The phishing/bad domain problem is really because we rely on DNS for verifying that we are talking to who we think we should be. That will never work well. Really we should be focusing on making it easy to use crypto for that. SSH has proven this model, where both sides have a "host key". Browsers could easily also have a host key, then when you first log into your bank's website, you would tell your bank to remember your host key, and then both sides would check that they are talking to who they expect. That's just one thing that could be done, there are many others.

We've made a Debian chroot installer and manager app for Android, so you can have a Debian chroot running in parallel with Android. You can apt-get anything in Debian/arm. We're interested in server software, so we haven't tried anything beyond things like ssh, nginx, jabberd, etc.

https://guardianproject.info/code/lildebi/

And the code is up on Github:
https://github.com/guardianproject/lildebi

He did spend a summer in the woods doing this, I think the video is a kind of reenactment.

sounds good to me, donno any environmentalists who would object to burning less coal...