Slashdot Mirror

Check out http://www.i2p2.de/.

So, I just checked the I2P encryption page and it says they use 2048 ElGammal (which is log-based, as Schneier mentioned) for public key crypto. I think this means I2P could be safer from the NSA than Tor.

The important bit, the one that has value to *me*, is that it can hide my identity. It can hide the identity of people who are afraid of oppression, it can hide the identity of whistle blowers, it can hide the identity of people asking for help.

Actually, no, it can't. You're thinking of i2p, not Tor.

If you're confused, you need to read up on the major flaws and vulnerabilities in Tor that allow the NSA or enough controlling entities to de-anonymize anyone using Tor. In fact, the more Tor exit nodes, the easier it is.

The tremendous spike in users using Tor could be both in reaction to the NSA news, or proactive from the NSA ramping up their use of Tor to more-rapidly de-anonymize the traffic coming across those exit nodes.

Great post, Qubes looks interesting.
The rest of this reply is because I am unfamiliar with the https://geti2p.net/ address.

Here are the internet addresses from www.i2p2.i2p/index.html i.e. from inside i2p

https://geti2p.net/
https://geti2p.net/

www.i2p-project.de
www.i2p-project.de

https://www.i2p2.de
https://www.i2p2.de

The last one is probably the most common and can also be found on the Wikipedia page about I2P.

"more to the point has someone done a distributed tor like social network with client side encryptions and easy key exchanges for adding new friends?"

Yes, they have. Like Tor, it's slow. Like Tor, it draws shady characters. Worse than Tor, you'll possibly be exposed to child porn sites - it's notorious for Lolita and Pedobear crap. But, it's there.

http://www.i2p2.de/

Make of it what you will - if enough people start using it, maybe the Lolita crowd will be less visible.

The solution to this problem is to setup an group of I2P outproxies inside of Japan's networks. It will take some time for Japan to catch up to current technologies, if they're only getting around to targeting Tor as late as now.

Also, is Japan trying to copy China, or something?

http://www.i2p2.de/bittorrent.html

It's called i2p: http://www.i2p2.de/

Remember... most pirates are kids anyway, so they probably can't afford a VPN out of their own pocket.

On the other hand, there's still I2P and I guess it's going to happen the same thing that happened when HADOPI went into effect in France... huge influx of new I2P users.

Escalation is a two-way street.

I've been running I2P for the last few days, and it seems to me to be one step towards a future of darknets or secure anonymous networks. Since it works as a network layer, it can support other services running on top of it - so you already have blogs, email, IRC and anonymous sites called 'eepsites'.

Technologies sometimes don't get adopted right away, but need some kind of tipping point before they become widespread. I wonder if this kind of censorship bullshit will drive more people to look for alternatives to communicate online without fear of detection or blockade.

I for one wouldn't mind permanently migrating onto an anonymous network like this- but for the fact that there's very little content here. I2P right now seems to be the best approach - tackling anonymity and cryptography at the network layer instead of running as one application, but there's very few people on it now.

Decentralizing doesn't really help, since it doesn't change the fact that Bittorrent works by advertising the IPs of the nodes and the torrents they're downloading/seeding.

What you'd need is something like onion routing, where it's hard to know who you're sharing with, even with centralized trackers.

Luckily, that exists in the form of Bittorrent over I2P.

You mean like an Invisible Internet Protocol?

.I2P

http://www.i2p2.de/

You should look into I2P: http://i2p2.de/

I use it, love it, also love the freenet, but the problem is those are "another net" not "the net". They will help you transfer files past the iron curtain. They will not help you log into youtube and facebook.

The problem is almost exactly like trying to replace ms office with openoffice.org. Whiners will not be satisfied with "doing about the same thing", they'll used it as a whining point unless they can get it exactly the same down to the pixel and last decimal point.

Check out i2p.

a *huge* hassle for end users.

Hassle?

http://www.i2p2.de/ No hassle at all.

