IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2024/08/29
dr|z3d there are throttles in play if you request too many, orignal
dr|z3d otherwise, I don't think any tunnel gets special treatment. All should be treated equally.
dr|z3d tell us if you find any, snex. there's stuff out there, whether it satisfies your criteria is a different matter.
dr|z3d zzz: you gone cold on the router geomap?
snex I’ve only seen MentalOutlaw talk about it and I’ve never seen him here at all
dr|z3d Is MentalOutlaw the doingfedtime guy?
dr|z3d if you search for i2p on youtube, you'll see a bunch of videos, some quite old.
snex Not familiar with that name. He’s a black dude that does a lot of tech YouTube vids
dr|z3d not the same guy then, doingfedtime makes i2p videos occasionally, he's entertaining, but he's definitely not technical.
dr|z3d and he's a white dude with a biker beard.
dr|z3d not_bob's about to tell you all about him...
eyedeekay I met him once, seemed nice enough
not_bob Yeah, the doing fed time guy did a video on me. He things I'm strange.
eyedeekay he's also reservesteel on reddit
not_bob HIs content is genearlaly pretty good, but very end user level.
dr|z3d his videos are amusing. didn't he recently post an ai-generated link on reddit with a security rating for various i2p implementations?
not_bob Mental Outlaw is a better source for slightly deeper level things.
not_bob Hah, and then there is RTP! That man goes down rabit holes. I like it.
dr|z3d might be some old content on youtube from "irongeek" aka Adrian Grimshaw. He's a bit more technical.
not_bob Sadly there is not much content on I2P on there :(
not_bob *** wanders off. ***
eyedeekay Oh was it AI-generated? That explains it
Anomaly i am evolving like a pokeman
Anomaly ive seen mentaloutlaw
dr|z3d pretty sure it was.
dr|z3d anyone with half a clue wouldn't have included kovri.
dr|z3d and the security ratings seemed to be plucked out of thin air.
dr|z3d aka hallucinated.
Anomaly who is RTP?
dr|z3d also has his own channel on youtube.
eyedeekay Yeah that was a weird move to include them at all, and the inclusion of kovri was a head-scratcher too
dr|z3d and he's here most of the time.
eyedeekay Like I'm pretty sure go-i2p does more than kovri now and go-i2p doesn't work
eyedeekay kovri's long-dead
dr|z3d the only reason a sentient being would include kovri would be to troll orignal.
Anomaly oh RTP is right to privacy, that makes sense.
dr|z3d you got anything waiting to be pushed to the i2p-i2p repo, eyedeekay? or are we not far off a new release?
eyedeekay I have a couple things I'm going to put up before we get too far, but they're more-or-less preparation for bigger and better things nobody will notice until I use them later
dr|z3d you tease!
eyedeekay I've got 2 things I had been working on that are getting closer
eyedeekay So I'm breaking down the prop166 MR into reusable smaller parts, that's the host-aware HTTP proxy thing
dr|z3d ah, right.
eyedeekay There's some smaller parts of that which are going to come under the heading "introspectable HTTP Requests" which is a small piece of that that's mostly just going to show up as changed logs for now but it makes it a lot easier to switch sockets to just grab your isolating key from the HTTP request that way
dr|z3d look forward to it.
eyedeekay There's a couple things I'm trying to manage the lifecycle of the sockets themselves too
eyedeekay Then there's stuff in the sybil attack tool, where I'm giving each penalty a fixed range, and as a side-effect, the total score will also have a fixed range
dr|z3d also look forward to that.
eyedeekay At first it will be so that a single source of penalties will not be able to trigger the sybil threshold, which should contain the threat-inflation type exploits that showed up when the RI's were being clones
orignal dr|z3d I'm asking something else
eyedeekay But eventually I want to try and make "constellations" of suspicious router characteristics and maybe react based on matching a pattern rather than a straight threshold
orignal why replacement tunnel is worse that original one?
dr|z3d sounds complex :)
dr|z3d different hops?
eyedeekay Oh that one will be, but the bottom layer of limiting the penalties and establishing ranges is pretty simple
orignal maybe your table depends on tunnelid
dr|z3d is it always a degradation, orignal, or do the tunnels sometimes improve when you request another?
