@eyedeekay
&kytv
&zzz
+R4SAS
+RN
+RN_
+dr|z3d
+hk
+not_bob
+orignal
+postman
+wodencafe
Arch
DeltaOreo
FreeRider
FreefallHeavens
Irc2PGuest28511
Irc2PGuest64530
Irc2PGuest75862
Irc2PGuest77854
Nausicaa
Onn4l7h
Onn4|7h
Over
Sisyphus
Sleepy
Soni
T3s|4_
Teeed
aargh3
acetone_
anon4
b3t4f4c3
bak83
boonst
cancername
cumlord
dr4wd3
eyedeekay_bnc
hagen_
khb_
plap
poriori_
profetikla
r3med1tz
rapidash
shiver_1
solidx66
u5657
uop23ip
w8rabbit
weko_
x74a6
dr|z3d
anything coming down the commit pipes, zzz? :)
zzz
yeah if I can find my notes/scripts to test streamr to make sure I didn't break it
dr|z3d
oh, great. so you're looking to be interoperable with orginal's implementation?
zzz
zzz.i2p/topics/167 is the notes
dr|z3d
caught the tail end of the conversation last night in #ls2
dr|z3d
thanks for the link, will have a looksee.
zzz
not trying to reimplement a dns tunnel (yet)
dr|z3d
dns is an interesting proposition, either in conjunction with the existing DoH servers, or perhaps in future via a network consensus.
zzz
the udp tunnel stuff is from 2009, based on welterde work in 2008, prior to I2CP ports
dr|z3d
yeah, it's crufty and unloved
zzz
its the basis for streamr (basically unused) and socks udp (unused and apparently very broken)
dr|z3d
*nods*
dr|z3d
socks functionality would be handy.
dr|z3d
presumably as an extension of the http proxy client.
zzz
so step 1 is to add support for i2cp ports, as any sophisticated application would require them to keep track everything
zzz
think dns, or udp bittorrent announces, or socks or any thing other than one client talking to one server
dr|z3d
sure, understood.
zzz
zzz.i2p/topics/2468 is the udp tunnel thread
dr|z3d
in the past I've tested a shadowsocks server/client setup over a server tunnel to get udp functionality. worked well enough with bittorrent, but a native solution's obviously infinitely better.
zzz
every udp application is different, we're trying to provide enough of the building blocks and partial impl so the rest is easy
dr|z3d
random aside: I'm mostly happy with the torrent edit section now, UI's mostly solidified: cake.i2p/file/9iirL9uyha_FHN9IqPLizkuzwzp73r5kvJWLjwMF9_sViIch9cLj/torrentedit.png
dr|z3d
sure, it's a good plan. probably mumble is a good testbed, given that was orignal's motive, apparently.
dr|z3d
motive/motivation
zzz
yeah the topic yesterday was because we said 'we don't know how i2pd dns tunnel works and it's not documented; so we can't implement it'
zzz
and orignal simply replied 'i2pd supports udp tunnels' (((
zzz
so we got better answers yesterday
zzz
i _think_ it mostly works the way I would do it, so that's good
dr|z3d
*** chuckles. ***
dr|z3d
as you know, you have to poke orignal for answers.
dr|z3d
poke and peek. orignal's really a cpu masquerading as a developer :)
dr|z3d
possibly of interest: github.com/dnsjava/dnsjava
dr|z3d
also possibly of interest: github.com/drsjb80/JDNSS
dr|z3d
both projects being actively developed.
zzz
1) we already use a dns lib for DoH; 2) a DNS i2ptunnel doesn't need to know anything about DNS, it's a passthrough
dr|z3d
ok, the any dns tunnel option will essentially be a stub?
dr|z3d
*so
dr|z3d
that is, assuming a dns server(?) tunnel is on the cards.
zzz
we don't have any confirmed plan to do a dns tunnel, I'm still not sure the application makes sense
zzz
atm I'm just using the discussion as motivation to fix up our udp stub impls so it would be easier
dr|z3d
fair enough. and I agree, as conceptually interesting as a dns server is, the use cases are less than obvious, though there may be some.
dr|z3d
in-network dns consensus seems like it might be useful, but then again, it might be completely pointless :)
zzz
its very russia-specific, and still not sure why DoH isn't a better solution
dr|z3d
well, dns proxying is another level of anonymity, there's always that.
dr|z3d
not so different to what Apple's proposing in one respect. shield the dns server from the client's request.
