moneymonero7 wrote:Tor vs I2P Review
Tor and I2P are the main privacy routing networks that we have to hide IP addresses other than basic VPN connections. There are other projects too but they are either new or not that popular so they are less effective as anonymity scales by the number of users. I am going to give my honest opinion and compare the two:
I2P Features:
- Designed for hidden services which are faster and more efficent than Tor 1
- Distributed, P2P, decentralized and self organizing 2
- Packet switch instead of circuit switch, provides higher level of anonymity
- Unidirectional tunnels, doubling the security / node than Tor
- Tunnels are shorter lived than Tor
- All peers participate in the network
3
- Bandwidth requirement is low
- Built in Java
- Free and Open Source
- I am not sure whether the onionv3 system would be more superior than this. While Tor wasn't designed for hidden services and it's just a plugin, with the onionv3 system it's getting there.
- Although it's much more decentralized than Tor, their claims are misleading. They still have directory servers and I guess the development team has a lot of power over the project, it's not like a blockhain which is fully decentralized, so this is misleading. Though it's more decentralized than Tor in either case.
- This makes I2P use very risky, especially connecting to it directly, as if somebody is doing something illegal, it would put every node there in danger and suspects of that same crime. Police I guess is not well experienced with this ,and due to the low user count ,this makes it very dangerous to use. Though connecting to I2P from Tor or from a VPN is less risky.
- Java is a very flawed language with a history security bugs, and the way the website mocks C in favor of Java makes them look ridiculous. This is a massive red flag for me.
Tor Features:
- More users hence bigger haystack of anonymity
- More security audits and academic reviews on it
- Has solved the scaling issue
- Centralized
- Has more funding and workforce working on it
- Is censorship resistant, it doesn't assume clear access to internet like I2P 2
- Adaptive to DDOS attacks
- Higher degree of plausible deniability and smaller risk of usage
- Low usage of resources on clients but big usage on servers
- High bandwidth throughput reaching the throughput level of an average VPN service
- Free and Open Source
- Supposedly resistant to Sybil attacks 4
- This is a big problem, the development and the infrastructure is very centralized, which would increase the risk of it being shutted down or censored, as it has a few points of failure. I think about 9 directory nodes exist now, which means that blocking only those 9 IP addresses worldwide would cripple the network. The use of bridges and proxies can help, but this issue needs to be addressed.
- While I2P assumes that you can connect to the internet, Tor assumes that you are censored, which is better. Tor has a bridge feature which allows to bypass any censorship other than total blocking of the internet. It can connect even through a HTTP proxy and it molds the traffic to be hard to distinguish from normal browsing by packet inspection. Though I2P can be used through Tor, so it's not a big drawdown, Tor still needs to do this, so perhaps the two systems complement eachother.
- It's balanced towards higher user experience by outsourcing the work to servers, but this increases centralization which is not good.
- It is supposedly resistant against Sybil by it's mechanism is picking trusted nodes, but due to it's centralized nature, operators could be coerced or coopted to become informants, so I don't think this works as well as advertised.
Conclusion
While I think I2P has more potential in it, being more granularly designed and having a next generation architecture, I am very dissapointed in it's current state. I can't take any software seriously which is written in a bug-ridden language that promote's itself as a secure anonymous tool.
Now if I2P would transition over to C++ then that would be a good start, but even then it would have a long road to go.
Obviously Tor is better by far, it's not even comparable. Tor is much more tested and widely used, as it's much better written and has a lot of bugs already fixed and engineering issues addressed. Tor is not going to go away any time soon.
Though the two can be used in complementary mode, speficially Tor->I2P, not the other way around, I think this would increase the latency more than if you would just use Tor with more than 3 nodes.
But then again supposedly Tor can be deanonymized if the entry and exit nodes are correlated, and since exit nodes are not encrypted it defeats the whole purpose.
At this point there is no secure way to merge the two together, and I2P is not adequate for anonymity yet in my opinion, so using Tor alone or with Bridges is the way to go in the present in my opinion.
