Probably it's useful to put the kickstarter link:
https://www.kickstarter.com/projects/1227374637/cloak, I would say that
the presentation is less "marketing oriented" than the anonaflop, after
a quick look, maybe the look of the box and its size does not appear
obvious to the potential pledgers.
And probably you know already the drawdbacks of such approach, so from
my standpoint some minimal rules should be added not to fool the users
but this will make the device less interesting for them, like: only
allow https traffic, do not run Tor over Tor (ie if the user is using
the Tor Browser then set the proxy to the box), only allow Tor Browser
FF, etc
But that's not my point, can such device run nodejs and did you ever try
it/compare it with the traditional approach? The interest is that nodejs
packages/apps are much more light than usual C/C++ packages, as
efficient or more, especially on such configurations probably.
Potential applications (among tons of possible ones) see the links
below: node-Tor (Cloak with a much smaller package), Peersm
clients/bridges [1] (permanent background processes in the box, like
bittorrent clients in ISP boxes), torrent-live (find/block/track
monitoring spies + maintain a real time blocklist bittorrent client)
Regards,
[1] https://github.com/Ayms/node-Tor/tree/master/install
--
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
Le 01/11/2014 10:09, Lars Boegild Thomsen a écrit :
Hi Everybody,
As some of you may have noticed, a new Tor Router project called Cloak was just
launched on Kickstarter. In the wake of the Anonabox roller coaster, I would
like to present our own justification for the Cloak project, and a bit of
background. Please accept my apology if this comes across as a shameless plug.
That is not my intention. We - the team behind Cloak - and me (the networking
and embedded Linux guy in the team) are genuinely concerned about privacy and
we really would like this product to be what the TorRouter never became and the
main reason to post this here is to - hopefully - provoke an interesting
exchange of opinions about products such as this.
<rant>
For us, the idea of Cloak actually started about 9 month back. Adrian (who is
the guy backing this project on Kickstarter) came up with the idea and I (the
guy who was working with embedded Linux systems in general) furiously
maintained that it was an idiotic idea and that it couldn't be done. As things
goes, Adrian finally manage to wear me down and I actually decided to give it a
shot. At that time I was messing around with a cheap Wireless router module out
of China called Oolite (this is funnily enough the EXACT same module that
Anonabox claimed to have developed themselves - their prototype 2 which is a
standard dev board from a company called Gainstrong). This particular module
have 16 MB of Flash and 64 MB of RAM and much to my surprise Tor actually
performed quite well on it. The result of these experiments - which dates back
to around February or so - was 1: That I have been running Tor on my own home
gateway ever since and 2: That I managed to port OpenWrt to the Oolite module
(and got that included in OpenWrt trunk). At that time the Tor Gateway/Router
got on a bit of a back burner since real life took over for a while. The day
job being that we actually develop smart Internet of Things modules - both
hard- and software.
About a month ago the Tor Router idea (which at some point had been dubbed
Cloak) resurfaced as a potential kickstarter idea. The reason was that in the
past 6 month we had actually developed quite a lot of experience with design
and manufacture of the Internet of Things modules and all of a sudden it no
longer seemed impossible to actually manufacture hardware for a Tor Router. We
threw together a project plan and decided to launch around November/December.
In comes Anonabox. At first read it was quite a shock to be beaten by a small
margin and of course a huge disappointment as the project got immensely popular
very fast. Reading through the Kickstarter page and the web-site I did notice
two things:
1. The lie about the hardware (since I had a 9 month old Oolite module)
2. The complete lack of his so-called Open Source software posted (only a bunch
of config files that looked pretty standard to me apart from the hardcoded
passwords)
But in general I didn't really think much about these issues and I actually
felt the guy had pretty much done what we had been planning for a while and
that in principle it was OK.
When Anonabox was suspended on Kickstarter, we realised that we simply had to
get this posted immediately but of course be very aware not to repeat any of
the mistakes made by the earlier attempt.
The first step was to isolate the Tor/Cloak related stuff from my internal
source tree and actually put a builtable source online on Github. That is
currently available here: https://github.com/ReclaimYourPrivacy.
Second step was to document the hardware development to convince everybody
(hopefully) that we _are_ actually capable of having a device such as this
manufactured at a competitive price. Most of that documentation went on our
web-site (https://reclaim-your-privacy.com) and schematics/PCB design on Github
(same url as before).
I had already (9 month back) come up with some sensible firewall rules that
would pretty much force all TCP traffic through Tor and since I had been
running it for 9 month it was at that time fairly well tested (including Tor on
hardware similar to our own). One thing that was missing was to create an
OpenWrt build that would start up with sensible defaults everywhere.
One problem which Anonabox was criticised for was his hardcoded root password
and WiFi keys. I agree with that criticism completely because most people who
would be interested in a device such as this would never change their default
password. Fortunately we had a quite elegant solution to this problem. Since we
plan to produce these modules, firmware can and will be loaded in the factory
as part of the production process (actually it happens during the
semi-automated test after board assembly) and at that time we could generate a
random root password and WiFi key, flash that to a small dedicated R/O
partition on the flash, print it on a label attached to the box (along with
Serial number and MAC address). That way each device will have a default
password, but nobody except the owner of the device will know it.
</rant>
Phew that was a relatively long rant and I apologize if I have caused extreme
boredom. I can however now, that I have explained the background, come to the
questions which is the primary reason for me writing here.
First of all, I would like to hear more opinions about the value of a device such as this. I
realize that most technically adept people will frown on a a "toy" such as the Cloak, but
this device is really not meant for anybody who can install the Tor software on their own or
someone who can install Tor on a Rasberry Pi. It is meant for my parents, my kids or anyone else
who - deserve privacy but might not be technically able to achieve it. I fully understand and
appreciate that a Tor Router such as Cloak will NEVER in itself be able to provide any form of
anonymity or security. It is merely a tool that if used correctly can help enforce a certain level
of privacy (the newly introduced or discussed Australian data retention laws spring to mind and I
am certain other countries are introducing the same laws). A secondary justification are devices
which does not support Tor. I've got a Media player in my house and that does "phone
home" every single time I play a movie on it and there is no way I could possibly install Tor
on it. With Cloak and NO login - that is fairly anonymous.
Second of all I would sincerely like a discussion about the firewall rules and
other security or usability issues with a device as this. The source is on
Github for everybody to check and I will be happy to discuss any technical
aspect and appreciate any constructive criticism. I am of course also happy to
respond to any questions thrown in my direction.
//Lars Bøgild Thomsen
--
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
