This is not only an open-source project, but non-profit as well. A big motive for it is heightened security, as the interview (and transcript) make clear. It's also apparent that the hardware here is overkill for a router; it can run a complete Linux distro, no problem, so it can function as a server, not just as a router. Interested? You might want to put a reservation in soon. This isn't the cheapest router (or even server) out there, but a lot of people obviously think a Turris Omnia, with its crypto security, automatic updates, and server functions would be nice to have.
Timothy Lord for Slashdot: So Ondej if you could start by just introducing yourself and give us a little bit of background about your role with this project?
Ondej Filip: Okay. So my name is Ondej Filip. I’m CEO of CZ.NIC which is quite a strange company in some sense because we're public domain in the Czech Republic. More than half of our company is a huge R&D department. We do a lot of open sourc, e mainly software stuff. For example, I am the original author of routing Daemon BIRD, which is going to run in more than two thirds of Internet Exchange Points in the world. So it’s quite huge software. And we started this hardware project, it started like two years ago and we want to do some security project and because there was no suitable hardware for it, we built it. And then we realized that there was public demand outside Czech Republic for that, so that’s why we decided to make a new version, new generation of the device. So that’s how this started.
Slashdot: Could you start talking a little bit about the name of this project and what’s the significance of the name?
Ondej Filip: Yeah. Since there was security research project, the original idea was to create 1,000 of those boxes and spread them around and give it to people in the Czech Republic, I’d say for free. It was technically for at least for one crown a year, which is less than a dollar. And we were collecting security information from those devices and then the overall – sorry I apologize for that.
Slashdot: No, that’s fine, just if you want to start at any point.
Ondej Filip: So the original idea was to create 1,000 boxes and give them to people inside the Czech Republic like home routers and then collect some security information from those devices making some analyzes and then creating some grey lists, some black lists and try to track some botnets and stuff like that. So that was the original idea. And because it was meant as a protection of people, that's why we chose the Latin name Turris, which means the tower actually. And that’s how the project started. And when we came with this new version, it was actually original name Turris Lite because we thought it's a lighter version of the previous generation, but at the end of the day unfortunately or fortunately the hardware is much stronger than the previous version and it has certifications, it’s more advanced, so that's why we realized that probably the word Lite is not appropriate for that. So we chose again a Latin name Omnia, which means like every single stuff like that.
Slashdot: Let's talk about a little bit since you mentioned the security aspects and how important this is to be sort of a protective device for networks. It has some built in capabilities that other routers don't typically have, in particular, for instance can you talk about the crypto chip that it has by default?
Ondej Filip: Yeah. That is one important thing, because we are afraid that the current routers that are on the market has one weakness and that's mainly the firmware update. There’s not many routers that updates automatically or instantly. And that was one of the thing we wanted to concentrate or rather updates instantly. Whenever there's some security issue, we fix it in days if not hours. And all the well known attacks like Heartbleed for example they are fixed very, very quickly on this router. So the thing is that we wanted to have a secure channel from the router to do updating server and also you know some secure channel for submitting the security information we were collecting. So that's why there's a crypto chip that has some key material. That was for the old project. In Turris Omnia of course because it will not be given for free, it's just a optional thing you can reuse for any of your project. You can store key material there. So you can use it for some BPM things and transferring some files or whatever we want. And also it can be used if you want to receive all updates with this hardware again.
Slashdot: The other thing about this hardware is I have to say as a router it seems like you have included some overkill. You've got let’s say 4 gigs of flash. That's quite a bit for a router. What do you anticipate people will actually use that kind of space?
Ondej Filip: Well, look at it rather from a different angle. It's the only device in your house that runs 24 hours, maybe except fridge, that we probably will agree that we don't have much smart fridges in our house, right. So this is the only device that runs. And what it does for you, just we’re running packets. What it does when you sleep? Nothing basically. So the idea was let's make it more flexible. That's why there's an open source operating system on top of it. And that's why we put some storage because we expect that you will install some system application. And with the first generation of Turris many of the participants of the project are doing really funny stuff. They are making sound server for the bathroom. They were doing like DVB-T recorder and also making a precise time quotes and stuff like that. So we know it's a very robust device and of course obviously it can be an NAS server like for file sharing and storing your photographs and videos. So that's why we put enough memory, enough CPU power, not just forward gigabit of traffic, but also for doing other stuff like the activities I have mentioned.
Slashdot: Now you have actually a sample of the hardware that's in front of you now. Can you show us a little bit both of the industrial design? What does the case look like and what are the external features that we see?
