TorBox v.0.3.0 released — now even easier to use

Update from January 13th, 2020
In the version dated January 1st, 2020, we had a little error in one of the script-files, which activated not only the obfs4 functionality but also uncommented “BridgeRelay 1” in /etc/tor/torrc. This led to conflict and blocked Tor to function. In a revised version, dated January 12th, 2020, we fixed this (and some other minor) bugs (see changelog below)

TorBox Image: v.0.3.0 (12.01.2020)SHA-256 values
TorBox Menu only: v.0.3.0 (12.01.2020)SHA-256 values

How to update from v.0.3.0 (01.01.2020) to v.0.3.0 (12.01.2020)?

Because we also switched curl for wget, the update from the previous version to version 0.3.0 (12.01.2020) cannot be done with the update sub-menu. Please proceed as follow (all settings remained unchanged):

  1. If not already done, go into the countermeasure sub-menu and toggle bridge mode from on to off. This comments out the line “BridgeRelay 1” in /etc/torrc. With the command “less /etc/tor/torrc” in the SSH shell, /etc/tor/torrc can be checked: all lines beginning with “Bridge” must have a # in front.
  2. Type following commands in the SSH shell:
    cd
    wget https://www.torbox.ch/data/torbox030-20200112.zip
    rm -r torbox    
    unzip torbox030-20200112.zip
    mv torbox030-20200112 torbox
    rm torbox030-20200112.zip
    cd torbox
    ./menu
    
Main Menu TorBox v.0.2.5 - cleaned up!
Main Menu TorBox v.0.2.5 – cleaned up!
Changelog: v.0.3.0 (01.01.2020) –> v.0.3.0 (12.01.2020)
  • New: Added to the “install” folder script and batch files to avoid a “Tor over Tor” situation if TorBox and the Tor Browser are used together. For more information, see here.
  • Fixed: Obfs4 functionality because it was broken due to a little error in one of the script-files. The bug resulted in uncommenting the line “BridgeRelay 1” in /etc/tor/torrc, which led to conflict and blocked Tor to function.
  • Fixed: Replaced curl with wget in the update script to avoid an error if the link is redirected to another destination.

• • •

Original post:

Based on feedback, difficulties with the correct operation of cable-based clients, and the need to offer a greater variety of connection options when connecting to the internet (also for future developments), the main menu of the TorBox was rewritten entirely. We would appreciate feedback so that we can make further improvements and adjustments in the next release (planned for mid-2020).

The idea behind the new main menu is that the user only has to specify where the TorBox gets its internet from. After that, the clients are served via TorBox’s wireless network, and if connected, simultaneously via ethernet cable. Also, other smaller improvements and wishes have been taken into account, which are listed in detail below. These are the corresponding links to download and install the newest version of TorBox (typically, you need only the image file):

Since we also had to update the configuration files, we recommend using the new image rather than updating an existing system. If you need to update your old TorBox, we recommend to replace the old TorBox menu with the new one and then update the configuration files via the update and reset sub-menu entry 6, which overwrites all old configuration files. However, the old files are saved as .bak. For further information, please contact us.

We update the TorBox website over the next weeks. Until then, some information could be outdated and refer to the older version.

