#ls2 (irc2p) | #ls2 Proposal 168 review here 8 PM UTC Tues. Dec. 3

eyedeekay after that the crypto refactor, also part of my previous three attempts, which I'm going to try and do at about the same pase, 1-3 important structures a week

eyedeekay Setting that as a goal rather than trying to do it all at once is making it much more reasonable to accomplish, sorry it took so dang long to come to that conclusion

eyedeekay EOT

eyedeekay I'm going to try and do these every week to keep up to date

zzz sure, if you want to use weekly reports to keep yourself moving, that's fine with me

zzz it's a long road ahead

eyedeekay Yeah I'm way the heck behind but I figure I can do better at this pace now

orignal how about Noise?

zzz whatever you can do to stay organized and make progress is great

eyedeekay Still behind on transports orignal, I've been underwater with plugins and the common library refactor for months

orignal Noise is not only transports

orignal also tunnel build, publishing, lookup, ratchets

orignal it's everywhere now

orignal basic crypto primitive I would say

eyedeekay I'll have to have another look after the common library refactor, it will probably be most important when I do the crypto refactor

zzz doesn't sound like he's there yet

zzz baby steps

zzz anything else on 2) ?

eyedeekay Yeah I bit off a lot here for a guy with very little real-world network engineering experience

eyedeekay Nothing else from me for 2

zzz 3) Web Extension update

zzz please start with a reminder of what it is before the update :)

eyedeekay I2P in private browsing is a Firefox extension which provides integrations for I2P, including automatic proxy management and isolation of identities between applications

eyedeekay It's designed to avoid attacks from the browser and make configuring I2P browsers easier-to-automatic

eyedeekay I2P in Private Browsing had a couple significant updates this cycle which affect people outside of just the Java I2P core project userbase

zzz "I2P in private browsing Firefox extension" == "Web Extension" ?

eyedeekay the most exciting one is translations, they're automatically generated from the English text but they are now due to be released after the 1.8.0 release

eyedeekay Yes that is correct

zzz phew, I'm with you

eyedeekay WebExtensions is the name of the API for modern browser extensions, I write 3 of them so I use that shorthand, my bad

eyedeekay New languages are: Arabic, German, French, Italian, Japanese, Portuguese, Russian, and Chinese

zzz you have a new transifex project? or where are you getting the translations from?

orignal no Spanish ?

orignal but German and Italian?

eyedeekay Already had Spanish, did that one by hand

eyedeekay I'm hosting a machine translation generation service inside of I2P to bootstrap it,

eyedeekay Libretranslate, it's at translate.idk.i2p

eyedeekay Open to everybody, no API keys required

zzz and what's the source of the machine translation data?

eyedeekay Argos Translate, argosopentech.com

zzz what was the basis of the decision to use that instead of humans at transifex, and what validation have you done that the result is of good enough quality to put in a released product of ours?

eyedeekay I have tried to either reverse the translations by hand where I can, Spanish and French, or asked specific community members to review them, or have attempted to perform the reverse process, of translating the new translations back into English, using both the same and third-party translation API's(Google, Bing) to confirm that they are not too corrupted

zzz how many source strings are there?

eyedeekay About 90

eyedeekay 89

eyedeekay It's mostly short, one-to-two sentence bits of text that show up when specific things happen, like an I2P site presents an HTTPS certificate or you click on a magnet link

zzz interesting

zzz well, you didn't tell us anything about why this was preferable to transifex, but it sounds like you did at least some work to make sure it isn't terrible

eyedeekay They all come in these json files under _locales/lang/messages.json, which I didn't know for sure how to integrate with transifex and didn't quite know how to experiment with without some translations to start with

zzz formatting issues are always solvable and shouldn't in themselves be a reason to go straight to a particular backend for translation

eyedeekay That's why I started with doing Spanish by hand then tried the machine translation angle.

eyedeekay Goal was always to move them to Transifex if I figured out how to solve them

eyedeekay But I felt like I would have an easier time of it if I had somewhere to start

zzz ok

zzz anything else on 3) ?

eyedeekay Also translation services inside of I2P seemed like a helpful thing, I get a lot of messages in Russian which I can't read

eyedeekay Nothing else on 3)

eyedeekay Oh wait I'm wrong

zzz wait, it's translating on the fly?

eyedeekay No it's not doing that

zzz oh, maybe just a platform for other possible things then?

eyedeekay there is an extension from the Libretranslate community that can do that which I thought about integrating but it's a later time thing

eyedeekay Yeah right now I'm using it to do machine translation in my IRC client

zzz ok

zzz anything else on 3) ?

