No tool in existence protects your anonymity on the Web better than the software Tor, which encrypts Internet traffic and bounces it through random computers around the world. But for guarding anything other than Web browsing, Tor has required a mixture of finicky technical setup and software tweaks. Now routing all your traffic through Tor may be as simple as putting a portable hardware condom on your ethernet cable.
Today a group of privacy-focused developers plans to launch a Kickstarter campaign for Anonabox. The $45 open-source router automatically directs all data that connects to it by ethernet or Wifi through the Tor network, hiding the user’s IP address and skirting censorship. It’s also small enough to hide two in a pack of cigarettes. Anonabox’s tiny size means users can carry the device with them anywhere, plugging it into an office ethernet cable to do sensitive work or in a cybercafe in China to evade the Great Firewall. The result, if Anonabox fulfills its security promises, is that it could become significantly easier to anonymize all your traffic with Tor—not just Web browsing, but email, instant messaging, file sharing and all the other miscellaneous digital exhaust that your computer leaves behind online. http://www.wired.com/2014/10/tiny-box-can-anonymize-everything-online/
Subsequent to the posting of the Wired article, some critics on Reddit ( https://www.reddit.com/r/privacy/comments/2j9caq/anonabox_tor_router_box_is_false_representation/ ) have called attention to Germar’s misrepresentation of the “custom” hardware board and plastic case used for the device. They point to stock devices available on Alibaba from Chinese suppliers that appear to be nearly identical. In a followup phone call with Germar, he clarified that the router was created from a stock board sourced from the Chinese supplier Gainstrong. But he says that the project’s developers requested Gainstrong add flash memory to the board to better accommodate Tor’s storage demands. Germar also says now that the case was supplied by Gainstrong and was not custom-designed by the Anonabox developers, a partial reversal of how he initially described it to WIRED.
UPDATE: This project has been pulled from kickstarter. Details at: http://hackaday.com/2014/10/17/anonabox-how-to-fail-horribly-at-kickstarter/ and http://arstechnica.com/security/2014/10/kickstarter-pulls-anonabox-a-tor-enabled-router-that-raised-over-585000/
and, according to Ars:
Redditors and others discovered that there was a hashed root password installed on all Anonaboxes—that password was cracked, and found to be “developer!” an obviously weak password. When asked about the password, Germar responded, "There was no way to log in from the outside anyway, you'd need physical access to the device anyway."
Related Stories
After Anonabox requested US$7,500 and raised US$585,549 before being suspended, I hoped that one-stop solutions would be discouraged but according to Wired News, I couldn't be wronger because there are at least five parties aiming to fill Anonabox's niche:
Maintaining your privacy online, like investing in stocks or looking good naked, has become one of those nagging desires that leaves Americans with a surplus of stress and a deficit of facts. So it’s no surprise that a cottage industry of privacy marketers now wants to sell them the solution in a $50 piece of hardware promising internet "anonymity" or "invisibility." And as with any panacea in a box, the quicker the fix, the more doubt it deserves.
Last week saw the fast forward rise and fall of Anonabox, a tiny $45 router that promised to anonymize all of a user's traffic by routing it over the anonymity network Tor. That promise of plug-and-play privacy spurred Anonabox to raise $615,000 on the fundraising platform Kickstarter in four days, 82 times its modest $7,500 goal. Then on Thursday, Kickstarter froze those pledges, citing the project's misleading claims about its hardware sources. Other critics pointed to flaws in Anonabox's software's security, too.
But the Anonabox fiasco hasn't deterred other projects hoping to sell an anonymity router of their own. In fact, many of them see Anonabox's 9,000 disappointed backers as proof of the demand for their own privacy-in-a-box product. At least five new or soon-to-launch crowdfunding projects now claim to offer a consumer-focused anonymity router with names like Invizbox, Cloak, TorFi, and PORTAL, each with its own promises - and caveats.
Full disclosure: I may or may not be connected to one of the parties mentioned in the article but I think they're all misguided.
The Independent reports that:
A British firm could be set to net billions of pounds after making a major breakthrough in cybersecurity. Scientists at Scentrics, working with University College London, say they can guarantee total privacy for emails and text messages. It also means that for the first time laptop and smartphone users will be able to connect to wifi hotspots on the move without worrying about hackers. Only the security services would be able to gain access to the messages, if they needed to. The Scentrics application can be embedded into a mobile handset or computer device, enabling the user to obtain "one-click privacy" at the press of a button. Or it can be downloaded as an app, so the sender can pay a small fee for security every time, for instance, they send an image of family or friends over the internet.
The patent assignee modestly states:
"In terms of British Intellectual Property [IP], it is only dwarfed by the invention of the world wide web itself," said Mr Chandrasekaran. "The internet was born without this in its DNA and we've done it." He explained: "What we've done is to patent the IP for a standards-based, fully automatic, cryptographic key management and distribution protocol for UMTS and TCP/IP." In layman's terms, the company and UCL have found a way of defeating what cryptologists call "the man-in-the-middle attack" or MITM - the ability of someone to hack and intercept an electronic message.