dr|z3d
and with some sort of network consensus, you're leaving Tor's implementation in the dust, as you're not relying on a single (potentially dangerous) resolver.
zzz
unless the application is a single-user server/client pair, it would be a single untrusted dangerous server, so again I don't really get the appeal
zzz
and the latency would be annoying at best
dr|z3d
you may be right, but it's an interesting concept, if nothing else.
dr|z3d
28Mb/s on a zero hop connection to outproxy, as measured by fast.com
acetone
zzz: Hi. I have a bit question about headers in http proxy. What you means in "MYOB/6.66 (AN/ON)"?
dr|z3d
that's the internal useragent, acetone
acetone
yep, I unrestand it. But why "MYOB", "6.66" "(AN/ON)"?) What the words? :)
dr|z3d
push your traffic through the http proxy tunnel (I2P/i2pd) and it'll replace your browser's useragent with that automatically to prevent browser profiling.
dr|z3d
Mind Your Own Business.
dr|z3d
aka MYOB.
dr|z3d
6.66, number of the beast. AN/ON, aka anonymous.
acetone
dr|z3d: thanks
dr|z3d
np
acetone
beast's number))) holly shit
dr|z3d
*** chuckles. ***
eyedeekay
It's not completely effective in browsers, it's pretty easy to find the user-agent from other sources without the header
eyedeekay
Safer usually to spoof it at the browser level in those cases
eyedeekay
Javascript has no awareness of the tunnel, for instance, so either overriding the corresponding Javascript function or just blocking Javascript is necessary too
eyedeekay
And even if the client blocks Javascript you can usually guess the UA if the screen is not letterboxed
eyedeekay
Or privacy.resistFingerprinting=true/privacy.resistFingerprinting.letterboxing=true
dr|z3d
how are the plugins coming along, eyedeekay?
eyedeekay
2 down, 3 to go, about to release Railroad as soon as I get the readme updated
dr|z3d
nice
eyedeekay
Railroad is a blog with side-by-side markdown editing/WYSIWYG output and compatibility with most themes from the Ghost blog, so I'm hoping that it will appeal to some bloggers who don't want to mess with files in eepsite/docroot
dr|z3d
dynamic? what's on the backend? go?
eyedeekay
Backend is in go, pages are generated dynamically but they correspond to actual markdown files, connections are set up with SAM
eyedeekay
Has a webui, you set a password on the first run
eyedeekay
Optionally the webui can be launched within a webview
dr|z3d
of all the possible blogging platforms that are suitable for i2p, getpublii.com looks to me like the top dog.
eyedeekay
Yeah you showed me that one the other day, I haven't had a chance to try it yet
dr|z3d
I like the fact that it generates static content from a wordpress like admin UI, and has an importer for wordpress.
dr|z3d
so potentially less avenues for possible exploitation.
eyedeekay
That is handy, mirrors some of the reasons I picked the blog I did to make Railroad
eyedeekay
Wordpress at this point just makes me nervous to look at
dr|z3d
yeah, all too easy to lay yourself open to all manner of vulns with wordpress.. install this plugin, install that plugin.. sooner or later oh noes, zero day exploit for plugin appears!
dr|z3d
separation of the front and backend definitely a good idea on i2p.
eyedeekay
Or just static sites, even. jekyll+cron is a pretty good choice for people who can get it set up
dr|z3d
yeah, but then you're talking about barriers to entry. most people want the simplicity of wordpress with the vulns.
dr|z3d
*without
eyedeekay
Yeah, that's the mark I'm hoping I can begin to hit with railroad
dr|z3d
work on the assumption most people don't want to dirty themselves with html, markup, or css, then you've probably assessed the majority of i2p users :)
dr|z3d
that said, for a minor investment in time to learn, bashblog will put out a decent blog.
dr|z3d
re zzz.i2p/topics/3210 (console based torrent client), perhaps that's another thing to consider when building out the jsonrpc webapp.. terminal commands to control snark, in addition to commands to start/stop/restart tunnels.
zzz
the rpc supports everything you need. pick your favorite client and have fun
eyedeekay
Meeting in about ~30min, US folks mind the time change
eyedeekay
Hi everybody, welcome to the December 7 meeting
eyedeekay
1) Hi
eyedeekay
2) 1.6.1 Release Status
eyedeekay
3) jpackage Update Status
eyedeekay
4) Monero Integrations
eyedeekay
5) New SAM Library
zzz
hi
zlatinb
hi
eyedeekay
Hi zzz, hi zlatinb
eyedeekay
Anybody else here today?
