anonabox: Surfing anonymously just got easier

By | October 14, 2014

This is a very interesting kickstarter project – because it solves one of the things that many geeks forget about: making secure and anonymous internet access accessible to your average idiot.

The anonabox is an open-hardware, open-source box that contains, more or less, a pre-configured Tor access point. That means, connect the anonabox between your router and your computer, (or for wireless users, connect to the anonabox wireless network and turn off your router’s wireless network) and you be surfing the internet over a secure, encrypted connection being sent over Tor.

Previously, using Tor involved installing and configuring some rather nerdy software, and blindly trusting that you didn’t forget some configuration option along the way. For an average internet user, that’s a world of difference in usability. Kudos to the anonabox team for solving their installation hurdle! Now, let’s see how much market entry will cost, and whether this will help to promote smarter, more secure internet usage.

/via +Danial Hallock

anonabox : a Tor hardware router
The anonabox is an open source embedded networking device designed specifically to run Tor. It’s 100% Open Source.

24 thoughts on “anonabox: Surfing anonymously just got easier

  1. T. Pascal

    One person's bad actor is another's legitimate need. LOL

    I get it, I really do. I just don't know if I want to support what someone else might do with it. And if I ever need it then I'll be the fastest jumper-oner ever.

    Reply
  2. Edward Morbius

    +T. Pascal In your bad-actor analysis: s/bad actor/legitimate need/. One reason I assert my right to pseudonymous online activity is to preserve that right for those who really and desperately need it.

    And that norm does seem to be shifting.

    Reply
  3. Chris Harpner

    Good points, but it makes it much harder for them and they're not going to get all of it AND no one smaller than the NSA can do that.

    Reply
  4. T. Pascal

    I don't work for the NSA and we figure out everyone within three or four URLs. Your requests have fingerprints in them all over the place. The IP is a +5. The fifteen tracking pixels are a +80.

    At t1, your home router sends out a small packet.

    At t2, a porn site responds to a Chrome browser in the Eastern time zone running ubuntu that has visited three other sites. The site sends a 1MB response with a fingerprint hash.

    At t3, your home router receives a 1MB file.

    The spooks know who you are and what you're doing. 🙁

    Reply
  5. Chris Harpner

    "Nobody cares what your IP address is"

    Um, yes. Yes they do. MANY people do. And in a BIG way and for MANY reasons. With your IP address, they can form a profile of your likes, your religion, your private health issues, your sexual desires, your political opinions, your friend and family connections, etc… etc…

    Government snoops LOVE that they can piece together everything about you by connecting all your web activity to your IP address. So can other hackers as well. The RIAA and MPAA love it too! And just because YOU may not download music or movies for free, your kids, visitors, or neighborhood hackers in your neighborhood might be, but it's YOU that gets your ass hauled off to court.

    Look. It's a pretty simple thing here. If you want a little more privacy than you have, this works. It's not going to stop everything, but it'll make it hard as heck for someone or some organization trying to put together profiles of your private life based on your web browsing. It's not 100% secure, doesn't claim to be, but it's more secure than not having it. It's not the whole security solution. It's one piece of it, just as a deadbolt on your front door is not the entire solution to your home protection, security, and privacy, but there's no reason to NOT have a deadbolt.

    Reply
  6. Danial Hallock

    Bypassing government firewalls, and helping other people bypass their governments' firewalls mostly. Beyond that, encryption and avoiding some basic-level adtracking.

    Reply
  7. T. Pascal

    Nobody cares what your IP address is. I've worked at several major online web service companies and in every case, we almost never cared about the IP other than raw logging.

    In one case, we reverse-engineered that several of our competitors (including Google) give your IP-to-identiy-causality a weighted score of 5 (out of 100).

    If you log in to Facebook, or buy something from Amazon, or log in to check your bank balance at the bank, or if you visit Google and (god forbid) sign in, they know who you are. I'm confused how this helps in any way.

    Reply
  8. Chris Harpner

    It also helps regular folks, like myself, that don't want our web surfing to be logged by ANY 3rd party, including the government.

    That's what a lot of people are missing here. It's simply the online equivalent of closing your blinds on your windows on your home. It's not that we're doing anything wrong, it's just that it's no one else's damned business. Short and simple. This box does that . It is NOT the end-all-be-all of total 100% security.

    Reply
  9. Gary Myers

    It won't help to secure your data on the cloud. It will help anyone who wants to leak or publicize stolen data without getting caught.

    Reply
  10. Francois Demers

    The question I do not see answered here (or asked for that matter) is "could this have saved Jennifer Lawrence?"
    +T. Pascal yes, if you live in a country with an oppressive regime and use this, you are a de facto bad actor. What happens when you multiply two negative numbers?

    Reply
  11. Sophie Wrobel

    +T. Pascal there is some discussion around the NSA having a not-so-insignificant role in the development and financing of Tor during certain phases of it's history. There are mixed opinions on its ability to 'break the onion' at the current moment, so to speak. However just because a particular agency may be able to decloak anonymized traffic doesn't mean that all companies should have a free pass to track our online activities.

    As +Gary Myers correctly points out, though, secure access is only half the problem. The other half is browsing practices, which is for most poeple still in facebook-cookie-accept mode. Sure, it has gotten easier with tools like disconnect.me and incognito browsing modes, but there is still a large gap in user education between where we are now – even with anonabox going a long way to help make anonymous internet more accessible – and a truly anonymous experience.

    I personally think that this privelege to access the internet anonymously is one that we need to protect, not just as a way for opressed groups to speak up, but also to ensure that citizens are not enslaved as marketing data generators and have a way to opt out of this undesired role (which will likely be more of an issue in the future with increasingly pervasive technology than the relatively harmless consequences today).

    Reply
  12. T. Pascal

    While I'm all for that, if your country has laws that restrict you from visiting certain sites, are you defacto a bad actor by visiting those sites?

    Reply
  13. Danial Hallock

    It isn't just about protecting you; buying into TOR enables people in oppressive regimes to access the open internet. Your anonymous browsing is great but you're also furthering the intellectual growth of impoverished nations.

    Reply
  14. T. Pascal

    What I mean by my last paragraph above is: "If only bad actors use Tor, then anyone on Tor is a bad actor. If one user on Tor is a bad actor and 99 are not bad actors, then the 99 cover for the one bad actor."

    Reply
  15. T. Pascal

    I'm not sure that anonymous browsing is really that important, especially to someone who isn't into "nerdy software". Maybe the husband who wants to view porn without the family knowing, but then the family will ask, "Daddy what is that box?"

    Truthfully, is Tor even that useful other than being a cover for bad actors? Do we want to help with that by making it "easier" to cover for their activities?

    Reply
  16. Gary Myers

    The problem is, without "nerdy software", the browser will still be responding to cookie requests, still be sending identifiable fingerprints, still be chatty about referrer headers…
    This will hide your IP address but achieve little else. On the down side, all those services you use that try to flag if your account is being unexpectedly accessed by an IP address in Russia or Pakistan will be rendered useless.

    Reply

Leave a Reply

Your email address will not be published.