Close

Does this project spark your interest?

Become a member to follow this project and don't miss any updates

Web security everywhere

Secure your Internet, control your data, fight censorship. Bring your secure and autonomous all in one security device everywhere.

9 105 100
Enjoy this project?
Share on twitter   Share on Facebook

This project was created on 07/23/2014 and last updated 3 days ago.

Description
In a world where digital privacy doesn't exist anymore, where journalists couldn't securely do their work, where companies are spyed upon by various entities, and where Human Rights are cynically disregarded, there is an urgent need for an easy-to-use tool to restore digital privacy.

This autonomous device uses the available connectivity to build a secure access-point and bypasses internet filters to connect to a remote network, use a secured internet or even browse anonymously.
Connect your laptop/smartphone to the device's secured wifi access-point, no additional setup is needed. Enjoy a secured internet anywhere, anytime.

It could connect the internet via a public wifi access-point, 3G internet via phone usb/wifi tethering, corporate cable network, or even your own router/ADSL box.

It is very easy to use with its touch control interface and its fully automatized functions.

It could run autonomously during several hours on its internal battery.
Details

Basically, this device acts as a wifi / ethernet router and access point. It could connect to the internet using some random wifi, a wired network, or a tethered android phone (wifi or usb). On the secured side, it acts as a wireless access point with internet forwarding so it works with every kind of device : PC, laptop, smartphone, using Windows, GNU/Linux, Android or even Mac-OSX.

From the touch screen interface, TOR or an OpenVPN tunnel could be enabled. This custom interface could be used for basic operation, setup and device monitoring.

It only needs a wifi adapter and no setup on the endpoint device (computer, smartphone…) to work. The user interface is also very easy to use with on/off buttons, so it is very easy to operate by non tech people.

In sensitive situations, the complete software and operating system could be installed in a few minutes from a preconfigured and encrypted image. The SD-card could also be removed from the device or even destroyed in a few seconds, causing no harm to the device, but makes it completely empty and useless. This way, sensitive data such as SSH private keys are secure.

The device hardware is open source, and uses only free software. This way, it could be improved by the community when it needs to, and it also helps defend digital freedom and Human Rights.

It also makes a perfect device to fight planned obscolescence : the software is built to be cross-compatible with different boards, offering different features, to adapt to various situations and evolve over time.

The device could be built at home using some easily sourceable parts and laser cut enclosure in a ready-to-build kit (see below), but could also be easily customized and manufactured for specific needs.


Key features


  • Secure wireless access point
  • On-demand OpenVPN transparent tunnelling to a remote trusted network/server (here, it is a second Raspberry Pi) :

              - Point to point tunneling with internet forwarding

              - Very stable and fast over wireless, cellular and other non reliable networks

              - Keeps connected over a roaming connection

  • On-demand Tor transparent proxy :

              - Anonymous browsing,

              - Access forbidden websites / services based on location

  • Hardware firewall with dynamically and automatically addressed rules
  • Capable of traversing NATs and firewalls
  • Ad-blocker / DNS filter feature with quick custom rules
  • Touch display control interface
  • Very low power consumption : ~5 Watts, runs on a phone charger
  • Onboard 2600 mAh battery : ~4h running time
  • External 10000 mAh battery : adds ~8h and charges onboard battery
  • Very easy to operate, install and deploy

Why is it an important device ?

 

  • It prevents people from learning your physical location or browsing habits,
  • It helps defend individuals against traffic analysis,
  • It helps businesses to keep their strategies confidential,
  • It helps activists to anonymously report abuses or corruption,
  • It helps journalists to protect their research and sources online,
  • It helps people to use online services blocked by their local Internet providers

Target audience


  • People who want to fight a form of network surveillance that threatens personal freedom and privacy,
  • Every kind of job/activity that require confidentiality / privacy / security,
  • Every kind of job/activity that require some secure remote access,
  • Journalists / Activists

Connection diagram :


Functions diagram :


  • How “Open” is the design ?

For a device like this one, being open in design is not an option : it could be audited, and so it could be trusted. The philosophical nature of being "free" (as in "freedom") is also very important to this project :  protecting online privacy is also defending Human Rights.

So this device is meant to be as much open and free as possible : 

- actual prototype is Raspberry Pi...

Read more »

Components

Project logs
  • Time to thank people

    3 days ago • 0 comments

    We are now a few hours to the next vote, so I think I won't work on the documentation anymore until then. The project will make the cut to the next contest stage, or will not, it's now too late to change this fate.

