Invisible Internet Project (I2P)
geti2p.netWhy don't pirates switch to I2P? I know it's slow, but doesn't the speed go up the more high-bandwidth users and relay operators there are? Or am I missing something? Is it just inertia that's keeping everybody on non-I2P-routed BitTorrent?
The issue I have with i2p is that it enforces all clients to be exit nodes, too. It makes the peer system stronger, but also legally vulnerable.
[update: this isn't true anymore, there's a config flag now available that fixes this and outproxy=false is defaulted. See [1]]
The issue I have with i2p is that it enforces all clients to be exit nodes, too
This is not true. Seriously, you could at least read i2p faq before explaining other people how it works.
This wasn't true in the past either. I2P would share bandwidth with other nodes, but not out to the public internet. It was always built as an anonymous network with various services hosted in it. Basically it's like a stripped down robust version of Tor that only has hidden services. HTTP proxies to the public internet are just a hidden service essentially. Unless you chose to set up one yourself it never just allowed random I2P nodes to proxy out to the public internet through your connection.
Even if you were an exit node (see sibling), is this really so? Have eg Tor exit nodes been held legally responsible for eg copyright infringement? Sounds highly counterintuitive.
> Have eg Tor exit nodes been held legally responsible for eg copyright infringement? Sounds highly counterintuitive.
In Germany that's the case. Up until four years ago, it was legally impossible to offer free Wi-Fi for restaurants and other venues; and they now have to track at least every legal name of customers that use their Wi-Fi in order to not be held responsible as the Wi-Fi owner.
Technically they would have also to track a photo/ID of each customer if there weren't the GDPR/DSGVO in place that prevents that.
There's also still debate whether or not you have to have passwords in place in order to be not held responsible, which means that customers would have to "register a personal Wi-Fi account" as it's the case with city-provided Wi-Fi access points that are linked to your legal name and address.
That's what the EuGH decided with [1] and [2], the German Bundesgerichtshof before that decided that it's enough to track names only which led to the case being escalated to the European court by Sony Music.
[1] https://dejure.org/dienste/vernetzung/rechtsprechung?Gericht...
[2] https://curia.europa.eu/jcms/upload/docs/application/pdf/201...
I’d like some comparison to Tor, which I’m somewhat familiar with. Can anybody help me out?
Protocol-wise they're pretty similar except I2P uses a variant of onion routing called "garlic routing" which allows for message bundling (I don't know if this is currently used beyond bundling for delivery status messages and lease sets). I2P also has unidirectional circuits as opposed to Tor's bidirectional ones which means unlike Tor hidden services where you build a bridged circuit using a rendezvous point, in I2p each side has a pair of unidirectional tunnels for send/receive. I2P is also packet switched as opposed to circuit-switched, which can possibly make it more resilient to traffic-analysis attacks and lead to better load balancing of resources.
Otherwise the main differences seem to be design-wise, where in Tor you rely on a centralized bootstrap to get the list of relays whereas I2P does this via decentralized NetDb.
Roughly it's like Tor (though I think the transport is not necessarily like Tor), except it's closed. You can only communicate with others on the I2P network. Some I2P users may choose to operate an "outproxy" and provide Internet access but it's not built into the network or software. What is (or was, it's been awhile) built in is a torrent client.
It's also written in Java and the router web UI was pretty snazzy from what I remember.
The design is also more decentralized than Tor. It's also been a while, but I think the client runs a router node by default. This provides extra anonymity, because your own traffic is hidden in the other traffic you're routing. As I recall, the security/performance tweaks in the Web UI allowed you to set how much traffic you allowed through your node.
> This provides extra anonymity, because your own traffic is hidden in the other traffic you're routing.
Tor's take on the common proposal to do this is at
https://2019.www.torproject.org/docs/faq.html.en#BetterAnony...
and notes this threat model issue:
> There are some cases where it doesn't seem to help: if an attacker can watch all of your incoming and outgoing traffic, then it's easy for them to learn which connections were relayed and which started at you. (In this case they still don't know your destinations unless they are watching them too, but you're no better off than if you were an ordinary client.)
(I'm not mentioning this to criticize I2P's design, just to point out that the benefit you get from this decision depends a lot on your threat model!)
There is a C++ implementation that is pretty nice:
There was also Kovri (a fork of i2pd made by the Monero project) that sadly appears to be dead now.[1] It could have greatly increased the number of nodes on I2P.
Unlike Tor, I2P supports UDP which lets you use bittorrent, but since I2P doesn't have exit nodes, you can only bittorrent with others on I2P.
I think it would be cool to have sort of... Call it IFN - invisible family network or many VFLAN - virtual Family LAN.
Some way of networking just your family members.
Zerotier is great for this.
How does one find services available on I2P?
There's a few I2Psites that track other I2Psites (and share hosts.txt files). You can subscribe to these (attaching *.i2p domains to their respective long base32 links). By default stats.i2p and a few others are in your address book.
There used to be some I2P-only search engines but I'm not sure if they exist anymore.
Can someone summarize the differences between I2P and Freenet?
I2P is basically just an anonymous network layer. It doesn't store files, proxy to the internet, run a web server, etc. All it does is anonymously connect standard servers and clients.
Freenet on the other hand is an anonymous content distribution system. You can't use it to connect arbitrary network services together, it's only good for storing and retrieving files. Nodes on Freenet each store encrypted pieces of data but it's computationally hard to figure out what data a particular node is storing unless you have the key to access it. Files are prioritized based on popularity so old files that no one has accessed in a while and the original host is gone can just be lost forever. It's similar in some ways to bittorrent swarms. Over time as a torrent becomes less and less popular you're likely to run into issues finding a seeder that's still around.