The venture comes from a heavy hitting institution and the people involved seem to be quite connected but the scheme only works by having secure access to a public key infrastructure. Unfortunately, As I previously noted when the last one-step crypto system flamed out (but before the next five went nowhere):
any one-step, hermetically-sealed, silver-bullet solution is poor technology and, in the case of security, is actively dangerous. Although it should never be necessary to pull something to pieces, or understand innards, technology is far from waving a magic wand and having something work 100% of the time. Technology is based upon tiers of leaky abstractions. Therefore, *when* it fails, it needs to be divisible so that debug can proceed. Ideally, technology should be a binary tree of components and faults can be found in the manner that Christmas tree lights can be fixed.
Even when packaged and idiot-proofed, the implication for end users is that anything significant needs to be a multi-step process. For example, install application, install certificates, test certificates. Anything less will have a horrendous corner-case which will be awkward to detect, diagnose or correct. And in the case of security, these corner-cases foreseeably threaten liberty.
Full disclosure: I may or may not be connected to one of the parties mentioned in a previous article.
(Score: 5, Informative) by b on Saturday October 18 2014, @10:14AM
This is a bit out of date now. Kickstarter has now pulled the product, after it had raised about half a million dollars. The Reddit thread has some information about why, including a link to the AMA. One thing that stuck out for me was that someone downloaded the image and cracked the root password in about 20 minutes. The dev said that it was an intentionally weak password "because developers are the only ones who would be looking at the code". Basically the dev is clueless and/or malicious.
(Score: 1) by martyb on Saturday October 18 2014, @10:51AM
You are correct; this project has been dropped from kickstarter. At the time this story was submitted and accepted into the story queue, the project appeared to still be active. The story has been updated to reflect the project's having been pulled from kickstarter and with links to commentary on Ars Technica and on Hackaday.
I apologize that we did not catch this earlier.
Wit is intellect, dancing.
(Score: 1) by b on Saturday October 18 2014, @11:34AM
Ah okay, fair enough. I only know that this was old because the "other" website ran a story earlier (~12 hours ago) about the failed kickstarter project.
(Score: 2, Insightful) by Anonymous Coward on Saturday October 18 2014, @11:58AM
Still, the fact that this project got a half million in funding - 10x what they were asking - shows that there is a big market for a version of this product "done right." No security system will be perfect, but something that is cheap and dead-simple to use while still being a net gain for user security would be a good thing.
(Score: 2) by AnonTechie on Saturday October 18 2014, @12:40PM
Exactly, it seems many people would be interested in such a plug and play security product because real security is hard (for most people). Is there any open source project which attempts to do the same ?
Albert Einstein - "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
(Score: 2) by maxwell demon on Saturday October 18 2014, @03:32PM
Is there an Raspberry-like computer with two high-speed Ethernet ports? Because that's all you would need hardware-wise; the rest would be software.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by cafebabe on Saturday October 18 2014, @04:56PM
I'd be interested in a box which could saturate three or more 100Mb/s Ethernet connections. One of the things I've wanted to do with such a box is implement an idiot-proof bandwidth priority system. Specifically, one port (with auto-crossover?) is connected upstream. Packets sent to the other ports are fed upstream with strict priority. I've worked in multiple companies where I would have paid out of my own salary for a box which prioritized techies over management over users. In a personal capacity, I'd be more inclined to run a free WiFi spot or Tor node if I could at least shape the outbound traffic.
I'd also be interested in a box which could saturate two or more 100Mb/s Ethernet connections after performing one of more rounds of encryption and integrity checks.
1702845791×2
(Score: 2, Insightful) by Anonymous Coward on Saturday October 18 2014, @04:38PM
there is a big market for a version of this product "done right."
Sure there is, but the goal (a router that shovels all tcp traffic through tor) is impossible to "do right" because users will connect it to normal PCs running normal OSes with normal applications (that's the whole point, right?), and the resulting normal traffic contains many identity leaks -- routing that traffic through tor without somehow scrubbing the leaked identifying information (or replacing "normal" apps (e.g. Firefox/chrome) with non-leaky substitutes (e.g. the modified Firefox in Tor Browser Bundle) results in deanonymizing all traffic passing through that circuit.
Some info. [torproject.org]
More. [torproject.org]
There are also issues with non-TCP traffic, since Tor only handles TCP, but the issues with leakage from normal applications are far more serious, and seem insurmountable.
(Score: 2) by cafebabe on Saturday October 18 2014, @05:30PM
While I am disappointed that a heavily over-subscribed security project has been shot down, it is probably for the best that such action will cause the least damage.
There seems to be a collection of problems with this specific one-step security implementation which includes: only TCP traffic being onion-routed, applications not configured to scrub identifying values, and (most significantly) no user education about identifying data.
Overall, this plus other experience guides me to the conclusion that any one-step, hermetically-sealed, silver-bullet [wikipedia.org] solution is poor technology and, in the case of security, is actively dangerous. Although it should never be necessary to pull something to pieces, or understand innards, technology is far from waving a magic wand and having something work 100% of the time. Technology is based upon tiers of leaky abstractions [wikipedia.org]. Therefore, *when* it fails, it needs to be divisible so that debug can proceed. Ideally, technology should be a binary tree of components and faults can be found in the manner that Christmas tree lights can be fixed.
