SoylentNews

AnonTechie writes:

No tool in existence protects your anonymity on the Web better than the software Tor, which encrypts Internet traffic and bounces it through random computers around the world. But for guarding anything other than Web browsing, Tor has required a mixture of finicky technical setup and software tweaks. Now routing all your traffic through Tor may be as simple as putting a portable hardware condom on your ethernet cable.

Today a group of privacy-focused developers plans to launch a Kickstarter campaign for Anonabox. The $45 open-source router automatically directs all data that connects to it by ethernet or Wifi through the Tor network, hiding the user’s IP address and skirting censorship. It’s also small enough to hide two in a pack of cigarettes. Anonabox’s tiny size means users can carry the device with them anywhere, plugging it into an office ethernet cable to do sensitive work or in a cybercafe in China to evade the Great Firewall. The result, if Anonabox fulfills its security promises, is that it could become significantly easier to anonymize all your traffic with Tor—not just Web browsing, but email, instant messaging, file sharing and all the other miscellaneous digital exhaust that your computer leaves behind online. http://www.wired.com/2014/10/tiny-box-can-anonymize-everything-online/

Subsequent to the posting of the Wired article, some critics on Reddit ( https://www.reddit.com/r/privacy/comments/2j9caq/anonabox_tor_router_box_is_false_representation/ ) have called attention to Germar’s misrepresentation of the “custom” hardware board and plastic case used for the device. They point to stock devices available on Alibaba from Chinese suppliers that appear to be nearly identical. In a followup phone call with Germar, he clarified that the router was created from a stock board sourced from the Chinese supplier Gainstrong. But he says that the project’s developers requested Gainstrong add flash memory to the board to better accommodate Tor’s storage demands. Germar also says now that the case was supplied by Gainstrong and was not custom-designed by the Anonabox developers, a partial reversal of how he initially described it to WIRED.

UPDATE: This project has been pulled from kickstarter. Details at: http://hackaday.com/2014/10/17/anonabox-how-to-fail-horribly-at-kickstarter/ and http://arstechnica.com/security/2014/10/kickstarter-pulls-anonabox-a-tor-enabled-router-that-raised-over-585000/

and, according to Ars:

Redditors and others discovered that there was a hashed root password installed on all Anonaboxes—that password was cracked, and found to be “developer!” an obviously weak password. When asked about the password, Germar responded, "There was no way to log in from the outside anyway, you'd need physical access to the device anyway."