Delivery-Date: Sat, 01 Nov 2014 05:19:43 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 8A8F81E02B9;
	Sat,  1 Nov 2014 05:19:41 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E25AC314F2;
	Sat,  1 Nov 2014 09:19:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 305843108B
 for <tor-talk@lists.torproject.org>; Sat,  1 Nov 2014 09:19:34 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id yJHtMc0sEGae for <tor-talk@lists.torproject.org>;
 Sat,  1 Nov 2014 09:19:34 +0000 (UTC)
X-Greylist: delayed 573 seconds by postgrey-1.34 at eugeni;
 Sat, 01 Nov 2014 09:19:33 UTC
Received: from s2.netcompartner.com (s2.netcompartner.com [80.86.85.53])
 by eugeni.torproject.org (Postfix) with ESMTP id D895931087
 for <tor-talk@lists.torproject.org>; Sat,  1 Nov 2014 09:19:33 +0000 (UTC)
Received: from ncpws04.localnet (ncpws04.netcompartner.com
 [IPv6:2001:470:ec48:0:e2cb:4eff:fe3e:11c6])
 by s2.netcompartner.com (Postfix) with ESMTPSA id C4647C052E
 for <tor-talk@lists.torproject.org>; Sat,  1 Nov 2014 10:09:34 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
 d=reclaim-your-privacy.com; s=2014; t=1414832975;
 bh=n/oDCQ5QbYJ45oyFxCQZiYWwMuckONq9pRXI8z9q1Lo=;
 h=From:To:Subject:Date:From;
 b=UJqv12n3++WzxxTUygKESwwgR7vP+IQrcH9OIqyZqTSmiCHCHyLZi8CvGEuZUa1XY
 TQgZ5k8FpK40qAMhbwnxa3nPfhN0I+1ritWjdYkWJajqHAaZpscCuxwPu10FqLIuS+
 eH1GgWYWha1Ks2aU+FAZsHEC2elWMUA76ipEPS4gQE3uN8XgoybT4Xlavkmj0XvHMI
 lnlX4k0nM7MB+bS1bDaUrW2dukdwQlx8w1QyApNEm6MShNJjCvl3keIUGo8lPg4CRE
 XWFXVqQBcXWjwK/hFhviK3GwdtbxNny7PvM1QSVcL255qFmqd5T6I6UcpiuAMmfrpv
 ix8dRKw3wTEXQ==
From: Lars Boegild Thomsen <lth@reclaim-your-privacy.com>
To: tor-talk@lists.torproject.org
Date: Sat, 01 Nov 2014 17:09:31 +0800
Message-ID: <7488606.2oxgLGVBPl@ncpws04>
Organization: Reclaim Your Privacy
User-Agent: KMail/4.14.1 (Linux/3.16-3-amd64; KDE/4.14.1; x86_64; ; )
MIME-Version: 1.0
Subject: [tor-talk] Cloak Tor Router
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Everybody, =


As some of you may have noticed, a new Tor Router project called Cloak was =
just launched on Kickstarter. In the wake of the Anonabox roller coaster, I=
 would like to present our own justification for the Cloak project, and a b=
it of background. Please accept my apology if this comes across as a shamel=
ess plug. That is not my intention. We - the team behind Cloak - and me (th=
e networking and embedded Linux guy in the team) are genuinely concerned ab=
out privacy and we really would like this product to be what the TorRouter =
never became and the main reason to post this here is to - hopefully - prov=
oke an interesting exchange of opinions about products such as this. =


<rant>
For us, the idea of Cloak actually started about 9 month back. Adrian (who =
is the guy backing this project on Kickstarter) came up with the idea and I=
 (the guy who was working with embedded Linux systems in general) furiously=
 maintained that it was an idiotic idea and that it couldn't be done. As th=
ings goes, Adrian finally manage to wear me down and I actually decided to =
give it a shot. At that time I was messing around with a cheap Wireless rou=
ter module out of China called Oolite (this is funnily enough the EXACT sam=
e module that Anonabox claimed to have developed themselves - their prototy=
pe 2 which is a standard dev board from a company called Gainstrong). This =
particular module have 16 MB of Flash and 64 MB of RAM and much to my surpr=
ise Tor actually performed quite well on it. The result of these experiment=
s - which dates back to around February or so - was 1: That I have been run=
ning Tor on my own home gateway ever since and 2: That I managed to port Op=
enWrt to the Oolite module (and got that included in OpenWrt trunk). At tha=
t time the Tor Gateway/Router got on a bit of a back burner since real life=
 took over for a while. The day job being that we actually develop smart In=
ternet of Things modules - both hard- and software.

