Securobods RAGE over $600k Kickstarter Tor box components The developer behind Tor privacy router Anonabox has defended the product — which has so far attracted $600,000 in crowd funding — following allegations it was little more than a commercial off-the-shelf circuit board. August Gemar asked for $7,500 via Kickstarter to build the open source router box commercially. Accusations …
It's not like you'd need custom-build hardware for a TOR router. I reckon I could build one out of my Fonera in a couple hours, probably on top of a hardened realtime-patched minimal Linux kernel, a minimal set of system utils (busybox?) and a purpose-compiled TOR stack.
I would build it on top of Gnu HURD but it'd probably take a couple years instead of hours ;-)
So, unless they're selling it for its weight of SD cards filled with iTunes-bought songs* because they custom-built it, I don't see the problem. Oh wait.
*https://what-if.xkcd.com/108/
It is the same with servers, mostly they use Intel or Supermicro etc. mainboards, maybe lightly modified to suit specific needs.
If the OEM already makes a similar product, then extending that with custom firmware makes sense - it certainly saves on development costs, meaning that the end product is going to be cheaper.
If you don't have to fork out for molds, dies etc. you are going to save 4 to 5 figures on your development costs...
And people are moaning, because the developer has found ways of making the production process more efficient and thus cheaper, leading to a cheaper end product (if the developer isn't just greedy).
The problem is that sometimes project owners "forget" to mention that their all-in-one bespokefully custom in its uniqueness, exquisitely crafted by elves at the north pole "product" is basically an unmodified existing (and usually dirt-cheap) piece of obscure hardware, possibly with some freely available open source code that may or may not have been slightly tweaked by them - often offered with a handsome mark-up. And no, chucking a larger RAM onto something doesn't quite qualify as "custom" unless you're the PCB house. Past the fact that the Kickstarter ToS explicitly forbids reselling of existing goods as a your own "project", things that get too close to that line are usually frowned upon even if they don't cross it outright, especially when they are less then forthcoming about the true nature of their "product" or even straight-up deny such claims once they inevitably surface. There would be no noise if all they said was "we slightly modified an existing router and we packaged some anonymizing software for it, you can have one for this much" - but that would hardly stir any excitement, isn't it?
@DropBear: The thing is, even if they have taken off the shelf cheap as chips hardware and added someone else's OS and are flogging it for an eye-watering markup, they are no different from most other businesses in most other market sectors. It is up to the end customer to discern whether they are willing to pay that price for what they are buying. If they are then I don't see a problem, I also have a bridge to sell them. Caveat emptor as always.
@Mark 65: They are certainly free to do that, as long as they are prepared to live with the backlash it will (did) generate when people get miffed by the snowballing lack of honesty. Funnily enough, someone else is doing the exact same thing right now on IndieGoGo (called the "Invizbox" this time) except those guys are doing it right - up-front, with nothing up their sleeve.
Go look at grugq's PORTAL project over on GitHub. Just add customized hardware which this seems to be. Not having their board on front of me I can't speak to fitness but unless you've come up with some magical new F/OSS restrictions, which would shutdown pretty much most IT firms on the planet, I don't understand your beef.
A friend of mine chipped in for the Pressy Kickstarter. In case you aren't familiar with it, Pressy is a small hardware button that is inserted into the earphone socket of a phone that is supposed to allow near instant access to functions such as the camera and torch. Sadly for my friend and his $40, the actual product doesn't work so he has "invested" money in something worthless.
I just cannot see why someone would give money to a Kickstarter project when they aren't really investing. If backers got shares or a % of the profit, it might be worth it but AFAICT, it's just a way of pre-ordering something that you cannot test, have no independent reviews for and which may, or may not be delivered months in the future.
If I'm interested in a Kickstarter project, I'll wait until they produce an actual product, read the reviews and, if it's any good, I'll buy one once they are available for sale.