Changelog: v.0.2.5 (24.09.2019) –> v.0.3.0 (01.01.2020)
  • Update: The system is based on Raspbian “Buster” lite with Linux Kernel 4.19.75 and Tor version 0.4.2.5.
  • New: The main menu is completely rewritten. You only have to specify where the TorBox gets its internet from. By default, it establishes a wireless network, which can be accessed by client devices. If available and connected, client devices are served by ethernet cable.
  • New: TorBox supports now internet connectivity with the Point-to-Point Protocol (ppp0, for example, for cellular shields/HATs) and/or over USB adapters (usb0).
  • New: By default TorBox’s wireless network is established by the onboard chip (wlan0). This can be switched with a USB wireless adapter (wlan1) so that TorBox can access external hotspots on the 5 GHz band, which is probably not supported by a cheap low-powered USB wireless adapter.
  • New: The TorBox configuration sub-menu supports now the changing from 2.5 GHz (20 MHz / 40 MHz) to 5 GHz (40 MHz / 80 MHz) and back. Additionally, the WLAN channel to be used can be selected and changed.
  • New: We integrated an update sub-menu that also comprises all the reset features, which are now removed from the countermeasures sub-menu. 
  • New: Support for Sixfab Cellular Shields/HATs. The following Sixfab Shields are supported: Raspberry Pi GSM/GPRS Shield, Raspberry Pi 3G-4G/LTE Base Shield V2, Raspberry Pi 3G/4G&LTE Base HAT, Raspberry Pi Cellular IoT Application ShieldRaspberry Pi Cellular IoT HAT, Raspberry Pi Tracker HAT.
  • New: Beginning with this release, we provide to all our files SHA-256 hashes, so that you can verify the integrity of the downloaded files.
  • Improved: Cleaned up of the code. and outsourced essential functions into a library. This will help to maintain the code in future releases properly. 
  • Improved:  Setting and changing the WLAN regulatory domain  is now more user-friendly.
  • Improved: Because we could clean up the main menu, we added an entry to show the Tor log file. Sometimes, especially if you run a bridge relay, Tor needs minutes to start up. Using this menu entry is an easy way to follow the progress on loading.
  • Fixed: The gpg key for Torproject’s Debian repository is now fetched more reliably (used in the update script), and additional post-update configurations will prevent the breaking of the bridge relay functionality.
  • Experimental: A new script to install TorBox from scratch on a Raspberry Pi with Raspbian light.
  • Removed: CABLE MODE– no longer necessary
TorBox connecting the internet via a cellular connection using a Raspberry Pi 3G-4G/LTE Base Shield V2 by Sixfab and a Quectel EC25 Mini PCle 4G/LTE Module.  
Your feedback is welcome!!

We hope that this version will please you. However, we are dependent on feedback. It’s not just about fixing bugs and improving usability, but also about supporting additional interfaces and hardware in future releases:

  • What do you like?
  • What should be improved (and how)?
  • What would you like to see next? Which features do you request?

TorBox Cellular

TorBox doesn’t support only internet access and client connections via WiFi (an additional USB WiFi adapter is necessary) or cable, it also supports internet access via a cellular network. Below, we show you how you can upgrade your Raspberry Pi.

• • •

• • •

Used Items

• • •

Support software installation and configuration

  1. Go to the Configuration & Update submenu and choose the menu entry 10 to start the installation and configuration of the support software.
    Attention: you have to have internet connectivity for that step. In other words: you have to install the support software before you need a cellular connection!
  2. Choose the correct Sixfab Shiel/Hat.
    According to our recommendation above, it would be the “3G, 4G/LTE Base Shield”.
  3. What is your carrier APN?
    You find the APN settings of most carriers here.
  4. Does your carrier need username and password?
    Again, you find this information on most carriers here.
  5. What is your device communication port?
    If you use the Sixfab Shield with the USB connector (as in our image above), you should choose ttyUSB3.
  6. Do you want to activate auto connect / reconnect service at RPi boot up?
    We recommend choosing yes.
  7. At the end of the installation script, pressing ENTER reboots the Raspberry Pi. If you want to avoid it, press CTRL-C.

How can I securely route my data stream through the cellular connection?
After assembling all the hardware, installing and configuring the support software correctly, choose entry 7 in the main menu to route all your encrypted data through the cellular connection.

TorBox v.0.2.5 released, featuring Bridge Relay support!

Almost a month ago, the Tor Project called for support:

We currently have approximately 1,000 bridges, 600 of which support the obfs4 obfuscation protocol. Unfortunately, these numbers have been stagnant for a while. It’s not enough to have many bridges: eventually, all of them could find themselves in block lists. We therefore need a constant trickle of new bridges that aren’t blocked anywhere yet. This is where we need your help. By setting up an obfs4 bridge, you can help censored users connect to the open internet through Tor.

