Hacker News new | past | comments | ask | show | jobs | submit login
PirateBox 1.0 (piratebox.cc)
222 points by Morgawr on May 30, 2014 | hide | past | favorite | 70 comments

Would be neat to see a mesh-network of these running on old phones of which most people have 1 or 2 of at their house with a REALLY simple installer.

A few of these sprout up organically in locales and it would be like the BBS days of yore - ultimately it could lead to a larger geographical footprint of a "side-net".

Does Piratebox support wireless bridging or mesh? This is a super handy feature of dd-wrt (http://www.dd-wrt.com/site/index).

Speaking for the OpenWRT-implementation.

mesh is in preparation. There is already a mesh implementation done for the sister-project "LibraryBox. The code is contributed back to PirateBox. It still needs some tine addons to work nicely.

Bridging could be done with some configuration, I think. IMHO the 2nd device don't need to be a PirateBox.


regards Matthias

Check out "The Serval Project" - it checks a few of your boxes, although it focuses more on securing and expand 1-to-1 communication than the community/BBS aspect.

Didn't think about using an old phone. I think I found the Android App on the Play store [1] but it requires root which likely removes the 'REALLY simple installer' requirement. [1]https://play.google.com/store/apps/details?id=de.fun2code.an...

That is an unfortunate name. This has implications much greater than a few privileged first-worlders sharing some movies but you wouldn't guess it from the name.

FreedomBox perhaps? WunderWurfel? Anything seems better than Pirate-something.

FreedomBox already exists; it's a similar project: https://freedomboxfoundation.org/

I agree that 'pirate' anything is a disservice for a brand name, but let's not apply the MPAA's definition of piracy so broadly. Piracy isn't sharing copyrighted media, it just happens to be a spookier name than "copyright infringement" that the media industries like to use haphazardly to in order to paint such activities as morally reprehensible.

Like it or not, neither modern media nor the MPAA introduced this usage of piracy. It has been around and part of legal discussion about intellectual property since the 1800s:

"I know patentees are much troubled with piracies upon their inventions" (Irwin v. McRoberts 1879)

"he has a just defence, and is not a willful pirate of the plaintiff’s invention" (Goodyear v. Dunbar 1860)

and so on...



What is the PirateBox?

PirateBox is a self-contained mobile communication and file sharing device. Simply turn it on to transform any space into a free and open communications and file sharing network. Inspired by pirate radio and the free culture movements, PirateBox utilizes Free, Libre and Open Source software (FLOSS) to create mobile wireless communications and file sharing networks where users can anonymously chat and share images, video, audio, documents, and other digital content.

How does it work?

Simply turn PirateBox on to transform any space into an offline communication and wireless file sharing network. When users join the PirateBox wireless network and open a web browser, they are automatically redirected to the PirateBox welcome page. Users can then immediately begin to chat anonymously, post images or comments on the bulletin board, watch or listen to streaming media, or upload and download files.

PirateBox runs on multiple devices, including wireless routers, Android-based phones, single-board computers like the Raspberry Pi, and even laptops.

Is it safe?

PirateBox is designed to be private and secure. No logins are required and no user data is logged. Users remain anonymous – the system is purposely not connected to the Internet in order to subvert tracking and preserve user privacy.

Can I make my own PirateBox?

Absolutely! The PirateBox is is free (as in freedom) because it is registered under the GNU GPLv3. This license grants the right to freely copy, distribute, and transform creative works according to the principles of copyleft.

PirateBox can be built for as little as US$35. For detailed instructions, visit the PirateBox OpenWrt DIY page.

Where can I read more about the PirateBox?

Visit the PirateBox Press page for a listing of and links to more than 175 stories about the PirateBox.

Where can I find more photos of the PirateBox?

Check out the PirateBox Gallery.

Where can I find more videos of the PirateBox?

Check out these PirateBox Videos.

Why did you build the PirateBox?

The PirateBox solves a technical/social problem by providing people in the same physical space with an easy way to anonymously communicate and exchange files. This obviously has larger cultural and political implications and thus the PirateBox also serves as an artistic provocation. See this ars technica article and this New Scientist article for more info.

Why is it called the PirateBox?

