Is I2P taken seriously here?

Hiya, (lol)

I know there have been DNM eepsites in the past, but it seems like everyone still defaults to Tor, which of course is under even more scrutiny than usual right now.

I2P was designed with hidden services in mind, and it seems very underutilized in the one place it would be most potentially useful.

Is the issue that Tor was designed by the US Navy and has simply undergone the most review and consequently has more trust, or is there a solid technical reason markets are not using it?


Comments


[16 Points] sapiophile:

Me personally, I love I2P, and use it often. I think it's a wonderful project and community, and I also think that its design is better suited (and quite possibly more secure) for DNMs than Tor. The big obstacle with it is the lack of an easy-to-use browser bundle like Tor has, and the fact that it takes a while to integrate into the network after starting, and further benefits from longer uptime (ideally a couple days or more, continuously). Also that it's more configurable, and people get confused by configuration.

But yeah, if you wanna talk about it, I'm totally down. I love I2P, I wish more people here felt the same way.


[6 Points] RosyPalm:

There have been two I2P DNM's. One, TMP, was very good, but the community resisted making the switch to I2P and it withered away.

The other, SRR3, doesn't get used but is still running. The people that didn't want to switch to IP2 still don't, and the admin is a bit of an egotistical jerk.


[5 Points] my_wet_vagina:

If someone actually bothered to do an ELI5 tutorial the way we do for Tor/PGP/etc for noobs in /r/DNMNoobs then people would probably be more willing. The problem is no one has been willing to break it down to the noob level, pictures included, and many people who already learned Tor are like eh fuck it, too complicated.


[4 Points] young_k:

Lack of people and markets seems to me to be the main reason.

I think SR3 was on i2p, but i've been unclear if its linked to that KryptoMarket/SRR site that was a huge fucking joke of a place.

It's also a little more complicated to setup AFAIK....although people may just be ignorant to it thus far, i'm sure if they had focused on learning i2p instead of tor initially, we'd be saying the reverse.


[3 Points] hdheuud:

No one cares to learn how to properly use it for some reason


[1 Points] AnonyMe4Life:

Very good question. I lack enough technical knowledge to state anything with certainty, but here are some of the benefits of TOR over I2P (per the I2P website).

  • Much bigger user base; much more visibility in the academic and hacker communities; benefits from formal studies of anonymity, resistance, and performance; has a non-anonymous, visible, university-based leader
  • Has already solved some scaling issues I2P has yet to address
  • Has significant funding
  • Has more developers, including several that are funded
  • More resistant to state-level blocking due to TLS transport layer and bridges (I2P has proposals for "full restricted routes" but these are not yet implemented)
  • Big enough that it has had to adapt to blocking and DOS attempts
  • Designed and optimized for exit traffic, with a large number of exit nodes
  • Better documentation, has formal papers and specifications, better website, many more translations
  • More efficient with memory usage
  • Tor client nodes have very low bandwidth overhead
  • Centralized control reduces the complexity at each node and can efficiently address Sybil attacks
  • A core of high capacity nodes provides higher throughput and lower latency
  • C, not Java (ewww)

I assume several of these play a major role in the decision to stick with TOR. I think sapiophile really hit it on the head in regards to an use-to-use browser bundle. It's difficult enough for the average person to wrap their head around TOR.


[1 Points] unsaFE_OPsec:

I know you can run I2P over Tor. It would be slower, but if you were providing your connection to your site on I2P through Tor, wouldn't that prevent a correlation attack? If the I2P version of the site proved more popular or better in another way for the site, they could choose to do the full transition later.


[1 Points] The_fire_bird:

Personally, I don't use it, I have personal concerns with it. However it being developed in Java is not the problem I have with it.

My concerns are as yet, unconfirmed, and probably nothing to worry about, as in it's probably safe.

But until I can confirm it's safe, I certainly wouldn't use it myself, and as those surveys go "On a scale of 0 to 10, how likely are you to recommend us to a friend?" Right now 0.


[0 Points] svgsreally:

I2P is written in Java, anyone who knows about security would tread with caution. Any market using both would be risking correlation attack too.