orignal give me an example you can't read

orignal I mean in Russian

eyedeekay I can't read *any* Russian personally, I don't speak it

eyedeekay I've got an OK grasp on Spanish and could probably embarass myself all the way to a French airport but that's what I've got

orignal you should start learning it, as everybdy in I2P ))

eyedeekay Yeah probably

zzz here's an example he can't read: работает (that's one word I know)

orignal Russian seems main I2P language ))

orignal it means "works"

zzz anyway, let's move on

zzz 4) RIs for connected peers

orignal yes

orignal we need to send updates at least once an hour

zzz see git.idk.i2p/i2p-hackers/i2p.i2p/-/issues/356

zzz I think java used to do it in NTCP 1 ?

orignal need to start i2p locally

zzz as you point out, peer test and relay need it

zzz we can either "push" to peers or send lookups

zzz doesn't really matter much but we need to do the same thing

zzz I think push is easier

orignal I prefer push

zzz then you can send it when it changes if you want

zzz but have to be careful not to send to everybody at once

orignal I prefer by timers

orignal like once in xx minutes

zzz once an hour might be better, yes

orignal random between 40 and 70

zzz or maybe after a half an hour if you are bob (because if you were alice you sent it in the handshake)

orignal no

zzz I think our shortest expiration right now is 54 minutes

orignal Alice must do it

orignal well no difference

orignal my logic is

zzz both must do it, but maybe bob should do it _sooner_

orignal I try to connect to a router through introducer

orignal I'm Alice

orignal but I have a session for a long time

orignal probably before relay request I shuld send my RI

zzz right, the OP of the issue above had problems in testnet too

orignal if I didn't do it fro a long time

zzz for java it's only a problem with floodfills right now, because floodfills don't refetch before expiration

zzz there is one possible security issue, we have the issue now but this might make it worse

orignal that's why it's important that Alice send before relay request

zzz attack where you send your victim a special RI that's different somehow. different than what you send to ffs

zzz but we dont' prevent it now

orignal but what's a leak?

orignal since it's on ransport level only

zzz maybe you trick victim into a separate network

zzz but I guess you could send a bunch of floodfill RIs to victim too

zzz have to think about it more

zzz I know this was one of jrandom's threats he thought about

orignal then we have to think

zzz if we're not going to accept RI's direct over a connetion, thats a big change and breaks NTCP2 and SSU2, so let's hope not

zzz but, if you want to lookup an RI and you're connected already, should you just ask the peer directly?

zzz and will he answer if not ff?

orignal I would ask FF instead

zzz yeah thats the way we do it now

zzz but is it better to ask direct? I don't even know if we answer if we're not ff, have to check

orignal what's a difference?

zzz we don't ever answer lookups if not ff, I don't think?

zzz well, we answer, but with a DSRM, not with the answer

orignal I don't

orignal I answer with list of closests floodfiils

zzz actually we answer with a DSRM _and_ with our RI, as a "go away, we're not ff anymore"

orignal I need to check

orignal what I do

zzz so I guess in a way we do send our RI :)

orignal probably I don't send out RI

zzz I'll check also and report back later

zzz ok, so we're in basic agreement to use periodic "push" of RI, not "pull", for SSU2

orignal yes

orignal or as I said another option to send it before relay request

zzz I may need other fixes for SSU 1 and NTCP2 to fix the testnet issue

zzz yes, say, if connected > 30 minutes, send before relay request

orignal good idea

orignal let's go this way

zzz ok I'll add some notes to the spec with some alternatives

zzz getting late, anything else on 4) ?

zzz anything else for the meeting?

orignal anoter thing

zzz go ahead

orignal have you heard what happened to Hydra?

zzz the tor market?

orignal yes

orignal major one in Russia

orignal looks like Sybil attack

zzz interesting

orignal German police has started bunch of high-speed relay nodes

orignal and finally got a tunnel went through all their nodes

zzz it got registered on stats.i2p also, I let it through, I didnt know it was a market

orignal and identify location of Hydra server

zzz I don't think it was ever up on i2p though

orignal it has never been in I2P

orignal always .onion

orignal the thing is that business doesn't trust Tor anomore

orignal for .onion adddreses

zzz got registered on stats on march 5

orignal so slowness of I2P is adnatage for anonymity

zzz got taken down a few weeks later

orignal because Tor has mucgh less relay and exit nodes

zzz interesting

orignal I think that one for a fake

orignal *was

zzz maybe, like I said I never saw it up

orignal while every i2p nodes is a transit node

orignal e.g. it's harder to do it in I2P

zzz maybe, maybe not. we're still very small

orignal but bigger than Tor's relay and exit nodes

zzz yup

orignal remeber ordinary Tor users are not relays

zzz thanks everybody, good meeting

orignal they are just users

eyedeekay We have greater relay diversity, but it seems very hard to say if the effect that has on sybil attacks is predictable or uniform

eyedeekay like I bet the German feds have better ability to pull of a sybil attack on Tor than just about anybody else in the world, given how many Tor relays are hosted in Germany they may be in a relatively privileged position

eyedeekay but I doubt that same privilege applies to everybody who has a path they'd like to take over on Tor