#i2p-dev (irc2p) | 2.6.1-5-rc | Tags frozen | Review deadline Noon UTC Tue. Oct. 8 | Celebrating 20 years of email services, thank you postman!

#i2p-dev

/2024/09/30

Online: 60

&eche|on

&kytv

&zzz

+R4SAS

+RN

+StormyCloud

+T3s|4

+acetone

+dr|z3d

+goose2_

+hagen

+orignal

+postman

+weko

An0nm0n

Arch

Danny

DeltaOreo

DiCEy1904

FreefallHeavens

Irc2PGuest25709

Irc2PGuest41206

Irc2PGuest57563

Irc2PGuest68756

Irc2PGuest72806

Irc2PGuest85336

Nausicaa

Onn4l7h

Onn4|7h

Sisyphus

Sleepy

Soni

T3s|4_

Teeed

anon1

b3t4f4c3__

bak83

boonst

cumlord

dr4wd3

eyedeekay

eyedeekay_bnc

flompidy2

goose2

itsjustme_

khb_

not_bob_afk

onon_

plap

poriori

profetikla

r3med1tz-

rapidash

shiver_

u5657

uop23ip

w8rabbit

x74a6

z0a1

zzz eyedeekay, github i2p.www 25 days behind

eyedeekay Ack, I'll track down a cause and get them to sync back up

zzz thx

zzz anybody have thoughts on the tor/tails hookup?

eyedeekay I'm not sure what they have to gain from it really. I get why they care about bundling with TBB, they need things Mozilla isn't ready for and need a pipeline to get those things to Mozilla. Inconvenient, but true enough.

eyedeekay I don't really get it with TAILS though, much TAILS functionality doesn't require that level of integration and involves applications that are much less complex(thunderbird notwithstanding)

eyedeekay The "Amnesiac" and "Live" parts of the acronym have nothing to do with Tor at all

zzz tails/intrigeri reasons pretty obvious; he said as much. offload the HR/finance/management stuff

zzz I'm trying to understand why tor would do it

eyedeekay Yeah same

zzz tails apparently wasn't a real nonprofit, they were taking donations via riseup (US 501c3) and a DE nonprofit

zzz what does tor need? devs and $$$/BTC. my guess is tails had a surplus of one or the other

eyedeekay In some circles(reddit) TAILS is considered the go-to Tor onboarding tool, which could make it a "too big to fail" thing too?

zzz good point, maybe tor wanted more control of what's essentially a big 'downstream'

dr|z3d I think Tor's interest lies in having a goto distro they can reference.

dr|z3d And they've been informally working with Tails before it was Tails.

eyedeekay Yeah the conversation usually goes to the effect of "If you're concerned about Windows failing to protect your privacy, TAILS is designed to accomodate your use-case"

zzz regardless of any other reasons, the money had to work

dr|z3d I'm sure it works for Tails.

zzz I mean for tor

dr|z3d As for Tor, I don't get the impression they're short of cash, irrespective of their regular donation drives.

zzz either tails is taking in more than they're spending, or they're going to move tails ppl to work on tor

dr|z3d If anything, I get the impression they're "donate to Tor, save the world" campaigns are just a PR exercise to make people forget they're mostly gov funded.

dr|z3d *their

dr|z3d anyways, an OS is just a natural extension of the browser, if you think about it.

dr|z3d first it was just a daemon with a minimal control ui, then we got vidalia, then they dropped vidalia and adopted firefox.

RN I miss vidalia

dr|z3d I'm not sure if the two are related, but when the Vidalia lead dev starting collaborating with the fbi to decloak Tor users, I vaguely recall Vidalia disappearing not long after.

dr|z3d *started

RN hmmm

eyedeekay Huh, I didn't know about that

RN still miss the function it provided but if it was potentially compromised then RIP

dr|z3d securityaffairs.com/46791/cyber-crime/former-tor-developer-helped-fbi.html

dr|z3d techworm.net/2016/04/ex-tor-developer-helped-fbi-creating-malware-unmask-anonymous-tor-users.html

zzz actually the govt funding is more like 50%, and their stated goal is to reduce that, so the tails income flow may dilute it significantly

eyedeekay Oh that makes sense, prior to TBB there were a ton of ways to very rapidly degrade anonymity by exploiting the underlying browser, obviously flash didn't obey the rules, neither did WebRTC at first

eyedeekay one doesn't exactly follow the other as such "vidalia dies, long live TBB" but filtering-based anti-fingerprinting strategies were about to be doomed by more widespread HTTPS deployment too

eyedeekay And eventually you have to move the controller into the browser to make the model of identity the proxy uses match the model of identity the browser uses

dr|z3d Vidalia wasn't doing much in the way of security mitigation iirc, it was mostly just a monitoring UI.

eyedeekay It also controlled rotation of identities

eyedeekay Or could

dr|z3d yeah, it had something just beyond what the current Tor browser had in terms of control.

RN and a map function for the network or specific tunnel

eyedeekay By design, Tor Browser's trying to make the expectations consistent all the way through the stack, if a tab is unaware of another tab, the proxy should use a different identity

dr|z3d that's just tinsel in the scheme of things :)

dr|z3d the map, that is.

RN yep, but I liked the tinsel

RN ;)

RN I'd be satisfied with a "new tunnel" button.... for standalone Tor without tbb

dr|z3d you got one. it's called service tor reload :)

eyedeekay Better choice is probably torsocks for that, it will normally pass a string which identifies the client to Tor

eyedeekay torsocks --isolate

RN service reload restarts everything though, I don't want to interrupt hidden service tunnels and such just to change the tunnel for browsing

RN --isolate doesn't help when the browser is on a different machine from Tor

RN just my use case though...

dr|z3d there are a bunch of torrc configs to control circuit isolation.

RN s/--isolate/torsocks/

dr|z3d IsolateClientProtocol, IsolateDestPort, IsolateDestAddress etc.

dr|z3d and don't forget MaxCircuitDirtiness if you want to rotate exits faster.

eyedeekay I suppose I should probably point out that a lot of this isolation stuff Tor does is what I want to give us with Prop166

RN that sounds familiar, I may have skimmed that one a while ago

eyedeekay Yeah it's essentially applying IsolateDestAddress at the i2ptunnel level

eyedeekay then the addendum tells you(roughly) how to emulate --isolate with torsocks and an I2P socks proxy by spinning them up ad-hoc

eyedeekay And nailing down and disabling proxy escapes is one of the goals(the most important) of i2p.plugins.firefox

eyedeekay ^ which is in turn a beneficiary of TBB because they tend to find the proxy escapes and/or be the ones to fix them

orignal zzz how many HolePunch messages do you send?

orignal and when do you stop? When receive sessiion request?

orignal also looks like your resend RelayReponse not as regular SSU2 messages even in established session

orignal could you check if your always send HolePunch and RelayResponse simultenously even for resends?