Four years ago, in the wake of some controversy over another Kickstarter-based launch, a team in Ireland decided to produce a better Wi-Fi router for travel privacy. Called the InvizBox, the router was focused on making connecting to privacy-focused network services such as VPNs and the Tor anonymizing network easier.
A lot has happened since then. And now, InvizBox has released a new iteration of its wired Wi-Fi router, the InvizBox 2. Two years ago, the InvizBox team achieved its crowd-funding goals to move ahead with this design. After a long road, that funding has finally paid off.
Totally open source, bundled with a VPN service capable of delivering up to 100 megabits per second of traffic (your broadband willing), and painless to configure, this little disc-shaped router is powerful enough to be a primary home router—or it can be used on the road when plugged into a potentially unfriendly local network to tunnel users out to safety. The router can also be used in concert with InvizBox Go—a mobile Wi-Fi router with VPN capability—to create a safe tunnel back to your home network. The base price for InvizBox 2 is $99, but there’s a discount available right now for orders through the InvizBox site.
Supply-chain security for any device claiming to be privacy focused is key. So while the routers themselves are assembled in China, for security purposes InvizBox reflashes the firmware of every router in its Ireland offices before shipping them out. Firmware upgrades are automatically retrieved over a Tor hidden service.
Hardware-wise, the InvizBox 2 is fairly impressive for a low-cost router, powered by a quad-core ARM processor with 1 gigabyte of memory. InvizBox 2 has just two network interfaces (Gigabit Ethernet WAN and LAN), so it needs to be connected either through a cable modem or another router to the Internet—and if you have hard-wired local network needs, you’ll have to provide your own hub or switch. But that also makes it suitable as a travel router.
Equipped with dual-band 2.4/5GHz radios, InvizBox 2 supports up to eight network IDs, each assigned to a separate network SSID:
- Up to four simultaneous VPN connections;
- Two “open” (unencrypted) networks;
- One TOR connection; and
- One local Wi-Fi network with no Internet access, for devices best kept in isolation.
Each network can also be configured to isolate individual devices so they can’t see each other or configured to hide their SSID so it isn’t advertised. The LAN Ethernet interface can be assigned as a member of one of these networks with a click of a browser button. The administrative interface is consumer-friendly, for the most part. And while it doesn’t provide all the configurability of some other commercial routers, there are a few more advanced features thrown in.
There are several options as far as VPNs go with InvizBox 2. You can order a version for one of InvizBox’s supported VPNs (Windscribe, IPVanish, PrivateInternetAccess, NordVPN, or ExpressVPN) or with InvizBox’s own VPN service configured (with monthly billing, or with one or two years prepaid, with significant discounts). InvizBox’s VPN is based on OpenVPN, which means you can also use it on a mobile device or computer when away from your home network.
I tested a router pre-configured for InvizBox’s VPN service. VPN throughput depends a great deal on where you are. My VPN upload and download speed closely matched that of my unsecured traffic to each of the destinations I selected for connections. InvizBox advertises a throughput up to 100 megabits per second, which makes it suitable for streaming (in situations where streaming isn’t VPN-blocked). I got speeds up to 49 megabits per second over my 50-megabit Comcast Business connection for nearby VPN points of presence.
(It should also be noted that my daughter gave the InvizBox 2 a strong review based entirely on her being able to get access to the UK version of Love Island.)
InvizBox 2 has a number of content-filtering and connection controls, too. You can set up parental controls, as well as blocks for social networks, gambling sites, advertising domains, known malware domains, and even fake news sites based on open source host blacklists and whitelists.
On the whole, InvizBox 2 does a great job of packaging together privacy-focused networking into a relatively easy-to-use package. The current downsides come mostly in this device’s documentation—there’s support, for example, for SSH-based remote access to the router, but it’s not well-documented online, and the documentation that ships with the router is just a quick-start guide. Theoretically, the documentation problem should be solved over time as the site gets better fleshed out.
https://arstechnica.com/?p=1561503