I was trying out iMule and saw that it uses a network layer called i2p that supports any application that can run using a proxy. You might want to give it a try.
i2p is available at http://www.i2p2.de/
Here's a description of i2p from the introduction:
-----
"I2P is a scalable, self organizing, resilient packet switched anonymous network layer, upon which any number of different anonymity or security conscious applications can operate. Each of these applications may make their own anonymity, latency, and throughput tradeoffs without worrying about the proper implementation of a free route mixnet, allowing them to blend their activity with the larger anonymity set of users already running on top of I2P.

Applications available already provide the full range of typical Internet activities - anonymous web browsing, web hosting, chat, file sharing, e-mail, blogging and content syndication, newsgroups, as well as several other applications under development.

Web browsing: using any existing browser that supports using a proxy.
Chat: IRC, Jabber, I2P-Messenger.
File sharing: I2PSnark, Robert, I2Phex, PyBit, I2P-bt and others.
E-mail: susimail and I2P-Bote.
Newsgroups: using any newsgroup reader that supports using a proxy."

Easy to fix when you use user agent switcher, ghostery, better privacy, noscript, google sharing, cloned mac addresses and torbutton.

Check out http://www.decloak.net to see how anonymous you are.

It's hard to beat Tor for anonymous public web browsing, but i2p is already a better darknet.

Did you mean I2P??? http://www.i2p2.de/

It too can be compromised by MIM. Otherwise, yes, I think it is superior to TOR. Downside is, not enough people use it to make it worthwhile.

I2P sports end-to-end encryption. Arbitrary tunnels between computers. Darknet capabilities. Integrated bittorrent. Anonymous and encrypted websites. P2P naming services.

If you need transparent encryption between nets, while preventing sniffers and MITM-attacks, I believe I2P can be a great fit. I wonder what performance a custom version restricted to the LAN might yield, given that it's already many orders of magnitude faster than FreeNet?

I2P: http://www.i2p2.de/

Instead of re-inventing the wheel Why not try out a existing darknet in the form of Freenet http://freenetproject.org/ or i2p http://www.i2p2.de/

Unofficial Wikileaks mirror on I2P
Yes, the full link really is that long. That is because I2P does not fully rely on domain names... that b64 string is the site's public key which is also it's address.

* You need the I2P software (a FOSS project and free download) to use both of the above address. *

The announce thread for the I2P mirror is here.

Once the info for the new site propagates through the network, you can even access the I2P mirror *without* the I2P software using this URL. Of course, using this method you won't be anonymous.

A word about I2P: It's a network that provides anonymized IP-like communication using methods similar to Tor, but designed to handle torrents and other large loads efficiently. It is also less centralized than Tor, and taking down even 90% of the nodes (incl original ones) should still leave it running and accessible. It also has facilities for automatically mirroring files and sites. One downside is that configuring your browser to use the I2P Web is a manual process that must be done carefully. Overall though it seems to be pretty impressive.

Many secure peer-to-peer systems exist, generally based on cryptography; often they provide more security than centralized systems.

For instance, Tor uses secure cryptography to provide anonymity in a way that just wouldn't work in a centralized system. i2p uses cryptographic security as well.

Default Tor traffic, for normal websites like google.com, go through exitnodes. At the exitnodes, everything needs to be decrypted unless it's ssl or similarly encrypted at the application layer. Additionally the traffic is also directed to the REAL IP address. Combined with cleartext, it is quite a big risk actually.

Basically, an exitnode needs the decrypted data for usual http / decrypted traffic, and is a heaven for snoopers and adversaries wanting to do man in the middle-attacks. Even SSL becomes insecure, since such a node gets the power to present fake ssl-certificates, so unless you're careful, or running Firefox with its annoying warning pages, you can be bitten even when using internet bank accounts. It's also easier to snoop SSL at such exitnodes, since you can just harvest keys and do very deep packet inspection, unless keys are transferred in another medium (how it always should be).

Of course, since Tor is used by people seeking anonymity, the reward is higher for snoopers who want to find them. Besides, being an exitnode is a low barrier of entry to become a snooper as well, since every "shady character" is sending data your way. So do good research before using Tor, as care must be taken to preserve anonymity. Don't just run Tor and forget it.