The PirateBox is inspired by the free culture and pirate radio movements. The name is a playful remixing of the title of the world’s most resilient BitTorrent site, The Pirate Bay.

Does the PirateBox promote stealing?

No. The PirateBox is designed to facilitate communication and sharing between friends and local community members.

Who helps build the PirateBox?

The PirateBox was created by David Darts and the lead developer is Matthias Strubel. Aaron Williamson from the Software Freedom Law Center provided advice on the project and Christiane Ruetten originally ported PirateBox to OpenWrt. The project is actively supported by developers and testers all over the world.

Do you know of any other projects similar to PirateBox?

Yes, check out Aram Bartholl's fantastic Dead Drops. There are also several forks of the project, including Jason Griffey’s LibraryBox, the Bibliobox, the LibroBox and the CoWBox (CoWorking Box).

Where can I discuss the PirateBox?

Visit the PirateBox Forum to discuss the PirateBox, share your builds, and receive support.

Yet again, explaining what something is should be on the front page, not via a link at the bottom of it.

> PirateBox is a self-contained mobile communication and file sharing device

> PirateBox runs on multiple devices, including wireless routers, Android-based phones, single-board computers like the Raspberry Pi, and even laptops.

That's a little confusing. So it is a device or an app? Or is it just saying that you can connect to it from all of those devices?

It's software that's used to turn specific devices into PirateBoxes. So, no, they don't sell a device. But they provide free and open source software you can load onto a bunch of different devices to build your own PirateBox device.

Is your phone a device or an app?

So, it is a mesh un-network?

it is just a open wifi LAN with a single AP node?

what am i missing here? this seems utter pointless if i understood that correctly.

Imagine you're me. I work in a hospital with no wi-fi or cell network near my office. With this, I could take pictures with my iphone from my magnifi adapter and share them with my colleagues in other offices. Maybe we could even facetime a consult. And I could do it all without dealing with the hospital's IT department.

Crazy? Actually, I have it on good report that the chairman of pathology at the Mayo Clinic just bought all the pathologists Magnifi adapters to do exactly that (the exact words were "Hey, Mayo's chairman just bought all the pathologists adapters, just like yours, to facetime consults to each other).

Presumably, the chairman at Mayo has more clout than a resident at a military hospital though. If I want to introduce innovation, it's going to have to be on my own, provably separate from the institution. So this is perfect for my use case.

A) Facetime wouldnt work without Internet connection to Apple's servers

B) Even if you used some sort of video app that worked on the Piratebox, discussing PHI/PII over an open unencrypted WIFI network would violate all kinds of HIPAA regulations.

C) The IT Department is there for a reason, stop trying to break security protocols. Especially when you are Department of Defense.

D) This thing isn't actually secure/private like it says it is. They said there are no logins. And your MAC address is still associated to a device. Even if you spoofed it, you still have to be 30 ft near the thing. Not hard to hide.

Can't you just switch on the Wifi-hotspot on your iPhone and connect together that way?

Power dissipates with r squared and interference is always an issue. So if I set one of these on top of a refrigerator in the middle of the lab, I could probably hit most of the resident offices and some of the staff. But most of the residents couldn't get to each other with just their iphones.

you just moved things around. if my phone is then closer to other people while this device is on another floor, they would have better acces on my phone wifi.

unless this evolves to a mesh it is just a hyped AP

> while this device is on another floor

Where did another floor come in?

same place where "top of a refrigerator" in your post. just moving stuff around as well.

yep. this is a solution looking for a problem i think.

my router already does all that. and it was before i flashed openwrt on it.

So does mine. My thought before this PirateBox thing was to just plug an old router in, yeah, maybe flash it to openwrt. If anything, this gives me a reason to pause and think harder about what some of the issues are that they may have thought of but I haven't.

It's more like a sharepoint with wifi access and a bunch of applications installed.

Which would be an excellent way to pitch it. I get the whole anarchist thing but calling it "PirateBox" is going to incite antibodies in nearly any IT dept. Its like naming the Wifi at your house "FBI Surveillance Van 2".

That said, with a unique 'box' identifier and a simple store and forward protocol you could have them link together into a simple network, where you could pass messages or files with addresses like box1!box2!box3!userhandle :-)

> FBI Surveillance Van 2

I've heard of people doing this to scare the crap out of their low-key criminal neighbours.

