This device was semifinalist of The Hackaday Prize contest ! - Link -


Basically, this device acts as a wifi / ethernet router and access point. It could connect to the internet using some random wifi, a wired network, or a tethered android phone (wifi or usb). On the secured side, it acts as a wireless access point with internet forwarding so it works with every kind of device : PC, laptop, smartphone, using Windows, GNU/Linux, Android or even Mac-OSX.

The wireless access-point is also hardened with a random key feature. The access-point security key could be modified on-demand and at boot-time with a random one.

From the touch screen interface, TOR or an OpenVPN tunnel could be enabled. This custom interface could be used for complete operation, full setup and device monitoring.

It only needs a wifi adapter and no setup on the endpoint device (computer, smartphone…) to work. The user interface is also very easy to use with on/off buttons, so it is very easy to operate by non tech people.

In sensitive situations, the complete software and operating system could be installed in a few minutes from a preconfigured and encrypted image. The SD-card could also be removed from the device or even destroyed in a few seconds, causing no harm to the device, but makes it completely empty and useless. This way, sensitive data such as SSH private keys are secure.

The device hardware is open source, and uses only free software. This way, it could be improved by the community when it needs to, and it also helps defend digital freedom and Human Rights.

It also makes a perfect device to fight planned obscolescence : the software is built to be cross-compatible with different boards, offering different features, to adapt to various situations and evolve over time.

The device could be built at home using some easily sourceable parts and laser cut enclosure in a ready-to-build kit (see below), but could also be easily customized and manufactured for specific needs.


Key features


- Quick connect to Android using QR code

- AP security forced on WPA2-PSK

- Point to point tunneling with internet forwarding

- Very stable and fast over wireless, cellular and other non reliable networks

- Keeps connected over a roaming connection

- Anonymous browsing,

- Access forbidden websites / services based on location

- Force or Block relay nodes based on their location, from the main interface


Why is it an important device ?



Target audience



How you can help

This device is still in a prototype stage. It is actually looking for many things :

If you are willing to help, or just want to discuss about the project, please drop me a line !

If you are interested, I also added a Paypal Donate button on this page.


Connection diagram :


Functions diagram :


For a device like this one, being open in design is not an option : it could be audited, and so it could be trusted. The philosophical nature of being "free" (as in "freedom") is also very important to this project : protecting online privacy is also defending Human Rights.

So this device is meant to be as much open and free as possible :

- actual prototype is Raspberry Pi based. While R-Pi is not fully open hardware because of the Broadcom chips, schematics, board layouts and many other data are in the public domain. The actual device software is also built to remain compatible with different boards and hardware. Cross-compatibility is a key aspect of this device.

- the custom software is GPL v3, and every software component/library has been choosen considering it's free software licence,

- the different enclosure designs (when ready) will be in public domain

- I do my best to document the device, and release every source code I'm using in it when it's ready. I do my best to keep my software easy to understand or customize. I've already been asked about a second device with different features, so the software should adapt to different boards.

This project is also a great example of people openness. It could not have reached it's actual development state without some great people who donated either hardware or time (or both) : battery board and case come from PiModules, and Lemaker people are really of great help with the BPi board. And of course the many people or friends who give me some help, advices and critizisms is a great example of cooperation, and this is possible only because the project is so open.

While people apparently enjoy the device look, I used some already available components (PiModules UPiS & case, 2.8 TFT) to build the last prototype. It was the best way to approach what I imagine for the final device, and also it saved time for the coding and the many other things.

The software coding started long before this contest, is far from being finished, and is the most important part of the device. I think I built an attractive and effective user interface. If an attractive interface could help people better understand privacy concepts and start fight about their rights, I'm all for it.

I think this device is innovative on many aspects :

- I don't know of a similar device

- this device allows some advanced network operations, but requires almost no knowledge from the user. Building / installing/using Tor or a VPN are not so easy things for non tech people.

- to this day, internet privacy and security is a must, and people are becoming aware of the actual situation. Many end-users or even corporations don't know how to secure their online activities. This device is designed for these people, being very ease to use.

I'm also showing the device to many people, including corporations. I see these people are very interested in it, this is a very innovative and usefull concept to them. This is enough for me to work further on it.

On the other hand, this project may be considered impressive due to the fact I'm all alone working on it until now, and without fancy tools...

This device helps bring privacy to connected people by installing itself between the users and the Internet.

It could connect two remote places using a very secure tunnel.

This is also a mobile wireless access point, and a wireless client.

It could also work with cable ethernet and cellular data network.

Being connected is the reason this project exists from start...

This device has been thought to be reproducible, from start : the software is compatible with many different main boards and hardware, even with a computer running Debian. Additional components, such as battery board, touchdisplay, USB wifi adpaters, are either optional or interchangeable with other components. I took this decision to allow everyone to build it at home, using on the shelf or easily available hardware.

This device has been designed to evolve if there are specifical needs : the corporations to whom I showed the prototypes already asked for a 4x ethernet switch instead of the wireless access point so I'm working towards that and plan to port the software to the incoming BPi-R1 board (planned for release in october). This is just one example, and this is why openness is so important to this project.

I think no device allows VPN / TOR use with pressing a single button on a touchscreen. There are many components that work with each other, and it was not easy to make work well. Automatic firewall rules switching function was a hard part, with many facepalms. his software is very innovative in my opinion, especially because of the attractive user interface.

I also had to deal with overheating issues which caused the last prototype to suddenly reboot, and the first prototype enclosure was built completely by hand.

These moments were not that easy to deal with but I think overall result is great and it is a great learn process.

It was a primary objective of this device, long before this contest. "Secure" and "easy to use", too often, are opposite concepts, so I thought I could do something about it. The user interface is very easy to use, even if it still needs some work and new features. I built it for myself at start, but now I try to show it to many people to get some feedback. People seem to appreciate the ease of use of the user interface, I made it for non-techy users so I think I succeeded in it.
I use this device personally very often in many situations (see the project logs), so it's now proven to be usable (and usefull) in the real world.

It is not only manufacturable, but it is especially easily manufacturable : the used component are interchangeable and easily available, and I'm using an already available enclosure (with a custom part) in the last prototype.

I also posted a Doodle poll about the device, and it appears the laser cut enclosure road is the best solution for the final design : it could be easily built at home and/or mass-manufactured, still allows for some customizations, and has a very professional look.

For the first move into marketing, I want to design and sell ready-to-build kits, with every parts needed : mainboard, display, battery, enclosure. I also want my own Arcadia Labs one-man company to assemble the kits, propose ready-to-run devices, and customize kits for specific uses.

This solution also lowers manufacturing cost, and could also add business and attention to very nice and innovative companies : Raspberry Pi foundation, PiModules, Adafruit, LeMaker, and others.
I think reinventing the wheel is a waste of ressources, especially when other companies already build well designed components.

Early example of a ready-to-build kit.


What is working, or not, at this stage ?

First, it is very nice to see the essential features of the device are working already :

Of course, everything did not work as smooth as I imagined, and some features still need some work :

I also have many additional features in mind, but these are either not implemented, or not working yet :


Software bits :


Licences

Each software or library used is under one of these licences :

The device's custom software uses GNU General Public License 3.