A Better Anonabox with the Beaglebone Black

A few weeks ago, Anonabox, the ill-conceived router with custom firmware that would protect you from ‘hackers’ and ‘legitimate governments’ drew the ire of tech media. It was discovered that this was simply an off-the-shelf router with an installation of OpenWrt, and the single common thread in the controversy was that, ‘anyone can build that. This guy isn’t doing anything new.’

Finally, someone who didn’t have the terrible idea of grabbing another off the shelf router and putting it up on Kickstarter is doing just that. [Adam] didn’t like the shortcomings of the Anonabox and looked at the best practices of staying anonymous online. He created a Tor dongle in response to this with a Beaglebone Black.

Instead of using wireless like the Anonabox and dozens of other projects, [Andy] is using the Beaglebone as a dongle/Ethernet adapter with all data passed to the computer through the USB port. No, it doesn’t protect your entire network; only a single device and only when it’s plugged in.

The installation process is as simple as installing all the relevent software, uninstalling all the cruft, and configuring a browser. [Adam] was able to get 7Mb/sec down and 250kb/sec up through his Tor-ified Ethernet adapter while only using 40% of the BBB’s CPU.

Anonabox: How To Fail Horribly at Kickstarter

Late last week, Anonabox hit Kickstarter, glomming on to concerns over security, privacy, and censorship. The project was picked up on the usual tech blogs, lauding this project as the pinnacle of the Open Source, Open Hardware movement and a great investment for the privacy-minded technocrat in a post-Snowden world.

Then, the creator of Anonabox did an AMA on reddit. It was quickly discovered that the entire project was an off the shelf router found on AliExpress with reflashed firmware. The router sells for $20 in quantity one, and the Anonabox Kickstarter is giving them away with a minimum $51 pledge. The new firmware is basically a standard OpenWrt installation with a few changes to the config files. The project claims to solve the problem of hardware backdoors, but ships with a backdoor root password (the password is ‘developer!’), open WiFi, and ssh open by default. The Anonabox also claims to be a plug and play solution to security and privacy on the Internet, meaning if this project ever ships, there will be a lot of people who won’t change the default configuration. That’s rather hilarious in its implications.

According to the Kickstarter campaign, the Anonabox has gone through four years of development and four generations of hardware. [August] even has a great graphic demonstrating that each successive generation has reduced the size in half and doubled the system resources:

Unscaled
Image taken from Kickstarter campaign

Anyone with the slightest eye for detail will quickly realize that components, like Ethernet jacks, SD cards, and CF cards are always the same size. I wonder what this graphic would look like if all the boards were scaled so they were in proportion to each other?

Rescaled
Image rescaled so all boards are proportional to each other

Oh. That’s not fishy at all.

As with most Kickstarters that have seen this much negative attention, the project was suspended just a few hours ago, but not before gathering more than $600,000 in pledges at its peak.

suspended

Although the Anonabox failed, there is a market for a Tor-enabled router, and luckily we have one on hackaday.io. It’s so great that some of the copy for the Kickstarter campaign was lifted directly from this project. With a wealth of market research available, we can only hope that [CaptainStouf] runs his own campaign for the UnJailPi.

HOPE X: Wireless Tor Proxies And Sharing TrueCrypt Volumes

When you’re at HOPE, of course you’re going to see a few Tor proxies, but [Jose]’s is top-notch. It’s a completely portable Tor proxy (.br, Google translation), battery-powered, with a connection for 4G networks.

[Jose]’s OnionPi setup is based on the Adafruit version, but adds a few interesting features that make it even more useful. It’s battery-powered with about a day of charge time, has a built-in battery charger, Ethernet pass through, external 4G and WiFi antennas, all in a sealed case that makes the entire build impervious to the elements.

While this isn’t much of a hack per se, the amount of integration is impressive. There are switches to turn off each individual networking port, and all the relevant plugs are broken out to the front panel, with the AC input and USB serial connection using screw connectors that are supposedly very popular in Brazil.

[Jose] also brought along a new device that isn’t documented anywhere else on the web. It’s called NNCFA, or Nothing New Crypto For All. Using a Cubieboard, an interesting ARM single board computer with a SATA connector, [Jose] created a device that will mount TrueCrypt volumes on a hard drive and share them via Samba.

EFF Launches Open Router Firmware

Open Wireless Movement logo

The Electronic Frontier Foundation have released an alpha of their own Open Wireless Router Firmware as part of the Open Wireless Movement. This project aims to make it easier to share your wireless network with others, while maintaining security and prioritization of traffic.

We’ve seen a lot of hacks based on alternative router firmware, such as this standalone web radio. The EFF have based their router firmware off of CeroWRT, one of the many open source firmware options out there. At this time, the firmware package only targets the Netgear WNDR3800.

Many routers out there have guest modes, but they are quite limited and often have serious vulnerabilities. If you’re interested in sharing your wireless network, this firmware will help out by letting you share a specified amount of bandwidth. It also aims to have a secure web interface, and secure auto-update using Tor.

The EFF has announced this “pre-alpha hacker release” as a call for hackers who want to join in the fun. Development is happening over on Github, where you’ll find all of the source and issues.

Raspberry Pi Tor proxy lets you take anonymity with you

pi-tor-proxy

Your web traffic is being logged at many different levels. There are a few different options to re-implement your privacy (living off the grid excluded), and the Tor network has long been one of the best options. But what about when you’re away from you home setup? Adafruit has your back. They’ve posted a guide which will turn a Raspberry Pi into a portable Tor proxy.

The technique requires an Ethernet connection, but these are usually pretty easy to come by in hotels or relatives’ homes. A bit of work configuring the Linux network components will turn the RPi into a WiFi access point. Connect to it with your laptop or smartphone and you can browse like normal. The RPi will anonymize the IP address for all web traffic.

Leveraging the Tor network for privacy isn’t a new subject for us. We’ve looked at tor acks that go all the way back to the beginnings of Hackaday. The subject comes and goes but the hardware for it just keeps getting better!

Tor hardware privacy adapter

hardwaretor

The Janus team have published a preview of their new Privacy Adapter. It’s a small two port router. You just plug it in-line between your computer/switch and your internet connection. It will then anonymize all of you traffic via the Tor network. You can also use it with OpenVPN. The hardware appears to be a Gumstix computer mounted to a daughtercard with two ethernet ports. It will have a web configuration just like a standard router. This looks like a great plug-n-play privacy device. The only improvement we would suggest is adding auto-detect so a crossover cable isn’t required.

Janus is responsible for JanusVM, a virtual machine designed to protect your privacy with technologies like Tor and OpenVPN.

[via @hdmoore]

25th Chaos Communication Congress schedule

The team behind 25C3 has published the first draft of this year’s schedule. The annual Chaos Communication Congress is happening December 27th to 30th in Berlin, Germany. There are plenty of interesting talks already in place. We’re spotting things we want to attend already: The conference starts off with how to solar power your gear, which is followed by open source power line communication. A TOR-based VPN, an open source BIOS, rapid prototyping, holographic techniques, and running your own GSM network are on the bill too.

We’ll have at least three Hack a Day contributors in attendance. Last year featured two of our favorite conference talks: [Drew Endy]’s Biohacking and the MiFare crypto1 RFID crack. We hope to see you there.