eyedeekay
2) 1.6.1 release status
eyedeekay
Release 1.6.1 is available, the torrent is live, as are Debian/Ubuntu/Launchpad, Maven, GPlay, and our F-Droid
eyedeekay
F-Droid's repository is still out of date, one of my tasks this week is to get our app working with their auto-build system again
eyedeekay
Debian's repositories, as far as we know, aren't going to recieve our updates at this time, people who are using Debian packages should switch to deb.i2p2.de or deb.i2p2.no
eyedeekay
The DMG bundle built by zlatinb has also been updated to 1.6.1 and is available on the mirrors and as an update
eyedeekay
The exe bundle built by me is going to be up today, I had planned to do it yesterday but got bogged down in Windows updates so I'll do it this evening.
idk_afk
Worst time for a slow IRC disconnect, my bad guys
eyedeekay
OK I'm back
eyedeekay
(03:06:40 PM) eyedeekay: According to stats.i2p about 20% of the network has updated
eyedeekay
(03:06:47 PM) eyedeekay: Anything to add zzz, zlatinb?
zzz
yes
zzz
no sign of a biglybt update yet, hopefully that will come soon
zzz
no user complaints yet
zzz
echelon had trouble with a 1.6.1-2 dev build but we don't know why
zzz
also, users of any i2p package version (current or older) may have a problem due to changing jetty9 dependencies
zzz
if so, sudo apt install libservlet3.1-java manually
zlatinb
re biglybt I heard from Parg earlier today regarding an unrelated matter so he is ok.
zzz
may also affect bleeding-edge ubuntu jammy, not sure
zzz
eot
zlatinb
eot
zzz
I mean debian/ubuntu package
zzz
eot2
zzz
this is on debian sid and maybe jammy only
zzz
eot3
zzz
will give him a few more days and then bug him
eyedeekay
Thanks zzz, the package/dependency thing will probably bubble up on Reddit if it's a problem
eyedeekay
I run sid on the day-to-day basis and haven't hit this one so far
eyedeekay
3) jpackage Update Status
eyedeekay
Partly covered this one already, zlatinb's dmg packages are up on the mirrors and listed on the site
eyedeekay
I had some updates I needed to do to my Windows laptop so didn't get the exe builds done last night, got it out for after the meeting
eyedeekay
I've flipped my news server over to publish zlatinb's new packages
eyedeekay
I haven't heard from any users so far
zlatinb
The dmg jpackage is at this point well-streamlined. We did an end-to-end test of the in-network update with 1.5.0->1.5.1 and that worked (but from the second try)
zlatinb
1 person has downloaded the torrent according to snark
zlatinb
not much else to report on the mac jpackage, it basically works
zlatinb
eot
eyedeekay
Thanks zlatinb
eyedeekay
4) Monero Integrations
eyedeekay
There was some renewed interest in getting Monero-over-I2P working automatically in the GUI wallets(like Feather in particular) over the thanksgiving holiday
eyedeekay
We're doing some design mockups and analysis of the tradeoffs of different configurations over here:
eyedeekay
They're interested in adopting several things from us, including eventually our model for distributing software updates in-network
eyedeekay
If anybody wants to participate in that discussion we're having it there mostly, and also on the Monero Matrix channel
eyedeekay
Monero-Community
eyedeekay
EOT
eyedeekay
5) New SAM library
zzz
cool, I assume they've already looked at what bitcoin did for the low-level address protocols
zzz
eot
eyedeekay
Yes they have
eyedeekay
The other cool thing that happened last week is the folks at diva.exchange have created a new SAM library for node.js/javascript in general
eyedeekay
It's much more thoroughly and recently documented than the old one which is now unmaintained
eyedeekay
Source is here: codeberg.org/diva.exchange/i2p-sam
eyedeekay
NPM package is here npmjs.com/package/@diva.exchange/i2p-sam
eyedeekay
Given how popular node is I'm giving it a bit of a signal boost, seems like everybody writes their webapps in node these days
eyedeekay
eot
eyedeekay
Anything else for the meeting?
zlatinb
not from me
eyedeekay
timeout 1,
eyedeekay
1m
eyedeekay
OK then thanks zzz, zlatinb, next meeting will be Jan 4, 2022
eyedeekay
I will post the logs shortly