🔙 🕋 👪 Internet censorship. When basic measures are not enough

In the last article, I told you what tricks you can do with just one browser. We will need this knowledge further

Hot August 2020 showed that basic measures are too small and ineffective. Need something more

When choosing a solution, I set myself several goals:

The solution must be open
The solution should be free - this is the only way it can become massive
The solution must be decentralized - there must be no single point of failure
Homeless VPN. I wanted to be able to connect to any host for free
Homeless hosting. Corollary of the previous point. The ability to roll out a test resource for free

The VPN fell off immediately: even the working VPN died. VPN requires a centralized external server - a single point of failure. Finally, VPN is paid - I would not call myself a rogue, but this is definitely not a massive option

I have not considered TOR yet. This is a perfectly viable solution, but I lack the expertise. In the commentary, I call an explanatory team about the strengths and weaknesses of the actual operation of TOR. Comparison of I2P and TOR networks

I started to master I2P. The idea struck me as pretty. It is especially interesting that the network will not only withstand a sharp increase in the number of users - it will only work more reliably from this (but this is not certain). Lurca has a very inspiring description of the possibilities , and the wiki descends from heaven to Earth and makes it clear that I2P is not a silver bullet, and deanonymization attacks are reality. Difficult and expensive, but real. For comparison, without I2P, it's like introducing yourself using your passport and getting ready for a search

Opportunities, Limitations and Sores

Just like the TOR network, the I2P network has output nodes. This means that through the I2P network you can crawl to the regular Internet. However, it should be understood that the speed of work leaves much to be desired - streaming video via I2P is not an idea.

, I2P TOR.

I2P - . . I2P . I2P , . - — , , , , ( ).

— -VPN -. — . 2 . .

, — ,

(, dest hash). , — Android, wifi, «Laptop Mode»

, , i2p ! ?

. , . I2P . TCP UDP, 99% , . ,

—

, . I2P — , ,

, , , - — . — ! I2P — !

. , , . I2P — . ( ).

.

, , -. , , . —

I2P — «Shutdown» / «». I2P 10 — i2p

The buttons "Restart" / "Restart" and "Shutdown" / "Shutdown" are in the screenshot in the lower right corner — «Restart» / «» «Shutdown» / «»

desktop

— (inproxy) ( — ). ,

—

« Debian/Ubuntu»

http://localhost:7657/ — web- . (Pin Tab). —

.

, , , . , , . , linkedin. ,

. , i2p - jquery CDN. js-, , ?

We assume that we are not doing anything wrong, and we are not interested in the bait site of Comrade Major Vasily Musorov with some tin, which downloads resources directly bypassing I2P or TOR using absolute links, giving out your real IP address. Look for the original image somewhere here: http://vasya-lozhkin.ru/pictures/. I didn't find = ( — , , - - , I2P TOR , IP-. - : http://vasya-lozhkin.ru/pictures/. =(

SmartProxy. 2 — I2P proxy-

Add the input I2P gateway to the list of proxy servers — I2P proxy-

We create proxying rules for i2p sites — i2p-

Creating proxying rules for onion sites — onion-

.

. , .

, I2P. firefox. Linux:

FIREFOX_PROFILE="firefox-i2p"
FIREFOX_HOME="${HOME}/${FIREFOX_PROFILE}"
mkdir -p "$FIREFOX_HOME"
env HOME="$FIREFOX_HOME" firefox

: firefox , , , . , —

Windows MacOS. , , , Windows. MacOS ,

Open the settings and find "Network Settings" — «Network Settings» / « »

And we indicate the input gateway I2P — I2P

Android

«Android»

.

Find FoxyProxy in the add-ons manager and install — FoxyProxy

Specify the gateway address, scroll down and click "Save" — , «»

And add templates for the entire i2p and onion domain — i2p onion

In the FoxyProxy settings, make sure that it is enabled — FoxyProxy ,

DNS-over-HTTPS

, : i2p onion . Cloudflare

I2P + uBlock Origin

, i2p onion, i2p onion

Open the uBlock Origin settings — uBlock Origin

Add exceptions for i2p and onion domains to uBlock Origin — uBlock Origin i2p onion

, , — (3rd party). i2p onion

http://stats.i2p/cgi-bin/newhosts.txt
http://identiguy.i2p/hosts.txt
http://isitup.i2p/alive-hosts.txt
http://inr.i2p/export/alive-hosts.txt

java

I2P java. 128M. . NetDB — I2P. , , , , — . ,

Ubuntu/Debian:

sudo dpkg-reconfigure i2p

Windows —

1024, ,

. , . , . I2P. just for fun

« java?»

which java | xargs file --mime-type
/usr/bin/java: inode/symlink

which java | xargs readlink | xargs file --mime-type
/etc/alternatives/java: inode/symlink

which java | xargs readlink | xargs readlink | xargs file --mime-type
/usr/lib/jvm/java-11-openjdk-amd64/bin/java: application/x-pie-executable

, . — xargs readlink

— file

application/x-pie-executable

. java — 2 file --mime-type

, , ^W

, setcap 'cap_net_bind_service=+ep'

:

which java | xargs readlink | xargs readlink | xargs setcap 'cap_net_bind_service=+ep'

, setcap 'cap_net_raw=+ep'

:

which java | xargs readlink | xargs readlink | xargs setcap 'cap_net_raw=+ep'

docker nginx

?

wiki identiguy isitup

Suddenly the web version of telegram. True, I have no idea if the telegram administration knows about this mirror. However, you can reach the original through the output node. — web- telegram. , , telegram. ,

MTProto . i2p-.

Found flibustu and ebooks.i2p - the latter looks at all expensive-rich

Instead of a conclusion

It should be understood that I2P is not an independent resource, but primarily a feeder - a data transmission medium. Therefore, the field of applicability of the technology is quite wide and rather rests on the imagination

I didn't say a word about i2pd . The project is noteworthy: it is more productive with less resource consumption. So far I have no expertise

Internet censorship. When basic measures are not enough - I2P