ipfs access

this blog can now be accessed via ipfs at /ipns/QmUXNVeuFPqjYRFduTxLkaKB4y6WHV8Drj3gWW2bdamtZU/

DIY darknet for fun and profit

A darknet (or dark net) is an overlay network that can only be accessed with specific software, configurations, or authorization, often using non-standard communications protocols and ports.

Well known example of the darknet is the Onionland -- public darknet created with Tor software. This article will show you how to create your own darknet with Invisible Internet Protocol (I2P) for fun and profit. Unlike the Onionland, it will be fully distributed and suitable for any type of private and anonymous communications.

How own darknet can be useful

Online privacy and anonymity research

You can run your own network to study how anonymous networks work, find their weaknesses and performance improvement possibilities.

Filesharing software

Anonymous network layer can be added to any filesharing software, for example, to torrent clients and apps like PopcornTime. Users will download and share content anonymously …

Read more ...

gpgpipe, an alternative for people who want to curlpipe

The term curlpipe comes from using the program curl to download a file and immediately executing the file via a pipe in the command line (this is bad and you should feel bad for doing this)

curlpipe found in the wild

Regardless of the obvious security concerns, many projects feel the need to tell users to execute arbitrary scripts transmitted over plaintext. Is there a workarround for these people? I believe there is now: just pipe it through gpg.

But wait, that won't actually work.

Consider the following:

curl $url | gpg | bash

This command SHOULD fail if the signature is invalid but it doesn't.

curl http://i2p.rocks/files/gpg-test.sh.asc | gpg | bash
% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                        Dload  Upload   Total   Spent    Left  Speed
100   293  100   293    0     0   7274      0 --:--:-- --:--:-- --:--:--  7325
it works
gpg: Signature made Sat 22 Oct 2016 08:18:57 AM EDT using …

Read more ...

i2pd 2.10 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.10:

  • Added support of datagram I2P tunnels
  • Reduced file descriptors usage
  • Unique local addresses for server tunnels
  • Added configuration options for list of reseed servers and initial addressbook
  • Added configuration option for netid
  • Added ability to …

Read more ...

Anonymous instant messaging with end-to-end encryption

Centralized commercial IM providers are a real threat to our privacy. They often require users to run proprietary software, confirm their identity with SMS and give away control over their data.

We always have a freedom to take control back over our private communications.

In this tutorial, we will use XMPP as decentralized and open-source instant messaging system, OTR for end-to-end encryption and I2P network to anonymize our network activities.

Install i2pd

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

If you don't have I2P client already, go to i2pd.website, install and run it.

Install XMPP client

Make sure your client supports OTR encryption. In this tutorial we will use psi+.

Windows users can find downloads here.

In Debian/Ubuntu, run following commands:

sudo apt-get install psi-plus psi-plus-plugins

Psi+ will ask …

Read more ...

i2p.rocks xmpp

Quick update: For those who don't know, i2p.rocks has a federated jabber server with open registration (for now) and is available on i2p, via ynkz7ebfkllljitiodcq52pa7fgqziomz4wa7tv4qiqldghpx4uq.b32.i2p:5222 (the port is important).

This blog is now also reachable via i2p here

Meet i2lua -- I2P router with "smart" configuration

With i2lua you can add custom logic to your Invisible Internet router by writing scripts in Lua.

Lua is a full-featured programming language, which means you can resolve complex issues with it.

Some basic tasks you can accomplish with i2lua:

  • make all tunnels to have only trusted nodes as first hop (restricted routes, similar to Tor's guard nodes)
  • make I2P router to only use high-speed nodes for building tunnels
  • create tunnels with first hop in specific countries (e.g. make connections only to Russia and Germany)
  • implement custom node profiling mechanism

and so on.

Example script for i2lua

self hosted git inside i2p

This is a quick howto guide on setting up a very minimal git repo for sharing code inside i2p using any modern linux distro. (What is git?)

Please note this is not a general git tutorial, you will need to know a little git.

Simple setup

Git proxy settings are easy, it's deep in the man pages but usually there's no need to set them it seems daunting.

For all this you'll need ssh, git, connect-proxy and i2pd (see here for i2pd)

For ubuntu xenial (root needed)

wget https://github.com/PurpleI2P/i2pd/releases/download/2.8.0/i2pd_2.8.0-1xenial1_amd64.deb -O i2pd.deb
dpkg -i i2pd.deb
apt install ssh git connect-proxy

Client side

(The following should be run as your regular user)

Create a shell script for proxying over i2p, is i2pd's socks proxy, it's enabled by default.

1 …

Read more ...

i2p.rocks in proxy down for rewrite

i2p.rocks inproxy will be done again until I get a chance to rewrite the in proxy app server in full, the nginx configuration I was using stopped working as of nginx 1.10.

The source code is on github here, feel free to help out.

This project is not a very high priority and i2p.rocks will be back up once this rewrite is done.

Cross-Compile static I2PD for Raspberry Pi

(this guide is probably out of date)

I have recently successfully built i2pd for the raspberry pi using a cross compiler on Ubuntu 16.04 LTS for amd64. So far i2pd has an uptime of over a week with no crashes or memory leaks running a small irc server. There are still a few things i2pd could do better, specifically more documentation but I digress.


First off if you don't have git install it along with the basic compiler stuffs.

$ sudo apt install git build-essential

To build a static i2pd for raspberry pi you'll need to build an environment with all the i2pd dependencies. We'll use ubuntu's gcc arm cross compiler for this.

$ sudo apt install g++-arm-linux-gnueabihf gcc-arm-linux-gnueabihf

We don't want to mix the libraries we are going to build with our system libraries as they are for ARM not x86 so we'll make a separate …

Read more ...