• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: October 18th, 2023

help-circle
  • Your proxy settings will depend on your provider but if you search for network.proxy you’ll see all the setting you need in there. You’ll connect either through http (ip+port) or socks. Socks adds an additional layer of authentication which is generally preferred but likely won’t be offered by free options.

    Yes, your proxy service will absolutely see what sites you are visiting. None of these suggestions will protect you from a malicious proxy service. Https is still honored assuming the end point is using a valid cert and your proxy has not tampered with it in any way. If the cert gets altered you’ll get a warning from your browser, you then have to trust yourself to know when to back out.


  • Unfortunately container tabs are not yet supported for Android Firefox. FoxyProxy is by no means malicious, it certainly has good intentions and for the most part it does what it says it does. The problem is that due to many fundamental design choices it is too easy for information to leak. Plus the URL regex matching can be very finicky to work with. I used FoxyProxy for years but gave up on it after a while since I could never get a consistent and reliable experience out of it.

    At this point I just alter the proxy settings in Android ff directly - no extension. Unfortunately ff profiles are also not supported on Android yet so if you don’t want your main browser to always be attached to a proxy you can install other releases of ff such as Nightly and just configure that with proxy settings. If I am recalling correctly, you can also configure ff to apply proxy to either normal or private browsing too.



  • FoxyProxy has many DNS leaking bugs associated with the extension, especially when using SOCKS5 proxies. That extension has not been a recommended choice for a while now.

    As others have said, a free proxy is not a good alternative, they are harvesting just as much data as your ISP, if not more (and possibly selling the info back to your ISP). Free proxies also have little incentive to be honest so there is a higher chance they could also be manipulating your traffic in various ways.

    A better solution for mitigating data harvesting from your ISP is to just simply adjust your personal DNS settings. This can be configured globally on your router sometimes and/or each client device. Change your default DNS to a more privacy conscious provider such as Mullad, Quad9 or even Cloudflare. Those DNS providers also offer the option of making encrypted DNS requests using DNS over TLS (DoT) and DNS over HTTPS (DoH) which can be configured in your browser and sometimes your router.

    At the end of the day, your ISP will still know you connected to a specific end point but they can’t determine what exactly you are doing there, they only know you connected to something like Lemmy.world but would not be able to determine which communities you are visiting.

    If a proxy still feels like the only solution then just buy a VPN subscription from a reputable source, its usually pretty cheap and way more effective at preserving privacy and security than any free proxy that is available. Mullvad is generally a pretty good and inexpensive choice plus they also have pretty decent proxy support.

    As an alternative to FoxyProxy, check out the extension Container Proxy which allows you to containerize a tab and route all the traffic through a configured proxy which can also be configured on a site-by-site basis. Still, not perfect, but certainly a step above FoxyProxy.


  • The speeds have improved tremendously, over the last couple of years some significant improvements have been made. There’s still more bandwidth overhead using I2P over a traditional connection but it has been significantly reduced and is not as noticeable anymore. That being said, there’s still some configuration that’s necessary to maximize your bandwidth. The biggest complaint I hear about the standard i2p install is that it uses extremely conservative bandwidth settings by default but it can all be easily adjusted to maximize performance on your router. I’ve used I2PD quite a bit but overall I actually much prefer standard Java I2P because it’s far more feature rich, more frequently maintained, and settings are muuuuch much easier to configure and understand. There are still many brilliant optimizations in Java I2P that have not made it into I2PD such as the most recent peer analysis techniques that can automatically block/ban misbehaving peers among other things too. I personally think I2PD is best if I just need to host a low resource tunnel… But back to the speed!

    As was already mentioned the more people who participate, the more I2P thrives. One of the most notable differences is that most I2P nodes right now are just enthusiasts running on recycled hardware at a residential address whereas clear net torrents are much more mainstream and many common/popular torrents have at least one peer hosted at a data center with virtually unlimited bandwidth, that one peer usually contributes to over 50% of your download speed on a standard torrent.

