dslreports logo
 story category
Controversial Anonabox Back With IndieGogo Campaign

Less than a month after a controversial anonymizing router named anonabox was suspended from Kickstarter for a misleading promotional campaign, it appears to have popped back up over at Indiegogo. DailyDot notes that the router has already raised nearly $16,000 on Indiegogo, the new promotion rather ambiguously stating the pulled kickstarter campaign received ample "scrutiny and criticism." The developers say they've learned from the original effort and have made a number of changes to the Tor-powered router:

quote:
• All new totally custom circuit board avalable nowhere else in the world

• Redesigned outer case and smaller form factor (images of the new case will be posted in the updates!)

• Hardened version of OpenWrt the Open Source Operating system,

• Latest version of Tor software and more secure configuration.

• Automatic updates of Tor software (no need to configure!)
The original campaign contained a number of claims that the device was a very unique and secure prototype, despite the fact it appeared to be a copy of an existing $20 router with some very standard off-the-shelf Chinese parts.
view:
topics flat nest 

scammed
@50.182.138.x

scammed

Anon

Paranoid security types being scammed

I find it kind of interesting that people who are paranoid about anonymity are getting scammed. These are basically distrustful people trusting their money to a scam artist.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: Paranoid security types being scammed

said by scammed :

I find it kind of interesting that people who are paranoid about anonymity are getting scammed. These are basically distrustful people trusting their money to a scam artist.

You miss the bigger point that there is a market here for legitimate privacy solutions. Before Snowden people could keep their blinders on and sleep walk. Now that everyone knows what is going on they recognize that there is an important risk that needs to be addressed as soon as possible.

JMHO

StuartMW
Premium Member
join:2000-08-06

StuartMW

Premium Member

Re: Paranoid security types being scammed

said by coldmoon:

Before Snowden people could keep their blinders on and sleep walk.

Yup and many still do.

The bottom line with all technology is that you have to take the time to learn what's what. If you just want to buy a box to "fix all the issues" you'll be scammed.

For some reason a great many people believe they can remain ignorant of all the technology they use yet everything will work out for the best. Some have rethought that but many haven't or will. That's their problem of course.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: Paranoid security types being scammed

quote:
The bottom line with all technology is that you have to take the time to learn what's what. If you just want to buy a box to "fix all the issues" you'll be scammed.
True, but those of us paying attention and in the space already have a good idea what's what. There will be more revelations to be sure that will increase the clarity of the overall picture, but at a basic level we already know the general risks that need to be addressed in the short term and what needs to be developed in the long term - otherwise, the talking heads from the intelligence and justice worlds would not be panicking the way they are right now.
quote:
For some reason a great many people believe they can remain ignorant of all the technology they use yet everything will work out for the best
This is an important failure point in the privacy and security space that needs to be corrected. It is not as critical as you think that the average user be able to technically describe and detail why and how their car works, rather that they can point to it and say it has been reliable and does exactly what it is supposed to do and when it does not, they have resources they can call on to fix the issues quickly.

There is a market for applications and devices that will work straight out of the box with simplified alerts to let the user know there is a problem that needs to be fixed or investigated without getting too far into the weeds for that user to understand.

The down side to having a device that has two simple controls of off/on only is that the underlying structure needs to be extremely complex. Where the developers in this story have failed is that they play on this to try and make the "idiot-in-a-hurry" believe that they have indeed created that complex structure when all they did was cobble together components based on pretty standard privacy tools discussed in the average technical discussion threads you can find all over the net.

While this effort is a running gag, it does not change the fact that there IS a market out there for the real thing...

StuartMW
Premium Member
join:2000-08-06

StuartMW

Premium Member

Re: Paranoid security types being scammed

said by coldmoon:

It is not as critical as you think that the average user be able to technically describe and detail why and how their car works...

That is true but internet use has a lot more privacy/security implications than a car does (assuming it doesn't have On*Star etc).

The internet is rapidly becoming SkyNet although not in the sense of machines taking over the human race. Humans are using it to influence/control other humans ("the masses").

