Invisible Internet Project.....
Roll Over Tor, Nate Drake explores the strengths of the shadowy I2P network.
Disappear into the I2P with Nate Drake as he introduces the new Tor+ ultra-secure system.
TI2P (The Invisible Internet Project) is a form of ‘darknet’ allowing users to visit web pages, chat, blog and even BitTorrent securely. A more detailed technical rundown is forthcoming but for now it’s enough to know that this anonymous peer to peer network provides the strongest protection against attempts to unmask your location and/or identity. This is mainly because it has been built from the bottom up with privacy in mind, but it also is largely unknown in privacy circles when compared to more popular alternatives such as Freenet or Tor. We are sure you can appreciate the irony.
Readers interested in their own security may well already be aware of Tor and its trusty companion the Tor browser bundle. (See www.torproject.org if not). Tor is also designed to anonymise your connection on the internet. The method used to achieve anonymity through I2P is similar to Tor’s. In fact, one of the safest ways to access I2P’s own ‘eepsites’ is to use the Tor Browser Bundle or the custom I2Pbrowser in the TAILS Operating System.
As such, is I2P trying to reinvent the wheel, given that we already have Tor? In order to answer this question, it’s essential to understand Tor’s weaknesses. Tor uses ‘onion routing’—a process for sending data anonymously over networks. Packets of data are encrypted and sent through multiple nodes run by volunteers throughout the world.
Each Tor relay only knows the previous location of an encrypted packet as well as the next node to which it is being sent. It’s like peeling an onion; individual layers only touch those immediately in front and behind them. All the others remain totally separate to the others.
Paths for data through the Tor network (known as ‘virtual circuits’) are chosen randomly and when data packets reach their destination they can be decrypted to display information such as a web page. Each new request involves another random path of encrypted data being passed through multiple nodes making your location extremely hard to trace.
The Tor project is quite candid: onion routing isn’t perfect. By default, for instance, Tor makes no attempt to conceal the
“I2P uses unidirectional ‘tunnels’ to either send or receive data.”
fact that you are accessing its network so an adversary may not be aware what you’re accessing but will know you are attempting to hide something. Tor also cannot protect data at the boundaries of its network. In other words, if an adversary can monitor data both entering and exiting the network it can perform ‘end to end correlation’ of traffic
This was readily demonstrated by Harvard student, and all-round silly sausage, Eldo Kim in December 2013 who used Tor and a disposable email address to send fake bomb threats in an attempt to avoid his final exams. Kim blundered however by using the University’s own Wi-Fi network, so it was a simple matter of checking who was using Tor on campus at the time–the lone Tor user was Eldo. Even those not silly enough to avoid using the same wireless network as a recipient cannot always protect themselves fully. A shadowy government organisation, for instance, who can see traffic both entering and leaving the Tor network across state borders may still be able to trace your location
People accessing the ‘clearnet’ (regular internet) through Tor are forced to rely on ‘exit nodes’ to relay content. Tor cannot, by design, protect your traffic against this, so if you access information on a page not protected by SSL, a malicious person running a Tor exit node may not only be able to discern your location but glean details about sites you visit, emails you write and even potentially passwords
Finally, filesharing via BitTorrent over Tor is discouraged as it can potentially leak your real IP address and places an undue strain on the network.
Tao of I2P
I2P is preconfigured to provide a greater level of privacy out of the box. In the first place, every I2P peer participates in routing data to others. Every ten minutes a connection is established between an I2P user’s machine and a peer. There are no entry and exit points to compromise. This makes it much harder to match any transfer of data over the network to you specifically. Messages are also encrypted and bundled together making it almost impossible to distinguish which belongs to you in particular. This is known as ‘garlic routing’.
Instead of establishing virtual two way ‘circuits’ to transfer data as with tor, I2P uses unidirectional ‘tunnels’ to either send or receive data. This doubles the number of nodes that an adversary would need to compromise before they even have a hope of accessing your information, as well as making it harder to determine the type of data requested e.g. a web page. Unlike Tor’s virtual circuits, I2P’s tunnels are short-lived making them harder to trace.
I2P is also designed specifically to make use of hidden services. Accessing eepsites is generally much faster than navigating through Tor’s .onion domains. This is put to good use by I2P’s built in Bittorrent client I2PSnark ( seeTorrenting WithI2PSnark,overthepage), which uses trackers provided by its own network to allow you to download files anonymously.
