I’ve recently tried out both Tor and i2p, two very popular tools for anonymous data exchange. They both have different anonymization implementations, but I’m not going to go into that in this post, mainly because I haven’t researched either of them very well. Instead, I’m going to focus on my experiences with them both, as a user, and then I’m going to discuss them in a wider perspective.
The first thing I noticed is how different their implementations are. Tor is rather clean, and does come pre-packaged for Debian. i2p is the usual mess you’d expect from a Java program, and doesn’t. It is also much slower at start-up (and it only recently started working with Free Javas). Tor also seems to handle load much better than i2p.
Both solutions provide a local proxy server (Tor has a SOCKS proxy which is typically connected to a separate HTTP proxy server on the same machine), which the user is supposed to set his or her web browser to use, but i2p while i2p additionally has its entire configuration UI interfaceable as a HTTP server, Tor is mainly configured through the usual text files (though a configuration GUI named Vidalia exists).
Tor provides, typically very slow, access to the normal www, i2p doesn’t. They both provide anonymous communication between internal sites with the pseudo TLD:s .onion and .i2p for Tor and i2p respectively. The “domain names” are quite lengthy hash-like strings for Tor, where they are much like normal domains for i2p. This comes with the cost of having to re-implement a DNS-like system that could’ve been simpler (this is, however, also a problem of the original DNS).
i2p and Tor both provide “hidden services” such as web mail, message boards and wikis. i2p also comes bundled with a web-based bittorrent client modified to work with i2p, and the network has several “hidden” trackers running.
There seems to be a different userbase for i2p and Tor. While Tor, judging by the message boards, seems to be mainly used by pedophiles, tin foil hats, conspiracy theorists and free speech fundamentalists of ridiculous proportions (the type that considers the moving of threads on a message board to the “spam” section to be “censorship”), i2p’s userbase, again judging by the message boards, seems much more tech-savvy, friendly and, well, sane. Another difference is speed: i2p is significantly faster than Tor, perhaps because all nodes are participating in the routing by default, whereas one must actively reconfigure Tor to act as a router.
So, to sum up what I’ve said this far: Tor is a wonderful software with an insufferable user base, i2p is an insufferable software with a wonderful user base. Now, for that pretentious “wider perspective” I promised earlier.
I have two objections to the design of i2p and Tor. My first objection is that it seems quite a waste to have nodes pass data to each other in streams, just to throw it away when the stream has finished. Distributed storage would seem much more efficient.
My second objection is that they still don’t solve the problem of giving people a voice. Rather, their conception of “free speech” seems to be limited to allowing everyone to hear what someone with a voice (read: servers) is saying anonymously. Interpreted this way, the concept of free speech becomes the freedom of the already privileged to speak their minds, and the freedom of everyone else to listen.
I’m sceptical of network designs that separate speakers from listeners, and both Tor and i2p does this. It can, however, be argued that this could be solved at a higher-level protocol, but this would be highly inefficient since the already existing communications infrastructure and node databases of the various protocols would have to be re-implemented.
Finally, it should be mentioned that I’m not a free speech fundamentalist. I have no problem with violent sects, pedophiles, racists and tin foil hats being “censored”.
Pingback: tuss's status on Thursday, 05-Nov-09 14:52:41 UTC - Identi.ca
I2P does have www access to everyone using it, it’s just a little different than what Tor does. All Tor users can be an out-proxy, giving you access to the web outside of Tor, while I2P only has a very few amount of out-proxies. But it does have it.
I didn’t know. But of course, I suppose you could deploy an eepsite that worked as an out-proxy, is this what you’re talking about?