About a month ago the Tor Router idea (which at some point had been dubbed =
Cloak) resurfaced as a potential kickstarter idea. The reason was that in t=
he past 6 month we had actually developed quite a lot of experience with de=
sign and manufacture of the Internet of Things modules and all of a sudden =
it no longer seemed impossible to actually manufacture hardware for a Tor R=
outer. We threw together a project plan and decided to launch around Novemb=
er/December.

In comes Anonabox. At first read it was quite a shock to be beaten by a sma=
ll margin and of course a huge disappointment as the project got immensely =
popular very fast. Reading through the Kickstarter page and the web-site I =
did notice two things:

1. The lie about the hardware (since I had a 9 month old Oolite module)
2. The complete lack of his so-called Open Source software posted (only a b=
unch of config files that looked pretty standard to me apart from the hardc=
oded passwords)

But in general I didn't really think much about these issues and I actually=
 felt the guy had pretty much done what we had been planning for a while an=
d that in principle it was OK.

When Anonabox was suspended on Kickstarter, we realised that we simply had =
to get this posted immediately but of course be very aware not to repeat an=
y of the mistakes made by the earlier attempt.

The first step was to isolate the Tor/Cloak related stuff from my internal =
source tree and actually put a builtable source online on Github. That is c=
urrently available here: https://github.com/ReclaimYourPrivacy.

Second step was to document the hardware development to convince everybody =
(hopefully) that we _are_ actually capable of having a device such as this =
manufactured at a competitive price. Most of that documentation went on our=
 web-site (https://reclaim-your-privacy.com) and schematics/PCB design on G=
ithub (same url as before).

I had already (9 month back) come up with some sensible firewall rules that=
 would pretty much force all TCP traffic through Tor and since I had been r=
unning it for 9 month it was at that time fairly well tested (including Tor=
 on hardware similar to our own). One thing that was missing was to create =
an OpenWrt build that would start up with sensible defaults everywhere.

One problem which Anonabox was criticised for was his hardcoded root passwo=
rd and WiFi keys. I agree with that criticism completely because most peopl=
e who would be interested in a device such as this would never change their=
 default password. Fortunately we had a quite elegant solution to this prob=
lem. Since we plan to produce these modules, firmware can and will be loade=
d in the factory as part of the production process (actually it happens dur=
ing the semi-automated test after board assembly) and at that time we could=
 generate a random root password and WiFi key, flash that to a small dedica=
ted R/O partition on the flash, print it on a label attached to the box (al=
ong with Serial number and MAC address). That way each device will have a d=
efault password, but nobody except the owner of the device will know it.
</rant>

Phew that was a relatively long rant and I apologize if I have caused extre=
me boredom. I can however now, that I have explained the background, come t=
o the questions which is the primary reason for me writing here.

First of all, I would like to hear more opinions about the value of a devic=
e such as this. I realize that most technically adept people will frown on =
a a "toy" such as the Cloak, but this device is really not meant for anybod=
y who can install the Tor software on their own or someone who can install =
Tor on a Rasberry Pi. It is meant for my parents, my kids or anyone else wh=
o - deserve privacy but might not be technically able to achieve it. I full=
y understand and appreciate that a Tor Router such as Cloak will NEVER in i=
tself be able to provide any form of anonymity or security. It is merely a =
tool that if used correctly can help enforce a certain level of privacy (th=
e newly introduced or discussed Australian data retention laws spring to mi=
nd and I am certain other countries are introducing the same laws). A secon=
dary justification are devices which does not support Tor. I've got a Media=
 player in my house and that does "phone home" every single time I play a m=
ovie on it and there is no way I could possibly install Tor on it. With Clo=
ak and NO login - that is fairly anonymous.

Second of all I would sincerely like a discussion about the firewall rules =
and other security or usability issues with a device as this. The source is=
 on Github for everybody to check and I will be happy to discuss any techni=
cal aspect and appreciate any constructive criticism.  I am of course also =
happy to respond to any questions thrown in my direction.

//Lars B=F8gild Thomsen

-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