I2P benefits from ‘security by obscurity’ due to its smaller user base it hasn’t been targeted as much [that’s what they want you to think!–Ed] by law enforcement, as was the case in 2013 when the FBI allegedly placed malicious JavaScript in certain pages running Tor hidden services to reveal the public IP address of users.
Choose your browser
Having sung I2P’s praises, hopefully by now you are eager to plunge in and download the Java installer. The I2P program itself acts a local proxy, the idea being that you can configure your web browser or similar to channel traffic through it.
The software running I2P is called the I2PRouter and when following the instructions in our guide ( seeright), by default it will open up the router console’s main page in your default browser. The router software will need some time to establish connections to enough peers to work well.
Once I2P is running you will need to configure a web browser to use the local proxy in order to be able to access eepsites with the extension .i2p. Note that even if you do this, normal ‘clearnet’ websites such as www.linuxformat.com will continue to load in the same way.
This is excellent in that you can continue to use your normal web browser as before, but bear in mind that when visiting regular websites your location and web traffic will be as visible as ever. This means you could be identified through the process of ‘browser fingerprinting’. This form of surveillance analyses browser settings such as screen size, language and plugins to build a picture about you. There’s also the risk when visiting clearnet websites of accidentally installing malware.
In light of this, try to install a separate dedicated browser to access .i2p sites. The Tor Browser bundle while primarily designed to help you access the Tor network, can be used for this purpose. Better yet, it’s based on a long term support version of the MozillaFirefox browser with a selection of plugins which enhance privacy, reducing the risk of browser fingerprinting. You can even still access tor hidden services as well as I2P’s if you wish. ( SeeGarlicandOnionbox,previous page,forstepsonhowtosetthisup.) If you are ultra-paranoid (we hope you are), consider downloading the privacy
I2Peeved
conscious operating system Tails: https://tails.boum.org. Tails – which stands for The Amnesiac Incognito Live System – can be run directly from a DVD or USB stick leaving no trace on your computer after use.
Tails 2.5 (covered in Features, p34, LXF216) has a dedicated I2P browser, saving you the trouble of downloading and setting up your own. Simply hit Tab when booting, hit the Spacebar and add the word i2p to your boot parameters.
I2P sites can only be accessed via the Tails I2Pbrowser while all other traffic is channelled through the Tor network and the browser is run from a dedicated user account, further increasing your anonymity. I2P can only promise anonymity within its own darknet. If you choose to check your Gmail inbox online at the same point you’re accessing an eepsite, although it may not be possible to know what you were doing on I2P an adversary may be able to prove you were online. Read the Choose your browser section carefully and pick accordingly. If you must use your regular web browser to access I2P, consider opening pages in a private window which won’t record your history.
The tutorial for installing I2P assumes you have an implementation of Java on your machine, such as ‘OpenJDK’. The OpenJDK website has installation instructions for all major versions of Linux at http://openjdk.java.net/install. Ubuntu, for instance, needs to enable the universe and multiverse repositories.
If you’re using a Debian-based distro such as Ubuntu, Linux Mint or Knoppix, you can also install I2P without using Java at all by adding the relevant repositories. See https:// geti2p.net/en/download/debian for more information.
As eepsites have to be maintained by active nodes, they can quickly fall out of use. Visit http://identiguy.i2p for a list of active .i2p sites.
While I2P speeds compare favourably with Tor, the default bandwidth of 32Kbps will not result in very zippy browsing. Consider increasing your bandwidth from the router configuration page at http://localhost:7657/config.jsp.
I2P like Tor can be vulnerable to ‘intersection’ attacks where an adversary periodically analyses the nodes which are online while you are using the network. The resources required for this are immense given that I2P tunnels that are used to transfer data vanish quickly. For a full rundown of this and other threats which might reveal your identity and/or browsing habits visit https://geti2p.net/en/docs/how/
threat-model. Although this tutorial has focused on web browsing via I2P, the network is capable of much more such as email and IRC chat through use of the application I2PTunnel. See https://geti2p.net/en/docs/api/i2ptunnel for more.
Enhancements can be made to the I2P Router software through adding plugins via the Configuration page ( http://127.0.0.1:7657/configplugins). One extraordinarily useful application is I2PBote ( http://i2pbote.i2p), which provides an end-to-end, anonymous email system, capable of sending messages to regular email addresses as well as those ending in .i2p.
I2P is still technically beta software and hasn’t been subjected to intensive peer review. As ever, take a compartmentalised approach to your privacy. If you have suggestions or feedback about your experience with I2P, head over to https://geti2p.net/en/get-involved for details of the team’s IRC channel and their eepsites.