What I want to know is how bad is this type of product for Tor? I met someone recently who was using Tor Browser; turns out he had no single clue what Tor was or how it worked, he just wanted to download from those file lockers that restrict you to downloading 1 file every two hours or whatever, and Tor Browser lets him circumvent that restriction and download as many files as he likes, by changing his apparent IP address each time. That's the trouble with making something too easy to use, you let the riff-raff in. With products like this Anonabox gettinging out there, get ready for Tor to become a lot less useful for legitimate purposes as it gets hammered by people downloading stuff.
What, you can't think of any reasons to protect ones privacy other than downloading pirated movies and porn? No consideration for whistleblowers? No consideration for people living under totalitarian regimes trying to avoid a trip to the gulag? Oh, the depths we have sunk to.
Steady on Tony. Think this through.
More nodes means more paths means better anonymity for whistleblowers etc.
They may not act as exit nodes but they will most likely act as relay nodes...or at least have it as an option.
Also more traffic is more noise, you cant hide in plain sight by yourself you need a crowd. Precisely why the US Navy released Tor into the world.
Plus anonymity is everyones right. Doesnt matter what you do with it. Whether someone is doing something morally wrong / inappropriate is a different matter entirely.
Also isnt Tor too slow for casual downloads?
Not directed at Tony...
As for the box being a knock off. I see no problem with this.
If you cant build something off the shelf yourself, you should expect to pay a premium.
Convenience aint cheap you know.
Im pretty certain our industry is built on a small part of technical ignorance.
If this kickstarter is fraud then all the box ticking, next clicking, progress bar watching WINTEL engineers (can we call them that?) out there are frauds as well.
Anyone can build a basic Windows server on off the shelf Dell / HP servers with little technical knowledge. My young nephew does it regularly to set up minecraft servers. He is 14.
Pumping out cloned sdcards with semi bespoke(ish) boards to allow even the dumbest of bastards to get on Tor seems like a perfectly reasonable business model to me.
Last time I checked, people went into business to make money.
When it was $7,500 no one seemed to have a problem. When it's $600K, woah, huge problem. Well golly gee whiz business and especially economically illiterate securobods, this is a perfect example of an unmet/pentup consumer demand (in ecology, unfilled ecological niche.) They just might get rewarded for this insight which, the last time I bothered to see anything non-geeky like a business news channel, is what's supposed to happen!
Hell, I might get one to drop a small reward in their laps. Crazy, but I do that about once a month just because, as hardware and especially app developers need encouragement sometimes.
In order to actually discuss this rationally you really need to expense each operational and logistical step, on a PER UNIT basis, and then perhaps compare that to historical R&D combined with FIRST-RUN expenditures on a RISK-WEIGHTED basis. I hate shouting at the group via the keyboard while foaming at the mouth. I usually reserve that for political and business news channels. But this is something that a LOT of people just don't get and usually stumps so-called experts.
Most (95+%) of these projects fail, miserably, even the enterprise level firms too. There must be a method to why anyone would build the first, let alone the first few, iteration(s) of anything. It's that when you do hit on something on the scale of an iPhone or perhaps this, the rewards are on a completely overwhelming scale.
To my fellow securobods. We've railed and torn our hair out over the NSA, 'hackers', etc., until most people are keeping a nervous eye cast our direction. The pieces were already there, hardware and software. Hell, the software is F/OSS! If you're so smart, where's yours? And if these people fall flat on their faces, they've identified a profit center. Otherwise, STFU.
I don't see a problem here...
a) Tor doesn't need bespoke hardware to run. If they found a design with the ports, RAM, and CPU speed they need, more power to them. Honestly, unless I was doing something needing radically custom hardware, I would take an off-the-shelf embedded system and either user it as-is or modify it to fit my needs. It still will cost something to develop into a product, and the developer wants some level of profit.
b) They only asked for $7,500. Is the amount of development they've (most likely) done worth $600,000? In my opinion, no; but those who continued to fund this Kickstarter saw it's $7,500 goal and that it already had $10,000, $50,000, $100,000, $500,000, whatever, and continued to fund it; nobody forced them to do so.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