Even when packaged and idiot-proofed, the implication for end users is that anything significant needs to be a multi-step process. For example, install application, install certificates, test certificates. Anything less will have a horrendous corner-case which will be awkward to detect, diagnose or correct. And in the case of security, these corner-cases foreseeably threaten liberty.
1702845791×2
(Score: 2, Interesting) by Anonymous Coward on Saturday October 18 2014, @05:36PM
> and the resulting normal traffic contains many identity leaks
Perfect is the enemy of the good. 99.9% of the people on the net don't need perfect anonymity. They just need more than they have now. If we insist on an all-or-nothing approach we will be left in a situation where 99.9% of the people have nothing. That isn't to say the weakness should be swept under the rug, they should be trumpeted widely so everyone knows that it is only appropriate for people whose lives do not depend on it.
(Score: 2) by Foobar Bazbot on Sunday October 19 2014, @04:04AM
Perfect is the enemy of the good. 99.9% of the people on the net don't need perfect anonymity.
I'm not sure you understand the problem. Your response would be completely appropriate if using an identity-leaking app meant Tor was merely unable to grant magic anonymity to that app, but still protected e.g. TorBrowser traffic -- but since that leak also compromises traffic from all other apps, it's not granting "good, but not perfect" anonymity.
If we insist on an all-or-nothing approach
To me, an all-or-nothing approach is something like "you have to go all-out and boot Tails, or not use Tor at all" -- and nobody's insisting that. Rather, you can use Tor Browser Bundle alongside normal apps on whatever OS you use. The problem is that naively snarfing all traffic into Tor decreases anonymity vs. maintaining segregation of anonymous and identity-leaky traffic.
(Score: 0) by Anonymous Coward on Sunday October 19 2014, @01:10AM
Protip: $7500 to over half a million dollars is much more than 10x.
(Score: 2) by takyon on Saturday October 18 2014, @02:16PM
too late [soylentnews.org]
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1) by Natales on Saturday October 18 2014, @11:45PM
There is obviously a huge appetite in the market for something like this, but people don't get the implications. There are dozens of sites that perform IP validation against know Tor exit points. Try to do your home baking through a Tor site and you'll see what I mean. Additionally, you can't do VoIP or any other UDP-based transmission since Tor supports TCP only.
I tend to favor "selective" anonymity for that reason. I currently use Qubes OS as my desktop OS, and I use a regular browser VM for all the sites that require validation, while at the same time, use a separate browser VM that connects to a Tor VM which seats behind a multihop VPN for all traffic I want to keep private. The browser ID and plugins are also all different.
I wish there would be a little magic box that can do the trick and give you automatic selective anonymity, but at this stage, we're just not there yet.
(Score: 0) by Anonymous Coward on Sunday October 19 2014, @01:23AM
I2P? [wikipedia.org]
(Score: 2) by halcyon1234 on Sunday October 19 2014, @03:23AM
Jesus fucking christ, allrecipes.com is getting downright draconian!
Original Submission [thedailywtf.com]
(Score: 2) by edIII on Sunday October 19 2014, @03:32AM
Identifying TOR exit points and excluding the traffic only works when precious few users come from TOR exit points and malicious users tend to use it exclusively. If a project like this was successful, and there were a million TOR exit points, you could not use it as effectively to block traffic anymore. So that argument doesn't hold a lot of water when it's primarily a complaint about subscriber levels, and not an inherent problem with TOR like services.
Also, VOIP is *usually* a UDP transmission. It's not limited to that at all. On good links it can just as easily be TCP. Just about every phone out there supports SRTP/TLS. The primary issue with VOIP over TOR is not one of the transport protocol being unsupported, but the latency providing such serious issues that you would need UDP to work around it.
A pure TCP based VOIP session is most likely perfectly possible if all the hops are of a suitable performance. I think you could very easily see that with a massive TOR network of millions of subscribers having purchased their boxes at Walmart. Problem is that you are attempting to run an intercepting proxy and as another poster stated, the most serious information leakage usually doesn't come from the transmissions themselves. If they also bought their PC at Walmart, it's most likely futile to attempt to secure it with the box.
TOR isn't the problem really. We need enough people to want security bad enough that they are willing to try another OS. A little box isn't going to cut it, unless that little box is coupled with new software on the PC capable of using it to provide secure circuits that provably provide a randomized foot print per session.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by urza9814 on Monday October 20 2014, @01:48PM
All internet traffic from my phone is currently routed through Tor (using Orbot on Cyanogenmod with transparent proxying enabled). Everything except phone calls -- browsing, mail, other apps (yes, this includes banking, which I realize may not be the brightest thing to run through Tor...), even text messages since I use Google Voice.
Almost nothing fails. Popular Science is the only site I've seen refuse my connection, and I can't say I miss it. A lot of sites do make me complete captchas though. Anything on CloudFlare for example, which it turns out is EVERYWHERE.