    So, I think it is a great time to thank the people who contributed to this project, either with providing some hardware, or with giving some time, or both. This project could not have gone so far without these people :

    • PiModules donated the main prototype's powering circuit and laser cut enclosure. On the other hand Ioannis is always present when I encounter problems.
    • LeMaker team worked so hard to improve their software and allow the BPi prototye to work in time. They are also of great help with many things along the way.
    • Many people offered their help in one way or another : the swiss people that invited me for a device's show, the hackaday readers who gave some very contructive critizism about the project, the friends and relatives who donated time, advices and critizisms, and of course my best half who supports me day after day.

    Of course, I wish to thank HackaDay team for bringing me the chance to get some attention about this device. Before this contest, I wasn't that sure my device concept could be interesting to people. Now, I don't have any doubts about it.

    This contest is only the beginning about this device. Many more improvements are planned, and I'm already working hard towards a future marketing scheme. Partners and customers are identified already, it is just a matter of time (and money) right now.

    Now, back to coding...

  • Finally, this one is working just in time

    5 days ago • 0 comments

    I was not sure I could make it work before the next vote, but finally it is there and I could show it.

    This prototype shares the first prototype's display and enclosure, it is so nice to make experiments without breaking anything... Software is cross compatible with the "official" device. Other than that, this is a completly different beast.

    This prototype is not meant to remplace the actual device which runs very well, but to live side by side with it. Each one offers its own unique hardware features (the Raspberry Pi advantages being the most advanced device, easily buildable, and offers a large support community).

    Hardware :

    The main board is the Banana Pi from Lemaker people. This is a Allwinner A20 SOC featuring a 1GHz dual-core Cortex A7 CPU, with 1GB DDR3 memory, Gigabit ethernet, a SATA port, and battery charging circuitry. The user defined led and onboard on/off button are also very appealing. It shares the Raspberry Pi GPIO scheme and runs a Raspbian-compatible operating system. 

    So it made perfect sense to port the Web Security Device to this board first.

    The most difficult part was about the display, it finally worked only today. This prototype still misses its internal battery, but I already made some progress about it and Lemaker people do a great job helping me along the way with their hardware.

    Software :

    Like I've done with the actual device, it runs a stripped-down version of Raspbian-like OS, cleaned up of every component non-essential to the device. Less software components means better security. I also updated the main software to be 100% cross-compatible with RPi and BPi (except the powering management part for the moment). Next move may be moving both boards to some barebone distro.

    It still needs a lot of work, but this new prototype runs very well already, and is pretty fast...

  • Artist's drawings

    6 days ago • 0 comments

    Finally... I posted them in the details.

    The first one is mine. My gimp skills are almost nonexitent. Artistic or not, you decide...
    The second one is from my friend El_Panda. It was way too cool to not post it...

View all 23 project logs

Build instructions

See all instructions

Discussions

Ivy.Y wrote 4 days ago null point

Its impressive!!! Small but STRONG!!!

Are you sure? [yes] / [no]

tony.zhang wrote 4 days ago 1 point

So nice to see it has been ported into Banana Pi board finally!

Are you sure? [yes] / [no]

Arcadia Labs wrote 3 days ago null point

You were of great help, Tony... ;)

Are you sure? [yes] / [no]

Yaggi-2013 wrote 6 days ago null point

Wow ! impressive ! Small and full of functions ! I'd love put it behind my dbm-boosted Yaggi !

Are you sure? [yes] / [no]

Tachyon wrote 24 days ago null point

Regarding the heat issue...try starting simple. Block off the sides and let convection do the work. This is assuming you make it to be stood up as in the first photo. Note that you'll need to leave an opening at the bottom.

Are you sure? [yes] / [no]

GuyisIT wrote 25 days ago null point

Congrats on making the cut for the HaD Prize! This is an awesome project, and I can' wait to see the code.

Are you sure? [yes] / [no]

Arcadia Labs wrote 25 days ago null point

Many thanks for your support ! I'm actually cleaning up the actual code for a first release, so it won't take long.

Are you sure? [yes] / [no]

Arcadia Labs wrote a month ago null point

Actually I'm exploring another board, more adapted to this use (the Banana Pi). Code is 100% compatible, but I still need to make the LCD work as expected :)
I have plans to make a really nice enclosure, but it takes time. I second you on this :)

Are you sure? [yes] / [no]

DigiGram wrote a month ago null point

Now I have a good reason to get a RPi!! This looks awesome. Will really look into building something like this! But with a case that will not have TSA remove my luggage at the airport :D (Being a foreign Chemical Engineer already puts you on some kind of watchlist)

Are you sure? [yes] / [no]