[tor-talk] A Pluggable Transport based on i2p?

Jonathan Marquardt mail at parckwart.de
Wed Mar 15 20:19:21 UTC 2017


On Wed, Mar 15, 2017 at 03:43:10PM -0400, Roger Dingledine wrote:
> Jonathan responded with:
> > You want to hide the fact that you are using an anonymization network
> > by using an anonymization network. This idea seems pretty stupid to me.
> 
> But I think that's taking a very narrow view of pluggable transports.
> Many people want to use Tor and/or pluggable transports to get around
> censorship that otherwise prevents them from reaching the sites they
> want to reach.
> 
> (Getting around censorship with no security at all is probably a bad
> idea -- we keep learning that lesson as people from Iran, Egypt, etc say
> "my government is stupid, they don't know how to surveil the Internet,
> just let me get to Facebook" and then they realize once it's too late that
> maybe they should have had some more security. So the Tor perspective is
> that we should give them as many ways to get around censorship, while
> getting most of Tor's security properties, as we can, but we shouldn't
> help people with insecure approaches.)

Yes, having more options is always a good thing, I agree with that. I just 
don't think that developing an I2P transport wouldn't be worth anyone's time.

I2P's protocols are quite unusal and should be relatively easy to block by 
using DPI. On top of that hosting the bridge servers might me a little more 
work as it requires some extra firewall rules for that, if I'm not mistaken.

I2P's protocols have some problems in some networks anyway. The SSU protocol 
isn't even compatible with a SOCKS proxy, let alone HTTP proxy.

I2P protocols: https://geti2p.net/en/docs/how/tech-intro#op.transport

I2P is probably also not the easiest thing to implement due to it's complexity 
and it's currently only implemented in Java, which is not exactly a good basis 
for a pluggable transport.

> That said, one of the side effects of making a successful i2p pluggable
> transport would be that censors would have more incentive to censor
> i2p connections. Speaking of which, I have no idea if i2p connections
> right now are hard or easy to DPI for. But attracting the attention of
> Tor's adversaries could speed up the arms race there, which could be a
> sad result.

Absolutely. It's like the opposite of something like meek where we use servers 
which they don't want to block. These governments however will probably have 
no problems with I2P. If anything, they'll be glad we made them take notice of 
it.
-- 
4096R/1224DBD299A4F5F3
47BC 7DE8 3D46 2E8B ED18  AA86 1224 DBD2 99A4 F5F3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20170315/5b0d97c6/attachment-0001.sig>


More information about the tor-talk mailing list