Based on this call we put a bridge relay into the net a week ago, and – if everything works out – we will add a second one. However, that was not enough for us. Mostly during the last few weekends, we’ve implemented a TorBox feature that allows anyone with a public IP address, 24/7 internet connectivity over a long time, and a bandwidth of at least 1 Mbps to configure their bridge relay at the touch of a button and put it on the net. Besides, we have added and improved some other details, so that we can now release the resulting image as TorBox v.0.2.5. Below are the corresponding links (typically, you need only the image file):

TorBox Image: v.0.2.5 (24.09.2019)
TorBox Menu only: v.0.2.5 (24.09.2019)

Main Menu TorBox v.0.2.5
Main Menu TorBox v.0.2.5

Changelog v.0.2.4-rpi4 (08.08.2019) —> v.0.2.5 (24.09.2019)
New: This version introduces the support for setting up a bridge relay.
Updated : The system is based on Raspbian “Buster” lite with Linux Kernel 4.19.66 and Tor version 0.4.1.5.
New: A little message (“TOR is working“) in the right corner of the main menu shows you immediately if you are connected with the Tor network (meaning https://check.torproject.org returns a positive result). Since a missing response does not automatically mean that there is no connection to the Tor network, no error message is displayed. In other words, if this message is missing, there may or may not be a connection problem.
New: We use the same method as mentioned above for the final message box after selecting (or changing) a connection (main menu entry 6-11). In case of success, the message starts with “CONGRATULATION !!” otherwise with “HMMM… THAT DOESN’T LOOK GOOD…“. In contrast to the positive message, negative feedback does not necessarily mean that an error has occurred. Since the check does not last more than 5 seconds, Tor may not have been ready yet; the check site may have been down, etc.
New: Support for Adafruit’s PiTFT displays (PiTFT 3.5″ resistive touch 320×480, PiTFT 2.8“ capacitive touch 240×320, PiTFT 2.4″, 2.8″ or 3.2″ resistive 240×320, PiTFT 2.2″ no touch 240×320, Braincraft 1.54″ display 240×240). Note: TorBox’s menus and dialog boxes have only been adapted for the PiTFT 3.5 (320×480) or any other display, which displays in textual mode at least 25×80 characters.
Improved: Menus and dialog boxes should now work more smoothly on 25×80 textual screens as well as on smartphone and tablet clients. For that reason, we added for some message boxes scroll texts, which are visible with the “scroll down” remark in the title of the message box.
Improved: Revised version of the Tor reset functionality in the „Countermeasure & Troubleshooting“ menu.
Improved: Cleaning up in the shell scripts (used more variables, combine certain parts into functions, etc.).
Updated: Pre-configured Bridges (we also added our bridge relay)
Fixed: While adding bridges, TorBox activates/deactivates the new bridges depending on the current bridge modus.
Fixed: Some more non-critical bugs and typos in the text files.

The pre-v.0.2.6 release is expected at the end of the year.

The functionality of Tor easily explained

If you look at the various forums about Tor, there is a lot of skepticism, misunderstandings, and questions, especially among newcomers, about how Tor works and the possibilities (or limitations) it offers. This is due in particular to the fact that many people are unfamiliar with how Tor works, and feel that it is far too complicated to understand. With an excellent video of Computerphile, Dr. Mike Pound shows that it doesn’t have to be complicated. Very simple and easy for beginners to understand, he shows how Tor works and mentions its limitations.

Sneak Peek on TorBox 0.2.5

My first Tor Bridge Relay is properly working – see here.

With TorBox v.0.2.5 (coming soon) everyone with direct internet connection will be able to set up a Tor Bridge Relay — only with a view „clicks“.

Bridges are essential for people in authoritarian countries to reach the open internet. TorBox v.0.2.4 offers such client functionality already, but soon, users with a direct internet connection can help others by setting up their relay.

More information
Run Tor Bridges to Defend the Open Internet

TorBox To Go 2.0

Due to the size of the Raspberry Pi and the necessary accessories, TorBox is very easy to use on the road. Below, we show you the recommended minimal accessories for portable use. Nevertheless, all the stuff still fits into a waterproof, compact plastic container. Below the images, you find further information about the items used with the corresponding links.

