Anonymous Network I2P 0.7.2 Released 231
Mathiasdm writes "The Invisible Internet Project, also known as I2P, has seen its 0.7.2 release (download). I2P uses multiple encryption layers, and routing through several other computers to hide both sender and receiver of messages. On top of the network, regular services such as mail, browsing, file sharing and chatting are supported.
This release (and all of the releases since 0.7) is at the start of a new development period, in which the I2P developers wish to spread the word about the secure network. This new release includes performance improvements, a first edition of an experimental new desktop interface and security improvements (by limiting the number of tunnels a single peer can participate in)."
Wow, way to abbreviate there (Score:5, Funny)
By abbreviating I2P instead of IIP they save a whole zero characters.
Re:Wow, way to abbreviate there (Score:4, Funny)
Re: (Score:2)
Re:Wow, way to abbreviate there (Score:5, Insightful)
I find "I2P" quite recognisable as a "trademark", and more importantly, quite googleable, since it doesn't share namespace with myriad corporate TLAs. Works for me.
Re: (Score:2)
Re:Wow, way to abbreviate there (Score:5, Informative)
By abbreviating I2P instead of IIP they save a whole zero characters.
It is to distinguish it from another anonymous network;
http://en.wikipedia.org/wiki/Invisible_IRC_Project [wikipedia.org]
Re: (Score:2, Interesting)
Can anyone compare this I2P, Invisible IRC, and Tor, etc?
I'm just curious as to how they all differ.. and if any have any REAL usable performance.
Re:Wow, way to abbreviate there (Score:5, Informative)
Re:Wow, way to abbreviate there (Score:5, Informative)
I2P creates an entire seperate (though visible) network that allows tcp transport where it is impossible to connect an I2P address to an IP address. It is easy to tell who is using I2P but not what they're doing on the network. I2P also (or at least used to) includes a proxy out to the full internet. I2P is usable but often times fairly slow (mostly because alot of sites are hosted on people's cable/dsl systems).
Invisible IRC only works for IRC, and nothing else.
Tor is more of an anonymizing proxy than an entire seperate network. It's anonymity isn't quite as good as I2P, but in general, you'll get much better transfer rates to the regular internet through tor than I2P.
Freenet is another approach to anonymous network, but is implemented closer to a searchable, distributed, highly redundant, encrypted filesystem. It is anonymous, but only really allows publishing and reading of content, and it is pretty much impossible to have real time (or even close) communication with it.
Re:Wow, way to abbreviate there (Score:4, Insightful)
Comparing I2P, Tor, and Gnunet/Freenet (so not exactly what you're asking), in order of most to least specialized:
Gnunet and Freenet are high-latency networks set up to share files redundantly and anonymously.
Tor is a low-latency network, which works by creating encrypted tunnels through a series of servers to proxy your internet connection anonymously. Also, there exist "hidden servers" on Tor which can only be accessed from the Tor network. They allow servers to be anonymous too. Tor can't run BitTorrent efficiently, as all connections are proxied to the normal internet, don't allow incoming connections from the normal internet, and using Tor's circuit-switched network for the many connections needed to file-share is horribly inefficient. Tor is really built for the client/server model of traditional internet browsing/hosting.
I2P is a more generic low-latency anonymous network. Its nodes can talk to each other anonymously, and it allows other specialized applications to run over it. There is a set of applications for it to make it function similar to Tor and proxy your internet. BitTorrent can also be run on it efficiently to share between I2P users.
Closer comparisons between I2P and Tor:
Tor builds circuits between servers which hold whole connections. I2P packet-switches allowing each packet to find an efficient path (its own circuit in Tor-speak). So I'd guess that I2P would be quicker than Tor in many cases, by utilizing more paths efficiently.
Personally, I'm more confident in Tor's anonymity and network, and would use where anonymity was the #1 priority. Tor is tried-and-true, was originally researched by the US Navy, and has ties with the EFF, while I2P is "still a work in progress, and should only be used for testing or development purposes prior to the 1.0 release".
Re: (Score:2)
Re:Wow, way to abbreviate there (Score:5, Funny)
I2P sounds better than Aye Aye Pee
Especially if you put 'need' between 'I' & '2' [:
Re: (Score:2)
Did anyone else misread that? (Score:5, Funny)
I initially read that as "Anonymous Network 127.0.0.1 Released" and thought "did I miss April Fools this year?"