OldCableGuy3
@207.191.193.x

1 recommendation

OldCableGuy3 to coldmoon

Anon

to coldmoon
Security and ease of use are on opposite ends of the spectrum. If something is easy to use, it is not secure. Security requires manual configuration, every time. Security requires manual key exchanges, every time. Plugging in a box and hoping for security is nothing more than a pipe dream.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: Paranoid security types being scammed

said by OldCableGuy3 :

Security and ease of use are on opposite ends of the spectrum. If something is easy to use, it is not secure. Security requires manual configuration, every time. Security requires manual key exchanges, every time. Plugging in a box and hoping for security is nothing more than a pipe dream.

No, it is a goal that can be achieved with sufficient effort and innovation. This does not mean that the end user does not have some part in the whole, but the more you can mitigate the pebkac issues, the better the system will be in the long run.

As I said however, getting to a point of maximum simplicity DOES have a large number of serious and not inconsequential challenges at many levels. This does not mean that the effort is a wild goose chase by any means and the "efforts" of the group in this story do little to move us forward...

OldCableGuy3
@207.191.193.x

OldCableGuy3

Anon

Re: Paranoid security types being scammed

Nope. BZZZZT. Sorry but easy security is an oxymoron. It can't be done and it is a goose chase. Easy or secure, pick one; can't be both. Anyone who claims it can be is selling snake oil. Ask Home Depot, Target, etc. how "easy security" worked out for them.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: Paranoid security types being scammed

said by OldCableGuy3 :

Sorry but easy security is an oxymoron

I said nothing about "easy" security; my commentary was about making security as simple as possible which is actually quite hard to achieve. The key is which end of the process, development or use, is where the the most effort is required to pull it off...

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

1 recommendation

ArrayList to coldmoon

Premium Member

to coldmoon
said by coldmoon:

Before Snowden people could keep their blinders on and sleep walk.

Still don't believe a word of what he said. I worked in the Federal Government for 18 years, I strongly doubt anything as elaborate as what Snowden said is true. To a smaller degree, sure I can buy that. But he has to be overinflating the story.

coldmoon
Premium Member
join:2002-02-04
Fulton, NY

coldmoon

Premium Member

Re: Paranoid security types being scammed

said by ArrayList:

said by coldmoon:

Before Snowden people could keep their blinders on and sleep walk.

Still don't believe a word of what he said. I worked in the Federal Government for 18 years, I strongly doubt anything as elaborate as what Snowden said is true. To a smaller degree, sure I can buy that. But he has to be overinflating the story.

Not to get into a political discussion I hope, but you have to take into account our overreaction to 911 and the fact that part of this was, as Cheney said, "take[ing] the gloves off". What that did was to open a free flowing spigot of money to the intelligence services who then took the ball and ran it out of the stadium while the referees covered their eyes.

Don't be blind to the fact that the Government, given any increased power to do anything, will not only aggressively resist the curtailing of said power, but will then take off on a classical taco cycle where the new increase is regarded as the new base point. You fuel that cycle with unlimited amounts of money, deregulation, blind mice supervision, and you will get things you did not anticipate...
clone (banned)
join:2000-12-11
Portage, IN

clone (banned) to ArrayList

Member

to ArrayList
said by ArrayList:

I worked in the Federal Government for 18 years

So working for the government somehow makes you privy to all top secret and higher projects?

Anyone who has ever worked in these types of roles are well aware that you are only given exactly enough information as you need to perform a specific duty. In many cases you don't even know why you do what you do, just that it's your job and you do it.

There may be some embellishment in Snowden's leaks, but I'd say that's just sensationalist media trying to keep a story in the spotlight. I'd venture to guess that it's probably much worse than even Snowden's documents showed.

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList

Premium Member

Re: Paranoid security types being scammed

said by clone:

There may be some embellishment in Snowden's leaks, but I'd say that's just sensationalist media trying to keep a story in the spotlight. I'd venture to guess that it's probably much worse than even Snowden's documents showed.

