JanusPA - A hardware Privacy Adapter using Tor
Kyle Williams
kyle.kwilliams at gmail.com
Sun Dec 21 13:14:42 UTC 2008
Hello Everyone,
I've been working on a project for a couple of months now that I'm sure
would be of interest to some of you. The goal was to apply the same
transparent model coderman and I used with JanusVM and Tor VM into
hardware. I wanted something small that you could connect, power on, and
use. Literally plug-n-privacy. After several weeks of searching the web
looking at different hardware configuration, specs, etc, etc, I decided to
go with Gumstix(.com).
The privacy adapter is a ARM 400MHz Xscale CPU with 64MB RAM (@100MHz), 16MB
of Flash memory for storage, and *TWO* 10/100 NICs. It uses Linux for the
OS.
The first thought that many people get, including myself, have is that it is
not powerful enough to run Tor. Well, after 2 months of breaking this in,
I'm very happy with the results.
I ran this as a Tor server for about 4 days, and got a good baseline for how
much data it can handle. As a Tor server, it was pushing about 250KB/sec
(125KB in, 125 KB out).
As a Tor client, the best speed test I got was about 1.2MB/sec. BTW, that
was after about 45 minutes of "SIGNAL NEWNYM" and speedtest before I found a
fast circuit.
Here's the URL for what I've got so far.
http://www.janusvm.com/goldy/JanusPA/index.html
It is lacking all forms of documentation, and the source code needs to be
cleaned up some.
It does have a general description, the index of the soon to come
documentation, openssl speed test benchmarks, pictures, and stats of when I
tested it as a Tor server.
After about two months of using it, I've never felt more secure and
satisfied when using Tor. This is a hardware router that routes your
traffic through the Tor network, it's small, and is easy to use. As for
security, all TCP and DNS are routed through Tor, and everything else is
dropped. So all the nasty side-channel attacks that us hackers have been
working on to leak your real IP address are rendered useless.
But there is good news and bad news.
The bad news:
The manufacture (Gumstix.com) is "Phasing Out" this particular setup at the
end of DECEMBER 2008!! That's in 10 days! Any orders after Dec. 31, 2008
will have to be in bulk orders, which is 120 or more units. Shitty.
Because of the short amount of time left to get this hardware, I've jumped
the gun and chosen to notify the Tor community about this hardware before it
is gone or out of a practical price range for most of us.
The good news:
I've been in communication with a very nice gentleman at gumstix who
said "Gumstix
is also working on a netDUO expansion board for Overo, although a release
date has not been announced." There is reasonable hope that there new
motherboad product line (the Overo) will at some point have a dual NIC
expansion board.
So this is somewhat a conflicting situation. I've spent months working on
this awesome anonymity adpater, and it's about to be discontinued without
knowing an exact date as to when the new line with have the capabilities to
do what needs to be done. ugh. I'm very much looking forward to their new
product line when a dual NIC expansion board is available, but I don't know
when that'll be. If anyone is interested in this, but cannot afford to buy
hardware at the moment, please contact Don Anderson (don at gumstix.com)and
encourage the idea of extending their phase out date or express and interest
in a dual NIC expansion board for their new Overo product line.
If anyone is interested in getting a hardware based Tor solution, you might
want to consider buying a gumstix soon.
You'll need the following.
Connex 400mx Motherboard:
http://www.gumstix.com/store/catalog/product_info.php?cPath=27&products_id=136
netDUO-mmc/SD expansion board:
http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=156
4.0v Power Adapter:
http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=148
Screws and spacer kit:
http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=161
This will run you $237.00 USD + shipping and handling.
I would also *HIGHLY* recommend the following because flashing the device
over the network is very, very risky and has resulted in me having to
re-flash it through the serial port many, many times.
Serial null-modem cable:
http://gumstix.com/store/catalog/product_info.php?cPath=28&products_id=85
Serial port connector:
http://gumstix.com/store/catalog/product_info.php?cPath=31&products_id=106
This will run you $32.00 USD.
If anyone is seriously thinking about a good hardware based solution for
Tor, I'd buy the gumstix now. In fact, I just bought a couple more just in
case mine breaks. I'll have the source code up withing a week, two tops The
FULL documentation will take about a bit longer to get done.
Well, that's about it. Feedback is welcome.
Best Regards,
Kyle
PS. Happy Holidays!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20081221/7429a2d5/attachment.htm>
More information about the tor-dev
mailing list