I2P

What is i2p?

I2P is similar to tor. Some of the design flaws in the tor browser have allowed attackers to hold down onion services with ddos attacks. I2P is a great alternative that many markets have begun to use to get around these flaws. Continue reading on to find the right setup for you. Understand there is still some flaws with i2p. Make sure you follow, and read all of the instructions!

I2P, otherwise known as The Invisible Internet Project, is a fully encrypted peer-to-peer network that hides the server from the user, and the user from the server. All I2P traffic is internal to the I2P network. Traffic inside I2P never interacts with the internet directly, it is a layer on top of the internet using encrypted unidirectional tunnels between you and other peers. No one can see where traffic is coming from or where it is going.

I2P is almost completely decentralized, once you’re connected to the network, you only discover peers by building “exploratory” tunnels. These tunnels make your initial connection, then you get a peer list from trusted reseeding servers. Using the peer tunnels from the reseed server allows you to build more connections and get faster speeds the longer you are contributing to the network.

The I2P network does not officially “exit” traffic, it is primarily a hidden service network and outproxying is not an offical function, nor is it advised. The privacy benefits you get from participating in the I2P network come from remaining on the network and not accessing the internet. I2P recommends that you use Tor Browser instead when you want to browse the internet privately.

How safe is I2P?

Every node participates in packet routing for others, so your IP address must always be known to establish connections. While the fact that your computer runs I2P is public, nobody can see your activities through it. No one knows if you are browsing eepSites, sharing files, doing research, or just contributing bandwidth to the project. It is important to keep in mind that I2P alone does not mask your identity from the clearnet and should be used with other privacy technologies for your security (which will be covered in the following sections).

How can I run I2P?

  • Android - Easy (least secure, least recommended)
  • Linux (Ubuntu) - Intermediate (somewhat secure, beginner friendly)
  • Tails (Currently does not work with tails 5 and up)
  • Whonix on Qubes - Advanced (very secure, maximum privacy)
Using mobile device presents a lot more opsec risks. This guide does not encourage you to use mobile at all. It is being included because a lot of users are using I2P on mobile. This will help you be secure, but you should not rely on mobile devices to protect you. Simply they are shit for opsec.

Warning

Warning you have javascript enabled! Go to this page to learn how to disable it.