So whats everyones take on i2p vs tor?
are there any clear benefits to one vs the other aka pros and cons?
honestly im familiar with tor to an extent - used it for years on various platforms - but im no wiz and ive only recently been turned onto i2p
Whatever seedy hook you choose, use a VPN. Traffic isnât encrypted. Only you can prevent sKids.
I2P does not encrypt the Internet, neither does Tor - for example, through Transport Layer Security (TLS). I2P and Tor both aim to transport your traffic as-is securely and anonymously over the corresponding network, to its destination. Any unencrypted traffic generated at your system will arrive at the outproxy (on I2P) or the exit node (on Tor) as unencrypted traffic. This means that you are vulnerable to snooping by the outproxy operators. One way to protect your outproxy traffic against this is to ensure that any traffic that will be handled by the outproxy is encrypted with TLS.
For more information, you may read the Tor FAQâs answer to this question: How can we help? | Tor Project | Support
In addition, you may be vulnerable to collusion between the outproxy operator and operators of other I2P services, if you use the same tunnels (âshared clientsâ). There is additional discussion about this on zzz.i2p. This discussion has been mirrored on our forums as well.
Ultimately, this is a question that only you can answer because the correct answer depends on your browsing behaviour, your âthreat modelâ(I2P's Threat Model - I2P), and how much you choose to trust the outproxy operator.
sKids = script kiddies who run or compromise large bandwidth exit and/or outbound servers and vacuum up plaintext.
3 Likes
Itâs all broken and you should assume everything you do on a computer, especially one connected to the internet, is being permanently recorded. The actual device you use is probably the most damning, since it likely contains Intel vPro/ME (basically a frontdoor). It doesnât matter how audited and secure the source code is for the software/OS you run if Intel/AMD has the keys to OOBM integrated in your CPU/chipset. Tor is a tool funded heavily by various US Alphabet agencies such as the DARPA and was created(or at least popularized/pushed) by the Navy. There are multiple examples of âthe USâ using 0days to exploit users and it is difficult to audit the network due to its anonymity structure unless you control a ton of nodes.
i2p is similarly broken, it uses java, and probably should be treated as compromised software as well. Assuming (big assumption) that you can use a physical device securely âthe clearnetâ can easily be used to transfer messages that might go unnoticed for some time and when they are found might take an exorbitant amount of processing power to decode. Using a VPN/tor/i2p/Yggdrasil and other similar overlay networks may just put you on a list and draw more attention.
Here are a few links which might interest you.
Libreboot â Libreboot project
Steganography - Wikipedia
Using GPG to Encrypt Your Data - HECC Knowledge Base (nasa.gov website)
https://devcodetutorial.com/faq/what-is-a-ciphertext-only-attack-and-how-otp-is-unbreakable-using-this-attack
As previously mentioned, itâs all about
Trying to stop someone at starbucks from intercepting your bank info, use a vpn. Trying to stop the alphabet boys from reading your email, gooooood luck.
11 Likes
https://tails.boum.org/ on a burner netbook on open wifi only using some socks. Your welcome.
And donât forget the â10 Hack Commandmentsâ
