Английская Википедия:I2P

Материал из Онлайн справочника
Версия от 07:21, 24 марта 2024; EducationBot (обсуждение | вклад) (Новая страница: «{{Английская Википедия/Панель перехода}} {{short description|Free and open source project building an anonymous network}} {{Primary sources|article|date=August 2017}} {{Infobox software | title = | name = I2P — The Anonymous Network | logo = file:I2P logo.svg | logo_size = 300px | logo_alt = | logo caption = | screenshot = <!-- Image name is enough --> | screenshot_size = | screenshot_alt = | caption = I2P 0...»)
(разн.) ← Предыдущая версия | Текущая версия (разн.) | Следующая версия → (разн.)
Перейти к навигацииПерейти к поиску

Шаблон:Short description Шаблон:Primary sources

Шаблон:Infobox software Шаблон:File sharing sidebar The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high number of possible paths the traffic can transit, a third party watching a full connection is unlikely. The software that implements this layer is called an "I2P router", and a computer running I2P is called an "I2P node". I2P is free and open sourced, and is published under multiple licenses.[1]

Technical design

I2P has been beta software since it started in 2003 as a fork of Freenet.[2][3] The software's developers emphasize that bugs are likely to occur in the beta version and that peer review has been insufficient to date.[4] However, they believe the code is now reasonably stable and well-developed, and more exposure can help the development of I2P.Шаблон:Source?

The network is strictly message-based, like IP, but a library is available to allow reliable streaming communication on top of it (similar to Non-blocking IO-based TCP, although from version 0.6, a new Secure Semi-reliable UDP transport is used[5]). All communication is end-to-end encrypted (in total, four layers of encryption are used when sending a message) through garlic routing,[6] and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys), so that neither senders nor recipients of messages need to reveal their IP address to the other side or to third-party observers.

Although many developers had been a part of the Invisible IRC Project (IIP)[7] and Freenet communities, significant differences exist between their designs and concepts. IIP was an anonymous centralized IRC server. Freenet is a censorship-resistant distributed data store. I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, email, IRC, file sharing, Web hosting and HTTP, or Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).

Many developers of I2P are known only under pseudonyms. While the previous main developer, jrandom, is currently on hiatus,[8] others, such as zzz, killyourtv, and Complication have continued to lead development efforts,Шаблон:Source? and are assisted by numerous contributors.[9]

I2P uses 2048bit ElGamal/AES256/SHA256+Session Tags encryption[10] and Ed25519 EdDSA/ECDSA signatures.[11]

Releases

I2P has had a stable release every six to eight weeks. Updates are distributed via I2P torrents and are signed by the release manager (generally zzz or str4d).

Funding

On the website it states, that "funding for I2P comes entirely from donations".[55] Admins and managers of the project said, that "the core project itself doesn't take donations". These should instead go to secondary applications or be spent on hiring others, to work on I2P.[56] Support for the onboarding for I2P came from the Open Technology Fund.[57][58] In contrast to The Tor Project, I2P has "not the financial or legal infrastructure to support a network of exit nodes".[59] The reseed servers,[60] a sort of bootstrap nodes,[61] which connect the user with the initial set of peers to join the I2P-network, should be run by volunteers.[62]

Software

Файл:I2P router console 0.9.31-0.png
I2P 0.9.31-0 router console

Since I2P is an anonymizing network layer, it is designed so other software can use it for anonymous communication. As such, there are a variety of tools currently available for I2P or in development.

The I2P router is controlled through the router console, which is a web frontend accessed through a web browser.

General networking

  • I2PTunnel is an application embedded into I2P that allows arbitrary TCP/IP applications to communicate over I2P by setting up "tunnels" which can be accessed by connecting to pre-determined ports on localhost.
  • SAM (Simple Anonymous Messaging) is a protocol which allows a client application written in any programming language to communicate over I2P, by using a socket-based interface to the I2P router.[63]
  • BOB (Basic Open Bridge) is a less complex app to router protocol similar to "SAM"[64]
  • Orchid Outproxy Tor plugin[65]

Chat

  • Any IRC client made for the Internet Relay Chat can work, once connected to the I2P IRC server (on localhost). I2P have the option to create tunnels that are specific for this usage, where certain commands that could de-anonymize the user are filtered out.

