[HN Gopher] I2P: End-to-end encrypted and anonymous internet
___________________________________________________________________
I2P: End-to-end encrypted and anonymous internet
Author : keepamovin
Score : 250 points
Date : 2023-10-26 15:18 UTC (7 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| yamrzou wrote:
| Related:
|
| _Invisible Internet Project (I2P)_ -
| https://news.ycombinator.com/item?id=25734254 - Jan 2021 (23
| comments)
|
| _Kovri - A secure, private, untraceable C++ implementation of
| the I2P network_ - https://news.ycombinator.com/item?id=14963044
| - Aug 2017 (53 comments)
|
| _I2P-Bote - Email plugin for the I2P network that uses a
| distributed hash table_
| -https://news.ycombinator.com/item?id=14236331 - May 2017 (20
| comments)
|
| _I2P: Invisible Internet Protocol_ -
| https://news.ycombinator.com/item?id=12022917 - July 2016 (56
| comments)
| wongarsu wrote:
| I really like I2P as a project, and I think it gets a lot of
| things right. For example having every network participant relay
| some internal traffic, instead of relying on altruism from relay
| operators, makes it much harder for a single entity to control
| enough hops to deanonymize users.
|
| Sadly, outside of torrenting I2P doesn't seem to have much
| traction, losing out to the better funded tor project
| bilegeek wrote:
| Torrenting is I2P's foot in the door for much wider adoption,
| which would help drive other types of usage. I really hope it
| takes off, especially since qBitTorrent 4.6 just integrated
| support; the current stagnation of filesharing, especially
| w.r.t. needing a VPN for everything, needs some shaking up.
| birdyrooster wrote:
| We will still need VPNs to get good connectivity to other
| residential ISPs until some government entity (or market
| condition) inspires ISPs to invest in more hardware and
| peering with each other. CDNs and VPN providers are now sadly
| a requirement for the internet to work the way we expect it
| to.
| _factor wrote:
| With modern tech, I should be able to launch a web server,
| give you my ipv6 that never changes, route a few ports
| through fw and we're good.
| tepitoperrito wrote:
| Yggdrasil? https://yggdrasil-network.github.io/
| INGSOCIALITE wrote:
| With modern tech I should never have any identifier that
| doesn't change whatsoever. Mac,ip,etc should randomize
| every nth second lol
| ribosometronome wrote:
| Does I2P torrenting operate at remotely comparable speeds to
| without?
|
| I recall hearing that it was vaguely frowned upon with Tor back
| in the day for saturating the networ and it didn't seem like
| there was much reason to use it over basically any VPN,
| especially speed wise, assuming your motive was to avoid
| copyright notices.
| IYasha wrote:
| But isn't it enough to use it just for metadata and not the
| pyload itself? (provided that's possible)
| londons_explore wrote:
| If you want to avoid copyright notices, then you need to do
| it for the payload too.
|
| That's because a copyright holder could easily host a copy
| of some pirate film on your new network, and then just see
| the destination of the data packets.
| Spoom wrote:
| Wait, but if the copyright holder is sending the _actual
| payload_ to you as a client, couldn 't you make the
| argument that they implicitly authorized you to have it?
|
| AFAIK, cops can't deal you actual drugs and then arrest
| you for it.
| londons_explore wrote:
| If that was a concern, they could always cut off the
| connection right before sending the data packet.
| skrowl wrote:
| Cops can absolutely do that. Cops posing as prostitutes
| can arrest you for attempting to purchase sex from them
| as well.
| Ms-J wrote:
| This is absolutely true in many states in America. Not
| sure why you received any down votes.
| phoenk wrote:
| What you're describing is entrapment:
| https://en.wikipedia.org/wiki/Entrapment
|
| Sometimes its legal, depends where you are and how it was
| done.
| chmod775 wrote:
| It's something Prenda Law got up to and is among the
| things that did them in.
|
| > An expert witness affidavit stated that IP addresses
| linked to Prenda's Minnesota and Florida offices and John
| Steele, had themselves been identified in 2013 as the
| initial "seeders" (sharers) of some pornographic media,
| tagged for "fast" sharing on file-sharing networks, which
| would be followed up by threat of legal action
|
| https://en.wikipedia.org/wiki/Prenda_Law
| seanw444 wrote:
| Yeah I imagine it would pull the network down a lot.
| tryptophan wrote:
| I remember I2p torrents being horrendously slow, like 20kbps at
| max(do you even remember the last time someone used kbps as
| units?) for popular stuff. Has that changed in the last few
| years?
| mhitza wrote:
| I get on the regular up to 200-500kbps depending on number of
| peers, and their router configuration (I have my bandwidth
| configured above the defaults, which are very low).
|
| I understand that is unheard of from someone living in the
| "instant access era" but their protocol has a cost.
| OfSanguineFire wrote:
| One of the reasons people were wary of Freenet, where every
| user would participate in the hosting, was that if the
| encryption algorithm was ever broken, people would undoubtedly
| be revealed to have been passing CSAM along. Unwittingly, but
| still. Does I2P's model not spark the same concerns?
