TorBox v.0.3.1 released — all about bridges

Our goal with TorBox is not only to simplify the use of Tor as an anonymizing router but also to bring the use of bridges closer to those who want to get around censorship easily — with all their network traffic, not just their browser traffic.

TorBox v.0.3.1 comes one step closer to this goal. Not only has the management of OBFS4 bridges been improved once again, but it’s also now possible to check the status of bridges (online, offline, or doesn’t exist anymore) and based on that to enable, disable and delete them. For operators of a bridge relay, the possibility to backup and restore the relay data has been implemented. Also, other smaller improvements and wishes have been taken into account, which are listed in detail below.

Since we also had to update the configuration files, we recommend using the new image rather than updating an existing system. We have added a short guide at the end of this post for those who absolutely must update from the previous version (not older!).

TorBox Image (about 675 MB): v.0.3.1 (30.05.2020) – SHA-256 values
TorBox Menu only: v.0.3.1 (30.05.2020) – SHA-256 values

We would appreciate feedback so that we can make further improvements. The three most valuable feedbacks will get a ProtonMail $100 Gift Card (sent as a PDF). Additionally, we have still one Raspberry Pi 3 Model B to give away — of course, installed with the latest TorBox version. If you are interested, just send us an email.

• • •

Changelog: v.0.3.0 (12.01.2020) –> v.0.3.1 (30.05.2020)
  • Update: The system is based on Raspberry Pi OS “Buster” Lite with Linux Kernel 4.19.118 and Tor version 0.4.2.7.
  • New: The list of OBFS4 bridges displays now the status of the bridge (online, offline, or doesn’t exist anymore – see image below). The bridge management is rewritten. You can now easily activate, deactivate, and remove bridges in three ways: all, based on a specific status of the bridge or only selected. For example, you could activate all bridges, deactivate only the offline ones, and remove bridge #3 and #5.
  • New: The ability to backup and restore your bridge relay configuration, including your identity keys. This is important because when upgrading your bridge relay or moving it on a different computer, the important part is to keep the same identity keys. Keeping backups of the identity keys so you can restore a relay in the future is the recommended way to ensure the reputation of the relay won’t be wasted. The backup is stored / can be placed in the home directory, in which you can download / upload it with an SFTP client (using the same login / password as the SSH client).
  • New: An arrow in the main menu indicates from where you get the Internet.
  • New: USB Tethering with Android devices should now work (main menu entry 7). As I do not have an Android test device, this point needs to be tested further, and I rely on your feedback. I want to thank everyone who has been in active email correspondence with me on this point over the past weeks.
  • New: Added “Just fixing and cleaning” into TorBox’s Update & Reset sub-menu.
  • Improved: The countermeasure against a disconnect when idle feature (entry 10 in the Countermeasure sub-menu)shows now its status and can be deactivated.
  • Improved: Before Tor is compiled  (option 3 in the Update & Reset sub-menu), the current version is checked, compared with the one in the repository, and the user can decide if he wants to aboard before wasting time if no new version is available. Important: Currently, Tor can be updated with option 1 “Update the base system” in the Update & Reset sub-menu (main menu entry 12), and it is not necessary to compile Tor fresh.
  • Improved: The overall reliability of the update script.
  • Improved: The overall reliability of the installation script. It is adapted to the new Raspberry Pi OS, and we hope that this is the beginning of a platform-independent use of TorBox .
  • Improved: Cleaned up the code and outsourced more essential functions into a library. This helps to maintain the code in future releases properly.
  • Fixed: After shutting down the Bridge Relay, the two ports remained open (at least in some instances).
  • Fixed: If the Bridge Relay is deactivated and Tor is freshly started, the message appears that the ports are opened to the outside, even if this is not the case.
  • Fixed: An error in changing the password of the Tor control port broke the enforcing of a new exit node with a new IP (main menu entry 2).
  • Fixed (post-release): rfkill blocks the Raspberry Pi’s onboard WiFi chip and impossibles to create TorBox’s WiFi (it seems to be newly activated with Raspberry Pi OS) – we set rfkill unblock all in /etc/rc.local and had to rebuild the image again on Sunday, Mai 31, 2020 (we kept the same filenames).
How to update from TorBox v.0.3.0 (12.01.2020)?