I2P vs TOR (Score:2, Interesting)
Re:I2P vs TOR (Score:5, Informative)
I'm in a bit of a rush but how is this any different then say TOR?
http://www.i2p2.de/techintro.html#similar.tor
Re:I2P vs TOR (Score:5, Funny)
No dammit, this is encouraging people to read things. Sure it's just a simple link this time, then sooner or later its TFA, then god forbid, TFM. We can't have that, please stop.
Re: (Score:3, Funny)
Don't worry. He did not link the URL. And we're not copying and pasting URL to the address bar anytime soon. (God, that was painful to even write. ^^)
Re: (Score:2)
Even better: http://www.codinghorror.com/blog/images/middle-mouse-button-press.png [codinghorror.com]
Re: (Score:2)
How does that help? Sure I can paste something with it. But I still have to copy and pas...snore....
Re:I2P vs TOR (Score:4, Informative)
When last I used it seemed that I2P has a whole network of ".i2p" domain things that you could only access if you were a part of the I2P network.
Tor is just a proxying service is it not?
I think it's something like if Tor was a private network that only Tor users could access.
Re:I2P vs TOR (Score:4, Interesting)
Re:I2P vs TOR (Score:4, Insightful)
Both TOR and I2P have hidden networks only accessible if you are using the client. Interestingly, they both also have Freenet 0.5 gateways.
When it looked like Freenet 0.5 was going to die (which it's not, people are going back to it from 0.7 in droves), I did quite a bit of testing on both TOR & I2P; I2P is MUCH more anonymous than TOR, in default configuration.
Re:I2P vs TOR (Score:4, Funny)
Re:I2P vs TOR (Score:4, Funny)
Re:I2P vs TOR (Score:4, Funny)
Re:I2P vs TOR (Score:5, Funny)
And boy were you disappointed.
Slow as usual... (Score:3, Interesting)
This is far from the first P2P to attempt hiding IP etc. I have not used this system, but all the others that have done (and do) the same thing end up with the same problem -- the system ends up being painfully slow to use.
Oh well, maybe THIS one will not be?
Re:Slow as usual... (Score:5, Insightful)
The question should be how slow is it compared to the speed experienced after the ISP shuts you off (or the authorities confiscate computing equipment) due to an accusation of illegal activity by the *IAA. The performance hit may seem painfully slow until compared to the slowness of 0 bps. In fact, such a system IMHO should have an easy to use toggle (desktop widget, browser plugin) so that "normal browsing" goes through the usual channels and only the limited periods of "private browsing" are experienced with full protection on. Blend in with the crowd by default and leave the security for when you really need it.
Re:Slow as usual... (Score:4, Interesting)
The question should be how slow is it compared to the speed experienced after the ISP shuts you off (or the authorities confiscate computing equipment) due to an accusation of illegal activity by the *IAA. The performance hit may seem painfully slow until compared to the slowness of 0 bps. In fact, such a system IMHO should have an easy to use toggle (desktop widget, browser plugin) so that "normal browsing" goes through the usual channels and only the limited periods of "private browsing" are experienced with full protection on. Blend in with the crowd by default and leave the security for when you really need it.
How about anonymous by using an open wireless network? Or use the coffee shop wireless network down the street? Or go to a library? There are many better options for being anonymous if you choose...
Re: (Score:3, Insightful)
Indeed. All viable options. Until you want to connect to a personal service (email, webserver, bank, TPB etc.) on an open and untrusted network. Then your anonymity can be compromised by any enterprising kiddie monitoring the network. It's not about being anonymous via connecting from a network other than the home account, it's about being anonymous by going into stealth-mode so it's hard to determine who you are and what you are up to regardless of where you are connecting from.
Re:Slow as usual... (Score:4, Interesting)
Re: (Score:2, Informative)
Re: (Score:2)
You think physically moving to another geographical location does not hide his geographical location?
When was the last time you went out.
No, I mean really leave your chair. And your room. And your house. No. Not the one in your online game. The real one! ^^
(I know what you meant, but I think driving to another city does a pretty well job. :) Just be sure to not leave any genetic / fingerprint / etc. traces on that computer desk.
Re: (Score:2)
Provided you only do it once (or a couple times), or never use the same network twice for the same activity.
1. Use anonymous network for "illegal" activities
2. Get spotted in XYZ location on ZYX network
3. "They" show up, find nothing suspicious by then
4. They sit there and watch the network
5. You show up again, they see your (same) network activity, do a triangulation or whatever
6. ???
