Installation and Fix of i2p inside Whonix-Workstation by Default

127.0.0.1:7657 is of little use , /home shows the Bookmark links and the hompage of the console from i2p.
There is also a bug, the First run Wizard is shown when opening 127.0.0.1:7657 for the first time (could be due to the Outdated version as i’m unable to reproduce that in a normal Debian VM or in I2Pbrowser(from I2P)

Is there any way/config to change the color of the Menubar or Urlbar so people know that they use I2Pbrowser and not TBB, similar to what eyedeekay is doing with GitHub - eyedeekay/I2P-in-Private-Browsing-Mode-Firefox: I2P in Private Browsing mode for Firefox, built using Webextensions and Contextual Identities but without the need of a addon?

Also can we replace that custom Homepage to a fork of Whonix TBB Homepage with I2P links and the Notes the current i2p one has?
If so what Whonix Links should stay (if any)?
I already made a fork but i rather ask before continuing.

@HulaHoop

I would guess its some kind of Debian Policy ? But i’m too unfamiliar with Debian and their process.
I thought it was set by I2P’s Devs because of that.

Create an Issue on their Tracker or where to ask?

1 Like

Yeah but you could contact the maintaner directly while cc’ing our mail list.

whonix-devel@whonix.org

mhatta@debian.org

1 Like

No need. Debian always disables internal updaters. For any package. Its Debian stable vision of freezing software versions. Otherwise internal updater would conflict with Debian package upgrades.

2 Likes

Can we remove that instruction from the Wiki in the meantime and add a warning and the commands to add the i2p repos ?
Its no good to have people install old software (0.9.38(Buster)vs 0.9.44((Bullseye)current))

Thinkablemellow via Whonix Forum:

Can we remove that instruction from the Wiki in the meantime and add a warning and the commands to add the i2p repos ?
Its no good to have people install old software (0.9.38(Buster)vs 0.9.44((Bullseye)current))

Might still be in wiki history. We also have some wiki templates for gpg
repository adding but not sure these fit here.

Make this section optional if you must have it. I’d prefer the page to reflect the progress we’ve made and to tell people how to start it so they can get using it immediately.

Please follow this discussion:
Status of this project? / Whonix-Workstation i2p Default Installation · Issue #1 · eyedeekay/i2pdistro · GitHub

It’s related to I2P-in-Private-Browsing-Mode-Firefox:

https://eyedeekay.github.io/I2P-in-Private-Browsing-Mode-Firefox/

1 Like

“Not sure if a useful question to ask but is I2P-in-Private-Browsing-Mode-Firefox compatible with Tor Browser?”

(Cant reply on Git)
Yes it is, it also works with the debian i2p

But why would we want to use it ?
The only reason i see is the color change in TBB when browsing i2p.All else is already working, so why add more “moving Parts”?

1 Like

Did not use it myself yet but features sound amazing.

Quote I2P in Private Browsing Mode

Selection of features that sound useful even in combination with Whonix:

  • [done] Provide a way to launch into an I2P-Specific contextual identity (container). Intercept requests to .i2p domains and automatically route them to the I2P container. Isolate the router console from other local applications by automatically intercepting requests to the router console to another container.
  • [done] Indicate the I2P browser is in use visually.
  • [done] Change the color of the browser window to indicate that I2P is in use
  • [done] Set the http proxy to use the local I2P proxy automatically. Provide specific configuration for other types of I2P proxies(SOCKS, isolating HTTP)
  • [done] Monitor the health and readiness of the I2P router it is instructed to use. Currently the plugin checks whether the HTTP Proxy is working by fetching an image from “http://proxy.i2p” and displaying a result. A work-in-progress binding to i2pcontrol is available in ./i2pcontrol, it is inert at this time.
  • [Done] Handle router console applications under their own origins and within their own contextual identity. (1) The router console is automatically confined to it’s own container tab. (2) Use a custom protocol handler to place each i2p application/plugin under it’s own origin, shortening router console URL’s and placing applications under their own origin.
  • [Done] Handle Torrents by talking to i2psnark-rpc plugin and then adding them directly into the Firefox downloads drop-downs, menus, etc. If I can.

Scratch that, it isnt working with TBB, it doesnt change color in any tab, it isnt redirecting etc.
Not sure why, i2pbrowser “works” but only due to our changes not the addon and it has no effect.
I guess it has something to do with containers?