- https://www.reddit.com/r/privacy/commen ... 2p_review/
Post on r/privacy - Tor vs I2P Review
-
slumlord
Post on r/privacy - Tor vs I2P Review
-
slumlord
Re: Post on r/privacy - Tor vs I2P Review
I will provide my comments to this post below:
First, there are 0 references in this post.
There are few explanations for the points that moneymonero7 has listed for both Tor & I2P.
It would be better if moneymonero7 included some links to support their post and validate their opinions.
Second, I2P was not designed or implemented for the purpose of anonymizing and relaying traffic to regular internet services. I2P's main focus is hidden services. Relaying traffic is a service that does currently exist, but it is a volunteer-run service and not a part of the core network at all. So, to be comparing the two networks, Tor & I2P, and looking for a "winner" is strange to me - both networks have their intended uses for which they have been designed, there is some overlap but it is not complete. These are both open-source software projects, software monocultures can have awful outcomes - I encourage people who are interested in the fields of Anonymity, Privacy & Security to try the available software/networks for themselves and find the best fit for your requirements.
---
http://i2p-projekt.i2p/en/comparison/tor
This isn't what I would expect from a "review". I was expecting someone's personal experiences from having used both I2P and Tor, not something that seems like it was largely lifted from text written by others.
https://security.stackexchange.com/ques ... ore-secure
It seems like the source of such concerns lies with Java's usage as a plugin within web browsers and the sandbox that is used for this purpose. I2P is not run as a plugin to a web browser, it is a standalone program. I have used many Java-based programs in the past which had excellent record with regards to security - for example, Azureus (now known as BiglyBT). A search for 'azureus' shows 2 results:
https://cve.mitre.org/cgi-bin/cvekey.cg ... rd=azureus
Also, a search on FreeBSD's vulnerability disclosure system shows few issues related directly with the Java Runtime Environment itself -
https://www.vuxml.org/freebsd/
Which "scaling issue" is moneymonero7 referring to? A link/reference would be helpful here.
https://metrics.torproject.org/rs.html# ... :authority
Some research done by an independent individual here:
https://jordan-wright.com/blog/2014/12/ ... re-seized/
Tor project's blog post about the addition of a tenth directory server:
https://blog.torproject.org/introducing ... -authority
Tor project's blog post from 2014 about a possible attempt to disable the Tor network through seizure of the servers acting as directory authorities:
https://blog.torproject.org/possible-up ... or-network
In addition, Tor has bridges, as well as traffic obfuscation plug-ins which enable users to "disguise" Tor traffic.
On the topic of Tor's funding, a significant portion of funding is provided to them by the US government. Based on the threat-model one chooses to adopt, this may or may not be a point of concern.
---
I was not too impressed by moneymonero7's post, I think that there is quite a bit of misinformation and misunderstandings that could be cleared up.
I welcome moneymonero7 to join us here on i2pforum.i2p (or i2pforum.net) as well as on IRC2P on the #i2p channel for a further discussion on I2P, as well as Anonymity, Privacy & Security in general
First, there are 0 references in this post.
There are few explanations for the points that moneymonero7 has listed for both Tor & I2P.
It would be better if moneymonero7 included some links to support their post and validate their opinions.
Second, I2P was not designed or implemented for the purpose of anonymizing and relaying traffic to regular internet services. I2P's main focus is hidden services. Relaying traffic is a service that does currently exist, but it is a volunteer-run service and not a part of the core network at all. So, to be comparing the two networks, Tor & I2P, and looking for a "winner" is strange to me - both networks have their intended uses for which they have been designed, there is some overlap but it is not complete. These are both open-source software projects, software monocultures can have awful outcomes - I encourage people who are interested in the fields of Anonymity, Privacy & Security to try the available software/networks for themselves and find the best fit for your requirements.
---
These points seem to have been taken directly from our comparisons page:moneymonero7 wrote:
- Designed for hidden services which are faster and more efficent than Tor
- Packet switch instead of circuit switch, provides higher level of anonymity
- Unidirectional tunnels, doubling the security / node than Tor
- Tunnels are shorter lived than Tor
- All peers participate in the network
- Bandwidth requirement is low
- Built in Java
- Free and Open Source
http://i2p-projekt.i2p/en/comparison/tor
This isn't what I would expect from a "review". I was expecting someone's personal experiences from having used both I2P and Tor, not something that seems like it was largely lifted from text written by others.