7. Loss of profit.
Re: (Score:2)
Do better than that. Leech off of others wifi, or use public free wifi to do "high risk downloading".
Frankly, nobody cares about crap group or god_awful_teevee show. It's the Wolverines, Cams and leaks the biggies care about. If you rapidshare a book once in a while, or download unlicensed anime/foreign tv shows, nobody cares. It's when you hit the dangerous stuff, or are blatantly peaking usage caps (if you ARE the top user in the city, or near it).
Now, if you hit high usage, throw ubuntu package rsyncing
Re: (Score:2)
Re:Slow as usual... (Score:5, Insightful)
By that logic, any encrypted traffic instantly becomes "interesting".
Instead I'd recommend encrypting as much as possible. The more noise, the better.
Re:Slow as usual... (Score:5, Insightful)
Even better, don't only encrypt things you want encrypted. Add encrypted true random data to any mails you send, to web pages, etc. As the encrypted random data will be largely indistinguishable from actual content but impossible to decrypt it'll clog any listeners decryption capabilities, forcing them to either white list you or be stuck with a huge pile of largely undecipherable junk which may or may not contain something they might want to attempt to decrypt.
The desire of our dear leaders to expand surveillance to everyone everywhere and take the authoritarian road is, perhaps, unstoppable, but fortunately it also creates a huge funnel collecting sand for the machinery.
Re: (Score:2)
I agree that everything should just be encrypted by default, but I'm not sure that encrypted traffic looks suspicious any more.
Thanks to protocol encryption in BitTorrent, widespread use of VPN connections and SSL encrypted packets are hardly rare these days. In fact, I remember there was a story a few years ago when BitTorrent protocol encryption first came in, where MI5 and other spying agencies were complaining that it made their jobs a lot harder.
Re: (Score:2)
It has been some years since I last submitted or received an unencrypted e-mail. Unfortunately only the part to my provider or my own server are encrypted (IMAPS/SSMTP), but hey, It certainly adds to the noise. :)
Re: (Score:2, Interesting)
Re: (Score:2, Insightful)
Any attempt at obfuscation will draw the attention of interested parties. A change from "normal" to "private" will be noticeable. Blending in means acting normal, not suddenly pulling a ski mask over your face when you're about to pull a heist.
ISPs will cut you off anyway (Score:2)
Since most ISPs are now metering (and arguably DRMing) by GB transferred rather than just going by bandwidth, the same thing will happen anyway.
Re: (Score:2)
Or your ISP shuts you off due to bandwidth use... No 'suspicion/accusation' needed.
Somedays you cant win.
Re: (Score:2)
When contemplating this, it is important to realize that participating in projects like I2P and (especially) TOR increases the chances of being cut of from the Internet or worse. After all, your IP address will be involved in criminal activities, and you will have no way to pass the buck to those who are really behind said activities.
Re: (Score:3, Informative)
I think you have your facts wrong. :D
It's true, if you are a Tor "exit node" that proxies to the regular internet, you will be at risk of having your IP address associated with illegal websites. But most people don't do this.
Standard use of I2P or Tor will put you at virtually no risk whatsoever. You are just routing encrypted traffic of which you have no idea of the content.
Re: (Score:2)
Well, my little home server could certainly have the normal network and that thing as a VPN, and allow one to toggle the routing with a little web-, ssh-, or desktop applet interface.
Re: (Score:2)
Toggle is easy. Just use two different browsers. Maybe your favorite browser is Firefox, and your second favorite is Chrome. Configure Firefox to use normal ports, configure Chrome to use the ports provided by the anonymity service. You can do normal browsing, and carry on anonymous business SIMULTANEOUSLY!!
Slow? Yeah. But, I'm willing to spend the time waiting for pages to load, to read the sekrit stuff people have to say about life under this or that repressive regime.
TOR is dominated by child porn,
Re:Slow as usual... (Score:5, Insightful)
Maybe it is slow, but currently that is the price for anonymity. If you don't think waiting a few seconds here and there is worth it for being anonymous then don't use services like this. There are plenty of people who think anonymity is worth a lot more than that. If you only want to be anonymous if its convenient and without negative side effects then you are probably not one of the ones who need to be anonymous.
Re: (Score:2)
If you only want to be anonymous if its convenient and without negative side effects then you are probably not one of the ones who need to be anonymous.