> box1!box2!box3!userhandle

That's called Source Routing, and is what cjdns [1] does, although in a more federated and private manner. There's an OpenWRT firmware called meshbox [2] that works on the same devices as PirateBox (and more).

There's no apps shipped with it, but instead you get a secure, adhoc, near-zeroconf mesh network.

[1] https://github.com/cjdelisle/cjdns [2] https://github.com/SeattleMeshnet/meshbox

The bang path and "store and forward protocol" bit probably refers to mail routing in the UUCP days: http://en.wikipedia.org/wiki/UUCP#Mail_routing

ah ok. but why the downvotes? its exactly what i thought it was (minus the bunch of application, which i agree makes a one node mesh network a little bit less useless)

I'd love to see a world where an enormous network of these makes big telecom obsolete. Don't think the issues with big internet will ever push enough people into creating this but at least there's a safety net. Pun intended?

Would be fun to see that, but I fear it's really hard. Routing in a mesh network is a tricky subject.

Even ISPs (those who care) have issues ensuring that there would be enough bandwidth for peers to watch their videos and low enough latency to play their games. Especially it's tricky to balance ingress trafic when there are multiple paths to you (your ISP has many peers), but one pipe's clogged and one's nearly unused (and situation changes all the time, so next day - or sometimes even hour - it could be the opposite).

this would only work in cities. any towns and smaller villages would henceforth be without service.

and each city would be disconnected from the next big city, as there is no realistic way to span that amount of space in between for hobbyists.

but it would be great, despite these limitations. governments would no longer be able to kill all communication... until they adapted anyway. nothing easier than spamming these networks with useless entries to hide the actually worthwhile ones

if similar devices became available with support for "super wi-fi", it might become possible to make it work in smaller cities or even villages... http://en.wikipedia.org/wiki/Super_Wi-Fi

Site is down now, but this is from the FAQ:

> What is the PirateBox?

> PirateBox is a self-contained mobile communication and file sharing device. Simply turn it on to transform any space into a free and open communications and file sharing network. Inspired by pirate radio and the free culture movements, PirateBox utilizes Free, Libre and Open Source software (FLOSS) to create mobile wireless communications and file sharing networks where users can anonymously chat and share images, video, audio, documents, and other digital content.

> How does it work?

> Simply turn PirateBox on to transform any space into an offline communication and wireless file sharing network. When users join the PirateBox wireless network and open a web browser, they are automatically redirected to the PirateBox welcome page. Users can then immediately begin to chat anonymously, post images or comments on the bulletin board, watch or listen to streaming media, or upload and download files.

These would be great on planes/trains/buses where wifi isn't readily available. These days the passengers probably carry enough content on their mobile devices to keep everyone entertained during a long haul flight they just need a way to share it.

Love the project! I am actually thinking about buying an mr3020 just for this.

My main feedback is that the page does nothing to tell new users what the heck is PirateBox. The landing page should contain an explanation of what it is and why do you want it.

Cached version: http://webcache.googleusercontent.com/search?q=cache:zWSCSbJ...

I built a piratebox using a cheapo tplink router about 2 1/2 years ago. I'm somewhat surprised nothing has been built using commodity Android phones since then. They'd be better suited to the task as far as having a battery built in, better antennas, etc.

I don't know about Piratebox specifically, but I've found it a hassle to try and use phones. When the screen shuts off Android drops the CPU performance, and (in particular on older phones) running he wifi nonstop in AP mode dramatically heats up the phone, causing reboots. This might be ameliorated by a custom kernel, but I never got that far.

I'm a bit concerned that some unsavory elements will be inspired by this and create a malware box.

In this picture, they show the PirateBox attached to the bottom of a skateboard:


Can it actually run this way? Do they actually have a portable way of powering this device?

It totally runs on the skateboard, because there is a battery taped there as well :)

The picture of the one attached to a girl's bike appears to connect to a power source next to the front wheel which I assume to be some sort of generator from wheel motion.

Sweet idea, but the sceptic in me already sees the negative downside, which will inevitably follow: perverts exchaining child porn, people sharing copyrighted stuff, drug dealers organizing heroin trafficking.