orignal not alaays
orignal today a tunnel worked fine until it got expired
orignal replacemnt tunnel was built
orignal but speed became few times lower
dr|z3d well, we're not bandwidth throttling (yet) for tunnels based on b/w usage.
orignal as I said maybe lookup issue
orignal like not constant time
dr|z3d ok, sounds like a question for zzz.
orignal that's what my question
orignal actually the only difference between two tunnels in tunnelid
dr|z3d if you're on the latest build, T3s|4, unknowns might be less than you've been seeing.
dr|z3d they are here at least.
orignal btw, guys are doing whitei2p now
dr|z3d who's "guys" and what's special about whitei2p?
dr|z3d also, orignal, you got it compiled and running yet? :)
orignal plain C implemntation of i2p
orignal that I started many years ago and didn't finish
dr|z3d git repo?
dr|z3d how complete is it?
snex Is it only for white people?
not_bob_afk orignal: Did you see my private message?
orignal it partally worked but the problem it contains old stuff
orignal not_bob_afk yes I told R4SAS
orignal he will take care
not_bob_afk orignal: Thank you.
orignal snex no
dr|z3d white as in walter white, snex.
orignal i2pd is purple, that one is white
dr|z3d aka pure blue i2p.
orignal but since "white" is forbidden word here
orignal it's nice name
dr|z3d don't start, orignal :)
orignal snex started
orignal not me
dr|z3d *** chuckles ***
orignal so guys are trying to finish it
orignal since I don't have time
orignal well it has ntcp2
orignal but not ssu2 or ratchets
orignal also no new tunnel build messages
orignal the majority of the code was written in 2015
snex When will i2p be part of the kernel network stack
orignal then this code was ported to i2pd to 2.x.x
dr|z3d that's a good start.
orignal and it was actually abandoned for many years
dr|z3d russians, presumably?
orignal sometimes I returned ot it say for ntcp2
orignal ofc Russians ))
orignal maybe unkrainans \
orignal who knows
orignal no way to differentiate online
dr|z3d same costs as per i2pd, then?
orignal not sure
orignal same costs as per i2pd of 2015
dr|z3d if not the same as i2pd, then it can be differentiated.
orignal don't remeber if I changed
orignal I mean Russians and Ukrainins ))
dr|z3d ah, right :)
orignal speak the same language'
orignal the only difference is accent
orignal whitei2p routers will looks like i2pd ofc
dr|z3d sure, if the transport costs are the same.
dr|z3d and when ssu2 is supported.
orignal whitei2p was first, i2pd with openssl was after
orignal I started ssu2 there just didn't finish
Anomaly is anyone here
dr|z3d Blinded message
Anomaly like a ghost
dr|z3d any progress on your site, Anomaly? Any images yet?
Anomaly yes and no, as i program in html and css i keep finding ways of improving it, like i think i did a bad job with semantics, and im finding more efficient ways of doing css, that now im just practicing in a seperate folder
dr|z3d keep at it!
Anomaly and then once i get really good or get a product i like then ill start applying my changes
Anomaly thank you :)
Anomaly like i learned i can do my css outside a media query, and then do a media query where i say i want these colors for prefers color scheme and then nest a new media query under the prefers media query for certain screen sizes, like under this screensize do this and such
dr|z3d yeah, but you probably don't want to do that.
Anomaly howcome?
Anomaly @media only screen and (prefers-color-scheme: dark) {
dr|z3d keep your colorscheme media queries and viewport sizes separate. viewport queries are global, so you want them to apply whatever colorscheme.
dr|z3d (usually)
Anomaly body {
Anomaly background-color: var(--dark);
Anomaly color: var(--light);
Anomaly @media only screen and (max-width: 600px) {
Anomaly .nav-list {
Anomaly flex-direction: column;
Anomaly oh like i have it backwards?
Anomaly oh just dont nest it at all ?
dr|z3d you can lose 'only screen and'
dr|z3d keep widths and height separate from the color scheme.
dr|z3d they're global.
Anomaly right
Anomaly yea i can try to see if i can do something thats very organized and efficient while keeping them apart.
dr|z3d you may also want to define separate :root { ... } for dark.