Having more anonymous people increases the anonymity of everyone. The reason being that if you can identify non-anonymous people, you who is a member of the "anonymous" sub-demographic by the simple principle of exclusion. Details about timing of certain data requests may even narrow it down to a specific individual. The more anonymous data that traffics the internet, the more difficult it is to isolate any of it in particular.
It is also important to have widespread anonymity because this is the only w
Pedophiles and Terrorists (Score:5, Insightful)
Yeah, I know how this is gonna be received:
"Shit, the people of our country might be able to share free and uncensored speech and information among themselves.
Wait, I know how to fix this! Headlines! "OMG Secret Pedophile and Terrorist Network" - anyone who wants to be anonymous on the internet /must/ be a pedohile or a terrorist. If you have no pedophilia or terrorism plots to hide, you have nothing to hide!"
Re:Pedophiles and Terrorists (Score:5, Insightful)
Really?
With data retention becoming reality in Europe, it's only a small step until employers become interested in the data. Why did my employees gather information about certain diseases? Why are they looking at job pages? Why are they looking at my competitor's page or even exchange information with him?
As soon as data is gathered, its abuse is not far behind.
Re: (Score:2)
Whooosh!
Re: (Score:2)
That implies it was only *after* the data was gathered that the *idea* of abusing the people involved occurred.
I, cynically to be sure, believe the *idea* of abusing the people occurred well before the *idea* of collecting the data on them.
Re: (Score:2)
You have to admit it's pretty hard these days where the shortsighted "got nothing to hide" dimwits end and the witty sarcasm starts. When sarcastic comments become all too realistic, be afraid!
Re: (Score:2)
You have to admit it's pretty hard these days where the shortsighted "got nothing to hide" dimwits end and the witty sarcasm starts. When sarcastic comments become all too realistic, be afraid!
Right..."Be Afriad"....."I'm so scared"......(to be read while making "air quotes").
Re:Pedophiles and Terrorists (Score:4, Insightful)
There is, unfortunately, a nugget of truth in there somewhere.
None of these sorts of things, AFAICT, let you monitor what's going through your node. And that's important to me. Whilst I support free speech and the rights of people to communicate without government interference, I'm damned if my resources are going to be used to propagate child pr0n.
Re: (Score:2)
Of course NOT. That defeats the whole purpose of these communication methods in the first place.
1) Anonymous. As far as the destination network/server/device is concerned your identity was obfuscated and protected by a system of uncertainty. Since all participants in the anonymous network are routing traffic for each other, it is impossible to tell for certain if the traffic originated from the operator of the exit node
Re: (Score:2)
"It is a "your with us" or "your against us" answer here. You CANNOT EVER apply your content filtering to data flowing through your node. It violates the very principles by which these networks were created."
Which is why I don't feel I can participate.
There *is* a middle ground in which to operate. It is possible to create a network in which you only connect to known third parties and (unless others have added extra encryption) see what's going across your node without knowing where it originated or what it
Re: (Score:2)
So don't use the network.
I would never, ever condone the creation or propagation of CP, but one downside of such an anonymous network is that it can be abused like this.
If it wasn't so difficult (potentially life-altering) to report abuses to the authorities, I don't think we'd have many of the issues we have now. Part of my job is to monitor internet usage, and as such I have to expect that I could be exposed to something truly horrific, but I'm also protected from prosecution by having tha
Re:Pedophiles and Terrorists (Score:5, Insightful)
You do realise that your taxes are being used to build and maintain roads? How do you think these people manage to get children, rapists and recording equipment together in the same location? At some point a car is very very likely to be involved.
Re: (Score:2)
False analogy. I am not directly, as a private citizen, taking any action there.
Re: (Score:3, Insightful)
So what you're saying is that the people who do road works are taking an active role in child pornography because they helped build the roads? Or that Al Gore is responsible for the child pornography being spread via the internet? He had an active role in having the thing built (by varying degrees of 'built').
Just because something can be abused for bad things, doesn't mean everyone involved in its creation are responsible for those bad things.
Re: (Score:2)
"Just because something can be abused for bad things, doesn't mean everyone involved in its creation are responsible for those bad things."
Hi, sorry if I gave the impression that I think either the product or the developers are in and of themselves evil. I think it's fantastic that this tech exists from a freedom point of view and from a crypto-geek point of view. I support people's rights to create and use software such as this, if they want to.