File sharing

  • Several programs provide BitTorrent functionality for use within the I2P network. Users cannot connect to non-I2P torrents or peers from within I2P, nor can they connect to I2P torrents or peers from outside I2P.[66] I2PSnark, included in the I2P install package, is a port of the BitTorrent client named Snark.[67] Vuze, formerly known as Azureus, is a BitTorrent client that includes a plugin for I2P, allowing anonymous swarming through this network.[68] This plugin is still in an early stage of development, however it is already fairly stable. I2P-BT is a BitTorrent client for I2P that allows anonymous swarming for file sharing. This client is a modified version of the original BitTorrent 3.4.2 program which runs on MS Windows and most dialects of Unix in a GUI and command-line environment. It was developed by the individual known as 'duck' on I2P in cooperation with 'smeghead'. It is no longer being actively developed; however, there is a small effort to upgrade the I2P-BT client up to par with the BitTorrent 4.0 release. I2PRufus is an I2P port of the Rufus BitTorrent client.[69] Robert (P2P Software) is the most actively maintained I2PRufus fork. XD is a standalone BitTorrent client written in Go.[70] BiglyBT is a bittorrent client based on Vuze which also allows the use of i2p for downloading/seeding.
  • Two Kad network clients exist for the I2P network, iMule and Nachtblitz. iMule (invisible Mule) is a port of eMule for I2P network. iMule has not been developed since 2013. iMule is made for anonymous file sharing. In contrast to other eDonkey clients, iMule only uses the Kademlia for proceeding to connect through I2P network, so no servers are needed. Nachtblitz[71] is a custom client built on the .NET Framework. The latest version is 1.4.27, released on March 23, 2016. Nachtblitz includes a time lock to disable the software one year after its release date.
  • I2Phex is a port of the popular Gnutella client Phex to I2P. It is stable and fairly functional.
  • Tahoe-LAFS has been ported to I2P. This allows for files to be anonymously stored in Tahoe-LAFS grids.
  • MuWire is a file-sharing program inspired by the LimeWire Gnutella client that works atop the I2P network.[72]

Bridging to clearnet

Currently, Vuze and BiglyBT are the torrent clients that make clearnet (connections not through I2P) torrents available on I2P and vice versa. Depending on the client settings, torrents from the internet can be made available on I2P (via announcements to I2P's DHT network) and torrents from I2P can be made available to the internet. For this reason, torrents previously published only on I2P can be made available to the entire Internet, and users of I2P can often download popular content from the Internet while maintaining the anonymity of I2P. As of August 2022, the default outproxy is exit.stormycloud.i2p which is run by StormyCloud Inc.[73][74][75]

Email

Шаблон:Unreferenced section

Файл:I2PBote-inbox-0.4.png
A screenshot of the inbox of I2P-Bote.
  • I2P-Bote is a free, fully decentralized and distributed anonymous email system with a strong focus on security.[76] It supports multiple identities and does not expose email metadata. Шаблон:As of, it is still considered beta software. I2P-Bote is accessible via the I2P web console interface or using standard email protocols (i.e. IMAP/SMTP). All bote-mails are transparently end-to-end encrypted and signed by the sender's private key, thus removing the need for PGP or other email encryption software. I2P-Bote offers additional anonymity by allowing for the use of mail relays with variable length delays. Since it is decentralized, there is no centralized email server that could correlate different email identities as communicating with each other (i.e. profiling). Even the nodes relaying the mails do not know the sender, and apart from sender and receiver, only the end of the high-latency mail route and the storing nodes will know to whom (which I2P-Bote address – the user's IP address is still hidden by I2P) the mail is destined. The original sender could have gone offline long before the email becomes available to the recipient. No account registration is necessary, all you have to do in order to use it is create a new identity. I2P-Bote can be installed as an I2P plugin .Шаблон:Citation needed
  • I2P also has a free pseudonymous e-mail service run by an individual called Postman. Susimail is a web-based email client intended primarily for use with Postman's mail servers, and is designed with security and anonymity in mind. Susimail was created to address privacy concerns in using these servers directly using traditional email clients, such as leaking the user's hostname while communicating with the SMTP server. It is currently included in the default I2P distribution, and can be accessed through the I2P router console web interface. Mail.i2p can contact both I2P email users and public internet email users.
  • Bitmessage.ch can be used over I2PШаблон:Cn

Instant messaging

  • I2P-Messenger is a simple Qt-based, serverless, end-to-end-encrypted instant messenger for I2P.[77] No servers can log the user's conversations. No ISP can log with whom the user chats, when, or for how long. As it is serverless, it can make use of I2P's end-to-end encryption, preventing any node between two parties from having access to the plain text. I2P-Messenger can be used for fully anonymous instant communication with persons the user doesn't even know, or, alternatively, to communicate securely and untraceably with friends, family members, or colleagues. In addition to messaging, file transfer is also supported.
  • I2P-Talk is another simple instant messenger incompatible with I2P-Messenger, but having the same security properties

Publishing

  • Syndie is a content distribution application, suitable for blogs, newsgroups, forums and small media attachments. Syndie is designed for network resilience. It supports connections to I2P, the Tor network (Syndie does not support Socks proxies, workaround needed for Tor access), Freenet and the regular internet. Server connections are intermittent, and support higher-latency communications. Connections can be made to any number of known servers. Content is spread efficiently using a Gossip protocol.
  • Aktie is an anonymous file sharing and distributed Web of trust forums system. Aktie can connect to I2P with its internal router or use an external router. To fight spam, "hash payments" (proof of CPU work) is computed for every published item.

