I'm far from being knowledgeable about this project, but since no one else has, I'll point out some controversy around it: https://www.reddit.com/r/privacy/comments/2j9caq/anonabox_tor_router_box_is_...

-tom

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

I understand the approach of this, but it again reverts back to the problem of people believing a product will provide them reasonable protection without the responsibility of having to take measures themselves. There are stories everyday in the newspapers who think using a fake name on Facebook is enough to stop police tracking the actions of that account to them.

As in the other reply to this message, the hardware isn't open source and there has been a critique posted below:

https://www.reddit.com/r/privacy/comments/2j9caq/anonabox_tor_router_box_is_...

Well intentioned, but as many before me have highlighted; good intentions is not enough if the product does not provide true security. Tor is a technology like many things, but I feel this product is out to make a buck from open source software while under-delivering on it's promises by providing an inferior product. How many more times do we need people to be put off Tor because somebody makes a crap implementation and a headline follows with the usual "TOR IS BROKEN"?

The money in that kickstarter is proof there is cash to fund such things, but it is now in the hands of people riding the wave following the NSA fallout in hope for profit and not actual innovation.

- -T

On 15/10/2014 15:51, Andrew Lewman wrote:

On 10/15/2014 08:00 AM, Thomas White wrote:

...

I am personally hoping somebody high up in the Tor Project management will openly condemn this atrocity and hopefully Kickstarter and the funders will withdraw their funds before a whole load of people buy into this "security as a tool" idea.

I'm more inclined to support him. He appears to be taking our designs and thoughts verbatim from Jake's initial thoughts on a torouter[1]. Access Now did some work on the OpenWRT version of the torouter[2]. Now is our chance to help shape this into a product we like. Others have tried to take their own approach without such attention to technical details.

I look forward to having some smart people analyze the final product and figure out where the strengths and weaknesses lie. Anonabox's response to this analysis will tell us far more than anything else.

[1] https://trac.torproject.org/projects/tor/wiki/doc/Torouter

[2] https://trac.torproject.org/projects/tor/wiki/doc/OpenWRT

On Wed, Oct 15, 2014 at 01:33:43PM -0800, I wrote:

and if they were really into TOR why aren't they discussing it on this list?

because they're like two guys who threw up a under-$10k kickstarter and had it completely explode under their feet, I suspect.

Succeeding far beyond your dreams at crowdfunding is one of the worst things that can happen to a project. Just ask ZPM Espresso, KREYOS, or any of a dozen other "success" stories. Othermill is a sobering example of how to actually succeed at this, but it's a success I'm not sure I'd wish on my worst enemy. (Mike from othermill is a good friend of mine and I have seen just how hard it can be to succeed.)

-andy

I was excited about this project and signed up as a backer. Then I read http://www.reddit.com/r/anonabox/comments/2ja22g/hi_im_august_germar_a_devel... and have reduced my contribution amount. Yes, I really like the idea of it this small device and what it does but at the same time I can see that it really *appears* that someone's allegedly selling on cheap hardware and applying a large markup. What an incredible testimony to the name of Tor though; the amount pledged with 27 days to go is approaching $500k ?!

What concerns me more is that a lot of less-knowledgeable folk might sign up to be an exit node using what is really a low-power, low bandwidth device. Not good.

I've since changed my pledge to $1 in recognition of the publicity, but I'll be setting up an Onion Pi and making a donation to Tor instead.

--- Peter T Garner, MBCS On the Road (iPad)

https://www.petergarner.net

On 15 Oct 2014, at 14:47, isis isis@torproject.org wrote:

Sven Reissmann transcribed 2.4K bytes:

...

Hi there,

I recently read about the anonbox project [1], a small hardware-router, which allows end-users to connect their whole LAN to the Tor network. The project is on kickstarter at the moment [2].

Has there already been a discussion on how this might affect the performance of the Tor network?

Yes and no.

One of the Anonabox developers, August Germar, posted to their kickstarter page that the distributed Anonaboxes would have a checkout option to be relays/bridges by default. [0] Colin Mahns responded to this, [1] pointing out some of my recent discussions with Mike Perry and others on the tor-dev list on scaling the Tor network. [2] [3] (And August Germar responded in their Reddit AMA. [4])

I agree with Colin that the Anonabox folks seem to be well-intentioned. However, the network effects, were these routers to be distributed, and were a majority of them to be configured as relays by default, would likely be harmful due to the low bandwidth of most residential connections.

That said, I think that everyone here would welcome the chance for a pocket-sized FLOSS router which enforces safe Tor usage. If that is their goal, and they are able to communicate honestly with users, I'd like to help them succeed. Particularly if it means someone else does hardware development, since that's not really my jam. :)

-- ♥Ⓐ isis agora lovecruft _________________________________________________________ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://blog.patternsinthevoid.net/isis.txt _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

On Fri, Oct 17, 2014 at 3:36 PM, Colin Mahns colinmahns@riseup.net wrote:

It looks like Kickstarter has suspended the project.

