Changes between Version 57 and Version 58 of faq


Ignore:
Timestamp:
Sep 15, 2010, 1:20:02 PM (9 years ago)
Author:
darrob
Comment:

some clean-up; trying to break text into more paragraphs

Legend:

Unmodified
Added
Removed
Modified
  • faq

    v57 v58  
    66
    77 * __Why do I need I2P?__
    8    * Privacy, a central tenet of human rights, is seeing a rapid erosion around the world as goverments, in league with big media, seek to infringe privacy in the interests of suppressing copyright infringement. The Hadopi Law in France, the Digital Economies Act in the UK and the proposed firewall in Australia are but 3 examples of increasingly repressive legislation that undermines vital freedoms. In addition, repressive governments that seek to censor the internet and punish those that attempt to express themselves politically are also looking to gain even more control over the internet, and their citizens by extension. If you're a whistleblower or political dissident, the case for I2P is clear. If you're an "average Joe", the freedoms you take for granted today may well be lost tomorrow. Be in no doubt, free flow of information requires your active participation, and by running I2P you're not only helping youself but also others who may have their freedom threatened. If you want to preserve the notion of online privacy, running I2P should be a no-brainer!
     8   * Privacy, a central tenet of human rights, is seeing a rapid erosion around the world as governments, in league with big media, seek to infringe privacy in the interests of suppressing copyright infringement. The Hadopi Law in France, the Digital Economies Act in the UK and the proposed firewall in Australia are but 3 examples of increasingly repressive legislation that undermines vital freedoms. In addition, repressive governments that seek to censor the internet and punish those that attempt to express themselves politically are also looking to gain even more control over the internet, and their citizens by extension.
     9   * If you're a whistleblower or political dissident, the case for I2P is clear. If you're an "average Joe", the freedoms you take for granted today may well be lost tomorrow. Be in no doubt, free flow of information requires your active participation, and by running I2P you're not only helping yourself but also others who may have their freedom threatened. If you want to preserve the notion of online privacy, running I2P should be a no-brainer!
    910
    1011 * __I've heard of Tor. What's different about I2P? Should I use both?__
    11    * I2P and Tor are both anonymizing tools that run on a variety of platforms, and serve the interests of similar users. Where Tor sees its primary role as a platform for circumventing censorship on the net at large and providing the tools to evade direct monitoring by governments, ISPs etc, I2P takes a slightly different approach. Where Tor creates a two-tier system of clients and relay nodes, I2P by default puts every user in the role of both client *and* relay. However, unlike Tor, by running I2P there is no risk of takedown notices or worse, since I2P keeps all the traffic hidden and encrypted end-to-end. Tor facilitates access to the net at large, and therefore exposes itself, and its users, to some risk of monitoring and legal intervention. Since everything in I2P happens within I2P, there is no risk of external monitoring by ISP's or governments. In this sense, Tor is more a conventional proxy onto the net at large, whereas I2P is a darknet implementation. In short, we recommend you use I2P for the darknet it provides, and Tor as a privacy tool to facilitate access to the net at large. They're great companion tools for anyone interested in online privacy.
     12   * I2P and Tor are both anonymizing tools that run on a variety of platforms, and serve the interests of similar users. Where Tor sees its primary role as a platform for circumventing censorship on the net at large and providing the tools to evade direct monitoring by governments, ISPs etc, I2P takes a slightly different approach. Where Tor creates a two-tier system of clients and relay nodes, I2P by default puts every user in the role of both client '''and''' relay.
     13   * However, unlike Tor, by running I2P there is no risk of takedown notices or worse, since I2P keeps all the traffic hidden and encrypted end-to-end. Tor facilitates access to the net at large, and therefore exposes itself, and its users, to some risk of monitoring and legal intervention. Since everything in I2P happens within I2P, there is no risk of external monitoring by ISP's or governments. In this sense, Tor is more a conventional proxy onto the net at large, whereas I2P is a darknet implementation.
     14   * In short, we recommend you use I2P for the darknet it provides, and Tor as a privacy tool to facilitate access to the net at large. They're great companion tools for anyone interested in online privacy.
    1215
    1316 * __What is the difference between I2P and Freenet, TOR, JonDoe.__
     