• • •

• • •

• • •

Although the Raspberry Pi takes up little space, the problem lies in the fact that the official power adapters to the Raspberry Pi are not very compact and therefore waste valuable space. There are smaller power adapters, such as the 12W USB Power Adapter by Apple shown in our example, but when directly connected to the Raspberry Pi, they can cause power problems. This also applies to power banks: the power supply is usually not sufficient for a long stable operation of the Raspberry Pi. The Raspberry Pi 3 Model B was still satisfied with 12W, but Model B+ and the Raspberry Pi 4 Model B require at least 15W (see here: Raspberry Pi 3 B+ Review and Performance Comparison and this Power Consumption Benchmarks). There is also another problem with the Raspberry Pi 4 Model B: because of a flaw in how the USB-C power input is behaving, currently, the Raspberry Pi 4 B does not work with most third-party power adapter and power banks. By contrast, the PiJuice HAT works reliably with almost all Raspberry Pi versions and models, and virtually any power adapter or power bank can be connected to it, so the somewhat weak standard battery doesn’t run out too quickly. With the PiJuice alone, TorBox can be operated for an estimated 1-2 hours, depending on the load.

Used Items

TorBox v.0.2.4-rpi4 released, featuring Raspberry Pi 4 Model B support!

I’m pleased to announce this new version of TorBox, which introduces the support for the Raspberry Pi 4 Model B. The image file was completely rebuilt based on Raspbian “Buster” lite with the Linux Kernel 4.19.58 and Tor version 0.4.0.5. This version does support not only the new Raspberry Pi 4 Model B but also the previous Raspberry Pi 3 (Model B / Model B+).

TorBox Image (870 MB): v.0.2.4 (08.08.2019)
TorBox Menu only: v.0.2.4 (08.08.2019)

In contrast to the previous versions, the Raspberry Pi 4 Model B has a higher power consumption, which is why we also recommend the use of a Pimoroni’s chunky heatsink in combination with a Pibow Coupé 4 case (see photo above).

The TorBox pre-v.0.2.5 release is expected at the end of the year.

Updated: Useful browser add-ons to improve anonymity, security and/or usability

Along with the release of TorBox v.0.2.4, we were updating our website and added some new information in the FAQ section. We also heavily updated our recommended browser add-ons, which are mainly available for Firefox (our number one choice for web browsers alongside the Tor Browser). Here you can find a copy of the updated recommendations (the original list can be found here):