Before you downvote me: from a legal POV, this is the same as leaving your WiFi open or protected with WEP. In front of a court you will be either held liable for just aiding distribution of child porn/warez (if you're lucky), or worse, for possession. In Germany this definitely means time behind bars, in the US it means federal court for child porn/aiding a drug business. Good luck getting out of this.

You would not even remotely consider leaving your WiFi open, right? Then, why do you consider putting up a PirateBox or whatever it is named for public use?

Does anyone know if this addresses the myriad of security flaws with the old version? I have an older box, but found it wasn't really used. I should bring it back up at some point and update it.

Does anyone have any idea how long you could run, say, the TP-LINK WR703N for on battery? It'd be neat to set one of these up at a small summer festival in a couple of months.

Buy one of those car cigarette-lighter USB charger thingies, and connect it between a car battery and the router. The WR702N (I presume similar to 703N) says "Powered through a micro USB port by an external power adapter or USB connection to a computer": http://www.tp-link.com/en/products/details/?model=TL-WR702N

A car battery is fast and easy to charge. I would guess a car battery would last 20 to 80 hours, depending on the the battery, the router, and the usage.

Alternatively most cigarette-lighter USB chargers can take under-voltage so you can easily hook up a LiIon laptop battery (nominally 10.8 Volts). Laptop batteries are great because they come with a laptop that can charge them very quickly.

A car battery gives you the option to use many other routers (maybe you have a suitable one lying around!). Routers often use a 12 Volt DC input, and although a direct connection between the battery and the device is theoretically the wrong voltage, in practice I myself would just connect it straight through without any qualms (unless it was an expensive or rare router!). The WR703N probably uses less power so would run longer, but maybe compromises on range?!

MR3020 and WR703N have nearly the same board.

I linked and described my observed runtime here: http://piratebox.aod-rpg.de/dokuwiki/doku.php/about/matthias

I can't see any links on any of their pages to the source code. Multiple links to the GPL and about Free software but no route that I could find to the source itself.

Hi, sorry, during all the work on the page, we forgot putting the github link to the page.

We summarized all the sources here: https://github.com/orgs/PirateBox-Dev

When the page is working in normal parameters again, we'll put a link the sourcecode to the page.

We are sorry about the inconvenience.

regards Matthias

Thanks. Apologies if my previous post was a bit too negative. I'm not saying the Github link should be hugely prominent front and centre but somewhere with the licence links and in the menus at the top somewhere would be good (probably in About or Community).

No worries. We'll add it in the "about" section in the next week, when we moved back to piratebox.cc (currently we are running on a mirror).

regards Matthias

There are instructions here[1] for building your own. Which includes:

  1. First download a copy of install_piratebox.zip and a customized
  copy of OpenWrt for the MR3020, WR702N or MR3040 to your computer
  from: http://stable.openwrt.piratebox.de/auto (be sure to download
  the “*squashfs-factory.bin” file that corresponds with your specific
Also says:

  Using OpenWrt and off-the-shelf hardware, you can build a PirateBox
  1.0 for as little as US$35. Check out the OpenWrt DIY page for more
  info and visit the OpenWrt Discussion Board for support.
[1] http://piratebox.cc/openwrt:diy

[2] http://stable.openwrt.piratebox.de/auto/install_piratebox.zi...

Sounds cool but the website should explain what it is at the top of the home page... Why make people hunt? A short tagline would be helpful.

Would this work with all those old routers on the defunct laptops we have lying around?

Seems like this would be perfectly suited to running on a hacked wifi sd card.

This is perfect for the people in Cuba.

Site seems to be under heavy load atm.

It could just be the 3.1 MB image getting served from Apache. 3888 × 2592 might be a tiny bit too large for a preview image.

They should take a look at mod_pagespeed (https://developers.google.com/speed/pagespeed/module) and start using a CDN.

Well, that costs bandwith, but wasn't the issue.

The issue was the cpu power. The VPS hadn't got enough cpu time for fullfilling all these requests. The machine reportet 8 cores, but load didn't cross the 4 - mark. Memory is 4GB, but that was more then enough.

