1. It doesn’t make you anonymous. Torrent protocol wasn’t designed with anonymity in mind and there are a million ways you’re going to leak your actual IP address.
  2. Tor is a TCP only network.
  3. While this doesn’t give you the anonymity you wanted, it will hurt the network for other users.
  • ReversalHatchery@beehaw.org
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    1 year ago

    It is a different anonymity network, which works differently in many aspects.

    I2P and Tor comparison: https://geti2p.net/en/comparison/tor
    I2P on Bittorrent (mostly a client dev guide, but has some interesting info): https://geti2p.net/en/docs/applications/bittorrent

    Currently BiglyBt supports I2P and it has been that way for quite some time.
    If you use qBittorrent, I2P support will come in version 4.6. you can try it out now with the published release candidate version. Probably other clients are working on it too as the support is coming from the libtorrent programming library, which is used by other clients too.

    Right now, I2P is quite slow in my experience, in terms of loading I2P websites. I hope that it’s just a misconfiguration on my part, or that these specific sites I tried are just overloaded.

    • NuXCOM_90Percent@lemmy.zip
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      7
      ·
      1 year ago

      Near as I can tell:

      Tor is about privacy (and is prone to being compromised but…). So long as the exit nodes are in “friendly” countries and are run by trustworthy individuals (…), you are “safe”. And that is why it is popular among journalists. The downside being that a lot of heinous shit is done on Tor and those exit nodes are potentially liable for them.

      I2P is about avoiding censorship. Everyone is an exit node and cops kicking down doors doesn’t significantly hurt the network.

      But… I would very much NOT use that for torrenting. Because the endpoints can still be detected and recorded. And “I wasn’t downloading that Tay Swizzle concert, I was just letting potentially thousands of other people use my computer to download it… Why did you suddenly start laughing and talking about The Pirate Bay?”.

      And that also ignores the “darker” parts of the dark web. Where, rather than getting a letter from the MPAA you get a visit from Chris Hansen.

      • nybble41
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        1 year ago

        It is not true that every node is an exit node in I2P. The I2P protocol does not officially have exit nodes—all I2P communication terminates at some node within the I2P network, encrypted end-to-end. It is possible to run a local proxy server and make it accessible to other users as an I2P service, creating an “exit node” of sorts, but this is something that must be set up deliberately; it’s not the default or recommended configuration. Users would need to select a specific I2P proxy service (exit node) to forward non-I2P traffic through and configure their browser (or other network-based programs) to use it.

        • NuXCOM_90Percent@lemmy.zip
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          7
          ·
          1 year ago

          Maybe I am missing something but that just feels like you are arguing semantics.

          Traffic exits the sub-WAN from basically any of the computers/nodes in it. So it might not be a Tor Exit Node ™ but it still has all the dangers of it.

          • nybble41
            link
            fedilink
            English
            arrow-up
            9
            ·
            edit-2
            1 year ago

            No, that’s not how I2P works.

            First, let’s start with the basics. An exit node is a node which interfaces between the encrypted network (I2P or Tor) and the regular Internet. A user attempting to access a regular Internet site over I2P or Tor would route their traffic through the encrypted network to an exit node, which then sends the request over the Internet without the I2P/Tor encryption. Responses follow the reverse path back to the user. Nodes which only establish encrypted connections to other I2P or Tor nodes, including ones used for internal (onion) routing, are not exit nodes.

            Both I2P and Tor support the creation of services hosted directly through the encrypted network. In Tor these are referred to as onion services and are accessed through *.onion hostnames. In I2P these internal services (*.i2p or *.b32) are the only kind of service the protocol directly supports—though you can configure a specific I2P service linked to a HTTP/HTTPS proxy to handle non-I2P URLs in the client configuration. There are only a few such proxy services as this is not how I2P is primarily intended to be used.

            Tor, by contrast, has built-in support for exit nodes. Routing traffic anonymously from Tor users to the Internet is the original model for the Tor network; onion services were added later. There is no need to choose an exit node in Tor—the system maintains a list and picks one automatically. Becoming a Tor exit node is a simple matter of enabling an option in the settings, whereas in I2P you would need to manually configure a proxy server, inform others about it, and have them adjust their proxy configuration to use it.

