Hands on with Anonabox Pro: mobile privacy, with quirks


When I last wrote about tools forkeeping your data secure while traveling several years ago, the laptop was still the computer of choice for road warriors. So a secure USB key and browser combination was plenty to help protect against insecure Wi-Fi and prying hackers. But now that nearly everyone is dependent on their mobile devices when they travel, the problem of staying secure on the road has become more complex — especially if you connect your mobile device to public Wi-Fi hot spots. Startup Anonabox has been trying to address this issue and, after a rocky start with its first offering, has introduced a new product line, headed by the Anonabox Pro. I’ve been using one for several weeks now, and have found plenty to like, along with more than a few rough edges.

Anonabox Pro: Secure Wi-Fi-enabled travel router

The Anonabox Pro is at its core a portable Wi-Fi router — not too different from many other inexpensive versions you can pick up from a variety of online sites, based on OpenWRT & LuCI. On top of the base hardware and open-source system software, Anonabox has added a built-in Tor router, a client for OpenVPN, and for commercial VPN Hide My Ass (HMA!). The combination promises to allow you to create your own, secure, Wi-Fi hotspot, and then route all your devices through it. That way, not just your laptop, but your smartphone and tablet (or any other Wi-Fi-enabled devices you use) can have the benefit of secure communications.

Ideally, the above might also simplify your life, since those devices would have a predictable Wi-Fi network to connect with, rather than needing new credentials each time you use them. And for Wi-Fi hotspots that limit the number of devices you can use, the Anonabox shows up as a single device. In practice, though, as we’ll see further on, there are a number of issues that get in the way of this panacea. Like many routers, it can also serve as a bridge or range extender, but its primary use is definitely as a secure router.

The device itself is tiny, featuring two Ethernet ports for configuration and wired connectivity (one for uplink and one for client connectivity and configuration), a micro USB port over which it gets power, a USB port for adding devices such as a thumb drive, and a reset button. There is a status LED as well. For wireless connectivity, the Pro supports 802.11 b/g/n at 2.4GHz. The internals have also been beefed up compared with the original, as there is now a 650MHz CPU, 128MB of RAM, and 64MB of Flash memory.

Configuring your Anonabox Pro and using Tor


Anonabox received a lot of negative feedback on its original version, in part because it was neither configurable nor upgradeable. The Pro addresses both those issues, with a configuration UI and a firmware update capability (although there aren’t any updates available yet, so I haven’t tested that functionality).

The configuration UI is similar to the one on competitor Invizbox. The Anonabox Pro is still based on the open source OpenWRT codebase, although documentation on how to take advantage of OpenWRT functionality on the unit is very sparse. You connect to it via SSH to access functionality beyond what is exposed in the UI — although the UI does include a package installation interface, and an interface for managing startup processes.

While the Anonabox has a deceptively friendly looking user interface for its common configuration tasks, with lots of point-and-click screens, the process of configuring it is susceptible to user error. You need to follow each step of the setup guide exactly, or may find yourself having to reset the unit and start over. My favorite (well, really, least-favorite) is that you need to uncheck the “Replace current wireless network” box (that is checked by default) when connecting the unit to an available wireless network. If you don’t, the box becomes non-responsive until you connect over a hard-wire cable or reset it.

Performance when running in a non-private mode was good, although surprisingly spikey. Tested using our 130Mbps cable connection, Speedtest would normally report about 50-60Mbps, but sometimes would jump to 120Mbps (averaging about 60Mbps). Configuring Tor is a piece of cake, but, as you’d expect, performance over Tor was only a fraction of what you’d get otherwise — in my testing typically 1-2Mbps.

Using a VPN with the Anonabox Pro

For those willing to invest a few dollars a month, a VPN provides a higher-performance alternative for keeping your IP address, and some other information, private. The Anonabox Pro comes with a free 30-day trial of “Hide My Ass!”, one of the better-known VPN vendors. In my testing, HMA was much slower than native access (about 8-10Mbps download — although coupled with a surprisingly quick 9Mbps upload), but much faster than using Tor (although each of them has its own advantages and disadvantages as far as how well they protect your privacy and provide security). By comparison, a direct-tunnel connection over a Hamachi VPN from the same network to a dedicated server ran at 70-90Mbps consistently.

One cautionary note is that some friends have reported their mail getting flagged as spam when they sent it while using a subscription VPN, so that’s something to watch out for if you use one.

Anonabox has said it will be adding more VPN clients, which would certainly be a welcome upgrade, as many users already have a VPN subscription and won’t want to change. In the meantime, some VPN providers have instructions for how to use OpenVPN to access their service. However, OpenVPN configuration on the unit is neither well-documented or simple, so it will still take some effort to use a VPN provider other than HMA!.

Issues with using Anonabox Pro as a travel router

::__IHACKLOG_REMOTE_IMAGE_AUTODOWN_BLOCK__::2My vision of using an Anonabox Pro as my ultimate travel solution ran into a couple snags in practice. The biggest problem I ran into is that if you power off the Anonabox Pro without disconnecting it from the Wi-Fi network it is using, it will refuse to provide Wi-Fi when powered on — until hard reset, or reconfigured using an Ethernet cable. The product’s developers say this is a necessary limitation, but in practice it is really painful. For example, if you suddenly hear your flight called, and close your laptop, pack up and head off, you’ll need to dig out an Ethernet cable before you can use the router again. Worse, if you are using a laptop without an Ethernet port, you’ll need to carry a USB-to-Ethernet adapter and an Ethernet cable. Or reset the device and start over completely on configuration.

Also, because the Anonabox Pro doesn’t have its own battery backup, if you power the router from your laptop, and don’t have an “always-on” USB port, then whenever your laptop falls asleep, the router will turn off. At minimum this means a delay while it reboots, but if you are using Tor, it can take an additional couple minutes to connect to the network. So, as a practical matter, heavy users may want to travel with an external battery pack to use with their Anonabox. Unfortunately that defeats much of the advantage of its small size.

Anonabox Pro as a secure communication device

Obviously, use as a travel router for road warriors isn’t the only use case for a privacy-focused connectivity devices. For those who are worried about censorship, access limitations, or concerned for their own security, encrypting traffic as it comes out of their computer or smartphone makes perfect sense. The good news here is that Anonabox has done quite well in various tests, and appears to keep traffic flowing through it corralled onto the VPN (if in use) or through Tor (when it is enabled for web browsing). For phone users in particular, having Tor or a VPN running on the Anonabox reduces the performance overhead, and battery drain on your mobile device. It also keeps you from having to track down VPN or Tor software for all of your devices.

The Anonabox Pro shows a lot of promise but, at this point, investing in one involves believing that the company will continue to improve the UI, extend support to additional VPN providers, and make more OpenWRT functionality accessible without needing to resort to shell commands. Unlike the original version, which was a Kickstarter project, the Anonabox Pro is available from a variety of online retailers for about $120.