When using hidden services, everything is encrypted along the whole route. The onionrouting will ensure high barrier of entry for adversaries and snoopers. So such hidden services is indeed more "secure" than using google.com (which you can bet is giving APIs to governments and highest bidders to snoop on us), and any other "normal" internet service, including your ISP..

What exitnodes and Tor is good at is this:
Privacy: As in being one "dissident" among thousands of other voices. As long as you don't leak private information in any way, which excludes plugins, java and javascript (disable all such things now, even images can be "unsafe" unless you've anonymized your DNS requests).
Speed: Snoopers of course wants to snoop on you with the utmost efficiency, so the exitnodes are blazing fast servers, which will be faster than relying on random nodes for reaching a "hidden service".

But privacy may quickly be offset by bad research, usage of Tor or even unreleased attacks. Security threats may leak private information in the blink of an eye, especially when using exitnodes.
Don't use Tor unless you REALLY REALLY need it (like getting killed), and do good research and proper setup of the entire machine. Preferably use a prebuilt VM like JanusVM.
Or use Tor if you don't really care and want to try a new thing, but don't act surprised when your identity is leaked..

Using this duck-search engine thingy is off limits, since it requires javascript. Forget it. You might as well use google.com or another hidden service which has no javascript requirements.

If you like anonymity, I like I2P better than Tor. It has a nice community and does have more safe defaults than Tor. In I2P, outproxies, another word for exitnodes, are heavily disencouraged. Instead they're trying to build an entire network of hidden services, to do anonymous search, email, bittorrent, irc, websites, etc. INSIDE the darknet itself. It is like this article, but everything else is built inside the network itself as well. It's a huge project, with lots of volunteers.

I recommend reading on their site how it works, you'll find they address much more issues than most other "darknets", and is open source and seems "honest" about what they know and don't know:
http://www.i2p2.de/

But you never know..

I'd suggest you read up on I2P. It is not as simple as to block some ports, since I2P utilizes a random port per node. You'd have to do deep packet inspection on the encrypted traffic. I'm not sure how big the I2P-fingerprint is, but my guess is you could disguise the traffic as ssh, https or similar traffic easily, if not already done so.

I also countered the legitimate argument in the original post, suggesting we start using I2P for *any and all* content, also legitimate ones. Then the courts, which ideally represents the population, will have a hard time cracking down on I2P as a whole, unless you live in China or other human rights breakers..

If your ISP blocks incoming connections, I2P will still work automatically, as long as your tunnel is using at least 1 hop, which is default for new tunnels. Then other anonymous nodes will act as "incoming server" for you..

Please check out http://www.i2p2.de/how.html for more.

Point is: Internet is inherently insecure and untrustworthy. It is already heavily monitored, and Man-In-The-Middle attacks are possibly more rampant than we'd like to think it is.

I2P is already general-purpose enough to replace most features of internet v1, and already addresses most issues of anonymity and transparent encryption elegantly.

While politicians and the lawyers fight over the freedom of internet v1, it's not such a bad idea to stand on another leg in a more secure network, built on top of the old internets.

All the more reason to move over to I2P, or other general darknets, which can provide application-agnostic anonymous networking with end-to-end encryption. Why wait for the inevitable when we can build a secure internet on top of the old one?

With I2P, there are no central DNS servers and, the ISP / IP-address of a specific service is ideally not knowable, neither are the ISP / IP-addresses of visitors to e.g. a political website. I2P being p2p, no authority has the power to shut down a site, prevent visitors using services in the I2P "darkcloud" or even snoop on the network activities (without using leaking honeypots, assimilating keys somehow or perform (D)DOS attacks). I2P uses random ports, so it's not as simple to block as blocking a portrange either. Being based on p2p coupled with encrypted tunnels, I2P resists most common attacks, even by formidable adversaries such as governments. You can run any website, any type of application, over I2P, however care must of course be taken to eliminate "identity leaks" in the application layer, even though the network-layer takes care of most anonymity, encryption and p2p.