Perhaps I2P's claims aren't misleading, but moneymonero7's understanding of the network which is flawed. I2P has volunteer-run reseed servers, which hand out a small number (< 100) of routerInfos (active I2P routers) to new I2P routers to aid with integration into the network. I2P has floodfills which are NOT selected by the development team, these are (usually) selected automatically by the software and can be enabled manually by a user. Blockchains are irrelevant, I do not see why moneymonero7 brought those up.moneymonero7 wrote:2) Although it's much more decentralized than Tor, their claims are misleading. They still have directory servers and I guess the development team has a lot of power over the project, it's not like a blockhain which is fully decentralized, so this is misleading. Though it's more decentralized than Tor in either case.
This point makes little to no sense to me. Laws and approaches to law enforcement vary across the world. There definitely will be a variance as to how knowledgeable a particular law enforcement organization is when it comes to technology such as Tor or I2P, but to broadly say that using I2P is "very risky" due to every peer participating in the network is barely meaningful. For all you know, I could be looking at cat pictures 24/7 on my I2P Cat Pictures Social Network. Furthermore, connecting to I2P over Tor is not an idea which moneymonero7 has fully thought through. How does moneymonero7 intend to receive incoming connections when running I2P over Tor? I2P was not designed to be used in this manner, doing so could have negative anonymity-related implications.moneymonero7 wrote:3) This makes I2P use very risky, especially connecting to it directly, as if somebody is doing something illegal, it would put every node there in danger and suspects of that same crime. Police I guess is not well experienced with this ,and due to the low user count ,this makes it very dangerous to use. Though connecting to I2P from Tor or from a VPN is less risky.
I have heard this said many, many times before and I am always perplexed by what sources users like moneymonero7 rely on for forming such conclusions. There are eight (8) red flag emojies on the eighth point. Why so many red flags, moneymonero7? A quick search online nets a few explanations, for example, this stackexchange question:moneymonero7 wrote:4) Java is a very flawed language with a history security bugs, and the way the website mocks C in favor of Java makes them look ridiculous. This is a massive red flag for me.
https://security.stackexchange.com/ques ... ore-secure
It seems like the source of such concerns lies with Java's usage as a plugin within web browsers and the sandbox that is used for this purpose. I2P is not run as a plugin to a web browser, it is a standalone program. I have used many Java-based programs in the past which had excellent record with regards to security - for example, Azureus (now known as BiglyBT). A search for 'azureus' shows 2 results:
https://cve.mitre.org/cgi-bin/cvekey.cg ... rd=azureus
Also, a search on FreeBSD's vulnerability disclosure system shows few issues related directly with the Java Runtime Environment itself -
https://www.vuxml.org/freebsd/
This is the first time I have heard of the phrase "Haystack of Anonymity". I don't know what it means but it sounds cool and I want it on a t-shirt.moneymonero7 wrote:
- More users hence bigger haystack of anonymity
- More security audits and academic reviews on it
- Has solved the scaling issue
- Centralized
- Has more funding and workforce working on it
- Is censorship resistant, it doesn't assume clear access to internet lik I2P
- Adaptive to DDOS attacks
- Higher degree of plausible deniability and smaller risk of usage
- Low usage of resources on clients but big usage on servers
- High bandwidth throughput reaching the throughput level of an average VPN service
- Free and Open Source
- Supposedly resistant to Sybil attacks
Which "scaling issue" is moneymonero7 referring to? A link/reference would be helpful here.
Tor's hard-coded directory authority (dirauth) servers are a known concern, and has been discussed extensively by the Tor development team. The hard-coded dirauths can be viewed here:moneymonero7 wrote:1) This is a big problem, the development and the infrastructure is very centralized, which would increase the risk of it being shutted down or censored, as it has a few points of failure. I think about 9 directory nodes exist now, which means that blocking only those 9 IP addresses worldwide would cripple the network. The use of bridges and proxies can help, but this issue needs to be addressed.
https://metrics.torproject.org/rs.html# ... :authority
Some research done by an independent individual here:
https://jordan-wright.com/blog/2014/12/ ... re-seized/
Tor project's blog post about the addition of a tenth directory server:
https://blog.torproject.org/introducing ... -authority
Tor project's blog post from 2014 about a possible attempt to disable the Tor network through seizure of the servers acting as directory authorities:
https://blog.torproject.org/possible-up ... or-network
In addition, Tor has bridges, as well as traffic obfuscation plug-ins which enable users to "disguise" Tor traffic.