I'm just saying that I couldn't take part in good conscience.
I am responsible for my node. (Score:2)
Regardless that it is anonymous, in the end I am the one responsible for what my node does.
What we really need to move towards is a disconnected Mesh network, where I am not providing Internet Access. My AP connects up with X other AP's in the area and we create a mesh. That's the network. Starts out small, like the Internet did. Eventually everyone ends up on the mesh network, too. I can access CNN because it's got a mesh address. My traffic flows from my AP through perhaps hundreds others to get t
Re: (Score:2)
So what?
I'm not advocating stopping the "free internet", I'm just saying I'm not going to use my resources to help you do something I find abhorrent.
As I said in another post - I'll certainly argue for your right to free speech, but that doesn't mean I'm going to hold your megaphone whilst you go on a violent, racist rant.
Similarly, I'll support the creation and defend the right to use programs such as these, but I'm damned if you'll use my computer to propagate CP.
Re: (Score:2)
"They already are. pedophiles use public facilities such as roads and postal service just as much as everybody else. QUICK! ban road networks! Think of the children."
Think before you post, please.
I didn't say ban anything, I said I can't take part in good conscience. It's up to you to decide if you think you can.
Re: (Score:2)
So to discourage the development of NSA-proof networks the Obama administration should announce that the RIAA and MPAA have been told that they will no longer be able to sue free P2P sites and users? Or that the definition of "fair use" has been redefined into something more agreeable?
It's so crazy it just might work!
(j/k, I think...)
Re: (Score:2)
I am not surprised. The person interested in child pron is perfectly aware that their desires are not accepted by society and will result in being ostracized by the other members of society and imprisonment by the authorities. As a r
A few more features they could add (Score:5, Interesting)
I designed one of these about a decade ago and did some prototyping. Since I don't seem to have the time to realize it, here are a few extra features that could be added (if i2p does not already include these).
Encrypted-file-fragmenting, auto-globally-migrating, auto-redundant replicating "virtual" data store layer. Stored files automatically seek to be replicated enough times to be guaranteed perpetually persistent, and also seek to move to newer and better physical storage sites, and to globally distribute themselves, and auto-cache near user when needed.
With this addition, we may have the basis for, for example, a Facebook-like on-line identity avatar which is not owned by a single company like Facebook but just floats around all over the P2P network, and is truly owned by the person who it is about.
With that freeing up of the online identity from external control, we could extend it to include important identity information needed for the citizen to function in society. Medical records, different identity numbers for different government agencies, your real-world address, etc. All of these properties about you could be placed online by you following standard protocols and placed only onto a secure virtual site in the i2. Permission model would of course be default no permission, opened incrementally to authorized and authenticated other parties.
If we had this, the onus could now be placed on governments, medical systems, post offices, etc. to come to your avatar and request permission to know your address, or your medical number etc. No more change of address rigamerole. No more problems in your paperwork or medical history maintenance because you happen to move to another state or country.
etc.
It all relies on the open standards for the info and privacy protocols, and on the confidence of the person to put their info into a secure, encrypted, and non-owned virtual internet location.
Re: (Score:2)
Greg Egan had a similar idea for his books.
He called it either a Mediator or a Cypherclerk. Its job was to authenticate, verify, encrypt, decrypt, submit to the network, retrieve from the network, and other general security functions based upon a civilization of sentient software. Although Egan leaves much to be desired about the details, he seems to indicate that it is also semi-sentient, as it learns. Nothing can be "run" on it, as we can do with our computers these days.
In one book, an outsider reads the
Re: (Score:2)
I thought you were talking about Eureka Seven, then I realized that it just used the name of Greg Egan...
Re: (Score:2)
Nope. I'm talking about This Guy [netspace.net.au].
Eureka Seven? Some anime? Nope. Im talking about an Australian computer scientist and author.
Re: (Score:3, Interesting)
Most of the names in Eureka Seven were mash-ups of famous musical artists or scientists, so I assumed that when they used Greg Egan it was another mashup. Apparently the real Greg Egan had some input into the storyline of the anime when it came to theories of the end of the world.
And while I'm not a lunatic when it comes to watching anime, currently there are quite a few shows that have higher quality storylines and characters than the normal slop they throw on TV in the US. The mainstream stuff is usually
Re: (Score:2)
I'd first recommend using MPC-HC (http://mpc-hc.sourceforge.net/) for viewing the .mkv files that most anime torrents use. Also boxtorrents is a good source of finding quality releases.
