different access methods for the same network on the same wiki page good?

Two examples:

  • inproxies in the workstation vs
  • client inside the workstation vs
  • (some day) i2p on the gateway

  • inproxies in the workstation vs
  • client inside the workstation vs
  • running the client on an anonymous server

Is it useful to have all methods on the same page or should these be split on multiple pages?

Having everything in the same place makes more sense to me but I think we should indicate the preferred method - maybe in the section title?

2 Likes

Which is the preferred method? In case of I2P it’s various sorts of usability vs various sorts of security.

  • inproxies: no extra code involved (same attack surface) but the inproxy could deliver incomplete, false or even malicious content [we have to assume malicious content anyhow - the I2P site could be malicious]; more usable when just web browsing since very quickly to set up
  • client inside the workstation: same connection security as I2P (better than inproxies) but more code (I2P client) in use, higher attack surface; more features, not just web browsing

Which is the preferred method? In case of I2P it’s various sorts of usability vs various sorts of security.

WS Client.

Ignoring the attack surface argument since:

  • The attack surface of I2P is decidedly much smaller than TBB being exposed to a payload by a malicious inproxy or anything else in between (they are all http only)

  • The benefit of running anything that has known security holes will never set off its harm. I2P is written in a memory safe language and I am not aware of it having any security problems so far.

Another problem with inproxies besides mitming an otherwise secure connection, is a degraded browsng experience since many eepsites simply block access if its not E2E encrypted.

Unless one would use I2P client for web browsing. :slight_smile:

But it’s not getting any less trustworthy to begin with - unless the user has a reason to trust the host of the i2p site.

I didn’t know that’s possible since from the perspective of the eepsites such a an inproxy is E2E encrypted. The only difference with inproxy is that it forwards whatever it fetched to someone else, the inproxy user.


I have no strong opinion about which should be the preferred method. For me it’s like picking from two flavors I both like. Please go for it.

1 Like

Yeah its a constant problem I kept seeing when using them.

I have no strong opinion about which should be the preferred method. For
me it’s like picking from two flavors I both like. Please go for it.

Will do thanks.