    1821
    1922 * __Is it safe? Has the code been audited? __
    20    * I2P is an open source project, and as such the source code is transparent and available for review. This of itself prevents back doors being slipped into the code, since anything suspicious would be subject to the review of the developers who would be quick to notice discrepancies. Furthermore, permission to commit sourcecode to our repository is conditional upon permission from our repository manager; there are only a handful of developers with such permission, which means the likelihood of "rogue" code is minimal. Given the nature of the project (protecting privacy online), security is at the forefront of the design, and is in a state of constant revision and improvement. We have yet to undergo a 3rd party review of the code, largely because no one has come forward to offer to audit it. In the event we secure significant funding, an independent audit of the code would be something we'd be interested to commission. If you're a java coder with a particular interest in cryptography, we'd welcome any code reviews and resultant suggestions to improve our security model. We cannot absolutely guarantee the saftey of the software; that we use it everyday ourselves here at I2P HQ should indicate a level of confidence.
     23   * I2P is an open source project, and as such the source code is transparent and available for review. This of itself prevents back doors being slipped into the code, since anything suspicious would be subject to the review of the developers who would be quick to notice discrepancies. Furthermore, permission to commit source code to our repository is conditional upon permission from our repository manager; there are only a handful of developers with such permission, which means the likelihood of "rogue" code is minimal.
     24   * Given the nature of the project (protecting privacy online), security is at the forefront of the design, and is in a state of constant revision and improvement. We have yet to undergo a 3rd party review of the code, largely because no one has come forward to offer to audit it. In the event we secure significant funding, an independent audit of the code would be something we'd be interested to commission. If you're a java coder with a particular interest in cryptography, we'd welcome any code reviews and resultant suggestions to improve our security model.
     25   * We cannot absolutely guarantee the saftey of the software; that we use it everyday ourselves here at I2P HQ should indicate a level of confidence.
    2126   * ''duck: splendid stuff, suggest rephrasing to atleast mention privacy / anonymity. safe is too generic.''
    2227 
    2328 * __Is my router an "exit node" to the regular Internet? I don't want it to be.__
    2429   * No! You're confusing Tor and I2P! By default an I2P installation will only ever route traffic within the network for others, rendering it unmonitorable by your ISP or government. Your ISP may notice that you're connecting over encrypted channels to other machines on the network, but the nature of those communications will be entirely undiscoverable. In I2P teminology, an "exit node" is what we call an "outproxy", or connection to the wider net. It's possible to function as an outproxy in I2P, similar to how exit nodes operate in Tor-land, but that requires manual configuration on the part of the I2P user.
    25    
    26    By default, everyone on the network participates in the network to help route traffic for other I2P users. We do not configure an "outproxy" on a default installation, so the only traffic a default I2P installation will route will be for other I2P routers (nodes) within the network, encrypted and anonymous by design.
     30   * By default, everyone on the network participates in the network to help route traffic for other I2P users. We do not configure an "outproxy" on a default installation, so the only traffic a default I2P installation will route will be for other I2P routers (nodes) within the network, encrypted and anonymous by design.
    2731 
    2832 * __What is syndie and is it still active?__
     
    4145 * __How does I2P bootstrap?__
    4246
    43  * __how do the I2Prouters find each other? In public routing there are HELLO packets like in OSPF - but i don't know how it works in a virtual net... read something about garlic routing, but there is no explanation about " how the router find eachother in detail" there must be a central instance which is the first point of contact, or ?
     47 * __how do the I2Prouters find each other? In public routing there are HELLO packets like in OSPF - but i don't know how it works in a virtual net... read something about garlic routing, but there is no explanation about " how the router find eachother in detail" there must be a central instance which is the first point of contact, or ?__
    4448   * '' RN: this question popped up in #-2p-help, and the person asking did not wait long enough for an answer, it expands the question above, and is probably too long but I put it here to illustrate what new i2people want to know... and I'll answer it as best I can..''
    4549   * ''RN'': When a new i2p router first starts up, it contacts sites that distribute some initial 'seeds'  These are information about other routers and are stored in your netDB.  They expire after a while, so that's why i2p does not ship with default seeds installed.  Once your router has been running a while, it gets information about other routers that it connects to (through the ones it already knows) and stores those as well, this is why your Known-Peers number displayed in the console goes up over time; and why, if your internet connection goes down, the number goes down since it gets no response from each router it tries to contact.
     
