The issue of privacy has become increasingly prevalent and personal. And the average person has no real idea how to cope with intrusion to their personal lives. Droves of entrepreneurs are peddling ways to change that, promising gateways, routers and email encryptors to combat privacy invasion.
In October 2014, one such product hit Kickstarter offering clarity and convenience to the average internet surfer. The Anonabox product was a small router that had what’s called the Tor network software, integrated into the system.
For those that use Tor, it is typically through a Tor-based browser. For those unfamiliar with Tor or why they should care, here is a beginner’s guide. Essentially, it routes your traffic between multiple servers between the requesting computer and the destination computer so that you can’t tell where the request came from on the destination computer. Thus, your traffic is basically hidden.
The Anonabox campaign was intended to raise a modest $7,500; within five days it had generated over $600,000 in backers. Without warning, Kickstarter removed the project claiming a violation of their terms of service, but it did not disclose what that precise violation was.
A lot of noise was made about Anonabox during that shutdown, with traffic on Reddit aiming to discredit both the product and founder August Germar. Accusations flew that it wasn’t a real product, didn’t work at all, was stolen and a variety of other nastiness. Germar said, "After initially attacking the project, the aim of aggression was then pointed towards me personally. At some point it became pure disinformation."
A year later, Anonabox is back, still aiming to make anonymous browsing easy for the everyday web surfer. The product, purchased by Sochule, Inc., a recognized web/mobile development and strategic acquisition firm company, was revealed at SXSW in March 2015. Sochule has taken the original Anonabox and made revisions to address suggestions, requests and audits from the IT security community.
The original device has been renamed to “The Original” to distinguish it from the subsequent devices that incorporate VPN and/or WIFI functionality. It is a simple-to-use, plug-and-play unit with no software required. This is fabulous for when you’re on the go, and especially for anyone that is in a “hotspot” around the world, like journalists, who are trying to get information out and don’t want to be tracked.
Various agencies are likely not happy about these types of devices, certainly Sochule’s competitors aren’t. A deluge of fear, uncertainty and doubt (FUD) has been floating around to discredit Anonabox – even coming from respected outlets like Wired and ZDNet. But all they did was regurgitate the same rumors without doing any digging on their own. Those against Anonabox and similar technologies have a vested interest in either selling software that can snoop on you, or actually snooping on you. These emails found on Wikileaks from the discredited “Hacking Team” are pretty damning.
Recently, Sochule partnered with Ingram Micro for global distribution of their products. As part of their ongoing growth and proof of legitimacy, Sochule partnered with legendary hacker/phone “phreaker” John Draper aka “Captain Crunch” to review all their new products before they go to market.
Over the course of nine years, I have done about 100 product reviews, so I wanted to validate the product for myself.
This might be the simplest and most bulletproof piece of hardware we’ve ever installed. The device is 2.5” x 1.75” big with a network plug on each end and a mini-usb plug on one end to be used for power with the included USB cable. You will need an open USB port on your computer or a wall adapter to power the unit.
There is a colored LED on the device to indicate status. When powered on, it takes a couple minutes for the device to get the various software up and connected, but running a web browser after that and testing that we had a Tor connection showed that we did. Testing on another computer in the network to make sure it was isolated, since we connected to a single PC, showed that other computers were not connected. This was our desired result.
The next step was to plug the Anonabox between our router and modem to see if it would be everyone on our network on a Tor connection, and it did. Once again, very simple.
Finally, we tested the Wifi connection. This was a bit more work simply because the password is so long and mixed. This makes it more secure, of course, just not as simple. There doesn’t seem to be any way to get to the configuration on the device through a web page like you would with a router, and no way to change that password. It’s probably for the best on a general public product, as you’d likely end up compromising the security if you don’t really know what you’re doing.
Earlier I mentioned the additional products – one, the Fawkes, is a higher-end version of The Original, in that you are able to change the password and SSID as well as an admin interface. There are some cool Wifi capabilities, too. This would be for someone who knows what they are doing and is comfortable in modifying those parameters.
Then we have the Tunneler which is a configurable password-protected VPN router that includes a Wifi uplink, HMA! VPN Pro service (HMA = HideMyAss.com, a popular VPN service) and features an admin interface.
Finally, we have the top-of-the-line Anonabox PRO, which features an upgraded CPU, RAM and Flash, a USB port for file sharing, as well as VPN capabilities, admin interface and Wifi uplink with range extender. This product is basically all the best features of Fawkes, Tunneler and The Original rolled up into one.
Anonabox is real. It works, and it is impressive in its simplicity and effectiveness.