I2P is a generic anonymous and secure peer to peer communication layer. It is a network that sits on -top of another network (in this case, it sits on top of the internet). It is responsible for delivering -a message anonymously and securely to another location. More tech details are -available
++ I2P is a generic anonymous and secure peer to peer communication layer. It is + a network that sits on top of another network (in this case, it sits on top of + the internet). It is responsible for delivering a message anonymously and + securely to another location. More tech details are + available +
It means that you can do things anonymously and host services anonymously from your computer. -You will need to use programs that are designed to work with I2P, though in some cases you can use -regular internet programs with I2P by creating something called an -I2PTunnel
++ It means that you can do things anonymously and host services anonymously from + your computer. You will need to use programs that are designed to work with + I2P, though in some cases you can use regular internet programs with I2P by + creating something called an I2PTunnel +
Data transferred via I2P is anonymous and encrypted. Regular internet traffic is not -(although it can be encrypted). If you set up a web page using I2P, nobody will know who -you are. If you browse a web page using I2P, nobody will know who you are. If you transfer -files using I2P, nobody will know who you are.
++ Data transferred via I2P is anonymous and encrypted. Regular internet traffic + is not (although it can be encrypted). If you set up a web page using I2P, + nobody will know who you are. If you browse a web page using I2P, nobody will + know who you are. If you transfer files using I2P, nobody will know who you + are. +
An eepsite is a website that is hosted anonymously - you can access it by setting your web browser's HTTP proxy to use the web proxy (typically it listens on localhost port 4444), -and browsing to the site.
++ An eepsite is a website that is hosted anonymously - you can access it by + setting your web browser's HTTP proxy to use the web proxy (typically it + listens on localhost port 4444), and browsing to the site. +
Yes - the I2PTunnel eepproxy includes a hook to use an anonymously hosted outbound proxy -(squid.i2p). If you have your browser set to use the web proxy, if you type -http://google.com/ your request will be routed through I2P to the outbound proxy.
++ Yes - the I2PTunnel eepproxy includes a hook to use an anonymously hosted + outbound proxy (squid.i2p). If you have your browser set to use the web + proxy, if you type http://google.com/ your request will be routed through I2P + to the outbound proxy. +
I2P is working to support militant grade anonymity, but we're not there yet. You should not -use I2P if you need your anonymity - there are likely bugs and perhaps other issues, and it -has not gone through sufficient peer review. However, we're confident that we'll get to the point -that we can provide anonymity strong enough even for militantly subversive political action (so it -should be fine for you to chat online with your friends)
- -An important point to note is that I2P does not provide anonymity or security of content -after it is transferred - you can still download and run a virus, or even submit your full name -and bank account numbers on an eepsite. I2P only tries to provide communication security and anonymity - -what you say or do is up to you.
++ I2P is working to support militant grade anonymity, but we're not there + yet. You should not use I2P if you need your anonymity - there are + likely bugs and perhaps other issues, and it has not gone through sufficient + peer review. However, we're confident that we'll get to the point that we can + provide anonymity strong enough even for militantly subversive political + action (so it should be fine for you to chat online with your friends) +
++ An important point to note is that I2P does not provide anonymity or + security of content after it is transferred - you can still download and run a + virus, or even submit your full name and bank account numbers on an eepsite. + I2P only tries to provide communication security and anonymity - what you say + or do is up to you. +
For this too, there are several answers. Short summary is "the best it can". Briefly, I2P attempts to defend against several forms of denial of service @@ -57,27 +76,36 @@ what you say or do is up to you.
To prevent individual users from consuming excessive resources (registering
too many tunnels, sending too many messages, looking up too many entries in
- the network database, and creating too many router and destination identities),
- various messages and identities have a certificate attached to them. Currently
- these certificates are blank, but down the line they will be filled with
- IIP Wiki: HashCash - a computationally expensive collision based on the contents of the
- message or identity. They can also be filled with other certificates as deemed
- necessary (e.g. a blinded certificate from an anonymous certificate authority,
- a receipt for real currency payments, etc). It is also believed that through this
- certificate attachment system I2P will be able to overcome the sybil attack.
-
+ the network database, and creating too many router and destination
+ identities), various messages and identities have a certificate attached to
+ them. Currently these certificates are blank, but down the line they will be
+ filled with
+ IIP Wiki: HashCash
+ - a computationally expensive collision based on the contents of the
+ message or identity. They can also be filled with other certificates as
+ deemed necessary (e.g. a blinded certificate from an anonymous certificate
+ authority, a receipt for real currency payments, etc). It is also believed
+ that through this certificate attachment system I2P will be able to overcome
+ the sybil attack.
Other denial of service attacks include creating a few thousand high quality I2P routers, running them for a week, and then taking them all offline. This - indeed may force the creation of islands within the network, but the underlying - Network Database is built off of a modified Kademlia, - which should allow the network to recover with minimal overhead (though, of course, - if a router has literally no other peers left after the bad ones leave, that router will - need to 'reseed' - fetch a reference to another router through some other mechanism). + indeed may force the creation of islands within the network, but the + underlying Network Database is built off of + a modified Kademlia, + which should allow the network to recover with minimal overhead (though, of + course, if a router has literally no other peers left after the bad ones + leave, that router will need to 'reseed' - fetch a reference to another router + through some other mechanism).
+