Important: You cannot automatically update on TorBox installations, which are older then v.0.3.0 (12.01.2020)! If you need help, then please contact us.

With a TorBox v.0.3.0 (12.01.2020) installation, you can perform the following tasks. This deletes all your custom made configuration, but not alter your bridge relay keys. Nevertheless, we recommend, if possible, to use the new image.

Your feedback is welcome!!

We hope this version pleases you. However, we are dependent on feedback. It’s not just about fixing bugs and improving usability, but also about supporting additional interfaces and hardware in future releases:

  • What do you like?
  • What should be improved (and how)?
  • What would you like to see next? Which features do you request?

Review: Tor router on Raspberry Pi

TorBox running on Hoek’s hardware configuration.

Hoek wrote on his website 0ut3r Space, a very nice guide / review about the TorBox. He used a Raspberry Pi 4 Model B in combination with a 3.5inch RPi Display (TFT) with an XPT2046 touch screen controller. Of course, the touch functionality won’t work in the shell terminal. The TFT and a beautiful matching case can be found on Aliexpress. I ordered it today to write a new guide for the advanced section because the Pimoroni’s Pibow PiTFT+ case for the PiTFT 3.5″ resistive touch 320×480 from Adafruit is is not available for the Raspberry Pi 4. Possibly we will implement the driver installation in a future version of TorBox in the configuration sub-menu.

Thank you, Hoek, for your kind review!

Delay on the TorBox project due to the COVID-19 pandemic

Updated on May 6th, 2020
  • All comments and questions are now answered. Thanks for your patience.
  • The documentation for TorBox v.0.3.0 is now revised, and the rest of the website is adapted to this latest version. Also, additional entries in the FAQ have been added, based on the questions received.
  • Important: You can safely update TorBox v.0.3.0 (initially with Linux v.4.19.75 and Tor v.0.4.2.5 to Linux v.4.19.97 and Tor v.0.4.2.7) using the first entry “Update the base system” in the “Update and Reset sub-menu” (main menu entry 12). An update is recommended because Tor v.0.4.2.5 shouldn’t be used anymore. We are going to build a new image in the next weeks and TorBox v.0.3.1 is already in the making.
Original post:

Initially, it was planned to update the TorBox website according to the latest version of the TorBox by the end of April. Primarily the documentation is still focused on the older version. I also intended to add more fixes and even some newer features to the TorBox itself.

Unfortunately, due to the COVID-19 pandemic, I found myself In my professional job under enormous working pressure. So far, I haven’t even had time to answer all the comments and questions on the TorBox website and on GitHub, or the many email messages. Sorry, folks; I’m sure some users are already upset with me.

Since my holidays were canceled at the end of April, all projects related to TorBox — especially checking and fixing possible bugs, as well as updates to the operating system and core components — have been postponed to the end of July or beginning of August. However, if the work situation continues to calm down over the next few days, I’ll start answering the comments on the website and on GitHub as well as the emails addressed to me in the coming weeks.

I’m sorry for this inconvenience and hope to bring the TorBox project back up to date as soon as possible.

TorBox v.0.3.0 released — now even easier to use

Update on January 13th, 2020

In the version dated January 1st, 2020, we had a little error in one of the script-files, which activated not only the obfs4 functionality but also uncommented “BridgeRelay 1” in /etc/tor/torrc. This led to conflict and blocked Tor to function. In a revised version, dated January 12th, 2020, we fixed this (and some other minor) bugs (see changelog below)

TorBox Image: v.0.3.0 (12.01.2020)SHA-256 values
TorBox Menu only: v.0.3.0 (12.01.2020)SHA-256 values

How to update from v.0.3.0 (01.01.2020) to v.0.3.0 (12.01.2020)?

