Slashdot Mirror
Anonabox Accused of Lying About Its Product Being Open-Source On Kickstarter
blottsie writes The "anonabox" has raised more than $550,000 on Kickstarter in only three days. But some believe the company's claims that the router-like device, which is said to automatically route users' Internet traffic through Tor, is entirely open-source are false. Anonabox developer August Germar tells the Daily Dot, however, that the device was commissioned specifically to run their code.
Surely that would settle this silly dispute. Either the code is there, or it is not.
Time is what keeps everything from happening all at once.
I referenced the following part: The anonabox has been developed and refined for the sole purpose of running the open source software Tor, considered the best and most secure way to access the Internet anonymously. All traffic coming out of or going into your computer or network is encrypted this way. The result is strong, secure anonymity.
Relating to the above, I asked exactly how can they make such claims when proper anonymity requires the users to also understand the concept and to actively avoid doing things that would compromise that anonymity, like e.g. logging to Facebook or checking e-mails. I did say that they are very specifically making it sound like the box can just magically make you anonymous even when you do your usual stuff over Tor and they should either rephrase their sales pitch or I'll assume they don't even want people to really understand the concept. My question has gone unanswered, so take what you will!
the problem isn't just the fact that the code and hardware isn't open-source, it's the fact that the developers openly lied on their Kickstarter campaign. Not only is the hardware not open-source but it wasn't even designed by them, it's a cheap Chinese knockoff of a tp-link 3G router! On top of that after looking through the firmware they've found that it's not custom software, but a badly configured OpenWRT build with a standard root password (set to "developer!"), an unsecured wifi ssid and sshd installed and running by default! The scale to which these jokers have deceived their backers is ridiculous, and this Kickstarter needs shutting down.
His attitude about custom firmware was shocking as well:
I'm keeping a track of how many requests we get relating custom firmware, and from what I'm seeing the user base is not as interested in custom firmware as you might think, which is echoed by this thread (we've shipped 60,000+ units, and less than 10 people have commented in the last month in this thread about getting access to recovery mode).That doesn't mean that we're shooting the idea down, you need to keep in mind that in terms of priorities this is way down the list as you'd expect from any feature where it's being requested by less than one tenth of one percent of the user-base.
It really floored me to read this, given the kickstarter page's promises of hackability. Anyone with a reflashable phone (or any pretty much any other Android device whatsoever capable of using custom ROMS) knows that a real recovery mode is absolutely essential, in case the OS/kernel gets borked. Ouya's supposed "recovery mode" relies on an already-bootable OS, so it's useless. How can you trust any product's promises of openness when it seems they can do a complete 180 with impunity after they have your money?
Anyone who contributes money to a Kickstarter project deserves what they get.
I didn't use Kickstarter, but I backed a game while the devs were still asking for funding on both Kickstarter and a few other places. I got a great, worthy game and didn't feel even the tiniest amount cheated out of my money: the game was Shadowrun Returns. Does that mean I deserve great, enjoyable games?
Nope, it means you were lucky!
well.. from the looks of it..
the question should be to ask do they understand the difference between an INVENTION and a product.
clearly they had read about the invention way before and just hashed together a product. they don't seem to have clear understanding of how the product works.
basically they're just selling a 20$ box for 50$. which isn't too bad. but if they don't understand the product, why the fuck trust with them running it, instead of running tor on your laptop? or better yet, running something like tails on the laptop.. the tor wont help if the os on the laptop is the problem - and how they can vouch for the closed source drivers on the board? and if it's not their board, I doubt it's theirs to give away as "open hardware" either. it seems like it's open in the sense that they used whatever was openly available to them...
I think they just saw the project on hackaday, asked around for some boards and smelled money and wanted the money upfront from the customers to negate risks - and then did some bullshit to sell it. now that bullshit could technically be in violation of kickstarter rules, so they might have to move to indiegogo and spin up some more bullshit why they moved("big brother forced us to!" most probably).
world was created 5 seconds before this post as it is.
If the code is freely available and anyone who wishes to can flash their devices with it there really isn't an issue here.
Time is what keeps everything from happening all at once.
This reddit thread has more info:
https://www.reddit.com/r/privacy/comments/2j9caq/anonabox_tor_router_box_is_false_representation/
I would think about it as an investment. You may get a return, you may not. If nobody backs that game, it will never come to market and in some cases there is no alternative that you could buy. Backing "me too" project of course is stupid... You just have to evaluate the project and team and see if they are likely to deliver.
The issue people have is:
- he claims they have spent lots of effort developing four generations of custom hardware for this thing and that they need the kickstarter money to put it into production.
- the reality is they are buying a cheap existing router from China, adding a big markup and a modified build of open wrt, and making a really good profit from the thing.