Anomaly ok :)
Anomaly @media only screen and (prefers-color-scheme: light) {
Anomaly body {
Anomaly background-color: var(--light);
Anomaly color: var(--dark);
Anomaly @media only screen and (prefers-color-scheme: dark) {
Anomaly body {
Anomaly background-color: var(--dark);
Anomaly color: var(--light);
Anomaly @media only screen and (max-width: 600px) {
Anomaly .nav-list {
Anomaly flex-direction: column;
Anomaly sorry for pasting code, but thankfully this still works where nothing is nested.
Anomaly i know in irc people say not to paste code.
Anomaly yea i can do that too, where i seperate a :root for light and dark each.
Anomaly should i also seperate font sizes in a seperate :root?
dr|z3d you don't need light and dark, just dark.
dr|z3d if not dark, then it's light.
Anomaly well i set --light: white, and --dark: black.
dr|z3d you'll figure it out. you just want 2 :roots, one inside the prefers-dark override, the other will be defacto light theme.
Anomaly will do
dr|z3d and lose all the 'only screen and' qualifiers.
dr|z3d @media (prefers-color-scheme: light) { ... etc.
Anomaly oh maybe i messed that up when i was doing it for the screen sized.
dr|z3d just lose it for everything.
dr|z3d @media (max-width: 600px) {
dr|z3d just assume that your users won't be printing out your pages.
Anomaly oh yea ofcourse
Anomaly @media (prefers-color-scheme: dark) {
Anomaly body {
Anomaly background-color: var(--dark);
Anomaly color: var(--light);
dr|z3d ok, no more of that pasting please.
Anomaly @media (max-width: 600px) {
Anomaly .nav-list {
dr|z3d just do it.
Anomaly flex-direction: column;
Anomaly does this look better?
dr|z3d when you surface, zzz, netdblookup for tier + congestion caps no workee.
dr|z3d ?caps=E works, ?caps=X works, ?caps={XE|EX} fail.
zzz yeah it's looking for substrings so you have to search for XRE. search redesign still on my list.
orignal zzz was there a propsal about Tor?
orignal please point me to one because I can't find
dr|z3d roger that, zzz
dr|z3d there was a discussion, there was a blog post, there was never a formal proposal, orignal
orignal may I have a proposal number?
dr|z3d >>> there was a discussion, there was a blog post, there was ***never*** a formal proposal, orignal <<<
orignal so you didn't have a proposal for a change affecting many users
orignal right?
dr|z3d Sherlock Holmes in full effect.
orignal may I ask why there was not a proposal?
dr|z3d same reason there isn't a proposal for transit throttling.
orignal I would like to ask zzz
dr|z3d he'll be with you shortly :)
dr|z3d (he's on the other line)
orignal seems after one week nobody is going to fix anything
orignal I can wait
dr|z3d ** soothing mood music ***
orignal he silience will be clear answer
orignal and it will be time for me to start my "implementation details"
orignal if you guys don't want to cooperate
dr|z3d we're due a proposal or two from you, no?
orignal it's very clear
dr|z3d I'll let zzz answer that one.
orignal he promised to "check if we can do it the same way as i2pd"
orignal and it also seems I was not late to the party
dr|z3d (proposals not related to Tor blocking)
orignal it seem I was not invited
dr|z3d you kicked off the party.
orignal the one when "it was well discussed in May"
orignal with one expection
dr|z3d your inference that recent network attacks were originating from Tor-based routers provoked zzz into blocking Tor.
orignal no, my upcoming change will make blocking Tor useles
dr|z3d so what are you moaning about then?
orignal do you want me to repeat again?
orignal what's my problem
dr|z3d your problem is rabid users on your irc network. we got that message already.
orignal no the probem is I2P piniciples
orignal and if zzz will not fix it for the next release Tor based router will be able to connect to i2pd routers for the first hop
orignal is it what you guys want?
orignal instead findign comporomised
orignal you tell me fuck off
dr|z3d pretty sure that Tor-based routers can already connect to i2pd, no?
orignal they are i2pd ofc
orignal but first hop could be anything
dr|z3d no one's telling you to fuck off. or whipping you with a liquorice shoelace. those are paid-for services.
orignal no proposal. no discussion with me, no efforts to correct the mistake
orignal it means "fuck off"
dr|z3d what's your compromise?
dr|z3d we've discussed this previously. you gave zzz a bit of a hard time then.
