💾 Archived View for omg.pebcak.club › ~freezr › gemlog › stealthbox-faq.gmi captured on 2024-08-18 at 17:47:46. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-12-28)

-=-=-=-=-=-=-

Make a StealthBox with Devuan and Libre Computer Renegade

The FAQ

ISSUED: 2023-12-06
EDITED: 2023-12-07

↩ go back

Do you remember when the PI was the new cool toys for the cool kids? At that time one the coolest project you could realize was "Pirate Box" ☠️

David Darts: PirateBox

I liked the idea and therefore I called my project the StealthBox 🫥

What is a Stealthbox?

It is a small computer that can be attached to another one and allows you to navigate on the internet and do other stuff without being intercepted by anyone, leaving very few bites of your activities! Your computer will log you connection by the way.

Why do I need it?

You need it anytime you have to do your personal stuff and using the main computer over the internet can harm you. For instance you had better to use a Stealthbox at your daily work because, for personal experience, I discovered that using the internet on your computer work is tolerate until your employer is looking for an excuse to fire you!

💡 For that reason I developed several strategies till I eventually realized how to create a Stealthbox!

It is that invisible?

No it isn't you need extra cables, you need to do weird maneuvers around your computer, as any other stealth device or equipment you need to use it with discretion.

Does it work anywhere?

I can't tell you. On the computer I attach my stealthbox I have admin rights so I can change settings and so on, but I am going to test if that is possible when you do not have right to handle your main computer. On a Win computer I could not setup the NIC ip address, this does not exclude that other workaround may still exist.

Which is the target?

As I mentioned the word "workplace", the main target is Windows, I didn't test, and I can't, and I don't want test it on Apple devices, sorry!

How does it work?

Do you remember the good old time of Win98 and XP and the internet connection through the dial-up? At that time to share the connection between two computers the easier, and most affordable way, was to connect two computer with an cross-cable and share the connection.

The principle is the same, the Stealthbox is connected directly to the computer through a cross-cable with the difference that internet comes from another device, your mobile phone!

Isn't it tethering slow?

Yes indeed, however the connection is quite sufficient for basic internet usage and for use an email client. Nonetheless I have been squeezing all the technique to exploit at the maximum the limited bandwidth provided by the tethering till I found a method to get full speed internet!

The day I boosted my tethering connection

I can't modify my IP adress, what now?

I haven't found yet a method to modify the ethernet settings for users without admins or special privileges. Modifying the IP of your Windows machine is mandatory requirement. If you can't use the pirate box my alternative solution has been for a while using SCRCPY:

Github: SCRCPY

A standalone software that allows to mirroring you phone over your desktop, clunky because the mouse but effective, and this doesn't cost you anything but it requires the mobile to be constantly active so I recommend to put the screen face down.

Is it affordable?

This depends by your parameters, however it has its costs. Allow me to do a breaking down of the costs, to build the my Stealthbox I bought:

┌───────────────────────────────────────────────────────┬───────┐
│ 1. Libre Computer Board ROC-RK3328-CC (Renegade) 4GB  │ $  45 │
│ 2. Libre Computer 128GB eMMC 5.x Module               │ $  40 │
│ 3. CanaKit 5V 2.5A Power Supply/Adapter (UL Listed)   │ $  11 │
│ 4. LoveRPi Active Cooling Case with Fan               │ $  16 │
│ 5. Libre Computer Board Heatsink for ROC-RK3328-CC    │ $  10 │
│ 6. Amazon Basics USB 3.0 to 10/100/1000               │       │
│    Gigabit Ethernet Internet Adapter                  │ $  14 │
│ 7. Cat6 Crossover Cable (3')                          │ $   5 │
├───────────────────────────────────────────────────────┼───────┤ 
│    TOTAL:                                             │ $ 141 │
└───────────────────────────────────────────────────────┴───────┘

I don't believe that $141 is cheap but neither unaffordable, it is a fair price for what you are getting and the benefit you are acquiring. I have to confess that I did not buy all those stuff in one shot, it took me a while to figure out the final Stealthbox, I used those parts in other projects as well.

I am also assuming that you have a phone with a decent data plan based on 4G/5G network. I have a crappy OnePlus Nord 200 5G, it has only three things good: the screen, the battery and the 5G modem, otherwise the rest is really low quality.

However you can find better deals, buying the board second hand as well as the eMMC and so on.

Can you show me how does it look like?

Sure, there you go:

ROC-RK3328-CC: angle view

ROC-RK3328-CC: top view

ROC-RK3328-CC: bottom view

ROC-RK3328-CC: front view

Sorry the camera is the worsen feature of my phone.

What can I do with it?

I do almost anything, and with the Renegade board I can do even more. Although this board support video acceleration your phone is better suited for media consuming. Anyway with my first prototype and the last Stealthbox I was able to do almost anything, a great improvement was achieved whan I was able to boost the tethering allowing me to load heavy-weight website.

This is what it was possible doing with the current Stealthbox and the prototype:

Why the Libre Computer Board "Renegade"?

I don't have a rational reason, I bought it for another project and it didn't workout for that. I boughtit also because the price was quite decent at that time and PI were extremely pricey, because it has 4GB of ram, support eMMC (essential for best performance), and now it is well supported on upstream Linux.

A nice review from James Chamber (don't know him)

Another important factor is that you can install stock Debian and therefore you can migrate to Devuan. If you are nerds enough to know the meaning of systemd, then I technologically dislike it and I don't want to use it all.

Furthermore since it support stock Debian and support boot from both SD and eMMC module, I was able to boostrap Debian into an encrypted filesystem making the Stealthbox more secure; as a matter of fact my prototype based on the powerful Odroid-XU4 was without filesystem encrypted and that wasn't really a good setup.

Do you recommend other boards?

At the moment I do not have any board to recommend, I exploited what had already on my hands! However, based on my experience what is needed to get decent performance and to install any operative system, whether is Linux or BSD, is to match to following points:

This would be for me the ideal board, SBC based on intel are the best ma are also very expensive!

Can I use other boards and other operative systems?

I believe that is totally possible! What you need is a board powerful enough to support desktop applications — said that the Libre Computer Renegade is in the low end category — then you need a board that support U-BOOT and that support the OS that you like the most. The PIs are the best supported, the Pine64 boards have good support. I believe the best operative system to make a StealthBox is OpenBSD, here the list of all the board supported by OpenBSD 7.4:

INSTALLATION NOTES for OpenBSD/arm64 7.4

How do I connect to the Stealthbox from Windows?

I use both SSH and VNC, actually SSH is required to unlock the board. The former should be available nowadays on Windows as default, for the VNC I use TigherVNC stand alone client so it is not need to install anything, all this software can be stored on your personal USB pendrive.

Is VNC secure?

The VNC protocol is in clear but the cross cable connection avoid anything in the middle.

Can I share documents between host and guest?

Theoretically yes, practically I couldn't find how to get that. Even copy and past should be feasible, I couldn't get that working too. I use a usb pendrive when I need to share files, not often luckily.

Do you recommend any specific software?

Yes I do, here the list of the main software I use:

GUI: graphic user interface
TUI: terminal user interace
⭐ : highly recommended

Why do you use TightVNC Server?

There several VNC server available on Debian, all of them are good solution. TightVNC besides being lightweight has the advantage that it is not tied to an existing X11 session.

TightVNC Software

This mean the Stealthbox can boot and stay all the time headless. This is a really neat feature for my purpose.

Wrapping this up

I don't feel this section is still complete, if you have some questions please send them to me:

freezr AT disroot DOT org

────────────

↩ go back