Because we also switched curl for wget, the update from the previous version to version 0.3.0 (12.01.2020) cannot be done with the update sub-menu. Please proceed as follow (all settings remain unchanged):

  1. If not already done, go into the countermeasure sub-menu and toggle bridge mode from on to off. This comments out the line “BridgeRelay 1” in /etc/torrc. With the command “less /etc/tor/torrc” in the SSH shell, /etc/tor/torrc can be checked: all lines beginning with “Bridge” must have a # in front.
  2. Type following commands in the SSH shell:
    cd
    wget https://www.torbox.ch/data/torbox030-20200112.zip
    rm -r torbox    
    unzip torbox030-20200112.zip
    mv torbox030-20200112 torbox
    rm torbox030-20200112.zip
    cd torbox
    ./menu
    
Main Menu TorBox v.0.2.5 - cleaned up!
Main Menu TorBox v.0.3.0 – cleaned up!
Changelog: v.0.3.0 (01.01.2020) –> v.0.3.0 (12.01.2020)
  • New: Added to the “install” folder script and batch files to avoid a “Tor over Tor” situation if TorBox and the Tor Browser are used together. For more information, see here.
  • Fixed: Obfs4 functionality because it was broken due to a little error in one of the script-files. The bug resulted in uncommenting the line “BridgeRelay 1” in /etc/tor/torrc, which led to conflict and blocked Tor to function.
  • Fixed: Replaced curl with wget in the update script to avoid an error if the link is redirected to another destination.

• • •

Original post:

Based on feedback, difficulties with the correct operation of cable-based clients, and the need to offer a greater variety of connection options when connecting to the internet (also for future developments), the main menu of the TorBox was rewritten entirely. We would appreciate feedback so that we can make further improvements and adjustments in the next release (planned for mid-2020).

The idea behind the new main menu is that the user only has to specify where the TorBox gets its internet from. After that, the clients are served via TorBox’s wireless network, and if connected, simultaneously via ethernet cable. Also, other smaller improvements and wishes have been taken into account, which are listed in detail below. These are the corresponding links to download and install the newest version of TorBox (typically, you need only the image file):

Since we also had to update the configuration files, we recommend using the new image rather than updating an existing system. If you need to update your old TorBox, we recommend to replace the old TorBox menu with the new one and then update the configuration files via the update and reset sub-menu entry 6, which overwrites all old configuration files. However, the old files are saved as .bak. For further information, please contact us.

We update the TorBox website over the next weeks. Until then, some information could be outdated and refer to the older version.

Changelog: v.0.2.5 (24.09.2019) –> v.0.3.0 (01.01.2020)
  • Update: The system is based on Raspbian “Buster” lite with Linux Kernel 4.19.75 and Tor version 0.4.2.5.
  • New: The main menu is completely rewritten. You only have to specify where the TorBox gets its internet from. By default, it establishes a wireless network, which can be accessed by client devices. If available and connected, client devices are served by ethernet cable.
  • New: TorBox supports now internet connectivity with the Point-to-Point Protocol (ppp0, for example, for cellular shields/HATs) and/or over USB adapters (usb0).
  • New: By default TorBox’s wireless network is established by the onboard chip (wlan0). This can be switched with a USB wireless adapter (wlan1) so that TorBox can access external hotspots on the 5 GHz band, which is probably not supported by a cheap low-powered USB wireless adapter.
  • New: The TorBox configuration sub-menu supports now the changing from 2.5 GHz (20 MHz / 40 MHz) to 5 GHz (40 MHz / 80 MHz) and back. Additionally, the WLAN channel to be used can be selected and changed.
  • New: We integrated an update sub-menu that also comprises all the reset features, which are now removed from the countermeasures sub-menu. 
  • New: Support for Sixfab Cellular Shields/HATs. The following Sixfab Shields are supported: Raspberry Pi GSM/GPRS Shield, Raspberry Pi 3G-4G/LTE Base Shield V2, Raspberry Pi 3G/4G&LTE Base HAT, Raspberry Pi Cellular IoT Application ShieldRaspberry Pi Cellular IoT HAT, Raspberry Pi Tracker HAT.
  • New: Beginning with this release, we provide to all our files SHA-256 hashes, so that you can verify the integrity of the downloaded files.
  • Improved: Cleaned up of the code. and outsourced essential functions into a library. This will help to maintain the code in future releases properly. 
  • Improved:  Setting and changing the WLAN regulatory domain  is now more user-friendly.
  • Improved: Because we could clean up the main menu, we added an entry to show the Tor log file. Sometimes, especially if you run a bridge relay, Tor needs minutes to start up. Using this menu entry is an easy way to follow the progress on loading.
  • Fixed: The gpg key for Torproject’s Debian repository is now fetched more reliably (used in the update script), and additional post-update configurations will prevent the breaking of the bridge relay functionality.
  • Experimental: A new script to install TorBox from scratch on a Raspberry Pi with Raspbian light.
  • Removed: CABLE MODE– no longer necessary
TorBox connecting the internet via a cellular connection using a Raspberry Pi 3G-4G/LTE Base Shield V2 by Sixfab and a Quectel EC25 Mini PCle 4G/LTE Module.  
Your feedback is welcome!!