So if you are to host "objectionable" content, whatever that may mean across the globe, I'd suggest taking a peek at I2P, as the "normal" internuts seems to be screwed in the short/mid-term. Heck, we should probably start using I2P for any and all purposes, so that I2P content is "legitimate" and equally protected from being censored and snooped upon in the first place.

I2P main site as a start. It's java and open source, so easily cross-platform and performs well (for a Java app anyway):
http://www.i2p2.de/

If your ISP is monitoring your network, then it doesn't really help to post as Anonymous Coward, since they can easily link you to that post anyways. This is doubly so for any "black" sites you visit, or if you're not doing SSL or similar encryption (are you, really?).

Slashdot also can link who you are to your activities here. Think you are anonymous just because you tick that box above the form field? Think again. Your IP address can easily be linked to your posts, even when you think you're being careful..

But there is a way to be anonymous and do things on the web. It's called I2P. It's got anonymous bit torrent, anonymous web pages, anonymous email, irc etc. Neither you or those you connect to, knows the other's IP address through I2P. Using carefully crafted applications ensures no information is leaked out through the application layer as well.

In this climate, doing *anything* on the web, exposes you alot, even if it is legal stuff, but you never know who's watching. Is that modem router really just a dumb box, or is it logging every site you're connecting to? Do you pop up in databases for investigators to analyse? You don't really know.

http://www.i2p2.de/

Not affiliated or anything, but this is a real and free solution to censorship and spying. Why shouldn't we utilize it to create a free internet, free from corporate scumbags, and free to explore possibilities that authoritarians try to shut down every day?

I2P will allows real anonymous P2P communication using any technology, although you should be sure to use an application not leaking your identity.

Therefore I2P also includes anonymous bittorrent (IPSnark), webmail, "eespsites" (an anonymous www using http), IRC, etc. It works out-of-the-box with no modifications.

You can also tunnel your own applications, for private use, like a distributed Hamachi, although it will be slower, it works across firewalled hosts with no inbound connections.

Using I2P, you can do bittorrent, without exposing your traffic as "bittorrent traffic" to your ISP, or your real IP-address to peers (DHT, PeerFinder etc. will expose your real identity real quick). It will be a bit slower, but since each node is contributing to this "darknet", "the more the merrier" applies. I2P should scale and is in active development - open for more developers.

http://www.i2p2.de/

No affiliated with I2P, but would like more people to protect their internet usage against censorship and spying. Since I2P is encrypted end-to-end, it'll give sufficient protection for now.

Have you tried I2P? It's an encrypted anonymous network (since 2003) that is actually designed for 'sharing' large amounts of data at high speeds that depend more on your hardware than the network itself. (I've shared at least a few terabytes myself).

It's different than TOR since it is an 'internal' style network, with only one 'out' connection to the actual internet. There are _no_ exit nodes or other 'trusted' people on the network. It has it's own websites (that people set up - you can too), bittorrent trackers (comes with a built-in anonymous bittorrent client, i2psnark), mail (which can be sent to regular internet sites like gmail), forums, and chat. More features are being added, and lots of people are using it and getting involved.

So don't think it's just for sharing movies. I've gotten leaked docs and banned books, talked liberally with others on sensitive topics, and done a lot of other things that IMHO other people don't need to know. Privacy and freedom of access and speech are not simply privileges, they are "God given" rights. If those in power won't give it to us, then it is up to us to make it happen.

Check it out (works on almost any system). Jump zone is here:

Home page: http://www.i2p2.de/

Downloads: https://www.i2p2.de/download

Have you tried I2P? It's an encrypted anonymous network (since 2003) that is actually designed for 'sharing' large amounts of data at high speeds that depend more on your hardware than the network itself. (I've shared at least a few terabytes myself).

It's different than TOR since it is an 'internal' style network, with only one 'out' connection to the actual internet. There are _no_ exit nodes or other 'trusted' people on the network. It has it's own websites (that people set up - you can too), bittorrent trackers (comes with a built-in anonymous bittorrent client, i2psnark), mail (which can be sent to regular internet sites like gmail), forums, and chat. More features are being added, and lots of people are using it and getting involved.

