for your Embassy and client device, the certificate communicates to the client (a browser) that the server (Embassy) demonstrated ownership of the domain (``embassy-xxxxxxxx.local``) to the certificate authority (created on the Embassy) at the time of certificate issuance (during the setup process). The Embassy dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection! You own this entire stack and no third party can interfere.
For more information on how to setup your devices to enable this feature visit :ref:`connecting-lan`.
@@ -61,16 +61,19 @@ For more information on how to setup your devices to enable this feature visit :
Tor
---
The Onion Router, or Tor, is a free and open source software that enables anonymous communication. By routing Internet traffic though a worldwide, volunteer overlay network of nodes, requests are bundled in layers of encryption like the layers of an onion. The request is relayed across nodes, decrypting a layer only to reveal the next relay destination, until the request meets its final destination, without revealing the source IP address.
The Onion Router, or Tor, is a free and open source software that enables anonymous communication. By routing Internet traffic through a worldwide, volunteer overlay network of nodes, requests are bundled in layers of encryption like the layers of an onion. The request is relayed across nodes, decrypting a layer only to reveal the next relay destination, until the request meets its final destination, without revealing the source IP address.
If a malicious third party were to intercept a request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion node and was heading to some other onion node. The contents, source, and destination of the message are totally anonymous.
If a malicious third party were to intercept a request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion node and was heading to some other onion node. The contents, source, and destination of the message are completely anonymous.
When you use Tor to communicate with services running on the Embassy, all the traffic is onion routed and encrypted, and there are no Tor exit nodes involved - it's totally private with no configuration needed.
When you use Tor to communicate with services running on the Embassy, all of the traffic is onion-routed and encrypted, and there are no Tor exit nodes involved - it's completely private with no configuration needed.
Furthermore, every service on the Embassy has a different Tor address, including the device itself. This is for privacy reasons - should one Tor address be exposed, the others will not be compromised. Tor addresses are actually ed25519 keys, which means they also provide all the benefits of cryptographically secure private/public keys.
Furthermore, every service on the Embassy has a different Tor address, including the device itself. This is done for privacy purposes - should one Tor address be exposed, the others will not be compromised. In actuality, Tor addresses are ed25519 keys, which means they also provide all the benefits of cryptographically secure private/public keys.
Here's an introductory video on `Tor <https://www.youtube.com/watch?v=6czcc1gZ7Ak>`__.
.. youtube:: 6czcc1gZ7Ak
:width: 100%
.. _tor-browser:
Tor Browser
@@ -83,6 +86,8 @@ The Tor Browser is a version of Firefox specifically made for use with the Tor N
Tor Hidden Service
------------------
A Tor Hidden Service is essentially just software or a website that is only broadcast on the Tor network. These are identified by a long, random public key, and end with the ``.onion`` suffix. For example, you can visit http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion to view the Start9 homepage on Tor.
A Tor Hidden Service is essentially just software or a website that is only broadcast on the Tor network. These are identified by a long, random public key, and end with the ``.onion`` suffix.
In order to reach a Hidden Service, you must use a browser that can handle ``.onion`` domains, such as `The Tor Browser <https://www.torproject.org/download/>`_ or by configuring :ref:`Firefox <tor-firefox>`.
For example, you can visit http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion to view the Start9 homepage on Tor.
In order to reach a Tor Hidden Service, you must use a browser that can handle ``.onion`` domains, such as `The Tor Browser <https://www.torproject.org/download/>`_ or by configuring :ref:`Firefox <tor-firefox>`.

22
site/source/learn/concepts/open-source.rst
View File

@@ -8,25 +8,29 @@ Open Source
:depth: 2
:local:
The Internet itself was built on free and publicly available code, with the values of collaboration, peer review, communication, and openness built into its very foundation. This decentralized model evolved into the open source movement, which uses these values to discover new ways to solve problems across boundaries and industries.
The Internet was built on free and publicly available code, with the values of collaboration, peer review, communication, and openness built into its very foundation. This decentralized model has since evolved into the open source movement, which leverages these values to discover innovative ways to solve problems across boundaries and industries.
Open source software centered around the concept of user freedoms: freedom to see, modify, and redistribute the code to make it work for the user in whatever way they needed. It does not necessarily mean free to use. It means that the software will be better, cheaper, and more flexible if it is freely accessible, openly modifiable, and shared.
Open source software centers around the concept of user freedoms: freedom to view, use, modify, and redistribute the code to suit the needs of the user. While this does not necessarily mean free to use, it generally leads to software that is be better, cheaper, and more flexible on account of it being freely accessible, openly modifiable, and easily shared.
If anyone can inspect, modify, and distribute the code, bugs are more rapidly resolved, security vulnerabilities are more quickly audited and exposed. Community driven development efforts enable diverse collaboration which increases project reliability and longevity.
If anyone can inspect, modify, and distribute the code, bugs tend to be more rapidly identified and resolved, while security vulnerabilities are also more quickly audited and exposed. Community driven development efforts enable diverse collaboration which increases project reliability and longevity.
Distinct from open source software is proprietary, or closed source, software. Closed source software is strictly moderated, cannot legally be altered, copied, or distributed, and is paid for to be used as intended without modification. Only the code owners have the right to access the code.
On the opposite end of the spectrum from open source software is proprietary, or closed source, software. Closed source software is strictly moderated, cannot legally be altered, copied, or distributed, and is paid for to be used as intended without modification. Only the owners of the code have the right to access the code.
As a company founded on the principles of freedom, every service we support is open source. We believe in contributing to the future of this vibrant and passionate ecosystem.
As a company founded on the principles of freedom, openness, and decentralization, every service we support is open source. We are committed to acitively contributing to the future of this vibrant and passionate ecosystem.
Open Source ideas explained in `Lego <https://www.youtube.com/watch?v=a8fHgx9mE5U>`_.
.. youtube:: a8fHgx9mE5U
:width: 100%
Dependencies
------------
A software dependency is a code library or package that is reused in a new piece of software. The benefit of software dependencies is that they allow developers to more quickly deliver software by building on previous work.
Some software has dependencies on other software. Software may even require its dependency to be *configured* in a particular way.
Software may even require its dependency to be *configured* in a particular way.
Traditionally, managing dependencies was a massive headache and a huge barrier to running a personal server. But no more! The Embassy's revolutionary dependency management system makes the process transparent and simple.
Traditionally, managing dependencies has been a massive headache and has served as a huge barrier to running a personal server. But no more! The EmbassyOS dependency management system makes the process simple and accesible.
If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy will inform you and offer solutions.
If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy device will inform you and provide an automated solution, giving details of what will be done so you can make an informed decision before taking action.
Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. But that does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else!
Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. However, this does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else!