    I have my router bandwidth setting on my 24/7 router set pretty high and my router usually idles at about 850 KBps… My most recent peak was about 1.3MBps, very acceptable speeds I think. I get the best i2p torrent download speeds using Snark which is built into Java I2P, the only important setting to change is increase tunnel quantity to 10 to maximize your download bandwidth. I have seen some of my downloads seed at about 200+ KBps and I have downloaded at almost a full 1MBps which are comparable speeds to standard clear torrent downloads.

    So, in a nutshell, it’s not necessarily slower than a standard torrent download (well, maybe a little bit) but what it does have is significantly more variability in bandwidth and download speed depending on how many hops or peers are in between you and your target destination. More hops creates more variance (and more anonymity), you could be directly connected to someone in a data center but the next hop could be connected to a raspberry pi running off of public Wi-Fi which will be the bottleneck in that connection.


  • Absolutely. Go to https://geti2p.net/ to get started. There are some super simple Windows installers that make everything just a few clicks. If you’re on Linux it’s built into the package managers for Ubuntu/Debian but from my experience it’s a lot better if you can get the Java source version working because then it can self update and you’ll always have the most current release.

    Once it’s installed and running let your new i2p router run for a minimum of about 30-45 min to explore the network and build good connections with peers. The longer it runs the more stable it becomes but it should be usable after about 30 minutes on your first start up (subsequent start ups are a little faster after your router gets to know the network a little better). And that’s it! You’re now running an i2p router!

    The only part where things get a little hard is with the proxy settings… Unfortunately there just aren’t enough active devs or funding in i2p to support a dedicated browser like Tor so this is the only side of i2p that tends to get more involved. You need to configure a browser to proxy http requests through the port used for i2p http: 4444. If the i2p router is on the same machine as the browser then it’s just a matter of entering your local address (127.0.0.1) and port (4444) into your proxy settings. If your i2p router is remote, you need to use ssh port forwarding on port 4444. Alternatively, there is a Firefox plugin that one of the core i2p devs (idk) maintains which automatically containerizes and proxies all .i2p addresses while leaving normal web traffic alone, it’s called “I2P In Private Browsing”. Only warning that the dev for that project cites is that the plugin, although open sourced, has not gone through any security auditing so there’s no guarantee that no information gets leaked to the clear web - so basically just avoid this if maximum privacy is your goal.

    After your router is started up and proxy settings are configured, you’re good to go! Check out some starter sites like i2pforum.i2p to join in on i2p related discussions and development. notbob.i2p also offers a nice sortable directory of some sites hosted on i2p. Or… Host your own hidden service(s)! The standard i2p install comes with a prepackaged and preconfigured Jetty web server, just start the service from your local tunnels page and you’re now hosting a hidden website!

    The possibilities are pretty much endless from here, anything that communicates on TCP/UDP can be tunneled through I2P. Which by the way is a huge advantage over Tor since Tor does not even support UDP. Unlike Tor, I2P also has a much better incentive for node operators since every user is a node, the more people who use I2P, the faster and better it becomes… A Tor node only gets spun up when someone chooses to donate their resources to the network out of the grace of their heart. This also applies to P2P downloading. In fact… It helps to grab a popular download from an I2P indexer when starting a fresh router as that helps introduce your client to new peers. Torrenting is not even an option on Tor as it is basically DDOS’S the network of limited nodes…


  • qBittorrent I have not tried personally but I would think that if you have i2p set up on qbit already then enabling the setting “automatically add these trackers to new downloads” and add in a few open i2p trackers. Postman requires an account so unless the exact same torrent has already been posted there you won’t be able to bridge.

    For Prowlarr, it’s a little more complicated. You can add Postman just like any other indexer but you then need to configure your proxy settings in Prowlarr for it to be reachable. If you are running your i2p router on the same machine you can just enter your local address (127.0.0.1) with port 4444 and it’ll connect. If your router is on a remote machine the easiest solution is to then use ssh port forwarding (autossh is handy here). Ssh forward the remote 4444 port to local and then use the same address and port. The final step is setting your ignored addresses, I have a bit of a list but the idea is to filter out all non .i2p addresses so an example would look like: *.com, *.net, *.info, …

    EDIT: I should also add, if you are sticking with I2PD and are more concerned with just downloading and not incorporating the *arr suite there is a standalone Snark download that’s floating around somewhere that can plug into I2PD. I haven’t used the standalone personally but I do know that Snark is by far the most optimized client exclusively for i2p torrents. Snark is also baked into the standard i2p install by default.