Based on what?

Snowden is the only one to verify his documents. The government won't respond for obvious reasons. Responding in either way is bad security policy.
TechnoGeek
join:2013-01-07

TechnoGeek

Member

Re: Paranoid security types being scammed

Based on what usually happens in these kinds of circumstances: it is almost always worse.

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList

Premium Member

Re: Paranoid security types being scammed

Without proof that is considered paranoid delusions.
cramer
Premium Member
join:2007-04-10
Raleigh, NC

cramer to clone

Premium Member

to clone
Anyone "in the know" would be director level or higher. You don't find those people running their mouth on internet forums. (they're too busy playing golf and riding around in limo's.)
dfxmatt
join:2007-08-21
Crystal Lake, IL

dfxmatt to scammed

Member

to scammed
Which is why anonabox is on indiegogo. Indiegogo doesn't fact check even if people make a lot of noise, and anyone who puts in any money at all doesn't get it back. Gone immediately. Kickstarter only takes money when something is funded. This is why indiegogo is used to scam.
Dodge
Premium Member
join:2002-11-27

Dodge

Premium Member

Total scam

From their description :

"Turns out, most of the people who saw it just wanted the device, but we got a lot of input from developers and the Open Source community as well. "

Translation: "We got a new a-hole ripped, and now moved this scam over to a new site. Wouldn't trust these people to have anything to do with security.
Chubbysumo
join:2009-12-01
Duluth, MN
Ubee E31U2V1
(Software) pfSense
Netgear WNR3500L

Chubbysumo

Member

Re: Total scam

said by Dodge:

Wouldn't trust these people to have anything to do with security.

exactly my own thoughts. They tried this scam once, and have posted their old pictures and devices, as well as zero internals? They just are trying the same thing. The sad part is that there is a market for these, but this is not the product to fill that market.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned) to Dodge

Member

to Dodge
Any one who trusts this thing are idiots. This sucker could be little more than a torified bit of custom hardware chock full of data steeling programming. Hardware based spyware for their win.

How ever more likely is it is nothing more than a take the money and run scam. They will get funded then disappear. Truth is there are only a small number of kick starter type projects i would ever stick money in. Those are from people who i know to some degree or another. It is why i have not started my own KS project to get my tablet idea off the ground and running full speed ahead. My plan is to yes use kick starter but only after i have a few decently put together prototypes i can send to various people from say xda or other android forums. Reason is simple trust. If i send say 5 units to 5 long time forum members and places along the lines of ifixit for a example people will then know im no scam artist looking to take the money and run and that i am some one who is serious about what he wants to accomplish.

These guys with this tor router are a joke and possibly scamers. Truth is they are not even skilled in scamming. You can bet money that kick starter etc all are filled with scams and they get away with it. These guys got nailed for it.
iolaire
join:2001-06-29
Arlington, VA

iolaire

Member

avalable!

Ok, I'm a bad speller, but to start a campaign without basic spell check? As in "avalable", windows will not even let me spell that word...

tshirt
Premium Member
join:2004-07-11
Snohomish, WA

tshirt

Premium Member

Re: avalable!

said by iolaire:

As in "avalable", windows will not even let me spell that word...

Open source/"free" spell check, you get what you pay for
tshirt

tshirt

Premium Member

Why do they...

...even show the old case, IF the new design (bottom of the page) is set in stone?
Again, I think they are pushing ahead too fast ( maybe to hit the xmas market?)
when even a few days could add clarity (if that is the goal?)
Chubbysumo
join:2009-12-01
Duluth, MN
Ubee E31U2V1
(Software) pfSense
Netgear WNR3500L

Chubbysumo

Member

Re: Why do they...

said by tshirt:

...even show the old case, IF the new design (bottom of the page) is set in stone?

That thing at the bottom of the page is a render, not even a physical product. They worked really hard in PS to make it look real though.

tshirt
Premium Member
join:2004-07-11
Snohomish, WA

tshirt

Premium Member

Re: Why do they...

said by Chubbysumo:

That thing at the bottom of the page is a render, not even a physical product. They worked really hard in PS to make it look real though.