Some of this thread seems a bit silly. Tor does one thing, it anonymizes your IP address. These boxes push everything through that, which is generally exactly what you want... no leaks. So great, go sell a million of them.

But some of this thread bashes the boxes for doing simply that. I say NO. If you want a teacher to handhold and teach you anything safe beyond how to be an anon IP address (which Tor and boxen already provide) ... such as system administration, session management, how to actually be contextually, network, and datawise anon... go kickstart a companion book on that. Don't just bash the boxen about not including such a book if you are not also willing to write the book... as the boxen exist to sell 'IP address anonymizers', not books.

Chinese lookalikes, and best interaction with Tor network, are also separate subjects. To the latter which is relavent, Tor is becoming very popular, its fundamental design and ops need planned to be able to scale to many millions of clients, like yesterday perhaps.

Perhaps a more constructive approach is to help define what the golden standard for a true tor router should be at https://trac.torproject.org/projects/tor/wiki/doc/Torouter. There are a bunch of open tickets and design questions which need thought, research, and solutions.

If someone wants to take this golden standard and turn it into a shipping product, great. Best of luck. There is clearly a demand for it and more people willing to pay for something than to build their own.

Out of curiosity, has anyone reached out to the guys running the Kickstarter?

"Hey, I'm from the Tor Project and we noticed a few issues with your design, would you mind hopping on the mailing list so that we can help you work these out and provide a safer and more secure product to your customers?"

It's entirely possible that they are unaware of the lists or the issues with their design. I imagine if they care about their product and not just the possibly literal boat loads of money they are about to make, they'd be open to the idea.

Thank you, Derric Atzrott

On Thu, 16 Oct 2014 11:31:44 -0400 "Derric Atzrott" datzrott@alizeepathology.com wrote:

It's entirely possible that they are unaware of the lists or the issues with their design.

How is it possible for anyone planning to make a Tor router without being unaware of tor mailing lists? It looks like they were able to find PORTAL from grugq, compiled, and run it. I'm sure they know tor project mailing lists, but they do not bother to subscribe to exchange ideas.

Of course, it would be possible that they are unaware, but I'm really suspicious about it. And if they are, I'm sorry to say this but it's a shame.

Regards, Grace H.

Not everywhere does this, but coming from a Wikimedia background, I tend to Assume Good Faith [1] wherever possible. It appears that they were aware, so in this case it wasn't warranted, but I've found that assuming good faith tends to lead to significantly fewer disputes.

Forgot the link.

[1]: https://en.wikipedia.org/wiki/WP:AGF

On Thu, Oct 16, 2014 at 11:56:57AM -0700, Mike Perry wrote:

As a result of their claims not matching up to reality, I've been debating writing a blog post warning about the various issues with Anonabox

I think a blog post teaching people about the issues is a fine plan.

I was thinking something like:

- Many people keep wanting to build a magic anonymity box. And it's really appealing to not have to change your behavior or your application settings, and just magically get anonymity, so I can understand why the idea keeps popping up.

- Unfortunately, if you just route all your traffic through Tor, you're only solving half the problem: all the application-level issues remain. First this is a problem when you use your Chrome over Tor and then wonder how websites are able to recognize you anyway (remember all the protections that Tor Browser adds over vanilla Firefox). And second, as you say in your post here, it's a problem because of all the chatter that comes from background applications, update attempts, printer notifications, and so on that most systems do by default these days.

- To be fair, some expert users may still get a benefit from Torifying their traffic. For example, if they've already set up a firewall to block everything they don't want talking, and now they want to use an application that's hard to configure a proxy for. Or if they have thought deeply about their threat model and they don't want a lot of the anonymity properties that Tor aims to offer. But that user is very far from the target audience for these magic anonymity boxes.

- The best design we've been able to come up with is one that forces you to be using Tor on your side, and only allows your traffic through if it's coming from Tor. Making it use a proxy, or maybe even better a Tor bridge, that's running on the router seems a fine way to do this limiting. And we could also imagine running a captive portal website on the router that intercepts outgoing port 80 requests and teaches you what you need to do to use this network connection safely. Perhaps it has a local copy of Tor Browser for you (but how does the user know it's the real Tor Browser?), or perhaps it lets you reach https://www.torproject.org/ so you can fetch it yourself.

- This approach sure isn't as usable as the magic anonymity box. What a great research area! But be aware that people have been thinking about this issue for several years now, and don't get fooled by solutions that brush all the above details under the rug.

This may also be a good opportunity to point people at https://www.usenix.org/conference/foci14/workshop-program/presentation/edmun...

--Roger