orignal if a router is connected from Tor's IP they must publish this IP in RI
orignal yes, but it's week already
dr|z3d perhaps if you were slightly less aggressive this discussion could progress faster.
orignal and I'm waiting for aznwer
orignal and I don't see any progress in this
orignal it means time for my change
RN is there even agreement it was a "mistake" it was dune durring attack to mitigate ovserved problems and you were there durring the discussion, orignal
orignal mistake is to ban all Tor's IPs
orignal that was NEVER discussed
orignal neither a proposal
RN perhaps blocking all might warrant further disucssion and proposals
orignal I would never agree with such dumb decision
RN but allowing all routers coming out of Tor is also a mistake. you just give the attacker(s) an open window to abuse
orignal ok. if Java-I2P stands on such position, let me make my change
orignal yes I was for this
RN I'm just a user. I don't speak for the project in this'
orignal and you are pushing me to allow it
orignal aren't you a part of dev team?
orignal the choice is simple
RN I have not yet contributed any noteworthy code to the core project
orignal either zzz admits the mistake and make a correction for the next release
RN on paper, perhaps I am granted ability but havne't submitted anything yet
orignal or I make my change to let all Tor nodes connect to the network for the next release
RN does it have to be an "admission of mistake" that's a bit much. Maybe there's compromise to find here.
orignal the way to make a change even without a proposal and then blame me means "fuck off"
orignal he promised to take a look
RN you are being blamed by who? for what?
orignal after 1 week it would be nice to have an answer
orignal by zzz, by dr|z3d
orignal that I didn't p[articipate that disucssion
orignal like "you are too late"
RN maybe I missed some in scrollback, but I see struggles to communicate not blaming.
orignal but then someone asked me "hey orignal what was the proposal for that change"
orignal and really where what it?
orignal question questions and questions
orignal RN you can't imagine how people are angry about this change
orignal and ofc asking me why I didn't stannd against it in right time
RN Tor routers were observed attempting to do malicious things.
RN how is protecting the network from attacker(s) a mistake?
orignal the mistake to ban non-Tor routers
orignal that's what people are angry about
snex has it occurred to you that the angry users are the ones who were abusing the network and now theyre angry that they wont receive their NSA CIA FBI paychecks for disabling i2p?
orignal people care about whole I2P
orignal ideas and priciples
orignal forbid I2P over Tor is fine
orignal forbid I2P with Tor on the same IP is not fine
snex look if you are in a situation where 13% of the routers cause 50% of the problems, you just gotta ban them all
RN "with tor" you mean "with a Tor exit node" don't you?
orignal yes, Tor exit node
orignal but it doesn't matter
orignal an user wants to run I2P on the same IP as Tor
StormyCloud How many users would you say this is affecting orignal?
orignal doesn''t matter what's teir role
orignal StormyCloud zero
orignal "honest person has nothing to hide"?
orignal it's not about who is affefected now
orignal the question is about I2P priciples and how users might be affected in future
StormyCloud <meta charset="utf-8">
StormyCloud <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
StormyCloud <title>I2P Reseed Server Setup Guide - StormyCloud Inc</title>
StormyCloud <link rel="stylesheet" href="../assets/css/stormy.css" type="text/css">
StormyCloud <link rel="icon" href="../assets/images/favicon.png" type="image/png">
StormyCloud <link rel="canonical" href="https://stormy.zip/creating-and-running-reseed-server/" />
StormyCloud <meta name="description" content="Learn how to set up an I2P Reseed Server with our easy-to-follow guide from StormyCloud Inc. Protect Internet freedom and digital privacy." />
StormyCloud Moving too fast lol
StormyCloud Pasted something in wrong window
snex that used to be a pretty sure password
snex secure*
StormyCloud least it wasnt anything sensitive
dr|z3d sorry, orignal. you're categorically wrong. you started the ball rolling, mentioned your theory Tor-based routers were part of an attack, and when I suggested banning Tor nodes on the network, your response was "it's up to zzz".
orignal yes, I'm for abbing Tor router, but not Tor IPs
orignal because the discussion was about "idiot connectiing through Tor"
orignal and also it doesn't answer the question why there was no a proposal
orignal if there was a proposal you could read it and say immedietly what's wrong
orignal because I read proposal
orignal and don't read "blog posts, twitter, etc."