We hope that this version will please you. However, we are dependent on feedback. It’s not just about fixing bugs and improving usability, but also about supporting additional interfaces and hardware in future releases:

  • What do you like?
  • What should be improved (and how)?
  • What would you like to see next? Which features do you request?

TorBox Cellular

TorBox doesn’t support only internet access and client connections via WiFi (an additional USB WiFi adapter is necessary) or cable, it also supports internet access via a cellular network. Below, we show you how you can upgrade your Raspberry Pi.

• • •

• • •

Used Items

• • •

Support software installation and configuration

  1. Go to the Configuration & Update submenu and choose the menu entry 10 to start the installation and configuration of the support software.
    Attention: you have to have internet connectivity for that step. In other words: you have to install the support software before you need a cellular connection!
  2. Choose the correct Sixfab Shiel/Hat.
    According to our recommendation above, it would be the “3G, 4G/LTE Base Shield”.
  3. What is your carrier APN?
    You find the APN settings of most carriers here.
  4. Does your carrier need username and password?
    Again, you find this information on most carriers here.
  5. What is your device communication port?
    If you use the Sixfab Shield with the USB connector (as in our image above), you should choose ttyUSB3.
  6. Do you want to activate auto connect / reconnect service at RPi boot up?
    We recommend choosing yes.
  7. At the end of the installation script, pressing ENTER reboots the Raspberry Pi. If you want to avoid it, press CTRL-C.

How can I securely route my data stream through the cellular connection?
After assembling all the hardware, installing and configuring the support software correctly, choose entry 7 in the main menu to route all your encrypted data through the cellular connection.

TorBox v.0.2.5 released, featuring Bridge Relay support!

Almost a month ago, the Tor Project called for support:

We currently have approximately 1,000 bridges, 600 of which support the obfs4 obfuscation protocol. Unfortunately, these numbers have been stagnant for a while. It’s not enough to have many bridges: eventually, all of them could find themselves in block lists. We therefore need a constant trickle of new bridges that aren’t blocked anywhere yet. This is where we need your help. By setting up an obfs4 bridge, you can help censored users connect to the open internet through Tor.

Based on this call we put a bridge relay into the net a week ago, and – if everything works out – we will add a second one. However, that was not enough for us. Mostly during the last few weekends, we’ve implemented a TorBox feature that allows anyone with a public IP address, 24/7 internet connectivity over a long time, and a bandwidth of at least 1 Mbps to configure their bridge relay at the touch of a button and put it on the net. Besides, we have added and improved some other details, so that we can now release the resulting image as TorBox v.0.2.5. Below are the corresponding links (typically, you need only the image file):