  • It varies wildly between torrents based on activity of the torrent and your I2P tunnel settings. Participation on I2P torrents is definitely significantly lower than normal clearnet torrents (at the moment) so a lot of times there are only 1-2 peers available which often results in roughly 35-60 KB/s but I've also seen some more popular torrents download at nearly 1 MB/s. I2P can self update from a torrent, that file generally has high participation, and on average, downloads at speeds above 150 KB/s. There definitely is some bandwidth lost just due to overhead of running the network, fewer hops and more tunnels helps with that though. I usually run about 10 tunnels with Snark, all with 3 hops. If I reduce that to two hops I can still have good privacy but with significantly less bandwidth overhead, I just personally feel the extra privacy of three hops is worth the sacrifice.

    Speed and bandwidth rely heavily on the level of participation, more high-bandwidth peers torrenting over I2P will significantly speed things up. With my current setup, my router pushes around 450 KB/s on average just for participating traffic (traffic that is only contributing to other I2P peers) so it's definitely capable of comparable speeds to that of a VPN.

    Oh and I should have mentioned this before, torrenting over I2P also helps strengthen your connection to the I2P network because it introduces you to more high-speed peers to communicate with. Really speeds things up if you're trying to bootstrap a new I2P router

    I2P has quite a few internal torrents with large swarm sizes that you can stress test pretty reasonably with. Another fun thing you can try if you are using I2P Snark (java I2P built-in torrent handler), you can paste magnet links from the clearnet into your client and if you're lucky some beautiful people out there are cross seeding that torrent and it'll allow you to take part in downloading clearnet torrents over I2P.


  • Others have summarized it well but I'll add my perspective also.

    I2P is a decentralized network of peers. All traffic gets routed through multiple peers before reaching its destination. Traffic is also encrypted by multiple layers of encryption and each connected peer can only decrypt one layer, that layer will only contain further routing info so that peer knows the next place to hand off your data. The encryption gets stripped layer by layer until it finally reaches its destination.

    What this ultimately means is that by interacting with a website or service through I2P it is virtually impossible to identify any information the user is sending or receiving and it is also impossible to tell where the connections are going or coming from.

    To make things even more interesting all I2P routers by default also contribute resources back into the network so while your I2P Router is handling your communication connections, it's also volunteering to be a connection node in someone else's connection. This adds further security because now you've got many Peer to Peer connections going in and out of your network, all encrypted so any prying eyes will have an exceedingly difficult time trying to make sense of any of your internet traffic.

    Tor relies on the good faith of its community to contribute resources to the network and it's not very well incentivised causing its resources to be far more limited and bogged down. For this reason, Tor cannot sustain heavy torrent traffic without easily being overwhelmed. In I2P, every user is a contributor so the more people who use I2P, the faster and better it becomes.

    The big advantage Tor has over I2P are outproxies and the beautifully prepacked Tor Browser. Tor has a lot more influence and money backing it so there are some large and well protected entities that can afford all the legal trouble that outproxies can bring. Unfortunately there just isn't enough money or legal support in the I2P community to reliably support outproxies even though I2P already has full support for it.

    I2P is a fantastic tool for private communication across the Internet and the true ELI5 here is I2P natively supports "anonymous" torrenting (even encouraged it as it strengthens the network further) and will do so privately and securely without any need for a VPN. Adding support to QBittorrent makes it even easier to access I2P torrenting with very minimal set up required.

    The only catch here is you can't go around downloading any old torrent from the Internet on I2P, someone needs to actually be seeding that torrent on the I2P network for you to get any data. There are fully functioning tracker sites exclusively within I2P that have a huge catalog of content but all is not lost for "clearnet" torrents either. Software like BiglyBT and now QBittorrent, allows users to "bridge" or "cross seed" torrents across the two networks, that way content is shared no matter what network you're a part of.

    BiglyBT has been doing this for a while now but I'm so happy to see QBittorrent finally embracing this as well.

    EDIT: https://geti2p.net/en/