A series of new, small devices may help people both protect their communications and remain anonymous online.
The new offerings marketed by Anonabox, each of which can easily fit in the palm of your hand, are essentially miniature routers that route all traffic from connected devices either through the Tor anonymizing network or via VPN to a VPN provider.
A site accessed by someone properly using an Anonabox device to connect to the internet would likely have severe difficulty determining the user’s identity or even location. Tor works by bouncing packets between numerous computers before they arrive at their final destination, with each node along the route unaware of anything about the communications other than what server was immediately before it along the way and which machine is next in line to receive it (for more on Tor please see this piece I did with Dina Gusovsky of CNBC).
VPNs work by making it appear to sites being accessed as if all communications from a device originated from the network of the VPN provider, not from the device or its network.
The Tor and VPN approaches each have their own advantages and drawbacks, but both deliver far greater privacy than simply using a typical internet connection.
Anonabox’s original launch suffered from controversy and security concerns. The new Anonabox offerings, however, have been produced by Sochule, a company which acquired Anonabox, fixed the security issues in the original offering, and improved the suite with three new variants that provide different degrees of functionality and security.
I tested both the original device (post security fix) and the new, top-of-the-line Pro model. Here are my initial, high-level comments–and don’t worry, in this column I won’t go into any gory technical details.
The original Anonabox is essentially a plug-and-play Wi-Fi access point and Tor router–I attached it via Ethernet cable to a standard router and the device created a Wi-Fi access point whose password was contained in the accompanying manual. Any devices that I connected to the Anonabox access point via Wi-Fi had their traffic to the internet routed over Tor, making it difficult for websites that I visited (using properly configured browsers with various strict privacy settings enabled) to know my identify or my location.
The Anonabox Pro adds not only more speed but many more capabilities. It can connect to the internet via Wi-Fi, not just by wired Ethernet, and allows for VPN capabilities in addition to Tor. It even allows setting up a Tor-based server and file sharing. Configuration was straightforward, but there are some issues to be aware of–most significantly that you must shut off the device’s Wi-Fi connection to the internet before powering down; if you don’t, you risk being unable to connect to the device other than through a wired connection upon the next power-up.
Besides providing anonymity, the Pro can also both isolate its users from other users on a public Wi-Fi network, as well as allow people to connect multiple devices to a public Wi-Fi network while appearing to the network as a single device.
While routing every packet through the Tor network obviously takes time and degrades the performance of an internet connection, both Anonabox models delivered decent performance. I was able to watch YouTube and other smaller sized videos with no noticeable problems; speed tests showed connection speeds ranging from about 1-megabit/second for both download and upload to 5.7-down and 4.7-up, over a connection that, without Tor, normally tests at about 24-down and 5-up.
It is important to understand that just because someone routes all of his or her traffic over Tor does not mean that he or she is untraceable. There is a reason, for example, that even many technologically knowledgeable people choose to use the Tor Browser Bundle, which comes equipped with a modified version of Firefox configured with add-ons to prevent various forms of application level tracking, such as canvas fingerprinting, a mechanism by which webservers can identify devices based on their display properties.
Obviously, if someone logs into systems over Tor or allows sites to install and check cookies, he or she is easily trackable. So anyone using the Anonabox series should keep in mind that user behavior can easily undermine any anonymizing that Tor performs.
Of course, using the Anonabox does provide some major advantages over software-based implementations, with perhaps the most important being that people can offload the Tor-related processing from the devices doing the communicating–something especially important in the case of smartphones and other devices with limited processing power and storage space. A single Anonabox device can also handle simultaneous Tor processing for multiple computers, smartphones, and tablets.
The Anonabox series of devices also includes a model called the Fawkes (named after Guy Fawkes, who has become the symbol of both the hacker consortium Anonymous and various other groups opposing government surveillance), which offers the features of the original Anonabox along with some additional add-ons, such as an administrative interface. The final model is called the Tunneler, which offers strictly the VPN service but not Tor. The devices retail for between $79.99 and $119.99.