[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: JanusPA - A hardware Privacy Adapter using Tor

Hash: SHA512

Kyle Williams wrote:
> Hello Everyone,
> I've been working on a project for a couple of months now that I'm sure
> would be of interest to some of you.  The goal was to apply the same
> transparent model coderman and I  used with JanusVM and Tor VM into
> hardware.  I wanted something small that you could connect, power on,
> and use.  Literally plug-n-privacy.  After several weeks of searching
> the web looking at different hardware configuration, specs, etc, etc,
> I decided to go with Gumstix(.com).  
> The privacy adapter is a ARM 400MHz Xscale CPU with 64MB RAM (@100MHz),
> 16MB of Flash memory for storage, and *TWO* 10/100 NICs.  It uses Linux
> for the OS.
> The first thought that many people get, including myself, have is that
> it is not powerful enough to run Tor.  Well, after 2 months of breaking
> this in, I'm very happy with the results.
> I ran this as a Tor server for about 4 days, and got a good baseline for
> how much data it can handle.  As a Tor server, it was pushing about
> 250KB/sec (125KB in, 125 KB out).
> As a Tor client, the best speed test I got was about 1.2MB/sec.  BTW,
> that was after about 45 minutes of "SIGNAL NEWNYM" and speedtest before
> I found a fast circuit.
> Here's the URL for what I've got so far.
> http://www.janusvm.com/goldy/JanusPA/index.html
> It is lacking all forms of documentation, and the source code needs to
> be cleaned up some.
> It does have a general description, the index of the soon to come
> documentation, openssl speed test benchmarks, pictures, and stats of
> when I tested it as a Tor server.
> After about two months of using it, I've never felt more secure and
> satisfied when using Tor.  This is a hardware router that routes your
> traffic through the Tor network, it's small, and is easy to use.  As for
> security, all TCP and DNS are routed through Tor, and everything else is
> dropped.  So all the nasty side-channel attacks that us hackers have
> been working on to leak your real IP address are rendered useless. 
> But there is good news and bad news.  
> The bad news:
> The manufacture (Gumstix.com) is "Phasing Out" this particular setup at
> the end of DECEMBER 2008!!  That's in 10 days!  Any orders after Dec.
> 31, 2008 will have to be in bulk orders, which is 120 or more units.
>  Shitty.  Because of the short amount of time left to get this hardware,
> I've jumped the gun and chosen to notify the Tor community about this
> hardware before it is gone or out of a practical price range for most of us.
> The good news:
> I've been in communication with a very nice gentleman at gumstix who
> said "Gumstix is also working on a netDUO expansion board for Overo,
> although a release date has not been announced."  There is reasonable
> hope that there new motherboad product line (the Overo) will at some
> point have a dual NIC expansion board.  
> So this is somewhat a conflicting situation.  I've spent months working
> on this awesome anonymity adpater, and it's about to be discontinued
> without knowing an exact date as to when the new line with have
> the capabilities to do what needs to be done.  ugh.  I'm very much
> looking forward to their new product line when a dual NIC expansion
> board is available, but I don't know when that'll be.  If anyone is
> interested in this, but cannot afford to buy hardware at the moment,
> please contact Don Anderson (don@xxxxxxxxxxx
> <mailto:don@xxxxxxxxxxx>)and encourage the idea of extending their phase
> out date or express and interest in a dual NIC expansion board for their
> new Overo product line.
> If anyone is interested in getting a hardware based Tor solution, you
> might want to consider buying a gumstix soon.
> You'll need the following.
> Connex 400mx Motherboard:
>  http://www.gumstix.com/store/catalog/product_info.php?cPath=27&products_id=136
> <http://www.gumstix.com/store/catalog/product_info.php?cPath=27&products_id=136>
> netDUO-mmc/SD expansion board:
>  http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=156
> <http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=156>
> 4.0v Power Adapter:
>  http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=148
> <http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=148>
> Screws and spacer kit:
>  http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=161
> <http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=161>
> This will run you $237.00 USD + shipping and handling.
> I would also *HIGHLY* recommend the following because flashing the
> device over the network is very, very risky and has resulted in me
> having to re-flash it through the serial port many, many times.
> Serial null-modem cable:
>  http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=85
> <http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=85>
> Serial port connector:
>  http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=106
> <http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=106>
> This will run you $32.00 USD.
> If anyone is seriously thinking about a good hardware based solution for
> Tor, I'd buy the gumstix now.  In fact, I just bought a couple more just
> in case mine breaks. I'll have the source code up withing a week, two
> tops  The FULL documentation will take about a bit longer to get done.   
> Well, that's about it.  Feedback is welcome.
> Best Regards,
> Kyle
> PS.  Happy Holidays!  
I haven't read all carefully but as far as i understood you can get the
same effect using tor tcp transparent proxy and udp dnsport transparent
proxy wich sticked on a linux lan gateway route all your cp and udp
traffic transparently in the tor network but maybe i haven't read
carefully ...


- --
pub   1024D/823402D2 2008-07-01
Key fingerprint = 15E5 5A37 9A68 963F 6B35  B4B7 BA85 DED6 8234 02D2

Version: GnuPG v1.4.9 (GNU/Linux)