The Invisible Internet Project

The setup and that it routes over several randomly chosen nodes to self-contained sites reminds of Freenet. How does i2p compare to it?

Announcing the latest release of I2P+ (2.3.0+), a soft-fork of the Java I2P software with an emphasis on presentation, performance, and usability.

Now available for download as an update or a full universal installer for Windows, Linux, BSD and MacOS (Java 1.8 or later supported):

Torrents: http://tracker2.postman.i2p/index.php?view=TPoolDetail&id=1256 Direct downloads via i2pplus.github.io or skank.i2p or via the Tor .onion mirror Git source access: https://gitlab.com/i2p.plus/I2P.Plus/ or http://git.i2p/I2P.Plus/i2p.plus

Recent Changes

• Add a toggle on /configui to activate alternative display font for console and default webapps
• Auto-refresh for /netdb and /stats
• Iconized navigation links in the console configuration section
• Visibility toggle for the settings panel on /graphs
• Fix wrapper (service) issue for new non-Windows installs via universal installer
• Add a peer congestion caps count on /netdb
• Add addresshelper icon link for servers on tunnel manager index if a hostname is configured
• Add auto-refreshing session bans page to /profiles
• Improvements to console and webapp themes
• Console logging improvements

Notes

• The full installers now implement https:// access to the console by default (port 7667); you will need to allow the (self-signed) certificate when prompted in your web browser to access the console. To disable automatic redirection, add the following to your router.config file in ~/.i2p/ -> routerconsole.redirectToHTTPS=false

Installation

Windows

If you have installed I2P from the Easy Installer Bundle, this will need to be uninstalled first and your I2P configuration directory renamed or deleted. For best results and to avoid issues, please ensure any previous I2P installation is uninstalled before proceeeding with the I2P+ installation. You may also wish to rename or remove your existing i2p configuration folder (usually located at %appdata\i2p) to benefit from a clean install with the default I2P+ configuration. Ensure you run the installer as Administrator to avoid issues. Oracle Java JRE (>=1.8) or Microsoft OpenJDK 17 (https://www.microsoft.com/openjdk) recommended. For newer versions of the JRE, or alternative JDK packages, you may need to extract the install.jar from the self-extracting exe file and, as administrator, run the command: java -jar install.jar The installer will install I2P+ as a Windows system service and configure to automatically start at system boot (requires administrator privileges). Control of the service can be managed via http://127.0.0.1:7657/configservice or via the normal Windows methods e.g. services.msc or the task manager services tab.

Linux / BSD / MacOS

Launch the installer (a .jar file with a Windows-specific .exe wrapper which will be ignored) by typing: java -jar ./i2pinstall_2.3.0+.exe at a command prompt, or java -jar ./i2pinstall_2.3.0+.exe -console for a headless (non-GUI) installation. For a console installation, you will need to specify the full installation path (usually /home/user/i2p/) or the installer will use the current directory as the install path.

This release contains fixes for CVE-2023-36325. CVE-2023-36325 is a context-confusion bug which occurred in the bloom filter. An attacker crafts an I2NP message containing a unique messageID, and sends that messageID to a client. The message, after passing through the bloom filter, is not allowed to be re-used in a second message. The attacker then sends the same message directly to the router. The router passes the message to the bloom filter, and is dropped. This leaks the information that the messageID has been seen before, giving the attacker a strong reason to believe that the router is hosting the client. This has been fixed by separting the bloom filter's functionality into different contexts based on whether a message came down a client tunnel, an exploratory tunnel, was sent to the router directly. Under normal circumstances, this attack takes several days to perform successfully and may be confounded by several factors such as routers restarting during the attack phase and sensitivity to false-positives. Users of Java I2P are recommended to update immediately to avoid the attack.

In the course of fixing this context confusion bug, we have revised some of our strategies to code defensively, against these types of leaks. This includes tweaks to the netDb, the rate-limiting mechanisms, and the behavior of floodfill routers.

This release adds not_bob as a second default hosts provider, and adds notbob.i2p and ramble.i2p to the console homepage.

This release also contains a tweakable blocklist. Blocklisting is semi-permanent, each blocked IP address is normally blocked until the router is restarted. Users who observe explosive blocklist growth during sybil attacks may opt-in to shorter timeouts by configuring the blocklist to expire entries at an interval. This feature is off-by-default and is only recommended for advanced users at this time.

This release also includes an API for plugins to modify with the Desktop GUI(DTG). It is now possible to add menu items to the system tray, enabling more intuitive launching of plugins which use native application interfaces.

As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.

DETAILS

Changes

• netDb: Throttle bursts of netDB lookups

• Sybil/Blocklist: Allow users to override blocklist expiration with an interval

• DTG: Provide an API for extending DTG with a plugin

• Addressbook: add notbob's main addressbook to the default subscriptions.

• Console: Add Ramble and notbob to console homepage

Bug Fixes

• Fix replay attack: CVE-2023-36325 Implement handling of multihomed routers in the netDb

• Fully copy new leaseSets when a leaseSet recievedAsPublished overwrites a leaseSet recievedAsReply

So what exactly is the reason that i2p has thus far elected not to have a system of "exit" relays which allow users to access the clearnet?

