[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
JanusPA - A hardware Privacy Adapter using Tor
- To: or-talk@xxxxxxxxxxxxx, or-dev@xxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxx
- Subject: JanusPA - A hardware Privacy Adapter using Tor
- From: "Kyle Williams" <kyle.kwilliams@xxxxxxxxx>
- Date: Sun, 21 Dec 2008 05:14:42 -0800
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 21 Dec 2008 08:14:52 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=aH5psYh6hXlH6zx0F/KF5uJ9a3JhHvXI2USv+hDgfEU=; b=mxAPlngBwwL+pL9kkzTaSP1r58LO1XLwOeSUfq68tGx2xUDSLtzn7GSOnsavltwbUb nLB9xIickX9fVBFvn5V4uw47BK+Rjhu7Q4YhgFlaWqMixUbQQAHS7CN6qqWpFNMvMrCq 7X1myN4a1RtWdWMQA9oOgmp/sFPfZli5to9vw=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=mSWT1rJ5gPnR9ywLigLqI9790+69cT5P8BNp51HfSlKIgTPe6yEQqMf/SCEuHj3lPj VsPY4zkIsqIKU6ry4oJCP+WYt9MVUKxITw3MbppiDOy56O/rLUxrWQr+4iw+c+I4BPLT r3yCtIGPfab5j2ubC5Xkvt18iZqLGofS1x7uk=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
I've been working on a project for a couple of months now that I'm sure would be of interest to some of you. The goal was to apply the same transparent model coderman and I used with JanusVM and Tor VM into hardware. I wanted something small that you could connect, power on, and use. Literally plug-n-privacy. After several weeks of searching the web looking at different hardware configuration, specs, etc, etc, I decided to go with Gumstix(.com).
The privacy adapter is a ARM 400MHz Xscale CPU with 64MB RAM (@100MHz), 16MB of Flash memory for storage, and *TWO* 10/100 NICs. It uses Linux for the OS.
The first thought that many people get, including myself, have is that it is not powerful enough to run Tor. Well, after 2 months of breaking this in, I'm very happy with the results.
I ran this as a Tor server for about 4 days, and got a good baseline for how much data it can handle. As a Tor server, it was pushing about 250KB/sec (125KB in, 125 KB out).
As a Tor client, the best speed test I got was about 1.2MB/sec. BTW, that was after about 45 minutes of "SIGNAL NEWNYM" and speedtest before I found a fast circuit.
Here's the URL for what I've got so far.
It is lacking all forms of documentation, and the source code needs to be cleaned up some.
It does have a general description, the index of the soon to come documentation, openssl speed test benchmarks, pictures, and stats of when I tested it as a Tor server.
After about two months of using it, I've never felt more secure and satisfied when using Tor. This is a hardware router that routes your traffic through the Tor network, it's small, and is easy to use. As for security, all TCP and DNS are routed through Tor, and everything else is dropped. So all the nasty side-channel attacks that us hackers have been working on to leak your real IP address are rendered useless.
But there is good news and bad news.
The bad news:
The manufacture (Gumstix.com) is "Phasing Out" this particular setup at the end of DECEMBER 2008!! That's in 10 days! Any orders after Dec. 31, 2008 will have to be in bulk orders, which is 120 or more units. Shitty. Because of the short amount of time left to get this hardware, I've jumped the gun and chosen to notify the Tor community about this hardware before it is gone or out of a practical price range for most of us.
The good news:
I've been in communication with a very nice gentleman at gumstix who said "Gumstix is also working on a netDUO expansion board for Overo, although a release date has not been announced." There is reasonable hope that there new motherboad product line (the Overo) will at some point have a dual NIC expansion board.
So this is somewhat a conflicting situation. I've spent months working on this awesome anonymity adpater, and it's about to be discontinued without knowing an exact date as to when the new line with have the capabilities to do what needs to be done. ugh. I'm very much looking forward to their new product line when a dual NIC expansion board is available, but I don't know when that'll be. If anyone is interested in this, but cannot afford to buy hardware at the moment, please contact Don Anderson (don@xxxxxxxxxxx
)and encourage the idea of extending their phase out date or express and interest in a dual NIC expansion board for their new Overo product line.
If anyone is interested in getting a hardware based Tor solution, you might want to consider buying a gumstix soon.
You'll need the following.
This will run you $237.00 USD + shipping and handling.
I would also *HIGHLY* recommend the following because flashing the device over the network is very, very risky and has resulted in me having to re-flash it through the serial port many, many times.
This will run you $32.00 USD.
If anyone is seriously thinking about a good hardware based solution for Tor, I'd buy the gumstix now. In fact, I just bought a couple more just in case mine breaks. I'll have the source code up withing a week, two tops The FULL documentation will take about a bit longer to get done.
Well, that's about it. Feedback is welcome.
PS. Happy Holidays!