What is Enigmabox? Enigmabox is a community driven device that enables your participation in a global network of peers. This network is dedicated to upholding the privacy of its users with integrity and reliability. Unlike the traditional internet, Enigmabox has an easy to use web interface that allows you to choose who you trust to transfer your data to, instead of relying on security of your Internet Service Provider (ISP). This means we can start trusting our friends and family with our sensitive information, such as our communications and files, instead of big corporations. Enigmabox only functions with end-to-end encryption. This is not unlike countries using law, or legal code, in order protect its citizen's information. The Enigmabox extends those intentions by using software systems and mathematical codes, to ensure your communications are staying between those who you intend and no one else. What's the catch? This network is only as strong as we, the users, make it. It is organically driven by those who chose to participate in it. You will only be able to share the features and benefits if you contribute, either by possessing hardware that allows you to connect or the technical know-how in order to create your own. Currently, the people in this network already span the globe. Anyone can join. Will the network be strong in your area? That depends on you. Enigmabox is here to make the process simple. The manufactured device is plug-and-play, and will set you up so you can sit back and start using it securely. The software is open-source, so anyone can access how Enigmabox is built and participate for free. The system contains many plugins, some of which can enable you to have private and Peer-to-Peer (P2P) telephony, email, as well as access private web surfing enabled by third party Virtual Private Networks (VPNs) right out of the box! The internet is broken, and we need your help! see https://enigmabox.net/ for more info FAQ 1.General I'd like to help on the project.. what's the best way to join/sign up? Thanks for the interest! The first place to check out would be the wiki, here you will find information on are some good places to start Enigmabox security, threat model. You can even learn how to build your own. Also studying the cjdns routing protocol will give you insight into the broader aims of the project. Will this anonymize my use of the internet? Enigmabox does not handle anonymization, instead we provide privacy. While the network keeps no logs, traffic correlation could still be possible. Software like Tor does a better job at anonymization. Enigmabox used in conjunction with Tails(Tor Operating System) can hide your tor traffic and offer you even greater privacy. I'd like to be a part of this, but given that I didn't understand one word in three.. how can I help? You can always start off testing. Report bugs as you find them. Make suggestions for changes. With the recent NSA stories about attacks on hardware, what steps have you taken to ensure these boxes are not compromised from the get-go? We use the swiss based pcengines open hardware designed APU. The bios firmware runs tiny core linuxs, and it is possible to reflash the device yourself. The schematics are available for these boards and they are widely deployed in network infrastructure. What would a rollout of this technology on a local scale look like? Are there local community groups? There are local community groups! You can meet some today. Check out the list of meshlocals here. While many of the participants do not use the enigmabox hardware the core routing protocol(cjdns) is the same! Are there any back-doors to the Enigmaboxes? Never! However you do not have to take our word for it, the source code is available here. 2.Subscription What do I pay you per month & what does it get me? How can I do it anonymously? First month is free! I am not sure of our monthly prices offhand(but I am sure we can do month to month) a year subscription is $132. We prefer bitcoin. I have to pay to your organization to allow me to communicate securely? No! The subscription service allows you to connect to the broader internet out of the box. Any local services or ones built between you and your peers do not require the subscription service (telephony, email, status). After 30 days, how much will it cost to use your technology? Free! The aditional fee is that of a VISP service which provides you out of the box VPN secured web surfing. The meshnet network will always be free. 3.Tech Is this more secure, less hackable than my OpenVPN setup? Communications between two cjdns source and destinations does not permit surveillance. Even if every cjdns node in the mesh was hacked, Alice and Bob can still safely maintain a secure communication channel. This is typically not the case with OpenVPN because not every friend, irc server, and web server is running OpenVPN with on-the-fly communication. If the services reside on a cjdns node, all security is off. If the services reside on clearnet but pass through the comprimised cjdns gateway – all security is off. Additionally, if the OpenVPN Client has their keys comprimised, an adversary can use the stolen keypair to make a connection to the VPN server. Once on the subnet (usually IPv4) the attacker offers malicious IPv6 routing advertisments which redirect your traffic to their sniffing computer. In many cases Client-to-Client mode is used to gain legitimate access to resources over a secured channel. What platforms does enigmabox run on? Enigmabox runs on Openwrt targets. Currently images have successfully been tested on pcengines APU/ALIX, BananaPi, RaspberryPi 1, and RaspberryPi 2. See information on building for your own target here. Is the firmware protected against NSA intrusion? Firmware is checksummed by sha512 and signed by a 4096bit RSA key, instructions on how to check can be found here. Information on flashing enigmabox firmware can be found here. Which key exchange algorithm are you using? Take a look at the cjdns soure code: https://github.com/cjdelisle/cjdns/blob/master/crypto/CryptoAuth.c#L35-L40 What is the source of randomness for RNG that produces keys? The functionality of the cjdns random generator are described in detail here: https://github.com/cjdelisle/cjdns/blob/master/crypto/random/Random.c#L27-L89 How do you prevent NSA from doing interdiction and switching the device while on transit? Rerouting a postal package to implant bugs manually - this is an effort that is taken when you are under targeted surveillance. This is a whole other story. What about bugs in your living room? Dedicated observation teams? There are always easier ways to find a way around encrypted network traffic if and when you are a target. Protecting against targeted surveillance is not our goal in the first place, because then you would surely have to take some extra steps. We just provide a simple and secure way for communication, protection against untargeted mass surveillance, so that you don't become a target for targeted surveillance because you leave no cleartext traces. Can this type of service be "stopped" in the sense of governments prohibiting the use of this sort of technology? They can probably issue a ban. Nonetheless, cjdns is designed as a mesh. Once every wifi router out there runs cjdns, they will have a really hard time in blocking this! One path goes down, another route is found.