So don't think it's just for sharing movies. I've gotten leaked docs and banned books, talked liberally with others on sensitive topics, and done a lot of other things that IMHO other people don't need to know. Privacy and freedom of access and speech are not simply privileges, they are "God given" rights. If those in power won't give it to us, then it is up to us to make it happen.

Check it out (works on almost any system). Jump zone is here:

Home page: http://www.i2p2.de/

Downloads: https://www.i2p2.de/download

Someone please just tell me: are they nailing down a protocol spec first so that we can all do our own interoperable implementations, or at least all contribute code, and so not have the time wasting nightmare that was the Freenet project?

They've done better than that: they've written the code, bundled it into a convenient cross-platform installer, documented everything, and ported a ton of apps to run on top of it, including BitTorrent clients, web servers, anonymous email and IRC. It's all free as in speech and free as in beer, and there's a supportive community of developers and users.

Yeah, I know, I couldn't believe it either. It's called I2P.

http://www.i2p2.de/

Considerably more secure than TOR, but not any faster.

And, the donations most needed by any such community, is the donation of BANDWIDTH. Exit nodes, or the lack of exit nodes, are the most limiting factors with any of the darkweb softwares.

We need to have a project that aims to unite all the privacy projects out there to make something good come out of it, using the power of the crowd with free software in a privacy respecting matter but in a much more powerful way that can actually serve people...

Here are some projects or ideas that deserves to be noticed:

An openID with privacy features:
http://openprivacy.org/

P2P social networks / research:
http://www.movim.eu/
http://www.peerson.net/

P2P search:
http://yacy.net/

P2P SIP:
http://www.blyon.com/blog/index.php/2009/06/22/p2p-sip-uri-dialing/

Encryption:
http://code.google.com/p/cryptsetup/

P2P encrypted networks:
http://www.i2p2.de/
http://freenetproject.org/

Augmented reality / group mapping:
http://www.openillusionist.org.uk/documentation/doku.php?id=site:home
http://www.biomapping.net/

Mesh:
http://robin-mesh.wik.is/

I envision a setup where our cell phones or little home servers (open ones, like the n900 or better) can connect to each other via mesh, have open social infrastrcture running on them routed over an I2P layer so nobody knows who is talking to who and you have total control as to who/when/what is seen by your peers.

These setup have cameras that can use such network to create massive collaborative networks to document a situation or location. Be it a manifestation where you relay real time camera from all angles with sound level maps and other sensors to augmented reality group interaction and other crazy ideas.

This is more broad that what is discussed here as it touches all OSI layers and ask for a shift toward a p2p infrastructure at all level respecting and working for the user and independance from middle man as much as we can.
Of course a distributed DNS might have to be worked on too. I think these research are fundamental to the survival of freedom online as we knew it ...

There's another anonymizer on the block, and it's called I2P (Invisible Internet Project). Offers end to end encryption, a hardened web-based bittorrent client, anonymous mail, anonymous webserving and a whole host of other services. More info at: http://i2p2.de/ or http://geti2p.net/

Yeah, Tor isn't designed for bulk data transfers. If you want to use BitTorrent anonymously, via onion routine, try I2P instead—but make sure to configure your client properly. The actual peer connections need to go through I2P, not just the communication with the tracker. There's a built-in web-based client that's correctly configured by default. All the peers have to be inside I2P, of course; you couldn't join a non-I2P swarm without giving away your real IP address anyway.

Think of I2P as an onion-routed (Tor-like) anonymous network with web, email and bittorrent services built in.

It's been done already.

Rather popular in France and Germany, and growing a lot in the USA and elsewhere:

I2P is a general-purpose network anonymizer with built in web, email and bittorrent. You can download other apps for it, too, like a chat messenger and a distributed filing system. There is also a version of eMule available for it called iMule.

I2P was made to host data services in-network, so it is something of a darknet. It shares some of the concept behind TOR, but outproxies are the exception and it is quicker (though not nearly as quick as direct Internet access). If you have some patience and can live with 25KBytes/sec then it should fit the bill for you and provide peace of mind.