The thing is you can have a 3d printed prototype in your hand in a day or 2 anywhere in the world, in hours in most major cities (and is part of a sensible product development design process before mass production)
You would think shedding the baggage of the previous imagery and failed fundraising would be a no-brainer. (pretty sure if this one doesn't fly, NOBODY will ever trust this guy again.)
dfxmatt
join:2007-08-21
Crystal Lake, IL

dfxmatt

Member

Re: Why do they...

The product is a scam and never wasn't. Indiegogo is a hub for scamming, whereas kickstarter people tend to be more vigilant (and aren't forced to give their money out upfront).

SimbaSeven
I Void Warranties
join:2003-03-24
Billings, MT
·StarLink

2 edits

SimbaSeven

Member

Like they say..

There's a sucker born every second.

..and a "hardened version of OpenWrt"? Uh, what version IS NOT?
..and "Automatic updates of Tor software"? Yep, so a possible backdoor. So much for security.

Plus, building OpenWrt is trivial. I was really surprised how freakin' easy it was. I have it running on a WRT110 (12.09) that was abandoned by others. It runs decent, but it doesn't lock up at random anymore.

I'm tempted on throwing it on other routers and APs later on.

EDIT: Hey, I have an idea. I could sell rebadged WNDR4000's with OpenWrt 14.07 and Tor on them. Have the world's first Dual Band 802.11a/b/g/n ultra-secure router. The price tag? $300/each. I'd make a killing.

w0g
o.O
join:2001-08-30
Springfield, OR

w0g

Member

Re: Like they say..

Well the world is actually like that. Everyone is reselling someone else's stuff, hardware and software in electronics, typically stuff they don't make themselves. Like router hardware consists exclusively of a chip set w/ CPU made by ARM, and some radios and DSPs or whatever else added. Usually sold by one of a few corporations like Broadcom, Aethoros, Intel, or Qualcomm. The software will be Linux, with Apache or other varient of HTTP daemon, iptables for firewall, TOR, etc. The most custom thing ? The logo on the box, that is it. Doesn't matter who you are dealing with whether it is a Kick starter group, Linksys, Buffalo Tech, NetGear, Apple, Motorola, etc.

Sure there are sometimes some performance and quality differences but I am not sure those differences are always that great.

It turns ns out there are also only so many technology manufactures and everyone else just reuses their stuff. Also Apple products aren't even made by Apple, Foxconn does it. Dell doesn't make their staff either, nor does HP, usually for like their laptops and stuff anyway, someone else designs and markets it to HP and Dell, one of a few companies that make designs and resells their stuff under other brands.

LCDs? Also all made by a few companies .. Usually LG, Samsung, Sharp, other companies take these panels and put them in their products / monitors / TVs / laptops with their brand on it.

I have no doubt that this Tor box will come to the market , but the question is .. Why don't people just do as you suggested, buy any router that supports custom firmware like OpenWRT or DD-WRT and install it themselves?

SimbaSeven
I Void Warranties
join:2003-03-24
Billings, MT
·StarLink

SimbaSeven

Member

Re: Like they say..

said by w0g:

I have no doubt that this Tor box will come to the market , but the question is .. Why don't people just do as you suggested, buy any router that supports custom firmware like OpenWRT or DD-WRT and install it themselves?

Well, it could be:

1. Laziness
2. Uneducated
3. The ones that believe anything you tell them

I'm aiming towards all three. They don't do actual research (which fits into laziness and uneducated) and they believe anything that says "Ultra Secure" and "Anonymous" in it.

..which then fits them into the dumbass category if they expect their access to be secure. No auditing for back doors? Automatic updates that could open security holes?

If you want to be truly secure, buy a good wireless router with a decent amount of memory and flash storage and is capable of running OpenWrt or dd-wrt. Then roll your own. Unfortunately, people fall into #1 all the time in this area.