            If you set up an I2P node and do not go out of your way to expose a HTTP/HTTPS proxy as an I2P service then no traffic from the I2P network can be routed to non-I2P destinations via your node. This is equivalent to running a Tor internal, non-exit node, possibly hosting one or more onion services.

            • NuXCOM_90Percent@lemmy.zip
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              4
              ·
              1 year ago

              Fair enough. Then you have the exact same risks as far as torrenting (the point of this thread) are confirmed. But still increased risks as far as csam.

              • nybble41
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                What “increased risks as far as csam”? You’re not hosting any yourself, encrypted or otherwise. You have no access to any data being routed through your node, as it’s encrypted end-to-end and your node is not one of the endpoints. If someone did use I2P or Tor to access CSAM and your node was randomly selected as one of the intermediate onion routers there is no reason for you to have any greater liability for it than any of the ISPs who are also carrying the same traffic without being able to inspect the contents. (Which would be equally true for CSAM shared over HTTPS—I2P & Tor grant anonymity but any standard password-protected web server with TLS would obscure the content itself from prying eyes.)

                • NuXCOM_90Percent@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  1 year ago

                  You are still possessing csam while being used as a node to transit it.

                  A compromised (or even honey pot) node can show all the people who were “just holding it for a friend”. And ignoring that ISPs have historically cooperated in investigations, they also have many more lawyers.

                  So regardless of your ethical/moral concerns over facilitating the transit of csam, you are opening yourself up to being caught in a semi-tech savvy investigation.

                  • Natanael@slrpnk.net
                    link
                    fedilink
                    English
                    arrow-up
                    2
                    ·
                    1 year ago

                    This is not how the law is applied to packet switching.

                    If it was store and forward then maybe just maybe law enforcement would care, but anybody smart enough to set up an I2P node to research it and who tried to track where packets from from would first see the packets originate from their own local node at 127.0.0.1, then in the I2P console they could see that packet came in via an active half-tunnel from their own end interfacing with the endpoint node of the other side’s half-tunnel, and they would know that node has no idea what it’s sending (just like their ISP)

                  • nybble41
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    edit-2
                    1 year ago

                    You never had anything but an opaque blob of encrypted data and a forwarding address which may or may not be its final destination. Without the decryption key this is indistinguishable from random noise—meaning you never possessed any CSAM yourself. Even considering the pitifully low standards to which prosecutors are held in this area there is zero evidence of any intent on your part to receive, store, or transmit CSAM and no reason at all for anyone to take an interest in you or your node. Coming after you won’t lead to any convictions and would just be a waste of everyone’s time.

                    If you’re going to assume bad faith and/or reckless disregard for facts or reason—never mind justice—on the part of law enforcement they could just plant whatever evidence they need to secure a conviction. No one is safe in that scenario, whether they’re participating in the I2P or Tor networks or not. Having lots of lawyers wouldn’t help the ISPs either in a hypothetical alternate reality where merely routing someone else’s encrypted data made one liable for the content.

                    Forget hypotheticals for a moment. How many years have Tor and I2P been in operation by this point? Over 20? And just how many people have actually been convicted of possessing CSAM just for running an internal routing node on either network? Zero?

                    You do manage to highlight the absurdity of criminalizing mere unknowing possession of CSAM (even unencrypted) in a world where computers are constantly sending messages to each other which their users have no awareness of. Even more so if you try to apply that to encrypted content the user has no access to. You can’t control what you receive and you won’t necessarily be aware that you received it. Under the same reasoning you just applied to I2P you could go to jail on CSAM charges for picking up a USB flash drive or other storage media (even paper) off the street and returning/delivering it to the address marked on the side—either without looking at the contents (which is safer in terms of avoiding malware), or having found it to be full of what appears to be random noise. Or even seemingly innocuous data, given the possibility of steganography. It’s absurd. Fortunately in the real world while they throw around the term “possession” you generally would have needed to have had reason to be aware that this particular data contains CSAM, and failed to report it, before they could secure a conviction. Actus reus non facit reum nisi mens sit rea still counts for something even when it comes to CSAM.