What is the Embassy? What does it do?
The internet as we know it is organized into questioners, or clients, and answerers, servers. When you open a mobile email app, say Gmail, the app (client) begins asking questions: "have I received new mail?", "what are my last 50 messages?", "what drafts am I in the midst of writing?", and so on. Your app's questions are sent to and heard by a Google-run server which then provides answers back to the client and are subsequently displayed to the screen.
The Embassy is exactly that: your very own "answerer", just like Google's, except managed simply and with ease by and for you alone.
Why would someone want an Embassy?
When you see your credit card information on your banking app, your messages in your texting app, your passwords in your password management app, all of that information comes from somewhere in the cloud: some server run by some company somewhere on the planet. Who can see the data stored in that server? Who can edit it? -- It's not always clear, but the increasingly common practice of selling your data to advertisers and the high-profile cyber-security breaches of the last decade suggest a pessimistic outlook.
One thing is for certain though: if you control your server, then you control your data. Your finances, your communications, all of it is actually yours -- and only yours -- with an Embassy.
How do I communicate with my Embassy?
During the setup process, a unique Tor address is created for you to access your Embassy device from anywhere in the world on any browser that supports a SOCKS5 proxy. Currently, these include the Consulate, the Tor Browser, Firefox, and a Brave Private Window with Tor.
What is the Tor network?
When your phone makes a request of your Embassy, that request is first bundled in layers of encryption like the layers of an onion, giving Tor its name: The Onion Router. That bundled request is then sent into the Tor network itself, a collection of volunteer "onion router" nodes which ricochet your request between themselves, peeling off one layer of encryption at a time. If a malicious third party were to intercept your request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion router and was heading to some other onion router. In this way, the contents, source, and destination of the message are totally anonymized.
Finally the request is picked up by your Embassy fully decrypted so that it can reply to you with its own onion wrapped message.
What is EmbassyOS?
EmbassyOS refers to a custom Linux distribution along with a suite of software tools installed on your Embassy which makes it easy to:
- Install new services
- Uninstall services
- Upgrade services
- Upgrade your Embassy software to future versions
- Manage your sovereign app data
I'm having trouble connecting to the Embassy. What can I do?
- Check that your phone is connected to the same WiFi network as the router giving internet access to your
- Embassy via ethernet. This means in particular you cannot be using cellular data.
- Ensure that your server has been running long enough for the startup chime noise to sound.
- If all of the above fail, please contact us at firstname.lastname@example.org.
I’ve moved houses or changed wifi networks, how can I connect to my Embassy?
Simply connect your Embassy into the new router’s ethernet jack and power it on. As long as your phone is connected to the same network, you will be able to connect to it. serviceswill be able to connect from anywhere.
What internet speed is optimal to run the private server?
Of course the faster the happier when it comes to internet speed, but ultimately the question boils down to the services running on your Embassy. Your network speeds (and other server metrics) can be monitored within the Companion App.
Can I SSH into an Embassy?
Yes. After having setup your Embassy, navigate to its settings page and select "Developer Options". You will be able to add an SSH key at this point. Navigate to back to the settings page and select "Server Specs" to find your server's LAN IP address. “pi@” will be your ssh target.
Warning! SSH-ing into your server and making changes is roughly the equivalent of popping open your watch and fiddling directly with the clockwork. We can make no guarantees about the functioning of the server once you’ve SSH-ed in, and as such, adding an SSH key will void your warranty.