Ondej Filip: Okay. So this is the board. This is the size of the board. Then it has six Ethernet ports, one is metallic and also SFP cage, so you can also use like an optic model into that. It has two USB 3.0 ports. It has three mini PCI express slots, two of them will be occupied by Wi-Fi, we expect that the device will serve like 5 gigahertz and 2.4 gigahertz Wi-Fi. That is upgradable for the future. That is going to be some new standard also, some improvement of the Wi-Fi standard. It has battery backup RTC clock because the precise time is important for this device. There’s also those very, very funny RGB LEDs. There is more than we need actually for the router, because many people in the previous generation of router used those LED diodes for signaling some stuff, for example, I don't know, you have an appointment or there’s something wrong you should look at and stuff like that.
So that's why there are some of them or all of them are actually customizable, but two of them are just really just for your fun. They don’t have any purpose at this moment. That's probably all those connections. It has ARMADA 385. So very powerful ARM based chip from Marvell. And inside there’s a switch chip and there’s one good thing for the network geeks. This switch chip is connected by 2 gigabit lines to CPU and one port that is one that has a metallic and SFP option is connected also by single line. So basically you have enough capacity for 1 gigabit. And you can for example do some ____8:04 or stuff like that if you want to play with your network. And you have, as I said, two separate gigabit lines to your LAN ports actually. And it has some flash for booting and as you mentioned, the 4 gigabytes of other flash for storing the operating system. And also the plan is not just on the all operating system based on OpenWrt but also you can run some of your custom operating system, for example Debian infotainer. So the idea is that you take care of the base operating system so it's going to be up to date. And you can use your container for anything you want and we want to be able to touch it and you can run some of your custom application on it.
Slashdot: And that's what you referred to as a virtual server functionality?
Ondej Filip: That's what we meant by that, yeah.
Slashdot: Okay. Can you talk a little bit about what it's like to be making essentially not a start-up certainly, because it's part of a larger group, but it seems like a start-up project. What is it like to be doing that in the Czech Republic? Is it a friendly environment for that sort of activity?
Ondej Filip: Well, originally we were a little bit afraid of it, but surprisingly it's quite beautiful, I mean there’s quite a lot of companies that are involved in that. So that means it's quite easy for example to make a prototype here because there are companies making PCB and putting all the stuff on it and so that was not a complicated thing. It's a little bit more expensive. We are inside Europe ____9:28, so we cannot be as cheap as the companies in Southeast Asia, but it works very well, especially for small series like 1,000 pieces that we’re working on. It's probably a little bit different when you want to create huge series like 100,000s but we are not at this point yet, so that’s another question.
Slashdot: How many people have been involved with using the generations of Turris, so far?
Ondej Filip: Well, you mean the end users?
Slashdot: That's right.
Ondej Filip: Yeah. So we created 1,000 pieces and then for next year – it was last year actually, we created another batch of 1,000. So, currently there is 2,000 pieces somewhere in the road, but 95% of them are in the Czech Republic.
Slashdot: Okay. Do you see any huge advantage to someone taking this router, add some additional hardware, but most of the benefits, is there anything unique to this router that you don't get by running OpenWrt on other hardware? Is it primarily the crypto chip? Is it just that it's a very high end networking? What is the best thing you could tell someone who says,” I already have a router right now, why should I change?”
Ondej Filip: Maybe, we should call it a server. It’s not just a router. It has capacity to run normal Linux distribution. So, you can run your web server or anything like that. So, it's more universal device than just a router. Then I think the network capacities, I think, it’s non-standard, it's better than usually, especially in the sphere of the home routers. And also the extensions, we have three PCI Express slots, so you can use it for anything. You can use it for OT backup if you really kind of survive any problem in your network and you have to be connected to every second. Or you can put the SSD disk and you can run this as a quite good mask, quite reasonable mask. And also we have some extension connector, like SPI, IC, this can be extended. So, you can put some custom hardware. We were discussing with some local companies that are working in IoT field because this router would be perfect base for the central point for your smart homes, so that's the plan but there is nothing at the table at this moment.
Slashdot: Okay. This seems like it should appeal to a lot of hardware hackers. Will people be able to buy it without a case? Can you just buy the board, so you could then integrate it into your own shape?
Ondej Filip: Yeah, exactly. We just plan to launch an Indiegogo campaign because we would like to see if there's a demand for the device. And you can buy just a single board. The plan is that we will be shipping those devices by April next year. So, actually that’s like I can see that there will be nothing else, no boxing, nothing else. You need to find your own power source and your books, so whatever you want. And the other option will be to buy the complete router, which will be roughly like that. It's just a plastic prototype. So, it might change slightly, but that's the idea, at least you can see the size and this is the original plan. And with that box, you will have like two Wi-Fi accounts included, power source and everything else around.
