FreedomBox and the Importance of Momentum

FreedomBox is another “easy” self-hosting solution that has been around since 2010. The surface-level goals of FreedomBox are similar to that of HexOS, which we investigated in our last post; they seek to provide a path to autonomy for users so they can separate themselves from the corruption of surveillance capitalism. However, FreedomBox went about it in a different way.

First off, FreedomBox was developed by the FreedomBox Foundation, a not-for-profit organization dedicated to providing users a way out of the modern internet by helping them own part of the internet infrastructure. Additionally, FreedomBox is fully open-source and built on top of Debian, a Linux distribution. This means that unlike HexOS, FreedomBox is and always will be free to download and use. Since 2019, they have also had an agreement with Olimex to sell a preconfigured server (made from a single-board computer), enabling users to get a mostly-working FreedomBox out of the box. I say “mostly working” because FreedomBox, like HexOS, has made strides but has not fully addressed the networking issues that users face when hosting their own services.

The first product we will review is HexOS, a project developed by Eshtek Inc. and built on TrueNAS SCALE, which is developed by iXsystems. HexOS promises to simplify network-attached storage (NAS) management while expanding the capability to host various applications locally (on your local network).

Eshtek used the “innovator’s gift” to develop HexOS. The innovator’s gift is a concept popularized by Ash Maurya in Running Lean. It describes the idea that every new solution creates new problems. If a solution is good, solving the problems it introduces will have a ready market—this is the gift. When you find problems with good solutions, the market for those existing solutions will also create desire for your product. This is exactly what we see with HexOS. iXsystems built their business around Network Attached Storage, but since their solution is geared towards businesses, it assumes a level of IT support beyond the capacity of most home users. This gap creates a market for people who want a self-hosted storage solution without the complexity and demands of an enterprise system.

The Article

I read Hacker News every day. A story on home server security made the front page recently and got me thinking about Tealok security and defense in depth in computing. This primarily came about due to the (excellent) Hacker News discussion of the article.

The story is pretty simple - you don’t need to read the entirety of the original article to get it. Here’s a summary

• The author starts up a Docker container running Postgres
• Docker by default exposes the container to the internet
• An attacker leveraged the default password in Postgres to get RCE within the container
• Attacker installs Kinsing malware to extract value from the exploited server.

One may be tempted to just say this is a “skills issue” on the part of the original author. If they’d known better, they wouldn’t have exposed the database container and there’d be no story here. I think that’s a valid take to a point - the world is full of dangers and experts are experts in part because they avoid dangers. But that’s missing import lessons.

When Eli and I started Gleipnir earlier this year, we knew one thing for certain: we wanted to address the growing frustrations with today’s tech landscape. People are increasingly dissatisfied with platforms that prioritize monetization over meaningful innovation, locking users into ecosystems that offer convenience at the cost of control, privacy, and trust.

As we began designing Tealok, we faced an important question: What’s already out there, and how can we do better?

In 1989, Tim Berners-Lee, one of the original inventors of the World Wide Web (that big internet thing you may have heard of), described his vision of the internet as a semantic web of data.

What is the Semantic Web?

At Berners-Lee’s time, the web was a group of interconnected pages. This structure still forms the foundation of the internet today. However, there is a limitation: linking only connects pages without giving machines any understanding of the actual information contained on those pages. For a page to be understood, a human has to read it.

TL;DR

Tealok is a personal cloud technology that empowers you to seamlessly manage your data, connect your devices, and organize your digital tools—all without the need for technical expertise, restrictive systems, or the hassle of platform decay. Imagine it as the smartphone in a world of payphones: always connected, unrestricted, and free from the high fees and limitations imposed by traditional solutions. With Tealok, you’re in control and ready to thrive in today’s digital age.

I live in Gilbert Arizona. I have access to fiber-to-the-home. The fiber is owned by Cox. This means that even though I hate them, Cox is the best option for my home Internet service.

Recently I was working on Tealok, specifically trying to figure out if it’s possible to run a group of containers within Docker Swarm on a single node using IPv6 for incoming traffic. The goal is for Traefik to terminate TLS and run as a reverse proxy for a number of different services that have a web frontend.

Summary

Docker-compose is a tool for working with Docker containers. It solves very real problems with deploying complex applications. By itself it is not enough to make self-hosting applications simple enough for the mass-market. What we need is something like docker-compose, but at a higher level of abstraction that has a concept of SQL databases, local caches, durable storage, service discovery, and resource management.

Don’t Lose Your Appetite with Web Ads

Picture this: you’re gearing up to recreate your grandmother’s legendary corn chowder for a family reunion. You start with a quick web search and land on what looks like the perfect recipe. But as you scroll, your enthusiasm falters—the page is plastered with intrusive ads, autoplaying videos, and distractions so vivid they dampen your appetite. Your kitchen adventure shifts to frustration, and before you know it, you’re grabbing takeout instead, setting the stage for a life of sloth and mediocrity. Tragic, isn’t it?

Too Long, Didn’t Read

We have the means to change how the world works. We can get rid of passwords, password managers, strength tests, password recovery flows, account registration, data breaches, identity theft, and on and on. We can build something better and safer than passkeys. We can use personal certificate authorities.

What?

When we deal with people, in person or via some kind of communication device, we need to be sure we are dealing with the person we expect. The process of determining that the other party is who they claim to be is authentication. In person this may be as simple as recognizing someone by their face or voice. Over a phone we may depend on the phone number of whoever is calling us. Different situations call for different levels of certainty, and therefore different mechanisms of authenticating the other person. If I’m just saying ‘hi’ to a neighbor I really don’t care to ensure they are who they claim to be. If I’m buying a house, I care very much.