Anonabox seemed like a perfect product: Anonymous browsing, low entry price, and most of all, easy to use. And with October being National Cybersecurity Awareness month, it seemed the timing was also perfect. Indeed, the project far exceeded its funding goal, but has been shut down early amid controversy.
The cracks started to appear mere days into the project, and after the huge deluge of pledges from backers. Reddit users started to snoop after several of them realized some inconsistencies in the marketing material from the Kickstarter campaign. They discovered that the last iteration of the device was off-the-shelf hardware straight from Chinese manufacturers — hardly open source.
Other Reddit users began to pick apart the only code that had been made publicly available, and found that every Anonabox had a default password, that while encrypted, was very easy to break. This information was posted on an AMA hosted by the Anonabox creator and received no official response.
Wired contributor Andy Greenberg noted that “In its current state, [Anonabox] could create more risk than protection for those sensitive users.” Greenberg’s piece also alleged that the project operated on very flawed security principles and would not be able to deliver what it promised.
The bad press continued to roll in, with some calling the whole project was a scam, and Kickstarter suspended the campaign just five days after it started. Since pledges only payout at the end of a campaign, none of the backers have lost any money. It also seems that backers were excited about the Anonabox idea, despite the campaign’s closure.
Official reasons that the campaign was closed included “offering purchased items and claiming to have made them yourself,” “presenting someone else’s work as your own” and “misrepresenting or failing to disclose relevant facts about the project or its creator,” according to a subsequent article by Greenberg.
The Anonabox project may not have been all that secure, and it certainly wasn’t in line with the aims of Kickstarter. If the security problems are patched, and the Anonabox resurfaces in a different manner, it could be very well received.