Main Menu TorBox v.0.2.5
Main Menu TorBox v.0.2.5

Changelog v.0.2.4-rpi4 (08.08.2019) —> v.0.2.5 (24.09.2019)
New: This version introduces the support for setting up a bridge relay.
Updated : The system is based on Raspbian “Buster” lite with Linux Kernel 4.19.66 and Tor version 0.4.1.5.
New: A little message (“TOR is working“) in the right corner of the main menu shows you immediately if you are connected with the Tor network (meaning https://check.torproject.org returns a positive result). Since a missing response does not automatically mean that there is no connection to the Tor network, no error message is displayed. In other words, if this message is missing, there may or may not be a connection problem.
New: We use the same method as mentioned above for the final message box after selecting (or changing) a connection (main menu entry 6-11). In case of success, the message starts with “CONGRATULATION !!” otherwise with “HMMM… THAT DOESN’T LOOK GOOD…“. In contrast to the positive message, negative feedback does not necessarily mean that an error has occurred. Since the check does not last more than 5 seconds, Tor may not have been ready yet; the check site may have been down, etc.
New: Support for Adafruit’s PiTFT displays (PiTFT 3.5″ resistive touch 320×480, PiTFT 2.8“ capacitive touch 240×320, PiTFT 2.4″, 2.8″ or 3.2″ resistive 240×320, PiTFT 2.2″ no touch 240×320, Braincraft 1.54″ display 240×240). Note: TorBox’s menus and dialog boxes have only been adapted for the PiTFT 3.5 (320×480) or any other display, which displays in textual mode at least 25×80 characters.
Improved: Menus and dialog boxes should now work more smoothly on 25×80 textual screens as well as on smartphone and tablet clients. For that reason, we added for some message boxes scroll texts, which are visible with the “scroll down” remark in the title of the message box.
Improved: Revised version of the Tor reset functionality in the „Countermeasure & Troubleshooting“ menu.
Improved: Cleaning up in the shell scripts (used more variables, combine certain parts into functions, etc.).
Updated: Pre-configured Bridges (we also added our bridge relay)
Fixed: While adding bridges, TorBox activates/deactivates the new bridges depending on the current bridge modus.
Fixed: Some more non-critical bugs and typos in the text files.

The pre-v.0.2.6 release is expected at the end of the year.

The functionality of Tor easily explained

If you look at the various forums about Tor, there is a lot of skepticism, misunderstandings, and questions, especially among newcomers, about how Tor works and the possibilities (or limitations) it offers. This is due in particular to the fact that many people are unfamiliar with how Tor works, and feel that it is far too complicated to understand. With an excellent video of Computerphile, Dr. Mike Pound shows that it doesn’t have to be complicated. Very simple and easy for beginners to understand, he shows how Tor works and mentions its limitations.

Sneak Peek on TorBox 0.2.5

My first Tor Bridge Relay is properly working – see here.

With TorBox v.0.2.5 (coming soon) everyone with direct internet connection will be able to set up a Tor Bridge Relay — only with a view „clicks“.

Bridges are essential for people in authoritarian countries to reach the open internet. TorBox v.0.2.4 offers such client functionality already, but soon, users with a direct internet connection can help others by setting up their relay.

More information
Run Tor Bridges to Defend the Open Internet

TorBox To Go 2.0

Due to the size of the Raspberry Pi and the necessary accessories, TorBox is very easy to use on the road. Below, we show you the recommended minimal accessories for portable use. Nevertheless, all the stuff still fits into a waterproof, compact plastic container. Below the images, you find further information about the items used with the corresponding links.

• • •

• • •

• • •

Although the Raspberry Pi takes up little space, the problem lies in the fact that the official power adapters to the Raspberry Pi are not very compact and therefore waste valuable space. There are smaller power adapters, such as the 12W USB Power Adapter by Apple shown in our example, but when directly connected to the Raspberry Pi, they can cause power problems. This also applies to power banks: the power supply is usually not sufficient for a long stable operation of the Raspberry Pi. The Raspberry Pi 3 Model B was still satisfied with 12W, but Model B+ and the Raspberry Pi 4 Model B require at least 15W (see here: Raspberry Pi 3 B+ Review and Performance Comparison and this Power Consumption Benchmarks). There is also another problem with the Raspberry Pi 4 Model B: because of a flaw in how the USB-C power input is behaving, currently, the Raspberry Pi 4 B does not work with most third-party power adapter and power banks. By contrast, the PiJuice HAT works reliably with almost all Raspberry Pi versions and models, and virtually any power adapter or power bank can be connected to it, so the somewhat weak standard battery doesn’t run out too quickly. With the PiJuice alone, TorBox can be operated for an estimated 1-2 hours, depending on the load.

Used Items