Piratebox is free software written for dirt-cheap hardware that lets you set up a web server with file upload and download features, a forum and a real-time chat area, but which is not connected to the Internet.
That’s right, the bad news is that it’s not connected to the Internet. Blasphemy!
The good news is that it’s not connected to the Internet. Freedom!
It’s sort of like a Wifi access point (AP), just like your local coffee shop, except that’s a dead end. It can host anything, and may have all sorts of interesting stuff on it, but it doesn’t lead anywhere else, and that’s what makes the concept unique in this century. Since it’s not connected to the Internet, you can’t get there from just anywhere. You have to be physically within range… which means that being physically present also the only way to spy on it. You can’t do that as a “mass” operation across nations, physical presence just doesn’t scale, which makes it pretty much not worth doing for those interested in removing privacy from the face of the Earth.
This is one of my “cyclic” interests, one that I leave and keep coming back to, like… 18th Century colonial history, cyberpunk science fiction, Stirling engines, real recumbent bicycles, swordplay, sailing… okay, I’m weird, what else is new?
More than anything else I can think of, other than possibly the inexpensive Raspberry Pi single-board computers, PirateBox reminds me of what we thought the “cyberpunk” future was going to look like back in the 1980’s. Of course, as we all know, the present world isn’t much like the future looked then. We could see the future, but it turns out that wasn’t where we were headed.
History:
Back shortly after the planet cooled enough to support life, in the 1980’s, there was a period when lots of people had personal computers but almost nobody had access to the young Internet. I know that’s hard to imagine. I have trouble imagining it, and I was deeply involved.
Our early attempts to establish “on-line communities” (which weren’t called that then) involved things called “modems”, that allowed computers to communicate over ordinary phone lines, and “BBS” (“Bulletin Board System” or “EBBS (“Electronic Bulletin Board System”) software “EBBS” software. These let you set up, and set up rules for, file sharing and a forum. You couldn’t typically set up “chat”, because with one modem and one (maybe spare) phone line only one person could connect at once.
It seems primitive now, and it was (even though it all seemed very cutting-edge back then), but one thing about those days and those systems that is missing from these days and the systems of these days is privacy. Each one of these systems was pretty much an island unto itself, and to borrow a phrase, “what happened on the BBS stayed in the BBS”. Each was effectively a pocket monarchy, each run according to the whims of the owner, and if the owner didn’t care, anything went. Some tried to enforce using “real” names and information, but there was usually no way to enforce that, so there was a presumption of anonymity more often than not.
Of course, there were also some jerks, but fewer than you might think… and there are far, far more of those today, even with all the privacy and anonymity that have been taken away.
Interesting things happen when people feel really free to interact, when there’s no “chilling effect” from being surveilled and recorded. Very interesting things. People are not afraid to be honest, or to share ideas that might not pan out, or to argue against what they think is wrong no matter who is on the other side of the issue. A place and time that permits this is sometimes referred to as TAZ, or Temporary Autonomous Zone (a standard label that only works because they are always, always temporary), and such places and times tend to have huge influences on history that are not often acknowledged, like the 17th and 18th Century pirate havens and utopias that in many ways were anything but admirable but nonetheless pioneered such concepts as personal freedom and democracy (elected ship captains, of all things, when the absolute authority of ship’s captains had been unquestioned almost since the first ships were made).
Not having Big Brother breathing down your neck in the early days of a the Computer Revolution when it was still largely an ungoverned frontier had a similarly liberating effect, and there was a whole lot of creativity evident. There was even a proto-WAN (“Wide Area Network”) called FidoNet, in which each “node” called some other “node” in its local calling area (to avoid long-distance tolls), daisy-chaining a message relay system across the continent and you could often get a message or new software release from one side of the country to another in an amazingly fast three days or so.
I ran a BBS system back in the ’80s (never mind which one), and I can testify to the fact that privacy and anonymity seemed to have a stimulating effect on creativity, enthusiasm and synergy, with people sharing interests and ideas but not so much real names, backgrounds, “qualifications” etc. We didn’t know how important privacy and anonymity were , of course… until they went away.
There were also occasional “LAN parties” where people would actually physically haul their big, heavy and shock-sensitive desktop computers to someone’s house and hook them into a router so everyone could freely share with everyone, again in privacy. It seems that people will go to some lengths to be able to freely share. There was even a motto for the entire concept of the age: “Information Wants to be Free”.
