Bridges are easily enumerated, perhaps moreso since they are mainly used by people who need to hide the fact they are using tor. China used a technique where they sent a special tor connection packet to every computer to see if they would respond as a bridge would, they instantly enumated the entire bridge network. Obfsproxy3 is reported to protect against this, but its an arm race, and of course governments have thousands of people to throw at what essentially comes down to going to a few sites and emailing tor devs to collect all this info. Also Tor doesnt protect against a global adversary, not only can they detect entire traffic flows, they can see the entire network, so anyone connecting to a public relay, or anyone connecting to a bridge connecting to a public relay can be enumerated.
Perhaps you missed the part where it is an arms race that I2P isn't even engaging in, whereas Tor is engaging in it and having back and forth success with being able to prevent state level attackers from being able to identify bridge connections? Tor developers already have plans to prevent bridges from replying to arbitrary bridge requests, that attack is easy to defend from. I2P also doesn't protect from global adversaries anyone who says different is a fucking idiot.
On that note, are we talking about NSA, NSA helping DEA, DEA on its own, or local law enforcement? These are entirely different threat models. NSA pwns tor, no hiding from them. NSA might offer help to dea, this is anyones guess. DEA/locals can query isp's in a given area, which i believe is the attack we were talking about, at least its the one i was. In this instance it doesnt matter how many hoops you give them to jump through or if you want to create a double back blindfolded super secret tunnel, it all leads back to an ip, and if you have any idea what you are doing it wont be yours.
NSA had internal documents leaked by Snowden that show that they consider Tor to be the best low latency anonymity network by a large margin. They didn't even bother mentioning I2P.
As for freenet, which is a moot point as i have already mentioned, its darknet mode is much like tor's entry guard, except instead of 3 layers of encryption there is only 1. You have to really really trust your entry guard. otherwise if you are just running as an open node (relay) then you at least have the plausible deniability that the traffic you are sending is just relayed from another node. This once again is not going to protect you from a global adversary who can from a birds eye view see that your node, relay or no, is the one generating the traffic.
You have to trust your entry guards more than other nodes but freenet has plausible deniability, your entry guard can't tell if you requested a file or are merely routing it on for other nodes. Unless they do various attacks and wait for some period of time. Freenet isn't going to withstand a global external adversary that is also largely internal, but it still seems better than Tor and I2P, both of which are not going to resist a global external adversary even if the adversary isn't internal at all.
Sure using a VPN can help. Tor bridges are arguably better in that they attempt to conceal that you are trying to conceal that you are using any anonymizer at all.
fixed that for you.
No you didn't really fix it for me at all. Bridges attempt to conceal that you are using any anonymizer at all. Of course this also entails concealing that you are trying to conceal that you are using any anonymizer at all. You could get infinitely recursive if you want, but you are just babbling at that point.
All of the academic researchers think that Tor is a better model. The leaked NSA slides show that the NSA thinks no other low latency anonymity network can come close to Tor. The only people who advocate strongly for I2P are people who I perceive to not have much of a clue what they are talking about.
The absence of evidence isnt evidence of absence, but since you speak on behalf of all academic researchers ill let you take the stand.
[/quote]
I2P hasn't even had hardly any research done on it at all. The academic world has turned mostly a blind eye toward it. Only recently has it had any papers at all released on it, and they were papers demonstrating various attacks. Why not listen to what Jacob Appelbaum has to say about I2P?
This is true, its very small compared to tor, however tor was small at one point too and quite insecure. The "NSA can see the network and locate the servers" issue is a matter of site traffic vs network size. If the number of relays suddenly dropped from 3k to 1k and SR's traffic remained the same DPR could be located tomorrow. This is because a large amount of traffic flowing to any particular node would reveal this (this is why BMR initially was set to shut down after sheep imploded), obviously in this case its better to have more nodes doing more things than just going to one site, which tor is good at as it interfaces with the clearnet so it carries much more utility for people. For a darknet drug site on i2p, its best design is to start small like SR did and grow over time with the network. As it grows more sites will appear to carry the burden and take the heat off.
