Can a cheap, Linux-powered black box
from a cloud storage specialist offer the reassurance of privacy in a
post-Snowden world of paranoia?
Created by once and former
private-cloud-turned-moretraditional-cloud-provider Pogoplug, the Safeplug
reimagines the company’s Linux-powered and ARM-based embedded hardware
platforms as access points to The Onion Router (TOR).
Originally created by the US Navy, TOR
allows users to access the internet by routing their traffic across an encrypted
mesh of other systems, eventually popping out of the other
side on a completely different IP address. TOR is
already used by a wide variety of people, but Pogoplug is
hoping to extend its appeal even further by making it as
simple as possible to use. Unboxing the Safeplug, it’s easy to
see how Pogoplug was able to get its device to market so quickly:
it’s the same hardware as the fourth-generation Pogoplug storage device, with a
different logo on its face. The same ARMv5 embedded processor is
present, the same 128MB of RAM, and there’s even a USB port and a
SD card slot from its original incarnation as a storage gateway –
neither of which, sadly, are actually usable on the Safeplug.
Getting started with the device is quick
and easy: visit the Safeplug website (pogoplug.com/safeplug), click the
‘Activate my Safeplug’ button, and follow the instructions to plug the device
into the power socket and network port. Wait a few seconds for a firmware
update, and a new screen will appear, allowing you to configure the Safeplug’s
The USB port,
used to add storage devices to the Pogoplug Mobile, is not usable on the
It’s here that installation becomes a
manual process: the Safeplug doesn’t act as router, but instead sits behind
your existing router and offers proxy services. Using its selfserved file,
browsers – or entire systems – can be configured to route their traffic over
the Safeplug and, as a result, via TOR. Individual sites can also be
configured, bypassing the TOR connection and traversing the plain internet as
normal. Traffic that does route via TOR is encrypted until it reaches an exit
node – a portion of the network known to include devices for sniffing non-HTTPS
traffic, something Pogoplug fails to warn users of in its documentation.
The Safeplug has an extra trick up its
sleeve: a built-in advert blocker. Switched off by default, turning the setting
on will block access to known advertising hosts, making for a leaner and
cleaner browsing experience, but cutting off a vital income stream for the
sites that are affected. It’s a bit of a thorny moral issue, but for those that
would like to use it, the option is there.
Sadly, while the Safeplug certainly makes
connecting disparate devices to TOR as simple as possible, it also loses
something along the way. Using the TOR Browser Bundle attacks two areas of
concern: the connection itself and the browser, which in the Bundle is a
When configuring an existing browser to use the Safeplug, however, that extra
manually or using an add-on like NoScript, you can still be easily tracked.
The box itself is also running a relatively
outdated kernel based on the 2.6 branch, which could raise security questions
of their own – mitigated, thankfully, by the fact the device is by default only
accessible to your internal network.
single frontfacing LED provides feedback as to the Safeplug’s internet
For those who are only looking to evade the
Great Firewall of Britain, or who would like to run their own low-power TOR
relay to improve the performance of the network, the Safeplug is easier to
recommend. For those who value true security, a roll-your-own solution – which
would also provide the opportunity to validate the source code – based on
something like a Raspberry Pi would be a better option.
The Safeplug is far from a security
panacea. Users should be warned that
unencrypted traffic can be captured by TOR exit
nodes, and a full copy of the firmware’s source should be provided to guarantee freedom from back doors. For those just looking to bypass regional filters, however, the Safeplug is certainly easy to use.
An easy and low-power
means to route network traffic via TOR, with the
added bonus of advert removal should you choose it
There are questions about
the overall security of the device, and it lacks
the ability to use the on-board USB or SD card ports