What if all your internet data could be encrypted and anonymous, albeit transferred a little slower through the Tor network, thanks to a very affordable router? That’s the claim Anonabox are making — but after being suspended from Kickstarter and coming under heavy criticism from the infosec community, it might be better to hold out for something else.
We recently reported on the Anonabox, which uses Tor’s network of computers across the globe to bounce your data around so much no one can tell where it came from.
However, doubt surrounds both the device and its maker, August Germar. The Anonabox’s first iteration on Kickstarter featured off-the-shelf hardware, photoshopped images of the device, and backdoors in the software. Since its Kickstarter page claimed the Anonabox was made 100% open source, it was suspended from the crowdfunding site for false claims.
Then, there’s the claim that all traffic using the router is secure, despite it using an unencrypted wireless network before data reached Tor. That sort of belief is potentially worse than scamming someone out of $US51 — it’s dangerous.
Now on Indiegogo, the Anonabox returns with a supposed custom circuit board, a “hardened” version of its OS, and a “more secure” version of Tor, whatever that means. There may come a time when anonymising internet activity is this easy, but the Anonabox isn’t that magic solution.
Germar has also claimed to be a forum volunteer over at the Tor support forum, and an admin of the Tor LinkedIn page. But no one has been able to find his contributions to the forum, and the page has been confirmed to be unofficial. They say never assume evil intent when things can be explained with incompetence, but it certainly has all the indications of someone trying to take advantage of NSA paranoia with claims of “complete” security.
However, even if these flags turn out to be no big deal, or simple misunderstandings, it’s rather a good thing that the infosec community is holding a novelty-sized ACME microscope over this guy. That’s the nature of open source security, after all — constant, harsh peer review.
The Anonabox seems to have already passed its Indiegogo goal (Indiegogoal?), but if it seems too risky for you, there’s also the Onion Pi.