    6165
    6266 * __What do you mean by "no trusted parties"?__
    63     * No trusted parties is an expression used in cryptography/privacy circles to indicate the nature of a network. It means, in essence, that there is no centralized infrastructure that needs to be relied on (and trusted) for I2P to function correctly, and furthermore, the design of I2P is explicitly such that centralized servers that assume critical roles withhin the network are not used. To compare and contrast, Tor uses trusted parties for its "directory servers" to map the network topology.
     67    * ''No trusted parties'' is an expression used in cryptography/privacy circles to indicate the nature of a network. It means, in essence, that there is no centralized infrastructure that needs to be relied on (and trusted) for I2P to function correctly, and furthermore, the design of I2P is explicitly such that centralized servers that assume critical roles withhin the network are not used. To compare and contrast, Tor uses trusted parties for its "directory servers" to map the network topology.
    6468
    6569 * __Do I need to mess with my router to get I2P to work? Do I need to port forward to participate?__
     
    7579 
    7680 * __Is using an outproxy safe? (What are these inproxies and outproxies?)__
    77    * Inproxies are services which allows an user from the regular internet have a look into the anonymous network of I2P. So ... the opposite of this is an outproxy. An Outproxy allows you to visit websites of the regular internet through the anonymous network of I2P. Is it safe? It depends on what you are doing with that. Never use an unsecure connection (http w/out "s") to send privat data like username with passwords. The operator of an outproxy can log your informatione if he wants to do that. You don't know what happens with your information which leaves the I2P net through an outproxy. In I2P your connections are safe with encryption of your data. At the outproxy your information will be decrypted and send out unencrypted to the regular internet.
     81   * Inproxies are services which allow users from the regular internet to have a look into the anonymous network of I2P. So ... the opposite of this is an outproxy. An Outproxy allows you to visit websites of the regular internet through the anonymous network of I2P.
     82   * Is it safe? It depends on what you are doing with it. Never use an insecure connection (http w/out "s") to send private data like passwords. The operator of an outproxy could log your information if he wanted to. You don't know what happens with your information which leaves the I2P net through an outproxy. In I2P your connections are safe with encryption of your data. At the outproxy your information will be decrypted and sent out unencrypted to the regular internet.
    7883
    7984 * __Steganography rants__
     
    8287
    8388 * __Isn't I2P encouraging copyright infringement?__
    84     * I2P is a network. We provide a framework for encrypted, anonymous communication. How our users choose to use these freedoms is entirely their call. Some people may feel more comfortable engaging in practices that may put them in some risk in the "wider world", such as filesharing, over I2P, but we don't explicitly take a view on this, save to ensure that publicly visible content on the network doesn't actively infringe on criminal legislation. Note that, to date in most regimes, copyright infringement is a civil law, or tort, and not a criminal infraction.
     89    * I2P is a network. We provide a framework for encrypted, anonymous communication. How our users choose to use these freedoms is entirely their call. Some people may feel more comfortable engaging in practices that may put them in some risk in the "wider world", such as filesharing, over I2P, but we don't explicitly take a view on this. ''We try (?)'' to ensure that publicly visible content on the network doesn't actively infringe on criminal legislation.
     90    * Note that, to date in most regimes, copyright infringement is a civil law, or tort, and not a criminal infraction.
    8591
    8692 * __Criminal Activity (snuff/bestiality/cp/terrorism etc)__
    87    * Through the provision of a dns overlay that allows I2P users to map b32 public encryption keys to a memorable .i2p domain, users can have easy to remember domains on I2P for their webservers etc, though it's entirely optional. If a service is made available this way and is seen to contain questionable material, revoking the service's .i2p domain is likely to happen. If a service operator chooses not to make his service visible this way, then it's much harder to discover the service, and more or less impossible to shut it down. Similarly, the main torrent tracker on I2P, http://tracker2.postman.i2p also implements some fundamental requirements with regard to content that prohibits certain nefarious types of content including, snuff, gore and child pornography.
     93   * Through the provision of a DNS overlay that allows I2P users to map b32 public encryption keys to a memorable .i2p domains, users can have easy to remember domains on I2P for their webservers etc, though it's entirely optional. If a service is made available this way and is seen to contain questionable material, revoking the service's .i2p domain is likely to happen.
     94   * If a service operator chooses not to make his service visible this way, then it's much harder to discover the service, and more or less impossible to shut it down. Similarly, the main torrent tracker on I2P, http://tracker2.postman.i2p also implements some fundamental requirements with regard to content that prohibits certain nefarious types of content including, snuff, gore and child pornography.
    8895 
    8996 * __I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?__
    90     * Although I2P and Freenet share some characteristics, in I2P you are never obligated to store encrypted files for other users on the network; this is a Freenet feature. In terms of accesssing dubious content, the same rules apply as on the net at large: proceed with caution! ''(This answer need rephrasing to fit the question.)''
     97    * Although I2P and Freenet share some characteristics, in I2P you are never obligated to store encrypted files for other users on the network; this is a Freenet feature. In terms of accesssing dubious content, the same rules apply as on the net at large: proceed with caution! ''(This answer needs rephrasing to fit the question.)''
    9198
    9299== In Operation ==
     