Okay, so… if everything on the Internet is monitored, and there is no privacy and anonymity anymore (both were guaranteed to some degree for mail and phone calls in the days before before the government started having second thoughts about any privacy, but not for the Internet), what can you do?
Simple- don’t do it on the Internet.
The software:
What PirateBox is, is free, simple software that runs on dirt-cheap hardware platforms to run what is effectively an old-style BBS on Wifi instead of copper telephone lines designed for analog voice signals in another age. Not, mind you, on the Internet, but on Wifi. That might be an awkward concept for some people today. You know how when you are looking for some way to get on the Internet, and you open up tool on your computer and it shows you all the local Wifi system names? It’s one of those… you can connect to it just like any other access point, but it doesn’t take you to the Internet, rather it takes you to local file upload and download sections, a forum, and a chat room, its own little universe… just like the old BBS systems but better. Not only is it wireless, and multi-user (as in, up to several people can connect and interact at one time), but it has chat, and can stream music and video to pretty much any device that can play them. Not only is there no Internet connection, there is no attempt to record or log information about visitors. MAC addresses are ignored and IP addresses are temporary and assigned on the fly, so even if someone connected to the PirateBox and the Internet to bridge the two together there would be no way of knowing, from any remote location, who was doing what.
Surprisingly, the founder of PirateBox says he was mostly inspired by USB dead drops, not BBS systems or LAN parties. In some ways that makes sense, as dead drops allow individuals to communicate without sacrificing anonymity, but in other ways it’s quite different. Without the opportunity to “chat” (except extremely slowly) or connect with more than one person at a time, the “bandwidth” of communicating through dead drops is so low as to discourage anything like an even temporary anonymous community from forming.
Another variant is LibraryBox, a fork that exists explicitly for distribution only, apparently to avoid accusations of IP (“intellectual property”, doublespeak for the concept that ideas can be owned) infringement it allows downloads but no uploads. I personally find that uninteresting, almost every website works that way so I don’t really see the point, and it’s hard enough to get a community to form when you encourage people to contribute.
So, basically you download the software, install it on some scavenged, surplus or at least cheap hardware, put it where people can reach it with their own Wifi devices (notebooks, tablets and phones), and wait to see what happens. Of course, with nothing on the box, it will take a while for anything at all to happen, and you might want to “seed” the box with your own interests to encourage certain directions, but, well, when you create a community you always lose control of it to some degree, and that’s when it starts to get interesting.
It has to be said that the software is… well, not as flexible and user-friendly as it might be as far as customizing and personalizing an instillation of PirateBox to be unique. In general that’s not a huge hurdle, it works, and those with some familiarity in editing HTTP will have little trouble making most changes
The Hardware:
PirateBox was originally written to run on certain small, cheap travel routers, the sort of thing you might have thrown in a suitcase to turn wired/Ethernet hotel Internet access into Wifi in the days before they turned them into Wifi on their own. This is the easiest way to implement one (since the functions of are pretty much exactly what the hardware was designed to do) if you’re in a hurry or not very technically inclined (and many of the artists and others philosophically opposed to the drastic over-reach of copyright and IP laws are not). It’s not a broad selection of routers (two TP-Link models and one other), but they’re widely available, including on Amazon and Ebay.
Perhaps surprisingly, I’ve never been tempted to fool with that version. Since I use Raspberry Pis for a lot of stuff anyway every new project I do with them feeds the synergy, adds to my knowledge of Linux and makes all the other projects a little easier. Also, the routers start at about $30, and they by nature are just not as flexible and adaptable as a general-purpose Linux system. There’s also an upcoming Android version that will run on a smart phone or Wifi tablet, but my impression is that that is a work in progress.
There are also “live” CD and “live” USB drive versions (PirateBoxLive) so that you can run it on notebook or desktop computers, but to do that you have to reboot into it, and it takes over the machine’s network connection, so for that period it’s not going to be used for a lot else. I’m working on a concept I like better.
Enter the Raspberry Pi Zero W, which seems perfect for this application. It’s a Linux computer (of modest capabilities) on a single circuit board. It has USB (2.0), HDMI out (and is very capable of video and audio transcoding) and a range of programmable “GPIO” (General-Purpose Input-Output) pins that you can, with some programming, use for things like status and activity LEDs in this sort of application. Like all the Raspberry Pis, it can be powered off of a typical phone charger. This latest version, the “W”, also includes Wifi and Bluetooth right on the board.
It’s about a third the size of a credit card… or about the size of an old-fashioned movie theater ticket.
