Opened 7 years ago

Closed 6 years ago

#881 closed enhancement (no response)

Default SOCKS client tunnel

Reported by: dg Owned by:
Priority: minor Milestone: 0.9.9
Component: apps/i2ptunnel Version: 0.9.4
Keywords: Cc:
Parent Tickets: Sensitive: no

Description

<dg|NLOE6JDTZMXRI> you don't use proxy settings by default :p
<dg|NLOE6JDTZMXRI> it's not like tor
<dg|NLOE6JDTZMXRI> you create tunnels
<dg|NLOE6JDTZMXRI> PROPOSAL: We have a SOCKS proxy in i2p by default to reduce confusion

Pros:
<dg|NLOE6JDTZMXRI> 1) Easier to explain, get going with i2p
<dg|NLOE6JDTZMXRI> 2) Already used to this behavior if coming from Tor
<dg|NLOE6JDTZMXRI> 3) Shows users that this is possible, sometimes proxying IS desirable and tunnel creating is lame
<PVBYHESNLY> 3) don't have to set up client tunnels for every fucking thing
<PVBYHESNLY> 4) WORKS WITH TORSOCKS

Cons:
<dg|NLOE6JDTZMXRI> Cons:
<dg|NLOE6JDTZMXRI> 1) People do not realize how to even into client tunnels (maybe) (unlikely)
<dg|NLOE6JDTZMXRI> this is a good idea
<dg|NLOE6JDTZMXRI> why didn't this happen already
<dg|NLOE6JDTZMXRI> i'd rather this than a fuckload of client tunnels
<dg|NLOE6JDTZMXRI> I mean, personally, I love client tunnels
<dg|NLOE6JDTZMXRI> But not everyone does.

I believe this would help users coming from Tor as well as simplify getting started with I2P.
Why not? We already have a default HTTPS proxy which AFAIK, nobody uses.. so why not this?

Subtickets

Change History (5)

comment:1 Changed 7 years ago by Eche|on

We are not Tor. SOCKS is not a solution to everything (e.g. HTTP/IRC filtering).
So I vote against setting SOCKS as default tunnel type.
HTTP is well known and very fine under control, SOCKS is not.
I2P is not a SOCKS proxy at all.
Also defaulting all traffic through one SOCKS tunnel will open up some correlation and security problem to the users. Using more than one destination is always a good idea.

https is setup by default for every new install since a few years, free to use by the users, we cannot force people to use it ;-)
Currently it is also just routed to a Tor gateway which routes it to the world.

But if you want to create a SOCKS Outproxy, go ahead. Set it up, make it reliable, make it known, and it will be added to the default setup.

comment:2 in reply to:  1 ; Changed 7 years ago by dg

Replying to echelon:

We are not Tor. SOCKS is not a solution to everything (e.g. HTTP/IRC filtering).
So I vote against setting SOCKS as default tunnel type.
HTTP is well known and very fine under control, SOCKS is not.
I2P is not a SOCKS proxy at all.
Also defaulting all traffic through one SOCKS tunnel will open up some correlation and security problem to the users. Using more than one destination is always a good idea.

https is setup by default for every new install since a few years, free to use by the users, we cannot force people to use it ;-)
Currently it is also just routed to a Tor gateway which routes it to the world.

But if you want to create a SOCKS Outproxy, go ahead. Set it up, make it reliable, make it known, and it will be added to the default setup.

Yes.. I know it's not a SOCKS proxy. The point was that client tunnels can be confusing to newbies and for someone that wants to just "get going", it's easier to have a SOCKS proxy ready.
Anonymity issues are noted, not so concerned about IRC filtering but HTTP could be an issue. As for correlation.. surely we have that same issue by using shared clients for all of the default client tunnels? (IIRC, that's the case. If not all, most.).
This has nothing to do with an outproxy. HTTPS tunnel was an example of something that isn't used so much yet still in by default, wasn't an attack on it.

There is already a SOCKS IRC tunnel then a SOCKS generic. Is SOCKS HTTP which filters plausible - if so, we could bundle two/three SOCKS proxy tunnels by default; one for IRC, one for HTTP, [one for * else]. Not the original idea, however. ;-)

comment:3 in reply to:  2 Changed 7 years ago by DISABLED

There is already a SOCKS IRC tunnel then a SOCKS generic. Is SOCKS HTTP which filters plausible - if so, we could bundle two/three SOCKS proxy tunnels by default; one for IRC, one for HTTP, [one for * else]. Not the original idea, however. ;-)

Webkit=based browsers can't into SOCKS proxies

comment:4 Changed 7 years ago by zzz

Component: unspecifiedapps/i2ptunnel
Milestone: 0.9.50.9.9

As others have stated above:

  • We have a SOCKS tunnel type, it's just not configured or enabled by default
  • There is no public SOCKS outproxy
  • Every popular browser supports HTTP proxies
  • SOCKS proxies are not secure, better to have proxies for each protocol to sanitize things
  • Yes, setting up a client tunnel per-use is lame, that's why we provide SOCKS, SAM, and BOB tunnel types, and they are documented, at least minimally
  • SOCKS is in no way easier to explain or use than HTTP
  • We are not Tor

Perhaps the real issue the OP is getting at is that we need better documentation of our SOCKS proxy?

comment:5 Changed 6 years ago by zzz

Resolution: no response
Status: newclosed

No response, closing. Please reopen if you respond.

Note: See TracTickets for help on using tickets.