On the topic of Tor's funding, a significant portion of funding is provided to them by the US government. Based on the threat-model one chooses to adopt, this may or may not be a point of concern.
Again, this seems a little confused. I2P neither assumes that one can connect or not connect to the internet (i.e. that I2P traffic is being blocked or disabled in some way). I am not aware of any instance of I2P traffic itself being identified as such with Deep Packet Inspection (DPI) technology. I2P reseeds are, however, known to be blocked (in some cases only partially) which will make it more difficult for a new router to join the network, but the software does have the option for a manual reseed through a file shared by a trusted party who has a running, integrated router. Tor does have bridge relays which allow traffic to be obfuscated prior to transmission.moneymonero7 wrote:2) While I2P assumes that you can connect to the internet, Tor assumes that you are censored, which is better. Tor has a bridge feature which allows to bypass any censorship other than total blocking of the internet. It can connect even through a HTTP proxy and it molds the traffic to be hard to distinguish from normal browsing by packet inspection. Though I2P can be used through Tor, so it's not a big drawdown, Tor still needs to do this, so perhaps the two systems complement eachother.
I again, do not quite understand what moneymonero7 means here. Is moneymonero7 referring to how there are client nodes and relay nodes on Tor? There are plenty of high-bandwidth I2P routers that are run by volunteers and researchers. If moneymonero7 is under the impression that I2P nodes are purely based on the systems of end-users who generally have lower available bandwidth, this would not be accurate.moneymonero7 wrote:3) It's balanced towards higher user experience by outsourcing the work to servers, but this increases centralization which is not good.
---
I was not too impressed by moneymonero7's post, I think that there is quite a bit of misinformation and misunderstandings that could be cleared up.
I welcome moneymonero7 to join us here on i2pforum.i2p (or i2pforum.net) as well as on IRC2P on the #i2p channel for a further discussion on I2P, as well as Anonymity, Privacy & Security in general
Re: Post on r/privacy - Tor vs I2P Review
As far as Java is discussed:
Java has proven to be a good choice for producing stable cross-platform software, besides i2p JDownloader is a good example. Trying a large cross-platform project using C or C++ often results in frequent crashes. See current versions of Tor Browser and qBitTorrent, or earlier versions of LibreOffice and AviDemux.
Nevertheless Java and especially OpenJDK is bug-ridden and widely untested and the devs often do not care (accepting 1 out of 6 well-documented bug reports that I put lots of effort in). ARM-related bugs are documented in i2p Trac. According to the 10.0.1 release notes a long standing ARM64 bug was found during the build (!!) process. The configure script also sets the number of make jobs on ARM to 1, no matter how many cores you have. How could this go unnoticed? Don´t they use 48-core ARM boards in development? Conclusion: They did not build before, so they did not really test. ==> must be called unsafe!
Java has proven to be a good choice for producing stable cross-platform software, besides i2p JDownloader is a good example. Trying a large cross-platform project using C or C++ often results in frequent crashes. See current versions of Tor Browser and qBitTorrent, or earlier versions of LibreOffice and AviDemux.
Nevertheless Java and especially OpenJDK is bug-ridden and widely untested and the devs often do not care (accepting 1 out of 6 well-documented bug reports that I put lots of effort in). ARM-related bugs are documented in i2p Trac. According to the 10.0.1 release notes a long standing ARM64 bug was found during the build (!!) process. The configure script also sets the number of make jobs on ARM to 1, no matter how many cores you have. How could this go unnoticed? Don´t they use 48-core ARM boards in development? Conclusion: They did not build before, so they did not really test. ==> must be called unsafe!
-
MANIAC
Re: Post on r/privacy - Tor vs I2P Review
Probably from a never-completed circumvention tool for Iranian users dubbed Haystack.
That is my understanding.