  • https-everywhere: Automatically makes websites use a more secure HTTPS connection instead of HTTP if they support it. With HTTPS, even the connection between the Tor exit node and the web server is encrypted. Tor Browser also uses this add-on. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox, Firefox for Android, Chrome, and Opera).
    https-everywhere: How it works.
    https-everywhere: How it works.
  • NoScript: Allows JavaScript, Java, Flash, and other plugins to be executed only by trusted web sites of the users choice. NoScript also provides powerful anti-XSS and anti-Clickjacking protection. Tor Browser also uses this add-on. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox and Chrome).
  • First Party Isolation: First Party Isolation, also known as Cross-Origin Identifier Unlinkability, is a concept from the Tor Browser. The idea is to key every source of browser identification with the domain in the URL bar (the first party). This makes all access to identifiers distinct between usage in the website itself and through third-party. Think of it as blocking Third-party cookies, but more exhaustively. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox).
  • uBlock Origin: The only real working and independent ad blocker (ESSENTIAL for SECURITY / ANONYMITY / USABILITY; available for Firefox, Chrome, Safari, and Opera).
  • Smart Referer: Prevents Cross Domain Referer Leakage (ESSENTIAL for ANONYMITY; available for Firefox).
  • CanvasBlocker: Allows users to prevent websites from using the Javascript canvas API for fingerprinting them. (ESSENTIAL for ANONYMITY; available for Firefox)
  • Decentraleyes: This browser add-on emulates Content Delivery Networks (CDN) by finding supported resources locally, and injecting them into the environment. All of this happens automatically, so no prior configuration is required. Here is a testing utility to find out if you are properly protected against a CDN vulnerability (ESSENTIAL for ANONYMITY; available for Firefox, Chrome, Opera).
    Decentraleyes: How it works.
    Decentraleyes: How it works.
  • Neat URL: Cleans URLs, removing parameters such as Google Analytics’ utm parameters. (ESSENTIAL for ANONYMITY; available for Firefox)
  • Skip Redirect: Some web pages use intermediary pages before redirecting to a final page. This add-on tries to extract the final url from the intermediary url and goes there straight away if successful. (ESSENTIAL for PRIVACY / USABILITY; available for Firefox)
  • Privacy Pass: Allow users to redeem validly signed tokens instead of completing captcha solutions. Clients receive 30 signed tokens for each captcha that is initially solved. Cloudflare currently supports Privacy Pass. (ESSENTIAL for USABILITY; available for Firefox and Chrome).
  • uMatrix: Point and click matrix to filter net requests according to its source, destination, and type (available Firefox, Chrome, and Opera).
  • Privacy Badger: A balanced approach to internet privacy between consumers and content providers by blocking advertisements and tracking cookies that do not respect the Do Not Track setting in a user’s web browser (available for Firefox, Chrome, and Opera).
  • FoxyProxy: FoxyProxy is an advanced proxy management tool (see also here; available for Firefox, Chrome, Safari, Opera, and others).
  • Bypass Paywalls: Let’s say you are a researcher and one of your sources is an article in the Washington Post. Would you subscribe, only for that one article? Yes, we thought so, too 😉 (available for Firefox and Chrome).

Do you have another very useful browser add-on? Let me know in the comment section below!

TorBox v.0.2.4 released, featuring OBFS4 Bridges support!

I’m pleased to announce the release of TorBox v.0.2.4. As promised, the focus of this release was on supporting OBFS4 bridges, which help to overcome censorship measures in certain countries (for example Turkey). Below are the links for the latest TorBox v.0.24 (typically, you need only the image-file):

TorBox Image: v.0.2.4 (25.05.2019)
TorBox Menu only: v.0.2.4 (25.05.2019)

Main Menu TorBox v.0.2.4
Main Menu TorBox v.0.2.4

Changelog v.0.2.3 (09.02.2019) —> v.0.2.4 (25.05.2019)
Updated: The system is based on Raspbian “Stretch” lite with Linux Kernel 4.19.2 and Tor version 0.3.5.8.
New: Instead of the “advanced submenu”, we split old and new functionalities into two separate submenus: “countermeasures & troubleshooting” and “configuration & update”.
New: We implemented in the “countermeasures & troubleshooting” submenu a user-friendly way to activate, configure, and change the OBFS4 bridge’s functionality. There are 15 pre-configured OBFS4 bridges in the configuration, which were fully functional at the time of the release. We hope to help with this approach beginners. We urgently need your feedback to develop this functionality further.
New: Since TorBox v.0.2.3, nyx does a good job as a statistics tool (main menu entry 1). However, there are certain cases, when Tor hangs during bootstrap, that nyx doesn’t start either. Therefore we have added an alternative method in the submenu “countermeasures & troubleshooting” (entry 11) to quickly display the log file of Tor and update the display if necessary.
New: TorBox is now providing a SOCKS v5 proxy functionality on port 9050 to its connected clients. If you use that capability, applications which support SOCKS v5 proxy connectivity and “DNS over proxy” (for example Firefox or the add-on FoxyProxy) can access directly .onion sites. For more information, see here.
Improved: We again reduced the size of the image file, which is now about 865 Mbyte.
Changed: All scripts are now executed by bash instead of sh. The change was needed to enable the handling with arrays.
Fixed: Some minor bugs and cleaned up the code.
Removed: The experimental section (for now).

The pre-v.0.2.5 release is expected at the end of the year.