Routers

  • I2PBerry is a Linux distribution which can be used as a router to encrypt and route network traffic through the I2P network.
  • i2pd is a light-weight I2P router written in C++, stripping the excessive applications such as e-mail, torrents, and others that can be regarded as bloat.[78][79]
  • Kovri is an I2P router written in C++.[80] It was forked from i2pd following developer disagreements.[81] Kovri's primary purpose is to integrate with the cryptocurrency Monero to send new transaction information over I2P, making it much more difficult to find which node is the origin of a transaction request.[82] Those using the Kovri router will be running full I2P routers that contribute to the I2P network the same way the current Java router does. This project is expected to benefit both the Monero and I2P communities, since it will allow for greater privacy in Monero, and it should increase the number of nodes on the I2P network.[83]

The Privacy Solutions project

The Privacy Solutions project,[84] a new organization that develops and maintains I2P software, launched several new development efforts designed to enhance the privacy, security, and anonymity for users, based on I2P protocols and technology.

These efforts include:[85]

  • The Abscond browser bundle.
  • i2pd,[86] an alternate implementation of I2P, written in C++ (rather than Java).
  • The "BigBrother" I2P network monitoring project.

The code repository and download sections for the i2pd and Abscond project is available for the public to review and download.[87] Effective January, 2015 i2pd is operating under PurpleI2P.[88]

Android

Файл:I2PAndroid-console-0.9.20.png
I2P running on Android.
  • Release builds of an I2P Router application for Android can be found on the Google Play store under The Privacy Solutions Project's Google Play account or on an F-Droid repository hosted by the developers.[89]
  • Nightweb is an Android application that utilizes I2P and Bittorrent to share blog posts, photos, and other similar content. It can also be run as a desktop application. It is no longer in development.[90]

Cryptocurrency

Some cryptocurrencies that support I2P are listed below.

Terminology

Файл:Itoopie.svg
I2P's mascot, itoopie, who is looking through a magnifying glass.[92]
Eepsite
Eepsites are websites that are hosted anonymously within the I2P network. Eepsite names end in .i2p, such as ugha.i2p or forum.i2p. EepProxy can locate these sites through the cryptographic identifier keys stored in the hosts.txt file found within the I2P program directory. Typically, I2P is required to access these eepsites.[93]
.i2p
'I2p' is a pseudo-top-level domain which is only valid within the I2P overlay network scope. .i2p names are resolved by browsers by submitting requests to EepProxy which will resolve names to an I2P peer key and will handle data transfers over the I2P network while remaining transparent to the browser.[94]
EepProxy
The EepProxy program handles all communication between the browser and any eepsite. It functions as a proxy server that can be used by any web browser.
Peers, I2P nodes
Other machines using I2P that are connected to user's machine within the network. Each machine within the network shares the routing and forwarding of encrypted packets.
Tunnels
Every ten minutes, a connection is established between the user's machine and another peer. Data to and from the user, along with the data for other peers (routed through the user's machine), pass through these tunnels and are forwarded to their final destination (may include more jumps).[95]
netDb
The distributed hash table (DHT) database based on the Kademlia algorithm that holds information on I2P nodes and I2P eepsites. This database is split up among routers known as "floodfill routers". When a user wants to know how to contact an eepsite, or where more peers are, they query the database.[96][93]

Vulnerabilities

Denial of service attacks are possible against websites hosted on the network, though a site operator may secure their site against certain versions of this type of attack to some extent.[97][98]

A zero-day vulnerability was discovered for I2P in 2014, and was exploited to de-anonymize at least 30,000 users. This included users of the operating system Tails.[99] This vulnerability was later patched.[100][101]

A 2017 study examining how forensic investigators might exploit vulnerabilities in I2P software to gather useful evidence indicated that a seized machine which had been running I2P router software may hold unencrypted local data that could be useful to law enforcement. Records of which eepsites a user of a later-seized machine was interested in may also be inferred. The study identified a "trusted" I2P domain registrar ("NO.i2p") which appeared to have been abandoned by its administrator, and which the study identified as a potential target for law enforcement takeover. It alternatively suggested waiting for NO.i2p's server to fail, only to social engineer the I2P community into moving to a phony replacement. Another suggestion the study proposed was to register a mirror version of a target website under an identical domain.[98]

I2PCon

Файл:I2PCon-2015-David-Dagon.jpg
David Dagon presenting at the first I2Pcon.