orignal proposal is an official statement and provides ground to discuss
orignal blog posts is most bullshit
dr|z3d you were present at the discussion.
dr|z3d there was no surprise blocking, it was ALL discussed beforehand.
orignal it was never mentioned you were going to ban all Tor IPs
orignal NEVER
orignal I read all logs
dr|z3d we don't ban all ips, we just ban exit ips.
orignal quote please
orignal doesn't matter
orignal you should NEVER do it
orignal and everybody agrees about it
orignal again either you fix it
orignal or all Tor routers will be back for the next release
orignal I don't want to participate in this shame
orignal and tell clearly to users that I'm against it
dr|z3d you need to cool your jets, orignal
dr|z3d whatever case you think you have, stating it aggressively just undermines whatever you're trying to communicate.
orignal zzz had whole week to think
orignal is it not enough?
orignal or "as usual"
dr|z3d your case wasn't that compelling then, and it's no more compelling now.
orignal no proposal is another factor
orignal that was found out today
orignal unless zzz provides the propsal#
orignal again why so severe change was made wihtout a proposal?
orignal or "it's different"
dr|z3d it's an implementation choice. it's not a proposal.
orignal does it mean I can do my "implemnation choice" now too?
dr|z3d I don't think you had any pushback from zzz when you suggested it last week. Nothing's changed.
dr|z3d but if you have a compromise, let's hear it.
orignal my router behind Tor works find with my "implemnation choice"
dr|z3d let's say I'm using Tor to route my traffic. Do I publish my own IP address in my RouterInfo?
orignal the queustion if brng to the main code
orignal do you run your I2P router on Tor's IP?
dr|z3d I'm asking what your compromise is.
orignal I2P router runnign on Tor IP must be allowed
orignal if that run ON Tor IP rather than hide themselved bahind Tor
orignal see the difference?
orignal you are not allowed to be in I2P through Tor tunnels
orignal and that sounds right
dr|z3d so you're differentiating between a router that's not routing over Tor, but has an Tor exit node on the same ip address, and a router that's routing all traffic through Tor?
orignal if router is on Tor's IP they must publish that IP and be reachable on that endpoint
dr|z3d so we're agreed, then, we don't want routers that route traffic over Tor on the network. period. ?
orignal we agreed about this from the beginning
dr|z3d ok, good. we're getting somewhere.
dr|z3d I don't think we had buy in from you.
orignal running I2P through Tor is stupidity
dr|z3d not for blocking Tor-routed I2P routers, or anything else. you seemed to think it was all fine.
dr|z3d great. can you write that in all caps so we're sure you mean business? :)
orignal you can use Tor and I2P at them same time bit not I2P over Tor
orignal and nobody is against it
orignal but banning all Tor exit nodes in I2P espcially through SU3 is not acceptable (acetone's concern)
dr|z3d well, we could approach this a couple of ways.
dr|z3d the easiest method is just to override the exit blocklist with a whitelist for eligible routers.
orignal because this list comes from third party source
orignal and can be used for potential sybil attacks, etc.
dr|z3d of course, any routers that happen to route I2P traffic over Tor will also get through.
dr|z3d the list is direct from Tor central.
orignal that probelm woih nodes that don't run I2P traffic over Tor
orignal can you trust them?
dr|z3d yeah, but we discussed this before, didn't we. it probably impacts less than 1/2 dozen actual i2p routers.
orignal of they "cooperate with authorities"?
dr|z3d can we trust Tor to publish a correct list of active exit nodes?
orignal or they publish someone 's IP "by mistake"?
orignal remeber it's acetone concern
dr|z3d it's automated based on the actual state of the network.
orignal not mine
orignal what is police ask them to tempropary add some IP to the list?
dr|z3d seems unlikely, what's the point of that?
orignal to shut down some suspisios router
orignal to see if eeepiste also goes down
orignal obviously
orignal but I bet you guess never trhought about this possibility
orignal basically you thought about nothing
dr|z3d you're currently not blocking Tor nodes, so there's no prospect eepsites going down.