How long until we have BitTorrent with TOR and encryption built in?

TOR wasn't designed to handle large P2P transfers. The only anonymous network I've seen that is robustly handling torrent traffic is I2P. One you install it and set the proxy on your browser, just go to tracker2.postman.i2p to see what is on the most popular tracker.

The I2P software is open source and comes with anonymized email, bittorrent and http software built in. Other programs either written for or adapted to I2P are available, such as Tahoe-LAFS file system and iMule. I2P just recently got a new plugin architecture to make it easy to distribute new apps to interested users, and they could use some coding talent on the many ideas bouncing around on the main forum site.

It seems that I2P aims to be very TOR-like in terms of internal routing and anonymizing capability (they call it "garlic routing"), but in a mostly darknet fashion. This means that the trackers, torrents and web sites you visit through I2P will be 'inside' the anon network. However, there are 'gift' gateways to regular www as well as to freenet and TOR. Another difference with TOR is that all running I2P 'clients' are also routers and route at least a minimal amount of traffic for the network (this increases anonymity because there is no built-in "exit node" capability). Yet another difference is that the I2P network is supposed to be less centralized, though I'm not intimate with the code and can't say for sure.

http://www.i2p2.de

This alternative is humming along fine. Its only about as fast as Tor, but supports full anonymity along with mail, websites, torrents (these first 3 are built-in), chat and custom apps.

When will we wake up and build a mesh network permitting an end-run around the Powers That Be?

I2P Open source for review and improvements, only problem is that it is rarely discussed...for some reason?

Not much you can do at that point besides feel sorry for their citizens.

If the government really didn't care, I would agree with your point. However, I think they really do care.... They have just realized that in the current circumstances, it's more effective to keep wearing the happy face and lose some trust than to open up and try to improve legitimacy.

However, it's a really precarious balance. It works right now because the government has the power to keep most people quiet. This way, not as much talk is spread, and only a few people at a time get upset enough about the lying and oppression to really start trying to affect change, and those few people can be stopped. However, there are tools which are a threat to that balance because they let people be really noisy about the lies and rile other people up. They've evidently identified Gmail as one of these threats, and are now blocking it.

The act of blocking Gmail shows that they care a lot about what people are saying about the lies. At the same time, it shows us that there is something we can do besides feel sorry for their citizens-- and that's advance the tools that let people be noisy. We're a geeky bunch, and we've all heard of them before: Tor, I2P and Psiphon all help people communicate openly. All of those organizations could use your support, whether that's donating money or just running a Tor relay. And if you're really committed, all of those organizations have open positions!

I know that it seems like this is totally out of our control sometimes, and often I feel like there's nothing I can do besides just go, "damn, I'm sorry," but actually, it turns out that we really want to, we can help.

Pay-for proxy services are only as trustworthy as the company that runs them, and their security.
Decentralized anonymizing networks such as Tor and I2P do not require that users trust a single entity.

So why not contribute to those instead?

You don't need encryption, you need anonymity.
There are a few networks like OneSwarm and GNUnet and you can run a Gnutella network or BitTorrent on top of I2P. Don't expect to find much, though.
You can also sign up for an anonymous VPN service like Relakks and continue to use whatever you are used to.

You don't need encryption, you need anonymity.
There are a few networks like OneSwarm and GNUnet and you can run a Gnutella network or BitTorrent on top of I2P. Don't expect to find much, though.
You can also sign up for an anonymous VPN service like Relakks and continue to use whatever you are used to.

You don't need encryption, you need anonymity.
There are a few networks like OneSwarm and GNUnet and you can run a Gnutella network or BitTorrent on top of I2P. Don't expect to find much, though.
You can also sign up for an anonymous VPN service like Relakks and continue to use whatever you are used to.

Your wish is my command

I don't really know if it's a very good solution technically, but I proxy all my tracker communications through I2P (and encrypt my transport). I tried using I2P's native BitTorrent client, but the network is pretty slow (about the half the speed of normal BT).

I wonder how long it is before someone comes up with a purpose built anonymizing P2P system.

You mean like I2P?

http://i2p2.de