I can't give something that I know would definitely please you, as I don't know what type of person that you are or what you like, however I can try.
I've personally enjoyed every anime that had the english dub's main actor to be Steve Blum. He's done voice acting for hundreds of video games and anime,and a few cartoons, like
Re: (Score:2)
I should have added this before, but this is how I look at an anime: If you believe that the voice actor's voice fits the character good enough to make them a believeable character, then there's no difference between this person and a real actor. After that, its how much of the story and overall plot you enjoy, much like going to the movies to see one of your favorite actors.
You could also compare it to shopping for a netbook. While almost all of them have identical features, the one thing that is completel
Re: (Score:3, Interesting)
I designed one of these about a decade ago and did some prototyping. Since I don't seem to have the time to realize it, here are a few extra features that could be added (if i2p does not already include these).
Here's a tip for anybody thinking of implementing something like i2p, tor, freenet, etc: if the user has to do anything and if it impacts performance it's not worth doing.
What's needed is something simple and pervasive:
1) compatible with regular TCP
2) optional so it is only in effect when both the source and destination support it
3) 'weak' so that there is not much performance impact, so there is no reason to disable it
For sake of example, half of an xtea [wikipedia.org] key can be sent by the SYN using the TCP options fie
Re: (Score:2)
But that does not occur in a properly air conditioned environment........
Be gentle, it's my first day as a Spelling Nazi...
Re: (Score:2)
I predict your death in 5....4.....3.....2.....1
Seriously though, those are some AWESOME ideas. However, I think the idea that the government would not be granted automatically "full" permissions on the data, and they would have no ability to identify the people using it, or basically have any level of control over it.... would be extremely undesirable. That is, of course, an understatement.
I could just be cynical and paranoid (truthfully it is not could) but your ideas will probably never see the light o
Is speed really your concern? (Score:2)
Okay, you want a faster network that doesn't have multiple layers, encryption, etc.? Fine -- use the NSA, CIA, FBI, DHS, ABC, NBC, LMNOP supported and approved network. Sorry to break it to you guys, but a global, multinational, digital, and public communications network is going to have interests on it you aren't going to like or want to see what you're sending. This is true no matter who you are. That's the nature of a PUBLIC communications network. Suck it up. Our governments inability to protect our rig
Related to Freenet? (Score:2)
Sounds like its similar, does it also encrypt its local store?
Re:Related to Freenet? (Score:5, Informative)
I2P doesn't do data storage like Freenet.
I2P only encrypts and anonymises the transport. It's up to you to host the services on your machine. I2P just means people can use those services (e.g. a webserver) without knowing who is hosting them, and without you knowing who is accessing them. IF you go off-line, your service goes offline too.
Freenet, on the other hand, does have an encrypted and distributed data storage layer. You can go off-line and your website will remain available.
My Vision (Score:2)
My vision is to create, first of all, a network where any node can connect to any other node (unlike the current Internet, which has been infested by NAT).
Then, on top of that network, various interesting services can be built, including one that provides anonimity.
In interface, it could all be compatible with current IP networks, so that existing software can be used for it.
Does such a network exist already?
I've made some baby steps in implemeting one myself, but without much progress. One difficulty I've
Re: (Score:2)
I see NAT as a very workable solution and definitely donot see any major downsides to it at all. I donot want more than one machine addressable directly. I know that with IPv6 everything that NAT can do is possible with IPv6 as well. I just donot see NAT as being such a bad solution that it can be used as an argument to push for IPv6.
In the end, it will still be the same -- even if all my machines did have their own IP addresses, I'd be damned stupid to not set up one as a firewall/proxy for all the othe
No HTTPS support (Score:5, Insightful)
From their FAQ:
Sorry, I had to laugh a bit there. That's VERY naive. In anonymizing networks, HTTPS is the only thing that protects you from possibly corrupt exit nodes by encrypting the traffic between your browser and the destination webserver. To claim I2P doesn't need HTTPS support is misleading or at least ill-phrased.
Re: (Score:2)
This is I2P, not Tor. There are no exit nodes. The destination server is inside the I2P network. As stated in your own quote, the encryption truly is end-to-end, and HTTPS would consequently be redundant.