Unfortunately, the “W” version costs twice what the original Raspberry Pi Zero does… but that’s not much. It costs $10. I’ve got one right here that I paid $10 plus sales tax for in a brick-and-mortar store. That’s cheaper than you’re likely to be able to set up the plain $5 Raspberry Pi with a USB Wifi dongle, much less both Wifi and Bluetooth. At the moment of writing this particular sentence, there’s a Brick & Mortar store within driving distance that’s selling them for $5, in person only, one to a customer at that price.
Being so small, it’s also pretty energy efficient. I’m seeing estimates of .4 watts (four-tenths of a watt) running full-on with both Bluetooth and Wifi active. You should be able to get ten hours, say, from a good 4000 mAh battery at full charge. That means that you can use smaller and cheaper batteries to power it, and the end result is much lighter and smaller.
While it’s true that the processor is not state-of-the-art, it’s just never likely to be stressed much by handling the demands that can come at it through 150 bps Wifi, so anything more in this application would probably just be a waste of money and energy. The Raspberry Pi folks currently make a still-small but larger version with a much more powerful quad-core processor, built-in Wifi and Bluetooth for $30-35, and I’ve got some, but it doesn’t seem appropriate or needed for this
The Name:
In some ways I approve of the name. I’m old enough to remember when computing was an exclusive club controlled by a few large corporations, mostly IBM. Computing was “liberated”, or democratized, by young upstarts who brilliantly utilized what little technology trickled down within reach of the masses, and they were often demonized at the time for it. The same pattern was repeated over and over again with different technologies, notably encryption, which was hugely resisted by the government and now makes virtually all web shopping and transactions possible. Being a “pirate” in the eyes of those who would restrict the benefits of technology, privacy and freedom is now a long-standing badge of honor.
At the same time, I have to recognize that the name puts some people off, and probably that was part of the motivation of the LibraryBox fork. The object of the box is not necessarily tied to pirating software or “intellectual property”… but there are increasing trends in that direction now that we have summarily decided (thanks to Disney) that copyrights last until the heat-death of the universe, we’ve started patenting obvious and commonplace practices wholesale at the bequest of large corporations, and basically decided that thoughts and ideas can be property. There’s more I’d like to discuss about that, but it will have to wait. In the meantime, you as the owner and operator of a PirateBox can delete anything that is put on it or not, and so control the degree to which your own personal Pirate Utopia permits actual “piracy” by somebody else’s definition.
Implementation:
Insofar as your individual purpose in using PirateBox might hinge on privacy and lack of surveillance, or maybe just because of lack of mostly theoretically-required permissions, it may be desirable for you as the operator to remain anonymous as well. In some cases that might not be much of a problem, if you happen to have access and control in areas where crowds gather who might be looking for Wifi and have time for diversions, but in many cases it is. This is where things start to go Cyberpunk.
Covert mobile:
Most of the hardware that PirateBox runs on is small (the Raspberry Pi Zero W is VERY small) and energy-efficient, it can be concealed in about anything and carried almost anywhere. One of the earliest implementations was in a modified lunchbox. My own first implementation was in a waterproof, sturdy lunchbox-sized Pelican case, the sort of thing that you might use to protect binoculars when traveling. The size was necessary to contain the battery packs to keep an older Raspberry Pi 2 running for long periods, and I wanted it sturdy and waterproof to carry to the beach. I could, of course, SSH into the PirateBox or just connect through the front-end software as the administrator to control it, but I also included a wireless remote power switch for basic control when I didn’t have my notebook, and for possible quick shut-down if it attracted unwanted attention.
All of that is fun, but there’s a crucial weakness in portable installations, and that is that there’s a limited window of time for people to access it. Nor does the software particularly help in this regard, it doesn’t (or at least didn’t the last time I baby-sat a working installation) give you any good and easy way to tell if anyone’s logged on, or how many are. I’m not talking about logging any information as to who it is, just being able to know that this is or is not a convenient time to move and/or shut the thing down. Awkward. I understand that there is a way to tell, a cron table of some sort, and it should be possible with a Raspberry Pi installation to hack something to monitor that and drive at least an LED. More about that later, I think.
That limitation leads us to more-or-less stationary implementations in areas that attract people with time on their hands.
Covert stationary:
The closest I’ve come to doing this so far is concealing the lunchbox-sized case with a beach towel, either on the beach or hanging the case on a balcony rail land draping the towel over the rail and case in a typical fashion to dry it, so I can’t say which rumors one hears are true… but now with the Raspberry Pi Zero W we have the potential for truly tiny PirateBox implementations. That has implications for stationary as well as portable use. The fact that the RPi just sips power by comparison to older models means that alternative methods of power become feasible, possibly wind, solar, even parasitic induction from or pinprick connection to AC power lines. Keep in mind that the software and Wifi don’t have to be active 24/7 for some uses, having it “up” for just a few hours a day may be enough if it’s consistent and predictable, which for a device running Linux should be no problem. I’ve picked up hints of “hamster ball” implementations with a battery and solar panel mounted on rollers inside a transparent plastic sphere in such a way that the unit rights itself within the sphere no matter what it’s orientation, so that it can be tossed up onto a flat roof and left there. Given access to a roof, it could be more easily and cheaply done with a typical transparent-lidded “weatherproof” project box. Certainly if (when) it is discovered it will likely disappear, but that sacrifices hardware, not anonymity. In some cases it might be feasible to power one from wind. A small whirligig of some sort attached to the rigging of a sailboat in a marina would likely draw little interest. I’m sure those with technical savvy in fields where mine is weak or nonexistent will have plenty of other ideas.
Covert Remote:
As one approach to the lack of privacy on the Internet is just not to be on the Internet, similarly if there is a concern about the PirateBox hardware being discovered if it’s in range of the target users one approach is just to not to have it in (the usual) range. We’ve seen famously impressive improvised use of Pringle’s and other cans (“cantennas”) to extend Wifi range to a mile or more. Remember that this is two-way communication. It may be possible, with a stationary platform to work from where power and bulk aren’t major problems, to bathe a target area with AP service from some distance.
So, just how far away is that coffee shop from the nearest friend’s attic, “as the crow flies”?
The future:
The history of the entire “computer revolution” and “information revolution” have been largely about decentralization vs. centralized control, from “minicomputers” taking over from mainframes to phones and tablets. Unfortunately, we’ve back-slid in some important areas, and our most portable computing devices (smartphones) are actually much more blatantly controlled by those other than the owners (corporations, government) than the less-portable devices that preceded them.
There is, of course, a counter-trend brewing, and until the privacy and anonymity limitations of wide-area networks can be fixed, more and more people are improvising limited, local but private and anonymous networking with the tools we currently have on-hand. PirateBox and “Wi-Fi Aware” and “Neighbor Awareness Networking” or NAN. This will (when apps start to use it) let users become aware of others users in the area and connect directly with each other in impromptu groups without a router, access point (AP) or the Internet.
Needless to say, when this capability becomes common it’s going to be much more difficult to use threats of arrest and jail time to keep people from sharing priceless Intellectual Property like audio and video files of Brainless Cupie Dolls’ new mega-hit I Wanna be Purple This Week. At that point I’d guess that it might actually be time to look for a new business model instead of using the government to enforce one that goes back to printed sheet music and player piano rolls in the 19th Century.
I also noted with amusement that this is a theme of one of the the rolling bannerheads on the main site of the PocketCHIP (or PocketC.H.I.P., it’s a little schizophrenic) turn-it-into-a-tablet add-for the CHIP Pro (or C.H.I.P Pro, yadda yadda) variant of the C.H.I.P. single-board computer, “LAN Party off the Grid”. They even invoke “cyberpunk” in another of the bannerheads, which makes me want to like them. This is one of the many, many “Raspberry Pi killer” single-board computers that have sprung up once the market for them was established, most of which have vanished faster than they actually showed up… but this one in particular has gained more interest than most. In fact, it seems to have attracted the interest of some folks who have forked a version of PirateBox for it called AnyFesto CHIP, part of the AnyFesto project (that I’m just starting to read about myself, so certainly no endorsement, though it looks interesting).
For the record I started writing this before being aware of most of the other projects and forks. We live in interesting times. I think I’m going to have a lot more to write about this in the near future.
Links:
PirateBox: https://piratebox.cc/
LibraryBox: http://librarybox.us/
dead drops: http://deaddrops.com/
Raspberry Pi Zero W: https://www.raspberrypi.org/products/raspberry-pi-zero-w/
C.H.I.P. : https://getchip.com/pages/chip
CHIP Pro: https://getchip.com/pages/chippro
PocketCHIP: https://getchip.com/pages/pocketchip
AnyFesto: http://www.anyfesto.com/
AnyFesto CHIP: https://chip.hackster.io/tomhiggins/anyfestochip-b9ebc3
– Robert the Wombat