I2P Integration

No problem, its in the testing repo for a reason :wink:

Could you add a flag for privoxy to change the port 4444 to 8118?
It would also be great if we could change the default search engine to legworks.i2p since duckduckgo isn’t useful in this setup, i did a quick search but couldn’t find the setting.

I was also wondering about the open-link-confirmation, why do we need that ?

Thanks for your work

Thanks for notifying me , though no worries im just pseudonymous not anonymous.

yeah the issue i have started all top to bottom from fresh VMs. maybe privoxy needs to be implemented again with i2pbrowser?

why we dont have Whonix-I2P repo to do things separately from Whonix-Tor and only for Whonix-I2P?

and/or rebuild the i2pbrowser to be downloaded separately (like downloading it from link)+signature?

thats will give also wider space of usage from I2P users as well.

LibreJS sounds fun to me and more easier to use for I2P eepsites.

2 Likes

Moderation log:
1 post by @nurmagoz deleted on request by @nurmagoz.

1 Like

@goldstein-otg

i couldnt find a way to fix the connection from WS-I2P to GW-I2P, but i have discovered one error:

this editing command:

/etc/whonix_firewall.d/50_user.conf

after restarting the GW-I2P-AppVM it will be gone and reback to empty again.

i really suggest and recommend to manage to have all the instructions in the templates and not some here and there. as it will be easier to implement the steps and faster.

1 Like

@goldstein-otg

I was also wondering about the open-link-confirmation, why do we need that ?

It’s less ‘us’ and more ‘alternate tor browser profiles for non-tor networks.’ All my change does is make it possible for /usr/bin/*browser to set $tb_title, which will be used as an alternate title/WM_CLASS for the browser that is launches and be the label shown interactively.

It would also be great if we could change the default search engine to legworks.i2p since duckduckgo isn’t useful in this setup, i did a quick search but couldn’t find the setting.

Happily. I’m pretty sure I remember where it is.

Could you add a flag for privoxy to change the port 4444 to 8118?

yes, I can and will, but in case you aren’t aware one of @nurmagoz’s questions may be related

why we dont have Whonix-I2P repo to do things separately from Whonix-Tor and only for Whonix-I2P?

I’m not sure what you mean by this in the context of the browser, but yes, I believe this is how it should be done. I suspect that, especially for the purposes of browsing a web-like interface in a browser, that mixing Tor and i2p may have some complications. If a Tor .onion service requests a resource from an i2p eepSite that is also under it’s control, even identifying that one is part of the set of Tor users capable of getting resources from .b32.i2p addresses would reduce the size of the anonymity set considerably. I haven’t tested this yet because I’m still teaching myself bine, but I think it would work. Risk would obviously be much greater with Javascript on. It could keep track of i2p proxy tunnel’s base32 value over time. IMO it’s better to just drop clearnet/onion anything in an i2p Browser.

and/or rebuild the i2pbrowser to be downloaded separately (like downloading it from link)+signature?

Honestly I just don’t have the time or the resources/infrastructure to get a built-from-scratch TB variant for i2p going. Toward the end of December I’ll probably be starting a new job that will let me quit my night job(like many Americans, I have a deeply unhealthy relationship with my employment) and I plan to revisit the idea then when I have more time and money…

thats will give also wider space of usage from I2P users as well.

…particularly for the benefit of platforms that aren’t a Linux. No argument here.

LibreJS sounds fun to me and more easier to use for I2P eepsites.

I like the idea of LibreJS in theory, and I think with the eepWeb being much smaller and less JavaScript-oriented that may not be a bad idea here, if it’s just for the i2p browser. LibreJS when added to Tor Browser, or a browser intended to route clearnet requests to Tor would alter the behavior in ways I believe would be fairly easy for someone who is looking to observe. I definitely don’t think LibreJS is a replacement for NoScript either, I’d rather see something like uMatrix(It could also help alot with the ‘clearnet site visited via Tor wants a resource from i2p and now knows you’re using both in the same browser’ thing) for that, but has a somewhat inaccessible user-interface. I think LibreJS+uMatrix would be acceptable on an i2p-only browser.

2 Likes

I spoke too soon saying I could do it directly, there isn’t a good way. The file that stores the search engine information appears to be search.json.mozlz4. The alternative would be to add a search keyword into the bookmarks file. So if you want to do a yacy search with legwork, you would be able to to type ‘lw whonix’ into the address bar and search for whonix articles. I’ll add it to the profile.

1 Like

I’m not sure what you mean.

I’ll fix that

Yes, this was only a workaround, i’ll change this.
This Guide is going to get obsolete when i finish the install script.