Firefox works without an issue in the WS with our current Setup and the Addon.

1 Like
1 Like

The extension is designed to work with Firefox and likely has a hard time modifying TBB where it is patched and a bunch of functionality in vanilla is locked down.

The add on looks interesting no doubt, but given the uncertainty of future maintenance, I am wary of switching to it even if it supported TBB. The current i2pbrowser implementation is simpler to understand and maintain for us simpletons who don’t develop browser stuff. With added functionality, more is likely to break and we won’t know how to fix it. The current i2pbrowser implementation enables arbitrary localhost software proxy support and I don’t know if the addon will give us that.

1 Like

Why the uncertainty ?
If it doesnt hurt why wouldn’t we want to use it ?
It could be removed when support ceases and all else keeps on working. We dont need to choose, we can add it if it works and remove it when it stops.

I’ll ask idk(eyedeekay) about that.

Looking at the TODO stuff he got plenty in the pipeline and a lot of useful feature we could use in the Future.
So it would be a waste not to use it or at least prepare for it.

But i’m not the one to decide this…

Edit:
Just tested i2pbrowser with the addon and it works if the Setting browser.privatebrowsing.autostart=false is set.

1 Like

not good. plugin need to work while this option is on otherwise not worthy for TB.

1 Like

eyedeekay is busy (life happens to all of us) and has said he won’t have time to dedicate to these projects. Without official support by I2P upstream the status and viability of this project is uncertain. Building around uncertain software tends to be a waste of time as we end up having to tear it out and remove all the documentation written for it.

We can’t maintain it and it depends a lot more on browser changes than the current pref solution.

It doesn’t work ATM so this is a moot point, however I wrote the above in case it were a choice today.

1 Like

Back to i2p pre-installation discussion.

Why Debian package doesn’t auto update itself: previously answered by me in this thread (Debian never does this; would conflict with upgrades from packages.debian.org).

Which features/fixes would the i2p Debian package lack that are only available from i2p upstream?

Is the i2p Debian package really so bad that we’re better off not installing it by default in Whonix-Workstation?

Yes, that back and forth only doesn’t matter if time is unlimited which it is not.

1 Like

Which features/fixes would the i2p Debian package lack that are only
available from i2p upstream?

Tons of bug fixes which making the software more secure plus stable on
the connection level (check the release notes of each release from
debian release version up to upstream version)

Is the i2p Debian package really so bad that we’re better off not
installing it by default in Whonix-Workstation?

Yes, there is no even maintainer for I2P on debian sid.(mhatta
disappeared since long time)

Patrick via Whonix Forum:

1 Like

@nurmagoz via Whonix Forum:

Which features/fixes would the i2p Debian package lack that are only
available from i2p upstream?

Tons of bug fixes which making the software more secure plus stable on
the connection level (check the release notes of each release from
debian release version up to upstream version)

I finished reading the changelog between the Debian buster version
0.9.38 and latest upstream i2p 0.9.45.

There are various aspects to security. If Tor can be revoked, do we
care? Yes. But is it strictly what most means when talking about
security generally? Not sure.

Connection security: Yes, we’d miss out some. But do we care? We don’t
trust i2p to keep users anonymous. We use Tor for that. Therefore it’s
not of critical importance.

Remote exploitable security issues fixed between 0.9.38 and 0.9.45: none.

Is the i2p Debian package really so bad that we’re better off not
installing it by default in Whonix-Workstation?

Yes, there is no even maintainer for I2P on debian sid.(mhatta
disappeared since long time)

Debian sid has i2p 0.9.44

i2p upstream has i2p 0.9.45 released 2020-02-25.

If he disappeared, that’s a problem indeed.

I disagree,
thats a wicked sense of security, using old version should be a problem no matter what the changelog says.
We lose compatility to plugins and propably a lot more that we aren’t aware of.
I2P trough Tor is discouraged by I2P’s devs and adding a old Version on top makes all this a waste of both Ressources (I2P’s and Tor’s)

How would you handle this Mess if there were any RCE found in the old releases ?

I dont see any reason to continue this under these Views.

Thinkablemellow via Whonix Forum:

I disagree,
thats a wicked sense of security, using old version should be a problem no matter what the changelog says.

Welcome to Debian stable where all versions are frozen until the next
major release.

How would you handle this Mess if there were any RCE found in the old releases ?

Debian fixes RCE’s in Debian stable.