JanusPA - A hardware Privacy Adapter using Tor
Kyle Williams
kyle.kwilliams at gmail.com
Sun Dec 21 05:14:42 PST 2008
Hello Everyone,
I've been working on a project for a couple of months now that I'm
sure would be of interest to some of you. The goal was to apply the
same transparent model coderman and I used with JanusVM and Tor VM
into hardware. I wanted something small that you could connect, power
on, and use. Literally plug-n-privacy. After several weeks of
searching the web looking at different hardware configuration, specs,
etc, etc, I decided to go with Gumstix(.com).
The privacy adapter is a ARM 400MHz Xscale CPU with 64MB RAM
(@100MHz), 16MB of Flash memory for storage, and *TWO* 10/100
NICs. It uses Linux for the OS.
The first thought that many people get, including myself, have is that
it is not powerful enough to run Tor. Well, after 2 months of
breaking this in, I'm very happy with the results.
I ran this as a Tor server for about 4 days, and got a good baseline
for how much data it can handle. As a Tor server, it was pushing
about 250KB/sec (125KB in, 125 KB out).
As a Tor client, the best speed test I got was about 1.2MB/sec. BTW,
that was after about 45 minutes of "SIGNAL NEWNYM" and speedtest
before I found a fast circuit.
Here's the URL for what I've got so far.
[1]http://www.janusvm.com/goldy/JanusPA/index.html
It is lacking all forms of documentation, and the source code needs to
be cleaned up some.
It does have a general description, the index of the soon to come
documentation, openssl speed test benchmarks, pictures, and stats of
when I tested it as a Tor server.
After about two months of using it, I've never felt more secure and
satisfied when using Tor. This is a hardware router that routes your
traffic through the Tor network, it's small, and is easy to use. As
for security, all TCP and DNS are routed through Tor, and everything
else is dropped. So all the nasty side-channel attacks that us
hackers have been working on to leak your real IP address
are rendered useless.
But there is good news and bad news.
The bad news:
The manufacture (Gumstix.com) is "Phasing Out" this particular setup
at the end of DECEMBER 2008!! That's in 10 days! Any orders after
Dec. 31, 2008 will have to be in bulk orders, which is 120 or more
units. Shitty. Because of the short amount of time left to get this
hardware, I've jumped the gun and chosen to notify the Tor community
about this hardware before it is gone or out of a practical price
range for most of us.
The good news:
I've been in communication with a very nice gentleman at gumstix who
said "Gumstix is also working on a netDUO expansion board for Overo,
although a release date has not been announced." There is reasonable
hope that there new motherboad product line (the Overo) will at some
point have a dual NIC expansion board.
So this is somewhat a conflicting situation. I've spent months
working on this awesome anonymity adpater, and it's about to be
discontinued without knowing an exact date as to when the new line
with have the capabilities to do what needs to be done. ugh. I'm
very much looking forward to their new product line when a dual NIC
expansion board is available, but I don't know when that'll be. If
anyone is interested in this, but cannot afford to buy hardware at the
moment, please contact Don Anderson ([2]don at gumstix.com)and encourage
the idea of extending their phase out date or express and interest in
a dual NIC expansion board for their new Overo product line.
If anyone is interested in getting a hardware based Tor solution, you
might want to consider buying a gumstix soon.
You'll need the following.
Connex 400mx Motherboard:
[3]http://www.gumstix.com/store/catalog/product_info.php?cPath=27&prod
ucts_id=136
netDUO-mmc/SD expansion board:
[4]http://gumstix.com/store/catalog/product_info.php?cPath=31&products
_id=156
4.0v Power Adapter:
[5]http://gumstix.com/store/catalog/product_info.php?cPath=28&products
_id=148
Screws and spacer kit:
[6]http://gumstix.com/store/catalog/product_info.php?cPath=28&products
_id=161
This will run you $237.00 USD + shipping and handling.
I would also *HIGHLY* recommend the following because flashing the
device over the network is very, very risky and has resulted in me
having to re-flash it through the serial port many, many times.
Serial null-modem cable:
[7]http://gumstix.com/store/catalog/product_info.php?cPath=28&products
_id=85
Serial port connector:
[8]http://gumstix.com/store/catalog/product_info.php?cPath=31&products
_id=106
This will run you $32.00 USD.
If anyone is seriously thinking about a good hardware based solution
for Tor, I'd buy the gumstix now. In fact, I just bought a couple
more just in case mine breaks. I'll have the source code up withing a
week, two tops The FULL documentation will take about a bit longer to
get done.
Well, that's about it. Feedback is welcome.
Best Regards,
Kyle
PS. Happy Holidays!
References
1. http://www.janusvm.com/goldy/JanusPA/index.html
2. mailto:don at gumstix.com
3. http://www.gumstix.com/store/catalog/product_info.php?cPath=27&products_id=136
4. http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=156
5. http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=148
6. http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=161
7. http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=85
8. http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=106
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list