No it isn't a matter of site traffic vs network size. If Tor had 1,000,000,000 relays and the attacker just happened to own the entry guards of a hidden service they would still be able to deanonymize it. It is only probabilistically related to network size. Site traffic has even less of an effect in regards to many attacks, only a certain traffic volume intersection attack comes to mind. Also it is total bullshit that if the number of Tor relays dropped from 3k to 1k that DPR could be located tomorrow. First of all because Tor uses entry guards all of the traffic to hidden services is concentrated at the guard nodes regardless of how many other nodes are on the network, making it just as vulnerable to traffic volume intersection attacks with 3,000 nodes or 30,000 nodes. Second of all, you want to know the best way to deanonymize a new drug site on I2P? Have a few nodes to do total client enumeration. Keep track of the IP addresses of clients. Oh there is a new site? What are the chances that this new site is a new I2P nodes, no one that I enumerated two years ago? Ok, let's look at the most recent dozen I2P nodes since this site launched. Hm, I wonder if the site is one of these 12 new IP addresses! Let's send traffic to the hidden service and then DDoS each of these 12 nodes one at a time and look for correlations in how quickly the hidden site handles my traffic! Oh, there we go found the new hidden site. Seriously you are arguing that we compromise the security of not only the site operators and the vendors but also of everybody who uses the site. I2P is, for various reasons, not suited to running a drug market on!
So yes, SR on i2p, bad idea, a new marketplace on i2p, good idea. Which brings us to the next concern:
No, it is a really bad idea.
-if i2p got big because of one drug site then everyone on i2p would be considered a drug user-
Well lets look at freenet, what is a distributed data storage anonymity network used for? CP of course. Is everyone connected to freenet a pedo? I suppose a better question would be, if guilt by association were a real thing then why do we have anonymous networks at all?
Well, let's look at the difference between a drug user and a pedophile. Pedophiles look at CP on the internet. That is the extent of their threat model. If they are identified as likely pedophiles, but the police don't have enough evidence to get a search warrant, they are still good to go. Let's look at drug users. They use the internet only to order drugs in the mail. Drug vendors use the internet only to take orders from customers. If they are identified as likely drug users or vendors, the police can use this intelligence to target them in other ways that don't require warrants. They can have dogs sniff peoples mail. They can have the very very few people who use I2P in cities that vendors ship out of put under surveillance. They can randomly pull people over and say they were speeding. They still have a lot of options available to themselves. None of those options are effective against CP consumers. There is also the big difference that freenet users in darknet mode are not so easily enumerated as I2P users in the default mode. And once I2P users stop using the default mode, the few advantages I2P could have over Tor are thrown out the window. So stop conflating threat models and learn the difference between intelligence and evidence!
-i2p enumerates all connected nodes publicy and therefore vendors would be broadcasting their involvement-
This attack involves cops buying from vendors to find out what city they're in. Once they do that they contact the ISP's in that city and figure out, based on forum posts and pm's to the vendor, who was connected to the anonymous network at that particular time, this gives a small list to investigate. Some preventative measures are to use bridges and attempt to conceal ones connection to tor, however this is equivalent to using a VPN that only routes tor traffic, doesnt do much if all you traffic is going to that, in their eyes its still part of the tor network. A better solution is to use a generic VPN (most of them are) and run tor and perhaps a bunch of junk traffic like bittorrent over it, this places the entry point into tor into the VPN's servers located in some other country.
The first thing I would like to point out is that they don't even need to know who was connected at a certain time because I2P has so few users that any given city a vendor ships out of is not likely to have more than one or two I2P users, unless they are in a major city and still in these cases there will not be many users. Using a bridge is not at all similar to using a VPN. In your ISP's eyes if you traffic is obfuscated and going to a Tor bridge then they have no idea that you are using Tor unless they have enumerated all of the Tor bridges.
The safest approach is to never connect from an ip connected to you, so public/hacked/unsecured wifi spots are key, this way even if they do get through all your defenses they are left at nothing.
Just because we can use defense in depth doesn't mean we should use a less adequate network. Saying that it doesn't matter that I2P sucks because we can use random WiFi access points anyway pretty much sums up my thoughts on I2P for me.
-lets say i dont want my ip to be known connecting to i2p, then what-
simple, run i2p in whonix or tails, it gets routed over tor so that your entry into the i2p network is your exit node. all the anonyimity of the tor network with all the access to a new anonymous network that can scale, unlike tor, to any size.
And another compelling argument for I2P, mainly that we should use Tor to connect to it. Are we even running into serious scalability issues with Tor? Some rough spots on the old SR but it was up all the way to the very end when the feds seized it. You are trying to solve a problem that we haven't run into yet, and in doing so you are going to have us run into new problems that will be much more dangerous.