From Шаблон:Daterange an I2P convention was held in Toronto, Ontario.[102] The conference was hosted by a local hackerspace, Hacklab. The conference featured presentations from I2P developers and security researchers.

See also

Шаблон:Div col

Шаблон:Div col end

Software

Шаблон:Div col

Шаблон:Div col end

References

Шаблон:Reflist

External links

Шаблон:Prone to spam

Шаблон:I2P Шаблон:Cryptographic software Шаблон:File sharing protocols Шаблон:Internet censorship circumvention technologies Шаблон:Portal bar Шаблон:Authority control

  1. Шаблон:Cite web
  2. Шаблон:Cite web
  3. Шаблон:Citation.
  4. Шаблон:Cite web
  5. Шаблон:Cite web
  6. Шаблон:Cite web
  7. Шаблон:Citation.
  8. Шаблон:Cite web
  9. Ошибка цитирования Неверный тег <ref>; для сносок team не указан текст
  10. Шаблон:Cite web
  11. Шаблон:Cite web
  12. Шаблон:Cite web
  13. Шаблон:Cite web
  14. Шаблон:Cite web
  15. Шаблон:Cite web
  16. Шаблон:Cite web
  17. Шаблон:Cite web
  18. Шаблон:Cite web
  19. Шаблон:Cite web
  20. Шаблон:Cite web
  21. Шаблон:Cite web
  22. Шаблон:Cite web
  23. Шаблон:Cite web
  24. Шаблон:Cite web
  25. Шаблон:Cite web
  26. Шаблон:Cite web
  27. Шаблон:Cite web
  28. Шаблон:Cite web
  29. Шаблон:Cite web
  30. Шаблон:Cite web
  31. Шаблон:Cite web
  32. Шаблон:Cite web
  33. Шаблон:Cite web
  34. Шаблон:Cite web
  35. Шаблон:Cite web
  36. Шаблон:Cite web
  37. Шаблон:Cite web
  38. Шаблон:Cite web
  39. Шаблон:Cite web
  40. Шаблон:Cite web
  41. Шаблон:Cite web
  42. Шаблон:Cite web
  43. Шаблон:Cite web
  44. Шаблон:Cite web
  45. Шаблон:Cite web
  46. Шаблон:Cite web
  47. Шаблон:Cite web
  48. Шаблон:Cite web
  49. Шаблон:Cite web
  50. Шаблон:Cite web
  51. Шаблон:Cite web
  52. Шаблон:Cite web
  53. Шаблон:Cite web
  54. Шаблон:Cite web
  55. Шаблон:Cite web
  56. Шаблон:Cite web
  57. Шаблон:Cite web
  58. Шаблон:Cite web
  59. Шаблон:Cite web
  60. Шаблон:Cite web
  61. Шаблон:Cite web
  62. Шаблон:Cite web
  63. Шаблон:Citation.
  64. Шаблон:Citation.
  65. Шаблон:Cite web
  66. Шаблон:Citation.
  67. Шаблон:Citation.
  68. Шаблон:Citation.
  69. Шаблон:Cite web.
  70. Шаблон:Cite web
  71. Шаблон:Cite web
  72. Шаблон:Cite web
  73. Шаблон:Cite web
  74. Шаблон:Cite web
  75. Шаблон:Cite web
  76. Шаблон:Citation
  77. Шаблон:Citation
  78. Шаблон:Cite web
  79. Шаблон:Cite web
  80. Шаблон:Cite web
  81. Шаблон:Cite web
  82. Шаблон:Cite web
  83. Шаблон:Cite web
  84. Шаблон:Citation.
  85. Шаблон:Citation.
  86. Шаблон:Cite web
  87. Шаблон:Citation
  88. Шаблон:Citation
  89. Шаблон:Citation
  90. Шаблон:Citation.
  91. Шаблон:Cite web
  92. Шаблон:Cite web
  93. 93,0 93,1 Шаблон:Cite web
  94. Шаблон:Cite web
  95. Шаблон:Cite web
  96. Шаблон:Cite web
  97. Шаблон:Cite web
  98. 98,0 98,1 Шаблон:Cite journal
  99. Шаблон:Cite web
  100. Шаблон:Cite web
  101. Шаблон:Cite web
  102. Шаблон:Cite web