It's an interesting world we live in where Reddit and Hacker News users are the ones doing investigation into the truth of claims journalists publish.
With real-time feedback and real-time coverage, it's almost inevitable that our news sources will become increasingly less investigative and more reactive. The first to report wins the traffic, which creates pressure to get stories out the door. Unless you take The Atlantic or New Yorker approach, it's a race, which leaves users users to do the fact checking. We can be cynical about the state of online journalism, and maybe it's partly warranted, but this is definitely where we're headed.
To be fair, you can't expect journalists to have the depth individuals in the online community do, it's just now that everyone can have an influential voice.
Many of the "investigations" on Reddit..actually result in Internet mobs destroying the reputation of a company or individual..even if they've done nothing wrong (besides offend the anti-capitalist hive mind).
It just happened to have worked out in this case, but this is the minority from what I've seen in the past couple of years.
People love showering people they agree like with money, this case proves it. People also don't like to feel they are being taken advantage of and online you can find that out with a few clicks and 10 minutes of googling.
If someone gives $5 to a campaign that promises awesome wonderfulness but then finds out the awesome wonderfulness is being made in a Thailand sweatshop by 10 yearolds eating arsenic for breakfast they will pull the pledge and ruin the companies reputation.
Which is all to the good. Just look at Apple, they had their hipsters locked in when it was just the ridiculous 50% margins they were putting on their products. When we found out people were being worked to death and we had to pay those ridiculous margins that's when people became anti-Apple on mass.
Now if by anti-capitalist you mean anti-Dickensian exploration capitalist you're damned right. And I hope every half decent human being would be.
It's easy to get the Internet riled up over a perceived offense (deception, scamming, fraud, other unethical behaviors), just like it's easy to get any group of people up in arms over the same thing.
I wouldn't list Reddit or any particular website as the source of this kind of witch hunting issue. The only thing to blame is the stupidity of crowds. If people went out of their way to see both sides of an issue, consider the sources and veracity of claimed facts and evidence, and actually make an informed decision then it'd be fine.
Obviously, this doesn't happen that much. But all I'll say is that just because some wall of text on Reddit has a lot of upvotes doesn't necessarily say anything about the actual truth of its contents. That means it's a bit foolish to discount all such things as distorted and inaccurate rabble rousing, just as foolish as the people who believe whatever they read without a second thought.
Hooray. This project was misleading and naive in many ways, and it definitely seemed to violate Kickstarter's rules against resale. But that's not why I'm happy this project got killed.
The much bigger problem was the open SSL account and sheer misguidedness of running all network traffic through Tor. This project risked causing real harm to people thinking that this would safeguard their privacy.
It could certainly be commercialized if the company making the product funded exit node servers to offset the increased usage from their customers (X gigabytes worth of exit node traffic capacity for each customer or something).
Some Googling reveals https://www.torservers.net/ which seems to be an European (German) charity that runs exit nodes and relays you can donate to and they seem to be funding a couple Gbit worth of exit node traffic ( https://www.torservers.net/exits.html ) plus some relays.
I'm sure there are other exit node providers that one could donate to also. And of course, there's always the option of setting up your own exit node on a VPS -- find a Tor-friendly ISP and installation is basically an 'apt-get install tor' away (default configuration works fine). I run a few relays myself on my servers and it uses very little system resources and bandwidth is cheap.
If nothing else, and it seems like this specific project could be salvagable at something closer to Germar's original $7,500 level, Anonabox has proven that there is large, consumer-level demand for online privacy.
A better (more secure) consumer solution may be developed by an established company as a result. More desirably, though sadly less likely, governments may take notice of what the people they serve are demanding.
Wonder how many entrepreneurs are looking at this and seeing the awesome market validation of the idea. I know there's some debate around whether this is technically possible or not, but hopefully some smart hacker somewhere can figure those issues out and make a success with this.
Grugq has been working on this since -- 2012. He's had working code; it was just a problem of getting COTS hardware which would support it. Making custom hardware is a bad idea for this for a variety of reasons.
Grugq, Marc Rogers, and I have shown a (much more functional, actually secure) version of this, called PORTAL, at a couple conferences this summer, and will have a retail version on Amazon by December -- none of this presale BS.
Free downloads of the firmware for some of the most commonly available routers out there, and sold at cost ($20-25).
>>but hopefully some smart hacker somewhere can figure those issues out and make a success with this.
Isn't security so complex that it's unrealistic to expect "some smart hacker" to figure out the issues?
My understanding, at least from reading tptacek's posts here, is that you need a very qualified team of experts to tackle the difficult problems in the security field, and then have their research findings and inventions validated and vetted by the security community as a whole.
When I read this, "As the controversy around Anonabox grew, Germar told WIRED earlier in the week that he had never intended the project to be aimed at normal, non-expert users, so much as developers who would contribute feedback and continue to improve the router". What I hear is, "I never thought people would investigate me and call me out for lying".
I've said this in other threads on this but I think "lying" is an extreme exaggeration for what happened here. I've read the whole listing and I see nothing claiming that he designed the whole thing from scratch (and he would be an idiot if he had tried to, as all of the parts are commonly available).
Basically he offered a router that was pre-configured to use TOR. There are lots of people not comfortable with/capable of flashing their routers to use tools like OpenWRT or DD-WRT...and for good reason, as a novice could pretty easily brick their router. It's obvious by the response that a plug-and-play solution does offer value to some people, whether he painstakingly designed the hardware or not.
I wouldn't quote me on this, but if I remember right the original kickstarter did make a claim about it being custom hardware. They removed the few sentences talking about it from the kickstarter page once people started asking about it.
Right below it is a statement "By our fourth round of prototypes we had created a model with 64mb memory and a 580mhz CPU" which uses the word "created" not "found" or "utilized".
1. "I am claiming my device is not the same as the wt3020 off the shelf hardware yes." Self explanatory. He then states that "maybe" the only difference is the amount of storage, which is odd considering he just denied it's the same thing.
2. "Yes that is my picture and yes, I am claiming that the anonabox is not an off the shelf WT3020" Ditto.
3. "Yes honestly that does look like the same circuit board. I can't help but wonder if the factory that we sourced is going to try to sell them too." Here he even infers that their design was stolen and being resold behind their back. Again, this heavily infers they created/designed the board, and clearly denies knowledge of any other existing boards like his, meaning they didn't simply take an existing board and ask for more storage.
Which has the line "This piece has been corrected from an earlier version that included his claims that both the board and case were custom-built for the project." Note the explicit statement that they designed everything.
Wired further stated "he clarified that the router was created from a stock board." Clarified from the original statement that it was all custom designed.
Wired ends with "Germar also says now that the case was supplied by Gainstrong and was not custom-designed by the Anonabox developers, a partial reversal of how he initially described it to WIRED."
So, yes, he DID lie. He explicitly claimed it was all custom hardware multiple times, even when DIRECTLY confronted with evidence to the contrary. Only after several days of this did he begin to walk back his comments.
I don't think he was lying. He just wasn't aware that he didn't know how to create prrivacy in a box. And his well crafted page made it sound like he figured it out when in fact he had not.
I'm curious about the initial 'success' of the fund raise before the unfortunate issues that occurred. Any thoughts on the reason they exceeded their goals so quickly? Does this support indicate there is a substantial demographic of privacy advocates who are interested in personal solutions to privacy? Or, are we looking at a more widespread support of any project (given they don't misrepresent their claims) which advocates a more generalized freedom of information?
Personally, I'd order the thing because I don't trust my router's software and want something quick and easy to deploy.
Well it represented that there are a number of people willing to pay $50 to have a "set it and forget it"[1] tool to enhance their privacy. One might think of that as a validation for the product space. No doubt you could actually build these things now and sell them (although you would want to do a better job of marketing them)
[1] Yes, I'm fully aware that this is not a security conscious point of view but a lot of people just want someone else to solve the problem in an 'ok' way for them apparently.
My 2 cents : sure the initial description of the project was misleading BUT after all the noise the people who were still funding the project KNEW what they were getting into.
I think they should have the right to risk their money.The project sounded FISHY they knew it,well their problem now. Noone's going to cry if the project turns south. Noone's ever care anyway.
With real-time feedback and real-time coverage, it's almost inevitable that our news sources will become increasingly less investigative and more reactive. The first to report wins the traffic, which creates pressure to get stories out the door. Unless you take The Atlantic or New Yorker approach, it's a race, which leaves users users to do the fact checking. We can be cynical about the state of online journalism, and maybe it's partly warranted, but this is definitely where we're headed.