Tor says it’s "still safe" amid reports of police deanonymizing users - eviltoast
    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      Use OpenVPN configured to look like HTTPS if you really need it. I2P is meant to be its own network, not a gateway to the clearnet. I still do not see how it has less measures in place for privacy and anonymity.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        OpenVPN does not provide Onion routing and is not the same thing. You are comparing apples and oranges. Tor is well proven and battle tested. It also has the benefit of being well known and easy to use.

        • MigratingtoLemmy@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 months ago

          OpenVPN -> I2P.

          I2P has been around for 20 years, it is plenty battle-tested. I do not see why you’re wanting to put down I2P in favor of TOR, I still do not see how I2P is in anyway inferior in its privacy (and for the most part, anonymity) features compared to TOR. The OpenVPN addition solves your need for something akin to snowflake/TOR bridges. It is not what I2P was meant for but there’s a way if you want to use it.

          If your complaint is about I2P needing some configuration and time to use properly; that’s a trade-off the end-user needs to decide. This doesn’t have any effect on its features regarding anonymity in the I2P network. Please give me technical reasons why you think TOR can preserve your anonymity better on the TOR network than I2P can do so on its network (I have arguments in favor of I2P that I would like TOR to implement but I don’t think they can)

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 months ago

            I2p states on there website that it has potentially serious weaknesses. Also i2p has been victim to multiple attacks that shutdown the network. Furthermore, i2p DNS lacks something to be desired and finding pages can be challenging. In comparison Tor is much easier to use and requires little bandwidth. I can browse the internet but I can also access onion addresses. To say i2p is somehow a replacement for Tor is not true as i2p is considerably more complex. I use both Tor and i2p and Tor is easier to use by far. I2p has the advantage to being properly decentralized and supporting way more configuration options.

            Both have there strengths and weaknesses. However, if you are in a critical situation use Tor not i2p as today it is the best for bypassing censorship while still trying to stay safe.

            • MigratingtoLemmy@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              3 months ago

              I2p states on there website that it has potentially serious weaknesses.

              The only relevant pages I found are I2P’s threat model and the comparison between I2P and TOR:

              Please cite your sources so everyone can understand the reasoning for your claims of I2P being weaker than TOR.

              Oh, and A LOT of the attacks mentioned in the page on threat models is/was possible on TOR. The I2P project follows TOR carefully and implements some of their features/mitigations too.

              If we’re talking specifically about brute-force DDOS, BOTH TOR and I2P faced these issues. The good thing about I2P is that it is more decentralized than TOR which can sometimes make it easier to mitigate.

              Your points about I2P’s directory (not sure what you mean by DNS here) can be lumped together with your complaints about usability. This DOES NOT make TOR inherently more private, secure and anonymous than I2P, it just means that somebody on Windows can download the TBB and start browsing (in albeit a not-very-secure way). Unless you missed the news, I2P now has a slick Windows installer so people don’t have to fiddle too much with it.

              You’re going to have to give me evidence for me to believe that using I2P makes a substantial dent in your available bandwidth. Yes you’re a router in the network but it doesn’t mean that you’re passing through traffic at GB/s speeds.

              i2p is somehow a replacement for Tor

              I never said that. Again, I’m not comparing I2P and TOR based on their usability (which has changed in the recent years), I’m comparing them in terms of anonymity on the wider internet when browsing using either protocol. Both TOR and I2P are great projects, the problem is that TOR is significantly more centralized.

              However, if you are in a critical situation use Tor not i2p as today it is the best for bypassing censorship while still trying to stay safe.

              Cite your sources for this. This is mere conjecture unless you have proof of metadata leakage on I2P but not on TOR/actual people getting caught using I2P but being safe on TOR. I’m sure the I2P Devs would be very interested too. If you’re in restrictive regimes like Iran and China where TOR/I2P traffic is flagged - use a bridge or a VPN disguised as HTTPS traffic and hope for the best (it’s a perpetual cat and mouse game).

              Again, please cite your sources when making claims about technical shortcomings of I2P