Every time it comes up the question is deflected by saying that i2p is not meant to help anonymize clearnet traffic, but to be its own independent network. But why not both? If it is just not the devs interests then that is what it is, but I'm surprised people in the community really wouldn't want to be able to use i2p to anonymize their clearnet traffic.

I'm trying to access jellyfin remotely over i2p and I want to get the best performance.

Right now I'm having trouble with keeping a stable connection. My connection doesn't need to be fast but it keeps dropping in and out for some reason.

Haven't tried it myself yet, but it does look interesting.

This release will switch us back to a roughly quarterly cycle, with a tentative release date in mid to late June.

Major Changes:

• Explicit handling of inbound messages

• Virtual Contexts in Bloom Filter/Replay Prevention

• DTG API available to Plugins

• Configurable blocklist expiration

I'm new to I2P, so this post will probably contain misunderstandings.

Since I2P takes on the order of hours after initial launch to build out a usable network of tunnels, does it make sense to use on a laptop which is regularly being put to sleep? Does suspension of the machine (disconnection from the network) completely cut off all tunnel progress, and it needs to restart the building from scratch when awoken?

Is the only practical way to use I2P from a laptop to have it running on a separate machine which is on all the time and remote connecting to it, like shown here?

How cool wouldn't it be to have IPFS working in I2P? Someone thought of it in 2016 already, but it seems that it's not a priority according to a comment in 2021.

Maybe some day a bored developer will look at this and go "I know what I'll do today..."

Apparently we're not the only i2p community in the fediverse.

@[email protected] is another resource for you guys to check out.

Someone with a better understanding of lemmy can probably link it, but I don't know how to yet.

Someone made a list of i2p sites they know about and that they consider "safe".

I have installed i2pd from the Manjaro package, and everything seems to be working fine, I can access i2p sites without problem. However I can't access my local console and everything that entails because I get the the following error

Proxy error: Outproxy failure

Host 127.0.0.1 is not inside I2P network, but outproxy is not enabled

I have tried enabling the outproxy (or at least uncommenting all the lines that include the word outproxy in the default i2pd.conf, and setting outproxy.enabled = true), it makes no difference

I'm using foxyproxy to enable and disable the proxy as needed. If it's disabled, or if I use firefox's internal proxy settings, I get s standard "firefox can't find this site" page, so it's clearly doing something!

This is probably a really obvious mistake I'm making with a three second fix, but I have hit a wall and don't know what I'm doing!

So this Lemmy instance is officially no longer a one man show. Welcome IDK as moderator and he's also an SME for the I2P project.

This is a lua library which communicates with i2pcontrol using the I2PControl json-RPC interface and has the ability to query information about the router and apply settings to the router. As a demonstration of what it does it comes with a conkyrc file which uses it to display I2P Router Stats on your Linux desktop. It will graph the bandwidth send and received, and the exploratory tunnel build rates over time.

If you're curious about the cryptographic changes in I2P there's a video about that here.

It gives a brief description as well.

The changes are already implemented.

If you're a windows user and want to check out I2P then perhaps this easy installation package works for you? Should install the router and configure a fairly secure Firefox browser for you.

Please be aware that it takes a few minutes from when you click the icon until you get any sort of feedback when you start it up. Like 3-5 minutes. Just be patient.

BiglyBT has been kind enough to explain how to enable I2P and what you can do with it. It's a good guide that should help you get started with I2P Torrenting, if that's your thing.

All resources look official, by name and by images. Maybe it's better to highlight the community part since using the projectname directly has the appearance of being official or endorsed.

I stumbled on this community out of the blue, and read the FAQ (sounds interesting). May I provide a suggestion for newbs such as me: Please add a 'Why/What' section at the very beginning of the FAQ. Specifically, What problem does The Invisible Internet Project address, and why (in 1-2 sentences) does the Invisible Internet Project's solution work. I see the "The I2P network is an Overlay Network. The Invisible Internet Project began in 2002 and has been active since that time.", but it does not start with why I2P is needed, and what the overall goals of the project are. The next block is "how", which should be after "what" and "why our solution".

After reading, i think I understand, but I almost clicked off when I had to dive through the text to understand what was going on. Only thing that kept me here was the interesting name of the community. A blurb at the top of the FAQ would be very beneficial for people like me. (and maybe open comments on the FAQ to allow for suggestions to improve the FAQ). Subscribed to see the project and community grow.

Hi so I'm following the docker compose section on Installing I2P in Docker, the docker image pulls and deploys fine but how do I make it so the router is accessible outside its own network as can't get to http://127.0.0.1:7657/ as the container is running inside a virtual machine. Is there any way to change the config so I can access the router via the LAN IP address instead of the loopback IP?

It seems like what i2p is doing largely overlaps with what tor does. How do the two compare, and why would you use one over the other?

@i2p If I tweet at a sublemmy does it make a new thread?

At least I hope I am.