| ensignavenger wrote:
| Do ISPs worry about relaying TLS traffic because if the
| encryption is ever broken, it will be revealed that they were
| relaying CSAM? There isn't any difference to an i2p node
| relaying encrypted data and and ISP doing it.
| OfSanguineFire wrote:
| ISPs are, especially in the wake of mergers in many
| countries, large corporations with lawyers. An I2P node
| might be run by an individual who lacks that security, and
| this is just something that can be used against that person
| if he comes to the attention of the authorities for
| whatever reason. It's like the risks of individuals'
| running Tor exit nodes, which are well known.
| mistercheph wrote:
| Does any transmission method where the message is even
| partially concealed from the messenger not spark the same
| concern? E.g. Postal services.
|
| I am pretty sure not blaming the messenger for the message is
| a legal notion that predates Hammurabi's code.
| warner25 wrote:
| > gets a lot of things right... having every network
| participant relay some internal traffic
|
| There are trade-offs. The Tor Project has its reasons for _not_
| doing this (from https://support.torproject.org/alternate-
| designs/):
|
| "...many Tor users cannot be good relays -- for example, some
| Tor clients operate from behind restrictive firewalls, connect
| via modem, or otherwise aren't in a position where they can
| relay traffic. Providing service to these clients is a critical
| part of providing effective anonymity for everyone, since many
| Tor users are subject to these or similar constraints and
| including these clients increases the size of the anonymity
| set..."
|
| "...we need to better understand the risks from letting the
| attacker send traffic through your relay while you're also
| initiating your own anonymized traffic. Three different
| research papers describe ways to identify the relays in a
| circuit by running traffic through candidate relays and looking
| for dips in the traffic while the circuit is active. These
| clogging attacks are not that scary in the Tor context so long
| as relays are never clients too..."
| JanisErdmanis wrote:
| How straightforward is it to create new circuits using I2P? I'm
| curious whether this is supported by the API and the time it
| takes.
|
| For context, I'm developing a voting system [1] where votes are
| signed pseudonymously and must be transmitted over an anonymous
| channel. Additionally, it's vital that no two pseudonyms use the
| same anonymous channel, as this would weaken the anonymity.
|
| [1]: https://janiserdmanis.org/artefacts/EVOTEID-2023-poster.pdf
| Aerbil313 wrote:
| Years ago I tried I2P to test the limits of anonymity it can
| provide. It's sad that it doesn't seem to have much funding,
| because it's far superior to Tor by all means. The guys worked
| really hard on the theory before implementing it. Still, the UX
| of the router was really bad. It really needs a standalone binary
| to work flawlessly and performantly across all platforms, not to
| mention the need for a GUI which doesn't require you to know many
| technical concepts beforehand. Current router is written in Java,
| and I hoped i2p-rust would catch up, but it seemed a half-dead
| project.
| deepsun wrote:
| Well, there's no problems with Java, except, as you said,
| willingness of volunteers to support it. It's much easier to
| inspire people to try a shiny new language.
|
| However, I would say that Rust/Go already moving out of the
| spotlight for that purpose. For the hype we'd look towards Zig
| or Nim or something I've yet to hear.
| Aerbil313 wrote:
| This software is a router of a network. It needs to be both
| performant and cross-platform.
| deepsun wrote:
| Yep. Java is performant and cross-platform.
| Aerbil313 wrote:
| I know. But the implementation didn't seem to be.
| Something about languages and tendencies.
| lloyds_barclays wrote:
| Reminds me of Zeronet. It was quite popular for some time.
| account-5 wrote:
| I could never work out how to use this in the past. Has it gotten
| any easier to use? Tor made things a lot easier.
| IKantRead wrote:
| This has been my experience as well, which is a bummer because
| I think hidden services are the best part of Tor, and my
| understanding is that I2P is basically designed with hidden
| service like features in mind from the ground up.
| fsflover wrote:
| What's complicated about it? You run a client ("i2p router")
| and configure your browser's proxy as 127.0.0.1.
| knowaveragejoe wrote:
| And then what?
| fsflover wrote:
| And then you can browse .i2p websites.
| IYasha wrote:
| Where do you get them? Is there some kind of catalog?
| (don't answer if it's not supposed to be in normal
| internet)
| stvltvs wrote:
| Haven't tried it, but the primary i2p software comes with
| an address book according to their website.
|
| https://geti2p.net/en/about/software
| IYasha wrote:
| I too would love a one button solution. And also a server-only
| node.
| OsrsNeedsf2P wrote:
| Sounds like you're looking for i2p zero:
| https://github.com/i2p-zero/i2p-zero
| throwaway894345 wrote:
| It seems like something like this would be great for people
| living under authoritarian regimes--feels like making I2P dead-
| simple would benefit a lot of people and help to make
| censorship more difficult.
| fishgoesblub wrote:
| This appears to link to the C++ version of I2P. Not the original
| "Official" Java version which is more complex and has much more
| built-in features: https://geti2p.net
| anthk wrote:
| i2pd it's preferred on low devices because of performance.
| Anyway, current i2pd works perfectly well with irc, mail, nntp,
| gopher, web and telnet.