On the top list you were able to clearly verify the php processes running and trying to fullfill the request.

We swapped to my provider http://net-build.net , which has a good performance.

thanks for the hint anyway. I think David already exchanged it.


Yup, doesn't load for me.

What service are you using to get that information?

One way:

  ~$ ping -c1 piratebox.cc
  PING piratebox.cc ( 56 data bytes
  64 bytes from icmp_seq=0 ttl=49 time=96.722 ms

  --- piratebox.cc ping statistics ---
  1 packets transmitted, 1 packets received, 0.0% packet loss
  round-trip min/avg/max/stddev = 96.722/96.722/96.722/0.000 ms

  ~$ nslookup

  Non-authoritative answer: name = ps43705.dreamhost.com.

  Authoritative answers can be found from:
  103.111.64.in-addr.arpa nameserver = ns3.dreamhost.com.
  103.111.64.in-addr.arpa nameserver = ns1.dreamhost.com.
  103.111.64.in-addr.arpa nameserver = ns2.dreamhost.com.
  ns1.dreamhost.com internet address =
  ns2.dreamhost.com internet address =
  ns3.dreamhost.com internet address =

Heh, pre-webschool :) While we're teaching.

$ whois # Note: IP!=same, similar is ok

NetRange: -


OriginAS: AS26347


NetHandle: NET-64-111-96-0-1

Parent: NET-64-0-0-0-0

NetType: Direct Allocation

RegDate: 2005-03-07

Updated: 2013-01-18

Ref: http://whois.arin.net/rest/net/NET-64-111-96-0-1

The above shows us that the IP address range has been owned by Dreamhost since 2005.

$ traceroute -M16 # Note: Hides first 15 hops

traceroute to (, 64 hops max, 52 byte packets

16 te0-0-2-0.nr11.b037327-0.iad02.atlas.cogentco.com ( 150.006 ms 112.416 ms 111.521 ms

17 ( 110.817 ms 111.131 ms 113.563 ms

18 ip-208-113-156-8.dreamhost.com ( 122.604 ms 119.393 ms 120.720 ms

19 ip-208-113-156-14.dreamhost.com ( 118.675 ms 116.344 ms 116.236 ms

20 ps43497.dreamhost.com ( 165.690 ms 111.885 ms 119.339 ms

This shows you the carrier in use leading to the facility (cogentco).

Often facilities without reverse DNS (apparently in the final hop) or without own IP ranges (as we discovered above Dreamhost has) can still be determined without actually passing traffic by reading the reverse DNS information on the closest border hop on their carrier. In this case we don't get lucky with that technique, since #17 is not showing any reverse DNS.

Beyond the above you can start looking at AS-driven routing records, physical network layouts, internet historical information, etc. before resorting to more active probes.

> $ traceroute -M16 # Note: Hides first 15 hops

HARD MODE: Is is actually 'hiding' those hops, or does it not even look for them?

Using Apple's `traceroute.c`[1]:

  case 'M': /* FreeBSD compat. */
    first_ttl = str2val(optarg, "first ttl", 1, 255);
Looks like it's just bumping up the value of the first TTL.

Note: For those not in the know, traceroute works by adjusting the TTL (time-to-live) value on the packet it sends out. The TTL is basically the max number of hops that the packet can take. Each 'hop' decrements the TTL value, until it reaches the destination or TTL == 0. If the TTL == 0 before it gets to the destination, then the packet it sent back as rejected.

[1] http://www.opensource.apple.com/source/network_cmds/network_...

Heh! You wouldn't need to check the code to validate the execution flow unless you're on a first-world network and so used to them that latency becomes unnoticed!

In terms of comprehension for the record I would recommend instead of the source the explanation at Wikipedia: https://en.wikipedia.org/wiki/Traceroute

For awhile it used to be that people would write their own traceroute implementation as a rite of passage.

As a joke, back in the 1990s, Julian Assange took it one step further and used to spoof responses to traceroutes in order send a fake route back to the querying node, indicating that his systems were somehow affiliated with important government or military entities. Excellent sense of humor :)

I like to be more anonymous and hide within plain sight. Instead of a little box with a large pirate symbol, I would rather fire up a VM and run it off my laptop.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact