{"data":[{"author":"vghetto","author_flair_css_class":null,"author_flair_text":null,"body":"Does i2pd or whatever do this differently than the main i2p implementation?","controversiality":0,"created_utc":1476991949,"distinguished":null,"edited":false,"gilded":0,"id":"d90qn4f","link_id":"t3_579idi","parent_id":"t1_d90392b","retrieved_on":1478756974,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"The risk at this time may be pretty small. Correlating identities from metadata is much less of a risk when so few of the accessible sites seek out identifying information. Until something like a hypothetical facebook.i2p comes out demanding you use a real name on your account(therefore encouraging the use of i2p as a transport layer and for a client's locational obsurity, but breaking anonymity) exists, the risk is low. But in theory, the risk might even be higher than in a normal browser(With javascript/useragent based fingerprinting) since the destination is guaranteed to be unique.\n\nThat said, I think it should be possible to build something which uses SAM to retrieve site1 and site2 with connections built on the fly. I'm working on a prototype here if you want to help. https://github.com/cmotc/si-i2p-plugin. It's pretty close to working, I'll probably finish a usable version tonight or tomorrow.","controversiality":0,"created_utc":1476969767,"distinguished":null,"edited":false,"gilded":0,"id":"d908rwf","link_id":"t3_579idi","parent_id":"t1_d8zcjqu","retrieved_on":1478748347,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"l-n-s","author_flair_css_class":null,"author_flair_text":null,"body":"Sure, but it's not I2P fault as a protocol, but one of it's components in Java client implementation. It can be improved.\n\nMore accurate title would be \"Java I2P's default HTTP proxy tunnel configuration is linkable/fingerprintable\".","controversiality":0,"created_utc":1476955344,"distinguished":null,"edited":false,"gilded":0,"id":"d90392b","link_id":"t3_579idi","parent_id":"t1_d8zcjqu","retrieved_on":1478745682,"score":2,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"vghetto","author_flair_css_class":null,"author_flair_text":null,"body":"The title is accurate. I know you need to have an address to send to, especially if you're using separate outgoing and incoming tunnels. The problem that I am trying to point out is that there is no reason having the incoming tunnel address given to site1.i2p be the same address given to site2.i2p. This is an incredibly stupid design flaw that can easily be fixed by i2p. And just to think that people are getting fingerprinted or tracked by mouseclick speeds or screen size, this \"feature\" is negligent stupidity on the part of the i2p devs.\n\nI2p should burn through more addresses, here's a proposal. how about when you start the http proxy tunnel, i2p creates 5 or 6  incoming tunnels by default. and every outgoing address call you make gets assigned to one of those as it's incoming and it sticks to it. At the same time a new incoming address gets generated for any future outgoing connections to other destinations. The fix can be easy, it's just the devs don't see the risk yet.","controversiality":0,"created_utc":1476912396,"distinguished":null,"edited":false,"gilded":0,"id":"d8zcjqu","link_id":"t3_579idi","parent_id":"t1_d8z3tea","retrieved_on":1478732770,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"l-n-s","author_flair_css_class":null,"author_flair_text":null,"body":"The title is misleading. You did a nice research on default \"HTTP Proxy tunnel\", that's how I2P works. You need to have an address to send data to, it cannot be sent to nowhere. It is not I2P fault, but how networking works fundamentally.","controversiality":0,"created_utc":1476902466,"distinguished":null,"edited":false,"gilded":0,"id":"d8z3tea","link_id":"t3_579idi","parent_id":"t3_579idi","retrieved_on":1478728533,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"Yeah I was thinking about something like that, but actually carrying it out might be a bit beyond my meager knowledge of the codebase so far. I just started developing with SAM a few weeks ago. But I think it might be possible, and I'll look for a place to start. If I'm being forward-thinking, I can see how rotation would become inadequate depending on how a person browses. Long browsing sessions, or windows left open to i2p control panel(both opsec fails in their own right) could prevent rotation from taking place. And I could see how a configurable hard interval is only a partial fix. But as long as the dest ID's are unique, once they're renewed and overwritten, I think you're good. I like the idea of per-site semi-longterm tunnels on the fly for stream isolation too. Something to think about there.","controversiality":0,"created_utc":1476369784,"distinguished":null,"edited":1476370651,"gilded":0,"id":"d8qaerl","link_id":"t3_579idi","parent_id":"t1_d8qa4rd","retrieved_on":1478572943,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"vghetto","author_flair_css_class":null,"author_flair_text":null,"body":"Thanks for your reply. the question was directed at fagmaster, he made it sound as if the users had a choice and it was easy to go around it.\nI'm not trying to be cynical, but as I see it, this \"feature\" is an opsec disaster.\n\nimo rotation is not enough, and i don't claim that it is enough to protect the user. remember, all what is needed is one match and you can be done for. what is needed is isolation. I know that it is challenging, because now the reply path from the server to the client might fail more often because this new reply path isn't well integrated yet.\n\nA more extreme form is creating client http tunnels on the fly for each visited website and leaving them up for the lifetime of the i2p instance, so it might be slow the first time, but then it's normal. And on top of those tunnel, you would have a master http proxy on port 4444 or whatever, that redirects to the correct tunnel/port for you. You might have already alluded to such a thing.","controversiality":0,"created_utc":1476369417,"distinguished":null,"edited":false,"gilded":0,"id":"d8qa4rd","link_id":"t3_579idi","parent_id":"t1_d8q7yf7","retrieved_on":1478572810,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"I am going to file an issue and see why it isn't turned on by default on the http tunnel. Also, 30 min idle by default seems a little high.","controversiality":0,"created_utc":1476368852,"distinguished":null,"edited":false,"gilded":0,"id":"d8q9phe","link_id":"t3_579idi","parent_id":"t1_d8q6wm0","retrieved_on":1478572605,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"There is \"Close Tunnels when Idle\" which includes \"New keys on Reopen\" which is probably pretty close to what one would want if I'm thinking about it correctly. \n\n  1. To configure it, go to the web interface\n  2. Open the hidden service manager link on the left side\n  3. Scroll down to client tunnels and click to configure the http proxy\n  4. Enable the close tunnels when idle checkbox and set auto-renwal of keys to yes\n  5. Customize your idle interval\n  6. Save the options.\n\nBecause getting a new destination requires restarting the tunnels, taking it down when you're idle is probably the best idea and otherwise, it's probably best to do it deliberately. That said, it might still be valuable to have a programmable, hard interval or a way to conveniently trigger it with the closing of a browser window. I mean you could technically do it with something like\n\n#! /usr/bin/env sh\nfirefox -P i2profile && $hypothetical_tunnel_restart_command_line\n\nIf I knew of a command line option to do that.","controversiality":0,"created_utc":1476367290,"distinguished":null,"edited":1476369151,"gilded":0,"id":"d8q8la3","link_id":"t3_579idi","parent_id":"t1_d8q6wm0","retrieved_on":1478572066,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"**EDIT**I got home and re-read the options. The existing options are probably suitable, or at least could be configured to be suitable for most people. See my second reply. No unfortunately, I don't know a way to do the destination rotation(as such, as in, in so many words) in i2p as it stands, except by restarting the tunnel(With the web interface under hidden service manager, or the other thing related to the edit), but I'm going to see if I can put a patch together in the next few days and if I can, I'll submit it upstream(That'd be a cool way to introduce myself, lol, but I've always wanted to do something for them... but now it just seems superfluous). It's a simple enough idea, at least, to offer periodic renewal of the destination, a configurable option, and configure it by default for the http tunnel(Maybe it's simple enough I could do it anyway...). That at least addresses part of the problem. For now, and I don't want to give you bad advice here, but you could go heavy handed and restart it with a root cron job, something like 10 * * * * service i2p restart(I'm on a tablet) but that's pretty obtrusive and makes your i2p connection very distinctive. I'm not sure if it's possible to restart individual tunnels from the terminal in java i2p. Something like that might be doable in i2pd right now. Making it generate a new one for every web site is harder for me to get my head around, but I've got a few ideas about how to do it. All kind of unorthodox though.\n\nIf anyone else knows of an already existing way to periodically renew the destination(Answered my own question after work, see below) of the http tunnel, I would also like to know. It seems like a worthwhile idea to me so far(Less so now, but I'm glad it's available and might come down to configuration).","controversiality":0,"created_utc":1476366359,"distinguished":null,"edited":1476369235,"gilded":0,"id":"d8q7yf7","link_id":"t3_579idi","parent_id":"t1_d8q6wm0","retrieved_on":1478571761,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"vghetto","author_flair_css_class":null,"author_flair_text":null,"body":"Can you tell me the steps to rotate or to persist the destination? Just to be clear we are only talking about the I2P HTTP Proxy and not the I2P webserver.\n\nCan I make it so each website I visit has it's own X-I2P-Dest?\n\nThe only option I see is \"New Keys on Reopen\".","controversiality":0,"created_utc":1476364688,"distinguished":null,"edited":false,"gilded":0,"id":"d8q6wm0","link_id":"t3_579idi","parent_id":"t1_d8q3p3m","retrieved_on":1478571240,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"Exactly, to let you do things like whitelist people using SSH, but what he mentions might point to saner ways to configure specific tunnels, I think. But it's not a mind-blower or even really an unknown quantity. Maybe an under-appreciated one.","controversiality":0,"created_utc":1476360661,"distinguished":null,"edited":false,"gilded":0,"id":"d8q4sl0","link_id":"t3_579idi","parent_id":"t1_d8q3p3m","retrieved_on":1478570221,"score":2,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"Sorry if I sounded like I was minimizing. You know, I have to concur about the stream isolation thing. It would be nice, and I'm not sure how to achieve it in a user-friendly way on i2p. And being able to schedule the generation of a new destination/tunnel restart would also be good. I'm not trying to minimize the improvements that could be made, especially that restarting one, because it's probably easy. I can't think of a convincing reason off the top of my head why that wouldn't be how the http tunnel is configured by default. It could be a simple timer or you could signal i2p from a browser plugin or a script. But it *is* possible to generate new destinations(unless you've told it not to, which it turns out you can on a per-tunnel basis), and I don't think there is any reason to believe that the destination sent in a header would be linkable to any previous destination sent in a header(like, from before a restart). Please tell me if I am wrong about that, I genuinely don't know for sure. That would, imo, make this much more scary. But otherwise, they can only link your browsing from the time you last started the router, and they still have to fingerprint you visiting the illegal service while you have the same destination address. I browse from a different device than I host services, so restarting isn't a big issue for me, actually, it's kind of emergent. Do it 3 or 4 times a day while travelling. I can see how it could be a problem. I definitely wish destination lifetimes it were more configurable. And I really, really wish the implication you mention were more prominently mentioned to end-users. Truth is, I'm just glad that I don't have to destroy a bunch of keys/give up my jump URL. Previous comment was largely a breath of relief(and remains so, but I'm basically in-line with my jursidiction for the time being). You are right for others it might not be.","controversiality":0,"created_utc":1476360062,"distinguished":null,"edited":false,"gilded":0,"id":"d8q4j10","link_id":"t3_579idi","parent_id":"t1_d8q3gwe","retrieved_on":1478570093,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"fagmaster9001","author_flair_css_class":null,"author_flair_text":null,"body":"Users can choose to rotate their destination or to persist it for authentication purposes. \n\nThis is a feature not a bug/vulnerability/exploit.","controversiality":0,"created_utc":1476357994,"distinguished":null,"edited":false,"gilded":0,"id":"d8q3p3m","link_id":"t3_579idi","parent_id":"t1_d8q3gwe","retrieved_on":1478569693,"score":3,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"vghetto","author_flair_css_class":null,"author_flair_text":null,"body":"That is your opinion, and you are entitled to it.\n\nLet's say facebook runs facebook.i2p. And through prism, the feds get all the Dest values and which account they are associated with.\n\nNo big deal so far. Now let's say a bust happens and illegal.i2p gets seized. The admin of illegal.i2p also keeps records of all the Dest values of their visitors. Because it is the same value for each request, the feds can just do a simple lookup. is it still not a big deal now?\n\nI'm not doing a comparison with tor here, so please don't steer the discussion away from the facts. But even so, tor has stream isolation and those circuits expire after 10 min. This is not the same thing.","controversiality":0,"created_utc":1476357378,"distinguished":null,"edited":false,"gilded":0,"id":"d8q3gwe","link_id":"t3_579idi","parent_id":"t1_d8q311q","retrieved_on":1478569583,"score":2,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"},{"author":"alreadyburnt","author_flair_css_class":null,"author_flair_text":null,"body":"Looked at it. It's genuinely not a big deal. No different than anything browserspy or BEeF could do if someone set up exactly the same colluding nodes and fingerprinted browsers. Maybe cycling the destinations could be done more frequently, or the use of some kind of control-filter thing or a browser plugin to restart the tunnel and get a new identity(Which is what Tor Browser does about pretty much the same problem, what do you think the \"Get new identity\" menu item is for)?At best it's overblown.","controversiality":0,"created_utc":1476356069,"distinguished":null,"edited":false,"gilded":0,"id":"d8q311q","link_id":"t3_579idi","parent_id":"t3_579idi","retrieved_on":1478569371,"score":1,"stickied":false,"subreddit":"i2p","subreddit_id":"t5_2s99t"}],"metadata":{},"error":null}