Slashdot: Can you talk a little bit about your Indiegogo campaign? The money you raise with that? What will that go toward?
Ondej Filip: So, as I said, the main purpose of this campaign is to see if there's a demand for the product. We don't want to spend money, manufacturing the product that nobody will actually buy, so it doesn't make sense. And it's even more complicated as everything is open source. Everything is open source software and open source hardware. So, after some period, anybody can prepare it. So, that’s why this will give us a little bit advantage that we will create a batch that we will be sure that we will be sure that we are able to sell. So, the goal is to raise like US$100,000 and the products in this campaign are the routers and the boards, of course.
Slashdot: One thing that seems different about this campaign versus some crowd-funding campaigns is you're actually using this day to day. This is an existing product.
Ondej Filip: Well, the previous version, it's run day to day, but the new version it's just in prototype, but it's fully functional prototype. Actually, we are very sure that we can make it, there shouldn’t be any hidden problems because we went this way at least twice before, so we absolutely know that we will be able to make it. The main reason is, despite all this, there's a demand for that, yeah.
Slashdot: Okay. Well, Ondej, I think this has been a good talk. What else should I be asking you about?
Ondej Filip: Well, maybe why we do that actually?
Ondej Filip: Because many people ask me why we do it. Actually everything open source and why we do that and it's quite strange thing because not many companies are doing it. Everybody who is doing some hardware has some plans, some tries to hide the designs. Even Raspberry Pi is not fully open source. You don't get the production plans, which unless it's something different Turris you can just download it if you wish. The plan was to make something, some universal device, and also the plan was to help the community because that's the main mission of the organization. We do a lot of open source software, which is really run in important places of Internet. Another example, it's not DNS, or DNS server which is run by root servers like DNS root servers, so the key servers, that the Internet rely on.
And this is another project that fits in that mission. We would like to make the Internet secure, safer and better. So, that's why it's open source, so you can verify that there is nothing hidden and it doesn't report to anybody you don't want to. And also you can build some new solution on top of it and you can extend it, you can play with that. We would like to give this device to people that would like to play with networking, make it like an educational device, simply bring more people to networking and technology related to that.
Slashdot: Is there a pricing that's set or expected right now?
Ondej Filip: Oh, yeah. The price of the board will be $99 plus some shipping and I apologize we will ship it from Europe, so the shipping will be added to that, and the price of the board, the delivered price will be about $179.
Slashdot: Okay. And again you said if someone gets the bare board, they just need to supply power supply in their own case, it's otherwise a functional piece of hardware.
Ondej Filip: And probably cooling but otherwise it's fully functional piece of hardware.
Slashdot: Okay, alright. Hey, I think that's actually not a bad price at all. I wasn't sure what you're going to say on how much this is going to cost, interesting.
Ondej Filip: Yeah. Again, we don't want to make a profit on this. This is more let’s say a project for the good of the Internet. So, there is almost no margin on this product, it's really just to help the people around.
Slashdot: But again, like you say, since it's open source, someone could take the design extend it and sell their own version. So, if you put out a version like this, then the same hardware can go quite a few places.
Ondej Filip: Yeah, and we will be happy, and of course, we hope we will make another version soon, so if someone will take it, I hope we will still have some relevance into this.
Slashdot: Okay, can you talk a little bit about the licensing? I mean, it is open source, but can you talk a little bit about what licenses, different aspects are under? For instance, if you really think hardware designs, are they under Creative Commons license or what sort of licensing?
Ondej Filip: It's a good thing and since I'm more software guy, I have to look at our pages, I apologize because I don't remember exactly the name of the license. I need a few seconds, I apologize for that.
Slashdot: Sure, not at all.
Ondej Filip: I can get the name of the license, basically everything we do in software is GPL. And its license is slightly different, I forgot the name, something with E at the beginning.
Slashdot: Oh, we can always look at that up later, so don’t worry too much about that.
Ondej Filip: I got it. No, pardon, I don’t know. Oh yeah, it is CERN Open Hardware License.
Slashdot: Oh, okay. I've not heard of that, so that sounds like an interesting thing for me to look up, great.
Ondej Filip: But I hope this guy was smart enough to design good license for that.
Slashdot: CERN have pretty smart guys. That seems like a fair bet.
Ondej Filip: Okay.
Slashdot: Well. Ondej, this has been great conversation as far as I'm concerned. Just, again, at this point is there anything else, any other topics you think we should touch on here?
Ondej Filip: I hope no, I think it's enough for the people to have a good picture of the project, and hopefully they will help us to support it, yeah.