Anonabox, the $50 portable anonymising network router or master scam?
Anonabox was supposed to be a sureshot, once shot device for all the anonymity and privacy concerns of net users. It was portable network device sat between computer and router to anonymize browsing and offer maximum privacy to the user via the Tor network. It enthused the backers so much that it reached its Kickstarter fundraising goal just days after hitting the crowdfunding platform. But apparently such devices were already available from Chinese manufacturers and that too, even cheaper.
As expected, Kickstarter had freezed the Anonabox funding for scamming the investors and backers with false claims.
The story behind Anonabox
The man behind Anonabox, August Germar kicked of the Kickstarter campaign for Anonbox asking $7,500 and found out that he had almost 80 times the amount at one point only to know yesterday that it had come to zero.
On Friday afternoon Kickstarter suspended the crowdfunding campaign for Anonabox, Before the freeze came into place, Germar had already received pledges of upto half million dollars in funding.
It so happened that the publicity that Anonabox received from its backers also caused users, especially on Reddit to question the device and its logit. As the days went by, they also began to rip apart Anonabox’s claims of creating custom hardware as well as the promised security of its software.
At one point on on Wednesday, the calls for the project to be cancelled got louder and shriller. Some backers and original pledgers also asked Kickstarter to cancel their pledges.
Conclusion of Germe’s quest for funding
In an email to the project’s investors and backers on Kickstarter, it told backers only that “a review of the project uncovered evidence that it broke Kickstarter’s rules.” Those rules, the email continued, prohibit “offering purchased items and claiming to have made them yourself,” “presenting someone else’s work as your own” and “misrepresenting or failing to disclose relevant facts about the project or its creator.”
The backlash against Anonabox began Tuesday evening, as users pointed out that the router’s hardware, which Anonabox creator Germar had claimed was custom-designed, could be found for sale from Chinese suppliers on sites like the business e-commerce platform Alibaba. In fact, Germar soon clarified to WIRED that the Anonabox prototype was built from an off-the-shelf case and a nearly stock board tweaked to add more flash memory storage, both sourced from the Chinese manufacturer Gainstrong.
This was infact a complete reversal of his statement that he gave to WIRED when the Kickstart campaign was launched.
Other users soon picked up faults in Anonabox’s software. They said that the router’s default settings left its wireless network open and included a hardcoded root password that would leave users vulnerable to spying or compromise by hackers, the said.
The Redditors were the prominent ones in finding out about the scam. A Reddit user, htilonom, created a thread outlining the scam to the users. The entire thread is given below :
FUNDING SUSPENDED, BUT NOW WHAT?https://www.reddit.com/r/technology/comments/2jjrd6/anonabox_is_no_more_or_how_to_build_your_own/
UPDATE! FUNDING SUSPENDED!
This is a message from Kickstarter’s Trust & Safety team. We’re writing to notify you that the anonabox : a Tor hardware router (Suspended) project has been suspended, and your $1.00 USD pledge has been canceled. A review of the project uncovered evidence that it broke Kickstarter’s rules. We may suspend projects when they demonstrate one or more of the following:
Offering purchased items and claiming to have made them yourself Presenting someone else’s work as your own Misrepresenting or failing to disclose relevant facts about the project or its creator Accordingly, all funding has been stopped and backers will not be charged for their pledges. No further action is required on your part.
We take the integrity of the Kickstarter system very seriously. We only suspend projects when we find strong evidence that they are misrepresenting themselves or otherwise violating the letter or spirit of Kickstarter’s rules. As a policy, we do not offer comment on project suspensions beyond what is stated in this message.
Regards, Kickstarter Trust & Safety
WOW, I AM BEYOND WORDS. I honestly DID NOT expect this will happen, but looks like Kickstart team took some time to analyze all the evidence. HUGE THANK YOU TO KICKSTARTER! You guys prevented a disaster!
Firstly, I want to thank all the people that recognized Anonabox is scam and fought with their decieving lies on Kickstarter comments, Twitter, here on Reddit. Then I would also like to thank every online media who covered this story. We couldn’t do this without you guys!!!111
You may know me from this thread
I feel obligated to try to inform as much people as I can about the circumstances under which Anonabox is being sold and the consequences it will have.
We have proved that Anonabox guy and his twitter friends have intentionally deceived the public.
- They lied about the prototypes, saying that they invented the device while the device is bought from Aliexpress. What makes things absurd, they offered a bullshit story on how Arab Spring inspired them to create the device. Arab Spring started in 2010, so they are actually implying that the device was in the making for FOUR years, which is a blatant lie. All this to gain more sympathies from the people, thus deceiving them into backing their project!
- during AMA was the perfect opportunity for August Anonabox to come clean, to admit that he lied and everyone would forget about it. Of course, that did not happen. He continued to lie more and intentionally ignored the important questions for hours. When he replied he basically tried to “stonewall” people proving he is a liar and acted like he did not know about the Chinese devices.