| Borg3 wrote:
| Oh, I need to take a look at this.. I hate Java. I wonder why
| such a low level thing does NOT have C implementation actually.
| joemazerino wrote:
| I2P is a great project run by amazing people.
|
| Quick note on it vs Tor
|
| I2P excels inside of the I2P garden. Unfortunately when I last
| checked there were only a few exit nodes which is where Tor
| excels.
| timbit42 wrote:
| How does I2P compare to Veilid? At first glance they seem quite
| similar.
| jtriangle wrote:
| I2P actually has a functional network, Veilid has just
| launched, and isn't really available to the public in a
| meaningful way.
|
| Outside of the practical, I2P is built entirely in Java, Veilid
| is built in Rust, so potentially more performant, Veilid uses
| modern ciphers so is potentially more secure, Weilid is
| potentially easier to modify and integrate into apps, and
| Veilid locally encrypts its storage, I2P does not.
|
| So, realistically, it's a more modern take on I2P, designed to
| work on mobile, improvements are subtle, but might help create
| additional adoption if they can get it into people's hands.
| fsflover wrote:
| > I2P is built entirely in Java
|
| The post links to the C++ implementation of I2P.
| Aerbil313 wrote:
| Does Veilid allow arbitrary networking like I2P? It's
| advertised as a social media data sharing network.
| kstrauser wrote:
| It does. The VeilidChat app is built on top of the general-
| purpose Veilid application framework. Chat apps were the
| first, easiest things to make on that framework, but
| there's nothing inherently social media (or even messaging)
| oriented about it.
| SXX wrote:
| For those who wondering: best practical use of I2P is to tunnel
| SSH access to obscure devices behind NAT where you can't or dont
| want to use something like Tailscale. Or imagine you have that
| torrent box you using for seeding obscure book or music
| collection. You can pay for the server with crypto, but I2P is
| good to make sure you can access and configure it privately.
| Aerbil313 wrote:
| I'd say "best" practical use is those of people under threat of
| institutions and nations and it works well for simple access.
| It even has a stealth mode for censorship regimes in which your
| router doesn't advertise itself and lays down.
| HDThoreaun wrote:
| I was sad to see i2p's maintainer zzz quit the project after he
| got some pushback about politics I think. Reminded me to be
| thankful for all the unpaid hard work open source maintainers put
| in.
| usefulcat wrote:
| Was that the reason? I never heard what the reason was. It was
| a very abrupt departure for sure.
| codezero wrote:
| [delayed]
| flotzam wrote:
| Is there a seedbox provider with preconfigured I2P connectivity?
| klntsky wrote:
| Who would want to use it and for what? lol.
| throwaway894345 wrote:
| How does I2P work? In particular, how does it guarantee that
| participants are relaying properly and not just sending/receiving
| their own packets?
| dang wrote:
| Related. Others?
|
| _Easy anonymous file sharing using I2P technology_ -
| https://news.ycombinator.com/item?id=31790940 - June 2022 (1
| comment)
|
| _Guide to I2P and How It Differs from Tor /VPN and Setup Guide_
| - https://news.ycombinator.com/item?id=29547676 - Dec 2021 (1
| comment)
|
| _I2P celebrates the 20 years of the project with version 1.5.0
| release_ - https://news.ycombinator.com/item?id=28302808 - Aug
| 2021 (1 comment)
|
| _Invisible Internet Project (I2P)_ -
| https://news.ycombinator.com/item?id=25734254 - Jan 2021 (23
| comments)
|
| _I2P_ - https://news.ycombinator.com/item?id=22985995 - April
| 2020 (1 comment)
|
| _NTCP2 - An authenticated key agreement protocol for I2P_ -
| https://news.ycombinator.com/item?id=17749865 - Aug 2018 (4
| comments)
|
| _Kovri - A secure, private, untraceable C++ implementation of
| the I2P network_ - https://news.ycombinator.com/item?id=14963044
| - Aug 2017 (51 comments)
|
| _I2P-Bote - Email plugin for the I2P network that uses a
| distributed hash table_ -
| https://news.ycombinator.com/item?id=14236331 - May 2017 (20
| comments)
|
| _I2P: The Invisible Internet Project_ -
| https://news.ycombinator.com/item?id=12882790 - Nov 2016 (3
| comments)
|
| _I2P: Invisible Internet Protocol_ -
| https://news.ycombinator.com/item?id=12022917 - July 2016 (55
| comments)
|
| _I2P - An anonymous overlay network_ -
| https://news.ycombinator.com/item?id=8871740 - Jan 2015 (3
| comments)
|
| _' Silk Road Reloaded' Just Launched on a Network More Secret
| Than Tor_ - https://news.ycombinator.com/item?id=8871023 - Jan
| 2015 (27 comments)
| efd6821b wrote:
| Tor Browser is Tor's killer app. I2P needs a secure simplified
| fingerprint-free browser that only does basic HTML, otherwise
| you're just asking for trouble.
| worldofmatthew wrote:
| That is very correct.
|
| Normal browsers being used is a massive downside for anonymity
| of I2P. The Tor browser tries to make everyone on the Tor
| network look the same.
___________________________________________________________________
(page generated 2023-10-26 23:00 UTC)