    96103 * __I'm missing lots of hosts in my addressbook. What are some good subscription links?__
    97104    * If you try to access an .i2p site only to be told that the address isn't in your addressbook, further investigate that error page! There are links to subscriptions and other useful tidbits of information intended to make your experience on I2P more enjoyable. Please read and digest these messages!
     105        * ''darrob: while this is true the official FAQ should offer a real answer nonetheless.''
    98106 
    99107 * __My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong? __
     
    105113 * __I can't access regular Internet sites through I2P.__
    106114 
    107  * __I2P is running, but I can't get to my gmail (or other regular websites) .. (https://)__
    108    * I2P out of the box provides a web proxy (what we call an outproxy in I2P terminology) to the web at large. Intended for casual, occasional use, this proxy only supports unencrypted traffic, so any website such as gmail that requires an https:// connection will fail. If your proxying needs are more than occasional, we recommend you use Tor in conjunction with I2P to facilitate better access to the web.
    109  
    110  * __I can't access https:// or ftp:// sites through I2P.__
    111     * I2P by default provisions an http or web proxy. Access to other protocols such as ftp:// or https:// is not possible with the default proxy (false.i2p), but may be possible through other user-run services in the network. For a practical solution to this issue, we recommend Tor which is quite happy to route both ftp and https traffic.
     115 * ''merge these''
     116   * __I2P is running, but I can't get to my gmail (or other regular websites) .. (https://)__
     117     * I2P out of the box provides a web proxy (what we call an outproxy in I2P terminology) to the web at large. Intended for casual, occasional use, this proxy only supports unencrypted traffic, so any website such as gmail that requires an https:// connection will fail. If your proxying needs are more than occasional, we recommend you use Tor in conjunction with I2P to facilitate better access to the web.
     118   * __I can't access https:// or ftp:// sites through I2P.__
     119     * I2P by default provisions an http or web proxy. Access to other protocols such as ftp:// or https:// is not possible with the default proxy (false.i2p), but may be possible through other user-run services in the network. For a practical solution to this issue, we recommend Tor which is quite happy to route both ftp and https traffic.
    112120 
    113121 * __How do I connect to IRC within I2P?__
    114122  * I2P comes pre-configured with an IRC tunnel ready to go. You don't need to configure a proxy in your IRC client; simply connect to server 127.0.0.1 port 6668 with I2P running and you'll gain access to I2P's IRC server network. Note that both OFTC and Freenode also host I2P channels, but access via these servers do not offer anonymized access.
     123        * ''darrob: The above explains the old IRC tunnel. Should we change the instructions to the more useful SOCKS5 IRC tunnel?''
    115124
    116125 * __How do I access IRC, BitTorrent, or other services on the regular Internet?__
     