- He finally came clean to the Wired author that in fact they are using the board from China, sourced by the company called Gainstrong. That is only about 10% of the truth, the whole device including design, board, plastic and everything was already made in China a long before August decided to “invent” Anonabox.
- Anonabox software is actually OpenWRT, which is something they did point out in logo, but intentionally withheld any actual specifications for the reason in next point. They withheld that information to BOOST SALES.
- They are intentionally misleading the public (LYING) about the device being fully open source, while it’s not. Hardware, the most important part of the device, is not open source. It’s a Chinese knockoff of TP-Link “3G routers” which opens the possibilities for a hardware backdoors in the hardware (think of Huawei backdoors). The reason why they did so is simple, nobody would buy the device in such numbers. Everyone would just build their own device.
- Their Tor package is actually The Grugq’s Portal (linked in edit above).
- OpenWRT is so BADLY configured by Anonabox team that device that is supposed to protect you is actually giving away your information. The device has BACKDOOR root password, OPEN wireless network (so anyone can connect to it) and is shipped with SSHD!!! This means that anyone can take control of the device!
- Anonabox marketing terms, pictures and prototypes are all ripped from various web sources. Wording is ripped off from UnJailPi, photos are actually just a photos of a Chinese clone, “prototypes” are well know hardware devices that are NOT invited by Anonabox.
If the above is not enough for you to back off, here’s my opinion on FAR WORSE issue that none seems to notice.
The Anonabox guy (and his helpers) are amateurs. They are offering fully secure device (and encrypted as they point out wrongfully) to people who need the anonymity. Their target group are non-tech people, journalists and whistle-blowers who are supposed to trust their LIFE to this piece of Chinese knockoff! We don’t need more people ending up like Chelsea (Bradley) Manning, Snowden and many other unrecognized whistle-blowers!
The fact that the Anonabox guys continued to intentionally mislead the public, proves that they do not care about the people they are providing the device for! They just want to either steal the money with fake kickstarter and / or provide off the shelf “3G router” made in China with badly patched bunch of scripts they found online.
Tor as every other service / application is constantly being audited for vulnerabilities, which will NOT be patched when discovered on Anonabox because 1) authors are not providing a way to update firmware 2) they do not posses the knowledge to do it!
Bottom line is, even if they deliver their device, it cannot be trusted. Of course, that’s assuming Kickstarter doesn’t cancel their project for breaking their TOS.
People, move on from the Arab Spring bullshit. It doesn’t matter if that’s how they got their idea or not. It’s really disappointing to see so many people arguing and being butthurt about that instead of proving Anonabox is scam. If any of the prototypes nor final product are NOT made or designed by Anonabox, how the hell did they got inspiration from Arab Spring about it? On my other thread on /r/privacy we’ve proven that Anonabox RIPPED OF website text and ideas from UnJailPi. Now please stop the AS circlejerk, it’s not helping anyone.
While I was battling with trolls I missed a update from @stevelord who got anonabox firmware. He also previously in detail inspected the Anonabox source code and discovered various misconfiguration and security issues https://twitter.com/stevelord
This needs more visibility as well. In previous thread on /r/privacy people on Twitter have discovered that Anonabox guy has a lot of little helpers both on twitter and on official Kickstarter comments. Everyone please check out the comments there, I won’t name any names but it’s kinda obvious who has the most replies therehttps://www.kickstarter.com/projects/augustgermar/anonabox-a-tor-hardware-router/comments
Update on Anonabox friend… he just got BANNED from kickstarter. We’re talking about a guy who spent DAYS attacking people who wanted to share their doubts. GOOD! Is this the end of Anonabox?
EDIT: Wired just posted a new article about all that it’s happening with Anonabox in past few days
I really want to give credit to Wired author for taking time to investigate the accusations!
It seems that August from Anonabox is still refusing to show even a fraction of remorse for his actions that included intentional false representation, having bunch of people attack and attempt to discredit anyone who says anything against the anonabox, people who are clearly friends of his. He actually fabricated another lie in a effort to additionally deceive all of us by saying:
He insists his Kickstarter was actually aimed at developers and beta testers who he hoped would try out the Anonabox and work together to help him iron out its issues. “I had thought this would be like push-starting a car,” Germar says. “Instead, it’s been like being handcuffed to a rocket.”
This is colossal bullshit, exactly the same one from the beginning, where he claimed the device is 100% open source and 100% his creation after years of prototyping (and 3 gens of NOT off the shelf hardware). If it was aimed for developers, why was the story about Arab Spring mentioned (made up)? Why is their kickstarter page saying they want to build ant-censorship box (?!) and ship it to the people? The people that are journalists, protesters and other non-tech people… clearly NOT BETA TESTERS AND DEVELOPERS.
Feel free to analyze in detail the new Wired article, I find it even more offending and proving that he just want’s the money, he will sell you everything you want to hear, as long as he gets his money.
Both the hardware and the software issues forced Kickstarter to freeze the funding. It has further clarified that those users who original backed the funding and had pledged amounts to the campaign, their pledges were cancelled so they didnt need to make any commitments.