@eyedeekay

Great, not sure which question ?

Yes absolutely, i never intendet to have both in the i2p browser.

I think we should keep the addons tbb is using, no need to add anything if we can use whats already there.

Maybe adding it to the bookmarkbar would be better/ more visible to the user, we could add some more useful sites like i2pwiki, i2pforum and so on, to have a starting point for new users.
What do you think about this ?

3 Likes

@nurmagoz:

why we dont have Whonix-I2P repo to do things separately from Whonix-Tor and only for Whonix-I2P?

We might be able to avoid the duplicate repository and with zero
sacrifice to functionality.

tb-starter / tb-updater with i2p parameter should already work on Debian
(and perhaps other Debian based distributions) as per:

and/or rebuild the i2pbrowser to be downloaded separately (like downloading it from link)+signature?

A lot work.

thats will give also wider space of usage from I2P users as well.

For sure.

2 Likes

What Repo are we talking about ? I’m confused.

yes thats true, but why i suggested this because i2pbrowser-installed by default once you allow whonix-tester-repo so i was worried that later we might face cross-work of whonix-i2p testing + whonix-tor testing leading to unconfortability of the user.

Goldstein:

What Repo are we talking about ? I’m confused.

deb.whonix.org

vs

(hopefully avoidable) i2pdeb.whonix.org / deb.someproject.org

i see no point in a second repo for i2p, the current “confusion” can be easily avoided by hiding i2pbrowser until update-i2pbrowser was run or something similar. @eyedeekay

no this shouldn’t be a problem

I think you misunderstood my question, why is there an open-link-confirmation every time i2pbrowser is run and is it necessary ?

Goldstein:

I think you misunderstood my question, why is there an open-link-confirmation every time i2pbrowser is run and is it necessary ?

  • Because it’s using the same code paths just with different variables.
  • Minimum code duplication.
  • open-link-confirmation is Whonix’s default “browser”. Variables by i2p
    might be already set when open-link-confirmation is called. (Such as
    when i2pbrowser downloads a file and the default open tool is default
    browser.)
  • open-link-confirmation link vs file logic equally applies.

It shouldn’t be intrusive though?

1 Like

@goldstein-otg I can do both. I’ll start putting more bookmarks together, you can tag me with suggestions here or I can open an issue for it on my fork. Besides legwork.i2p, I feel like other good ones would be zzz.i2p, i2pforum.i2p, hiddenanswers.i2p. I’d like more suggestions. As for LibreJS+uMatrix vs NoScript, I was only giving my opinion on a hypothetical. Going with NoScript is what I will do for as long as it’s what TBB uses.

@Patrick I also misunderstood something, I only meant the source repositories of some packages that might come about as a result of what we’re doing here, not a separate Whonix apt repository. I agree, that would almost certainly be unnecessary, but I think we’ll want to package or otherwise automate the configuration described at the Whonix-i2P github repository, and that some of those might need to be separate .debs. Also, tb-starter and tb-updater work perfectly in plain Debian for me on my laptop(I test in Qubes on a more powerful machine), as do my i2p related changes.

@nurmagoz @Patrick Is there a way to use Debian’s packaging system to redirect the i2pbrowser script when i2p isn’t installed, that will be altered if the user chooses to install i2p? Seems like a thing they would have, I’ll do some reading and try to find it. FWIW, it wouldn’t be easy to trigger update-i2pbrowser/update-torbrowser --i2p acccidentally by running the torbrowser script, one would have to set a number of environment variables first.

3 Likes

Dunno what you mean by redirect.

A clean way to check if a package is installed for example is dpkg-query --show pkg-name (throw output, check exit code).

if dpkg-query --show "pkg-name" >/dev/null 2>&1 ; then
   echo "installed"
else
   echo "not installed"
fi

Do you mean like “apt-get install i2p” if i2pbrowser is being run?

Or do you mean package dependencies? We could have a “virtual” package (virtual as per Debian packaging definition) which depends on tb-updater as well as i2p. Then apt-get install i2p-browser could depend on tb-updater, tb-starter, and i2p packages. Could be easily added here tb-updater/debian/control at master · Kicksecure/tb-updater · GitHub.

1 Like

@goldstein-otg

It looks like the improved NTCP2 protocol is now available. Can you please adjust the router config to include it also?

1 Like

Enabled by default in 0.9.37

0.9.37 enables the faster, more secure transport protocol called NTCP2.

As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.

RELEASE DETAILS

Changes

Enable NTCP2 by default

https://geti2p.net/en/blog/post/2018/10/04/0.9.37-Release

2 Likes