    123132
    124133 * __Why is I2P so slow?__
    125    * There are several reasons for this, not least the overheads placed on network communication by end-to-end encryption. That said, the main reason that I2P is perceived to be slow is the nature of the network itself.. since I2P relies on your upload speeds, or upstream in order to provide service to other users on the network, and the majority of users are running from domestic adsl/cable connections, the speed of service is limited this way. For example, a user with an 8Mbit connection to the network may well only have 256Kb/s upstream; it is the upstream value that determines the speed a given user can offer to the network.
     134   * There are several reasons for this, not least the overheads placed on network communication by end-to-end encryption. That said, the main reason that I2P is perceived to be slow is the nature of the network itself..
     135   * Since I2P relies on your upload speeds, or upstream in order to provide service to other users on the network, and the majority of users are running from domestic adsl/cable connections, the speed of service is limited this way. For example, a user with an 8Mbit connection to the network may well only have 256Kb/s upstream; it is the upstream value that determines the speed a given user can offer to the network.
    126136 
    127  * __What do the Active x/y numbers mean in the router console?__
    128    * x is the number of peers you've sent or received a message from successfully in the last minute, y is the number of peers seen in the last hour or so.
     137 * __What do the Active ''x/y'' numbers mean in the router console?__
     138   * ''x'' is the number of peers you've sent or received a message from successfully in the last minute, ''y'' is the number of peers seen in the last hour or so.
    129139
    130140 * __Is it possible to use I2P as a SOCKS proxy?__
     
    134144  * A typical symptom of a failed reseed is the "Known" indicator (on the left sidebar of the router console) displaying a very small value (often less than 5) which does not increase. This can occur, among other things, if your firewall limits outbound traffic, and blocked the reseed request.
    135145  * To reseed an I2P router manually, do the following:
    136                 * Stop your I2P router
    137                 * Open http://i2pdb.tin0.de/netDb/ or http://netdb.i2p2.de/ using a web browser
    138                 * Save a dozen "routerInfo" files to your I2P "netDb" directory (ignore the "leaseSet" files)
    139                 * Alternate method (easier): Download http://i2pdb.tin0.de/latest.zip and unzip it into your I2P "netDb" directory.
    140                 * Start your I2P router
     146                1. Stop your I2P router
     147                2. Open http://i2pdb.tin0.de/netDb/ or http://netdb.i2p2.de/ using a web browser
     148                3. Save a dozen "routerInfo" files to your I2P "netDb" directory (ignore the "leaseSet" files)
     149                4. Alternate method (easier): Download http://i2pdb.tin0.de/latest.zip and unzip it into your I2P "netDb" directory.
     150                5. Start your I2P router
    141151
    142152 * __I think I found a bug, where can I report it?__
     
    154164     3. Go to http://localhost:7657/index.jsp and hit "Graceful restart", which restarts the JVM and reloads the client applications
    155165     4. After that fires up, you should now be able to reach your console remotely. You will be prompted for a username and password though - the username is "admin" and the password is whatever you specified in step 2 above. Note: the 0.0.0.0 above specifies an interface, not a network or netmask. 0.0.0.0 means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as any LAN/WAN IP.
     166   * ''darrob: also offer the SSH tunnel way.''
    156167
    157168 * __How can I use applications from my other machines?__
    158169
    159170 * __How do I startup I2P automatically on boot time?__
    160     * Ideally I2P should be run as a system service which makes I2P available even before you login to your system. On Windows, we provide a .bat script in the I2P dir to install I2P as a service, and this is the preferrable method on Windows of running I2P. Once the .bat file is run, I2P will automatically run at next boot. In the event you do this, there is no need to manually launch I2P. [Info on installing I2P under Linux/OS X as a service needed, please]
     171    * Ideally I2P should be run as a system service which makes I2P available even before you login to your system. On Windows, we provide a .bat script in the I2P directory to install I2P as a service, and this is the preferable method on Windows of running I2P. Once the .bat file is run, I2P will automatically run at next boot. In the event you do this, there is no need to manually launch I2P. [Info on installing I2P under Linux/OS X as a service needed, please]
    161172 
    162173=== I2Apps ===