It wouldn't even help for authentication, since these sites don't exist on the public Internet (they use a private .i2p TLD), and no certification authorities exist for such domains. What benefit you could get from a self-signed key is inherent in the I2P network itself, as endpoints are identified by their
Re: (Score:2)
I know that I2P nodes don't exist on the public internet, do I really sound that stupid? On second thought, don't answer that.
Anyway, you're wrong, the destination server is not necessarily inside the I2P network and there are exit nodes (whatever they are called in I2P lingo, I don't care).
Just install the thing and try it out. Please. You'll see that I'm right.
Re: (Score:2)
So far as I2P itself is concerned, there are no exit nodes. Everything you can contact via the I2P protocol is internal to I2P (similar to Tor's .onion domains). Contrary to Tor, the I2P client software does not provide any outproxy service, by default or otherwise. Some people choose to run ordinary proxy servers which accept connections from I2P hosts and forward them to the public Internet. There are a very small number of these at the moment; I only know of one (false.i2p). They could just as easily pro
Re: (Score:2)
Or, to make it even clearer:
Just like Tor, I2P has two modes of operation:
And, no, the second "mode" is not meaningless or unnecessary. In fact, it's the primary usage for this stuff. And as such, HTTPS support is pretty important for all the reasons I laid out in the other comments.
Re: (Score:2)
So that's what's left of your argument? In the light of your wrongness on technical grounds you are now essentially saying that my original concern doesn't matter anyway because "who would ever want to contact public servers"?
*sigh* OK, I admit I'm talking about "normal" users here. If the original intent was to just crea
Re: (Score:2)
They didn't build exit node functionality into I2P; the outproxies (actually, the one outproxy currently active, false.i2p) are ordinary servers which you can access via the I2P network, the same as any internal webserver or e-mail host. If anyone wanted to run an HTTPS outproxy they could set one up; the I2P network supports that already without modification.
For those who primarily want to access sites on the public Internet, the I2P developers explicitly recommend Tor over I2P.
Re:No HTTPS support (Score:5, Interesting)
It's not me who's confused, and sometimes it doesn't matter how many people keep insisting on wrong things, they are still wrong. Reality is not democratic.
Yes, it does. Do me a favor. Install I2P, change the proxy settings of your browser to localhost:4444 or whatever is configured after you start the service. You'll notice that you can, via randomly chosen exit nodes, access any HTTP URL. Now do a remote host lookup to confirm where your exit node is. This will be the moment you realize that you're wrong.
No, it does not. In fact, the text you quoted proves you wrong right here: "any exit node is in a position to capture any traffic passing through it which does not use end-to-end encryption, e.g. SSL."
See, Tor can (and does) route SSL traffic transparently between your target webserver and your browser. There is no technical reason I2P cannot do the same and I'm guessing that they simply haven't gotten around to coding that feature yet.
Re: (Score:2)
As for https, my preliminary observation is that gmail is still working for me, but it might be bypassing the proxy setting in firefox. Don't know.
Indeed it is a shame, but HTTPS proxying seems not to be supported. This from Opera configured with localhost:4444 proxy for HTTP and HTTPS:
I2P ERROR: NON-HTTP PROTOCOL
The request uses a bad protocol. The I2P HTTP Proxy supports http:/// [http] requests ONLY. Other protocols such as https:/// [https] and ftp:// [ftp] are not allowed.
Generated on: Mon Apr 20 11:39:26 GMT 2009
Re: (Score:2)
No, this means you can live in another, RIAA-free dimension, where the Intarwebs have never reached more than 2Kbps ;)
Re:First post? (Score:5, Informative)
Re: (Score:3, Interesting)
Doesn't sound half bad when you put it like that :)
Re: (Score:2)
Yes, speeds are survivable. Now try to actually find some torrents... What is needed is not a better client (though it wouldn't hurt) but they need to reach a 'critical mass' of users.
Re: (Score:2)
Getting it to a critical mass of users is going to be a very important goal, but ironically I think help will come from companies like Phorm. As a lot of people are going to want to seek ways to avoid being so mercilessly exploited by companies like Phorm. Its ironically a very good rallying cry to effectively market I2P as a means to avoid Phorm. (I2P isn't perfect (yet) at avoiding Phorm, but its a lot better than not having it).
Re: (Score:3, Insightful)
In other words, if you want high-bandwidth bittorrenting, it helps a lot to contribute bandwidth yourself (makes you well-integrated). This keeps leechers to a slightly lower level.
Secondly, as torrents consume a lot of bandwidth, they also provide cover traffic for other peop