orignal and keep repating as a parrots "it doesn't affect anybody"
orignal former prsioner acentone knows life better than all you
orignal if I don't propagate my that chnage they will work with difficulties
orignal but I doubt you through that way
dr|z3d if there was a proposal to block all Tor exit ips from the network, would you implement it and advise your users not to run Tor and I2P on the same ip?
orignal like "of well there are still i2pd nodes"
orignal not about last statement
orignal people should be able I2P router on any IP
dr|z3d you're not answering the question.
orignal if they ddos the netwrok that IP should be temoprary banned
orignal if it was the proposal
orignal I would say NO immedieately
dr|z3d so how many actual I2P routers do you know that are impacted by this, out of interest?
dr|z3d zero?
dr|z3d *** laughs. ***
orignal but it's now
orignal pigs just don't know about this your nice feature yet
orignal it matters of reputation and possible attacks
dr|z3d don't run an exit and i2p on the same ip. want to run tor and i2p on the same ip? don't be an exit. easy.
dr|z3d all this noise about, frankly, fuck all of consequence.
dr|z3d if you want added protections, refuse to start the router if it's on an exit ip.
orignal people don't like this approach
dr|z3d some people don't like salad. what to do?
orignal I support them too
orignal that's the problem
dr|z3d in our business, you're never going to make everyone happy all the time. it's the nature of software.
orignal yes, but I don't want uselss war
orignal I prefer to find a compromise
dr|z3d so Tor-routed routers don't publish an ip address.
dr|z3d A router that also happens to host a Tor exit on the same ip will publish its ip address to its RouterInfo.
dr|z3d so if we see a router that's publishing an ip address, we whitelist it. Is that the thrust of your proposal?
dr|z3d and if we find a compromise that's acceptable to you, are you going to implement a blocklist for all Tor-routed i2pd routers?
orignal yes, and nither SSU2
orignal no it's not
orignal because an advesary can publish exit node's IP connecting through Tor
orignal it must be second step
orignal such router is untrusted untill you connect to that publish IP
orignal in this case you mark it as trusted in your profile
orignal probably but not sure about the list
orignal I don't like your way
orignal however I have better way
orignal if RTT for connection too big ban it for some time
orignal that would be my approach
orignal regardless if it's Tor or VPN
dr|z3d not averse to that idea.
dr|z3d though it will impact a huge number of users, instead of the currently zero known users.
orignal I don't care about idiots using Tor and VPN for I2P
orignal and I'm tired from them
orignal from thier dumb question
orignal 3 hops Tor tunnel is few hundred milliceocnds RTT
orignal obvious
dr|z3d sure, I think we understand the basic principle.
dr|z3d we could just whitelist Tor exit ips if a) they're published to RouterInfo, and b) SSU is enabled.
dr|z3d if you want to validate that we can connect directly to the published ip, then that's also something to consider, if required.
dr|z3d if we're assessing routers based on RTT, then we don't ban them per se, we just don't transit traffic for them.
orignal not necessary SSU. the main thing if they are reachable
dr|z3d so basically Tor exit blocklist + whitelist for routers on Tor exit ips if they're reachable? is that your compromise?
orignal because rouyters connected through Tor can't be reachable
dr|z3d ok, good. I'm glad we got somewhere. now all zzz needs to do is read that compromise proposal without all the haranguing. :)
orignal btw SSU with instroducers is also fine
dr|z3d zzz: you can come out of your bunker now. orignal's desisting from sending drones.
dr|z3d yeah, that's what I was driving at, re SSU. if a router is currently routing over Tor, they won't have SSU.
dr|z3d that may well change though, Tor have been discussing implementing UDP for a long while now, and maybe they'll have an excuse to do it with arti.
orignal but not yet
dr|z3d sure, no immediate threat of UDP on Tor/arti.
T3s|4 dr|z3d: speaking of Tor, could my use of running Tor as a system-wide daemon explain why I see many more Unknowns than you? On 9+ now, up 6 hours, with 436 Unknowns. My FF http/https are pointed at 8118, Privoxy's listening port, which works well with Tor (and has for years)
snex if 13% of the routers cause 50% of the problems, something gotta be done
dr|z3d T3s|4: no.
dr|z3d T3s|4: you want to see what's happening at the resolve end, on /configlogging -> net.i2p.router.transport.CommSystemFacadeImpl=DEBUG