This is really misleading and abuses people's sympathy for hardware startups. He is not a hardware startup, he is an importer and that deception is really poor form.
Even if everything on it is properly implemented, which is doubtful, the device will be completely insecure for ordinary, non-expert users. To use Tor securely, the endpoint communication software must be properly anonymized, Java and Javascript disabled, etc. Use Tails or Tor browser bundle on an encrypted home partition of a well-patched system instead.
I don't see what problem this solves that the Onion Pi doesn't solve?
I've mostly backed stuff that looked like it would not get created by regular companies. Most of this was in the area of Home Automation; a niche market, which means that even for great products the economics may simply not work out. Start-ups as well as existing companies can take some of the gamble out of that equation through crowdsourcing. I've backed 7 projects thus far:
3 delivered more or less on time
1 is on track for timely delivery
1 ran into technical and organisational issues, but they've turned those around and it looks like they will deliver the product after all, if a bit late. Their campaign was overfunded so they didn't run out of cash.
1 underestimated organisational difficulties (such as obtaining product certification in different regions) and ran out of money. A good many backers did receive their goods and they still think they can fulfil all pledges, but I'm not holding my breath.
1 I've given up on.
Not too bad a track record. Of course it's easy enough to let others fund these kickstarter projects and let them take the risk, but where's the fun in that? As long as you understand the risk, I don't see why one shouldn't fund these projects that might otherwise not see the light of day.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
I doesn't matter anyway. The vast majority of users (almost 100%) won't read the source or make modifications. From a purely marketing perspective, "open source" is a word like "locally-grown" to add a nice and cozy grassroots feeling to the product.
Looks like he is the first to realize that
* openwrt capable mini-routers are very cheap, i use multiple WR703N for tinkering
* there are many firmware generators out there that should it make simple to create an tor-capable image
We will see an firmware-image that you can directly flash from the vendors webinterface and that turns your router into an tor-client.
I also agree that anyone who makes a mistake, error in judgement, or relies on good faith in a negotiation deserves whatever bad happens to them. Trust is for losers. And it is the duty of the strong to destroy the week.
Or maybe just smart. He picked a project that showed a realistic chance of being completed.
I'm 2/2 so far as well. I backed PluggyLock and received my hardware, which works well, last week. I also backed Road Redemption, and am currently enjoying the beta. It's actually really nice to be involved in the development of the game.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
get out the soldering iron! :P
And then they should continue on to destroy the month and the year.
Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
> Nope, it means you were lucky!
Crap. Yes evaluate the projects first. Do a little internal math and check if the company has asked for enough to complete the project. Do they appear to have the skill set required to get the project out the door? Have they lied in the project description?
I've backed a few projects on Kickstarter (and alikes). I've got some fantastic big name games and cool indy games and the warm glow of knowing I helped them on their way.
Its a risk but a risk but one you can do derisk quite a way.
> Anyone who contributes money to a Kickstarter project deserves what they get.
I agree. I've got naught but awesomeness.
Wow, I should not post when knackered.
I've had a few failures (Kreyos and the Neal Stephenson sword game) but the rest of about two dozen have given me exactly what they promised and I got some really nice items.
and the day and the hour
>Anyone who contributes money to a Kickstarter project deserves what they get.
An autographed poster and a download and Blu-Ray of a movie? That's what I got the only time I contributed to a kickstarter, and am happy with the deal. You might want to find a narrower brush.
Or maybe just smart. He picked a project that showed a realistic chance of being completed.
Yep. I'm 6/6 so far - all of them turned out as well or better than I expected. I dunno why anyone would think there's much "luck" involved with picking Kickstarter projects.
No, it means you have questionable taste in Shadowrun games. I backed Shadowrun Returns and regret it. What kind of Shadowrun game lets you hire a decker for a run...then says, only the main character can hack anything, to maintain game balance?
This is horrifying - how gullible do you have to be to back and trust this? It's such a big fat juicy target for the NSA (or FBI or Russian hackers or any other group of
miscreants). It's a 'spy on me!' box for the people they most want to spy on. If they have the full help of the company then they can add cheap hardware to the build so that even if you completely wipe and reflash the main partition their stuff still runs. Even if the company were legit, all you need is one guy or one pwned computer inside it.
A couple years ago you'd be crazy paranoid to think they'd bother, but post-Snowden we know they have the time, the interest, and unlimited resources.
No, it means you have questionable taste in Shadowrun games.
Considering that I have no previous experience with Shadowrun games at all I find my experience so far pretty good.
I was just notified by email that the anonabox Kickstarter project has been suspended by Kickstarter for violating their TOS.
All funding has stopped and backers will not be charged for their pledges, according to the message.
A sad result, but you have to credit Kickstarter for their actions.
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert