Tor vs I2P Review
Tor and I2P are the main privacy routing networks that we have to hide IP addresses other than basic VPN connections. There are other projects too but they are either new or not that popular so they are less effective as anonymity scales by the number of users. I am going to give my honest opinion and compare the two:
✴️I2P Features:
✅Designed for hidden services which are faster and more efficent than Tor (
✅Distributed, P2P, decentralized and self organizing (
✅Packet switch instead of circuit switch, provides higher level of anonymity
✅Unidirectional tunnels, doubling the security / node than Tor
✅Tunnels are shorter lived than Tor
✅All peers participate in the network 🚩🚩 (
✅Bandwidth requirement is low
✅Built in Java 🚩🚩🚩🚩🚩🚩🚩🚩(
✅Free and Open Source
(
(
(
(
✴️Tor Features:
✅More users hence bigger haystack of anonymity
✅More security audits and academic reviews on it
✅Has solved the scaling issue
✅Centralized 🚩🚩🚩🚩 (
✅Has more funding and workforce working on it
✅Is censorship resistant, it doesn't assume clear access to internet lik I2P (
✅Adaptive to DDOS attacks
✅Higher degree of plausible deniability and smaller risk of usage
✅Low usage of resources on clients but big usage on servers 🚩🚩 (
✅High bandwidth throughput reaching the throughput level of an average VPN service
✅Free and Open Source
✅Supposedly resistant to Sybil attacks (
(
(
(
(
✴️Conclusion and more infos at: https://www.reddit.com/r/privacy/comments/8naaw8/tor_vs_i2p_review/
✴️ I2P Website: https://geti2p.net/en/
✴️ Tor Website: https://www.torproject.org/
✴️ Read in german language: https://t.me/cRyPtHoN_INFOSEC_DE/1678
#Tor #I2P #Review
Tor and I2P are the main privacy routing networks that we have to hide IP addresses other than basic VPN connections. There are other projects too but they are either new or not that popular so they are less effective as anonymity scales by the number of users. I am going to give my honest opinion and compare the two:
✴️I2P Features:
✅Designed for hidden services which are faster and more efficent than Tor (
1)✅Distributed, P2P, decentralized and self organizing (
2)✅Packet switch instead of circuit switch, provides higher level of anonymity
✅Unidirectional tunnels, doubling the security / node than Tor
✅Tunnels are shorter lived than Tor
✅All peers participate in the network 🚩🚩 (
3)✅Bandwidth requirement is low
✅Built in Java 🚩🚩🚩🚩🚩🚩🚩🚩(
4)✅Free and Open Source
(
1) I am not sure whether the onionv3 system would be more superior than this. While Tor wasn't designed for hidden services and it's just a plugin, with the onionv3 system it's getting there.(
2) Although it's much more decentralized than Tor, their claims are misleading. They still have directory servers and I guess the development team has a lot of power over the project, it's not like a blockhain which is fully decentralized, so this is misleading. Though it's more decentralized than Tor in either case.(
3) This makes I2P use very risky, especially connecting to it directly, as if somebody is doing something illegal, it would put every node there in danger and suspects of that same crime. Police I guess is not well experienced with this ,and due to the low user count ,this makes it very dangerous to use. Though connecting to I2P from Tor or from a VPN is less risky.(
4) Java is a very flawed language with a history security bugs, and the way the website mocks C in favor of Java makes them look ridiculous. This is a massive red flag for me.✴️Tor Features:
✅More users hence bigger haystack of anonymity
✅More security audits and academic reviews on it
✅Has solved the scaling issue
✅Centralized 🚩🚩🚩🚩 (
1)✅Has more funding and workforce working on it
✅Is censorship resistant, it doesn't assume clear access to internet lik I2P (
2)✅Adaptive to DDOS attacks
✅Higher degree of plausible deniability and smaller risk of usage
✅Low usage of resources on clients but big usage on servers 🚩🚩 (
3)✅High bandwidth throughput reaching the throughput level of an average VPN service
✅Free and Open Source
✅Supposedly resistant to Sybil attacks (
4)(
1) This is a big problem, the development and the infrastructure is very centralized, which would increase the risk of it being shutted down or censored, as it has a few points of failure. I think about 9 directory nodes exist now, which means that blocking only those 9 IP addresses worldwide would cripple the network. The use of bridges and proxies can help, but this issue needs to be addressed.(
2) While I2P assumes that you can connect to the internet, Tor assumes that you are censored, which is better. Tor has a bridge feature which allows to bypass any censorship other than total blocking of the internet. It can connect even through a HTTP proxy and it molds the traffic to be hard to distinguish from normal browsing by packet inspection. Though I2P can be used through Tor, so it's not a big drawdown, Tor still needs to do this, so perhaps the two systems complement eachother.(
3) It's balanced towards higher user experience by outsourcing the work to servers, but this increases centralization which is not good.(
4) It is supposedly resistant against Sybil by it's mechanism is picking trusted nodes, but due to it's centralized nature, operators could be coerced or coopted to become informants, so I don't think this works as well as advertised.✴️Conclusion and more infos at: https://www.reddit.com/r/privacy/comments/8naaw8/tor_vs_i2p_review/
✴️ I2P Website: https://geti2p.net/en/
✴️ Tor Website: https://www.torproject.org/
✴️ Read in german language: https://t.me/cRyPtHoN_INFOSEC_DE/1678
#Tor #I2P #Review
I2P- Invisible Internet Project
Website: https://geti2p.net/en/
Setting up I2P: https://geti2p.net/en/about/media
Another Dark web browser I2P is quite different from Tor as it offers anonymity as it works with multiple layers of data streaming thus protecting your privacy.
This is strictly a message based on a library for reliable communications. Communications are end-to-end encrypted (four layers of encryption) with the cryptographic identifiers at the receiving end, which can be then decoded using public or private keys.
The Dark web browser framework works based on TCP/UDP or IP data transfer protocol. But to talk about Tor’s structure it isn’t that secured, because all it does is reroute your traffic via multiple nodes rather than connecting your physical device directly, so it does help in restricting tracking but do not mask your IP address.
I2P is based on the tunneling system, where the sender creates a tunnel for the outbound data and the receiver will already have created a tunnel for the inbound data, so the sender client will send his message through this outbound tunnel which will be received by the other client using the inbound tunnel and vice versa.
These tunnels are identified by requiring the same over a network database, which is more of a structured distributed hash table based on the kademelia algorithm. I2P is currently used to create an anonymous website using a standard web server and linking it with the I2PTunnel Server.
If you’re looking for anonymity over the web, and not ready to set up a VPN, then I2P is the one for you. So this is another best Dark web browser to stay anonymous.
#i2p
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
Website: https://geti2p.net/en/
Setting up I2P: https://geti2p.net/en/about/media
Another Dark web browser I2P is quite different from Tor as it offers anonymity as it works with multiple layers of data streaming thus protecting your privacy.
This is strictly a message based on a library for reliable communications. Communications are end-to-end encrypted (four layers of encryption) with the cryptographic identifiers at the receiving end, which can be then decoded using public or private keys.
The Dark web browser framework works based on TCP/UDP or IP data transfer protocol. But to talk about Tor’s structure it isn’t that secured, because all it does is reroute your traffic via multiple nodes rather than connecting your physical device directly, so it does help in restricting tracking but do not mask your IP address.
I2P is based on the tunneling system, where the sender creates a tunnel for the outbound data and the receiver will already have created a tunnel for the inbound data, so the sender client will send his message through this outbound tunnel which will be received by the other client using the inbound tunnel and vice versa.
These tunnels are identified by requiring the same over a network database, which is more of a structured distributed hash table based on the kademelia algorithm. I2P is currently used to create an anonymous website using a standard web server and linking it with the I2PTunnel Server.
If you’re looking for anonymity over the web, and not ready to set up a VPN, then I2P is the one for you. So this is another best Dark web browser to stay anonymous.
#i2p
📡@cRyPtHoN_INFOSEC_ES
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
i2p.net
I2P - The Invisible Internet Project | EN
I2P is a fully encrypted private network layer. Protect your online activity from surveillance and censorship with built-in end-to-end encryption.
Forwarded from BlackBox (Security) Archiv
Obscurix: Linux Live System for privacy, security and anonymity
#Obscurix is a new open source #Live operating system based on #Arch #Linux. Obscurix attaches great importance to your #privacy, #security and #anonymity on the net. The live operating system routes all your traffic quite securely through the #Tor# network and also supports many other networks like #I2P and #Freenet.
Privacy, Security and Anonymity
To get it straight up front: Obscurix does not want to be a Linux operating system for pentesters. Even if you mainly want to play games on your computer, you better find something else. Obscurix is simply a secure and easy to use live operating system. In addition, the developers have done a lot to make it resistant against various forms of tracking and #surveillance. As a user you don't have to configure much, which makes it easy to get started.
One of the big differences between this and other Linux operating systems is the special focus on privacy, security and anonymity. Therefore Obscurix is not an operating system that you should install on your hard disk. As a pure live operating system it runs only in the memory of your computer. During shutdown the #OS automatically deletes all digital "traces" that third parties could otherwise evaluate later.
Continue on:
https://tarnkappe.info/obscurix-linux-live-system-fuer-privatsphaere-sicherheit-und-anonymitaet/
👉🏼 Obscurix:
https://obscurix.github.io/
👉🏼 ObscurixOS TG support group:
https://t.me/Obscurix_OS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
#Obscurix is a new open source #Live operating system based on #Arch #Linux. Obscurix attaches great importance to your #privacy, #security and #anonymity on the net. The live operating system routes all your traffic quite securely through the #Tor# network and also supports many other networks like #I2P and #Freenet.
Privacy, Security and Anonymity
To get it straight up front: Obscurix does not want to be a Linux operating system for pentesters. Even if you mainly want to play games on your computer, you better find something else. Obscurix is simply a secure and easy to use live operating system. In addition, the developers have done a lot to make it resistant against various forms of tracking and #surveillance. As a user you don't have to configure much, which makes it easy to get started.
One of the big differences between this and other Linux operating systems is the special focus on privacy, security and anonymity. Therefore Obscurix is not an operating system that you should install on your hard disk. As a pure live operating system it runs only in the memory of your computer. During shutdown the #OS automatically deletes all digital "traces" that third parties could otherwise evaluate later.
Continue on:
https://tarnkappe.info/obscurix-linux-live-system-fuer-privatsphaere-sicherheit-und-anonymitaet/
👉🏼 Obscurix:
https://obscurix.github.io/
👉🏼 ObscurixOS TG support group:
https://t.me/Obscurix_OS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
InviZible Pro
Telegram channel: @InviZiblePro
Telegram group: @InviZiblePro_Group
Wiki: https://github.com/Gedsh/InviZible/wiki
Download: https://github.com/Gedsh/InviZible/releases
invizible.net
InviZible Pro is an open-source android application. It can protect your internet privacy and security with well-known solutions such as DNSCrypt, Tor and Purple I2P which are used as modules. You can use them all together or activate only one or two at once. InviZible app combines its potential in the best way to achieve comfortable and secure use of the internet.
All application features can be used with root access which gives full control over your android device and power for InviZible to protect your information.
There is a way to use InviZible basic functions without root in combination with those applications that are available to create own local VPN tunnel or use a proxy. Something like NetGuard firewall, personalDNSfilter DNS filter proxy, Firefox browser, Telegram messenger.
InviZible can be used to block ads, malicious sites, and prevent your tracking. Also, you can get access to all blocked Internet resources, Dark Net (onion sites) and Invisible Internet (i2p sites). InviZible helps keep your freedom.
InviZible application is very flexible and can be used by everyone with the default setting. This is usually enough to protect your basic privacy and security. But if you want ultimate protection - no problem. You can configure many useful options to protect yourself better and smarter.
InviZible is compatible with the AfWall+ firewall.
📡 @NoGoolag 📡 @Libreware
#invizible #dns #dnscypt #i2p #tor #privacy #android
Telegram channel: @InviZiblePro
Telegram group: @InviZiblePro_Group
Wiki: https://github.com/Gedsh/InviZible/wiki
Download: https://github.com/Gedsh/InviZible/releases
invizible.net
InviZible Pro is an open-source android application. It can protect your internet privacy and security with well-known solutions such as DNSCrypt, Tor and Purple I2P which are used as modules. You can use them all together or activate only one or two at once. InviZible app combines its potential in the best way to achieve comfortable and secure use of the internet.
All application features can be used with root access which gives full control over your android device and power for InviZible to protect your information.
There is a way to use InviZible basic functions without root in combination with those applications that are available to create own local VPN tunnel or use a proxy. Something like NetGuard firewall, personalDNSfilter DNS filter proxy, Firefox browser, Telegram messenger.
InviZible can be used to block ads, malicious sites, and prevent your tracking. Also, you can get access to all blocked Internet resources, Dark Net (onion sites) and Invisible Internet (i2p sites). InviZible helps keep your freedom.
InviZible application is very flexible and can be used by everyone with the default setting. This is usually enough to protect your basic privacy and security. But if you want ultimate protection - no problem. You can configure many useful options to protect yourself better and smarter.
InviZible is compatible with the AfWall+ firewall.
📡 @NoGoolag 📡 @Libreware
#invizible #dns #dnscypt #i2p #tor #privacy #android
By default anyone using i2p is a node for transition of data to other peers, and it was built with torrenting in mind
https://i2pd.website
https://geti2p.net
#i2p #p2p
https://i2pd.website
https://geti2p.net
#i2p #p2p
Meshtastic (An inexpensive open source GPS mesh radio for hiking, skiing, flying, walking).
https://meshtastic.org
An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices
Radio Mesh text messaging
Off-grid messaging using low-cost hardware to create your own personal mesh. Radios transmit messages to the next to flood the network. Communicate kilometers/miles between nodes. Internet-connected relay nodes also allow the conversation to move online.
Video @libreware
LoRaWAN - Wikipedia -
F-Droid app :
https://f-droid.org/packages/com.geeksville.mesh/
#Meshtastic
#MeshNetwork #Radio #RF #LoRa #LoRaWan #I2p #Mesh
#DecentralizedNetwork #MeshNetwork
https://meshtastic.org
An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices
Radio Mesh text messaging
Off-grid messaging using low-cost hardware to create your own personal mesh. Radios transmit messages to the next to flood the network. Communicate kilometers/miles between nodes. Internet-connected relay nodes also allow the conversation to move online.
Video @libreware
LoRaWAN - Wikipedia -
F-Droid app :
https://f-droid.org/packages/com.geeksville.mesh/
#Meshtastic
#MeshNetwork #Radio #RF #LoRa #LoRaWan #I2p #Mesh
#DecentralizedNetwork #MeshNetwork
Forwarded from 0•Bytes•1
Enjoy your tea, my Alices in Wonderland! 🎀
Many people have heard of onion routing in Tor and have a rough idea of how it works. However, fewer people know about garlic routing.
That's why I decided to write a short note about what it is and how it works in I2P🚥
How is a message sent? ✉️
In I2P, your message travels through a tunnel—a chain of randomly picked computers (nodes) on the network. Each node only knows where to send the data next, not the message content, thanks to garlic encryption🧄.
Your message is first encrypted for the recipient using end-to-end encryption. Asymmetric encryption🔐 uses a public key to encrypt and a private key to decrypt.
How are encryption layers created?🔒
Now the process of wrapping the message in layers begins.
Imagine that you have a tunnel with three nodes: A, B, C.
The encrypted message (already protected for the recipient) must be passed through these nodes so that each one knows only the next step. To do this, I2P creates encryption layers one for each node.
Each layer is additional encryption with instructions for a specific node, such as “forward to node B” or “send to recipient.”
It works like this: you encrypt the message with the public key of node C, adding the instruction “forward to node B.” You encrypt this packet again with the public key of node B with the instruction “forward to node A.” Then the entire packet is encrypted with the public key of node A with the instruction “send to recipient.”
When you send the packet, it goes to node A. Node A opens its layer with its secret key, sees the instruction “forward to node B” and forwards the data. The data remains encrypted for other nodes. Node B opens its layer, sees the instruction “forward to node C” and forwards it. Node C opens the last layer, sees that it needs to be sent to the recipient, and does so.
Each node only knows its own step and does not see the content of the message, its sender, or its recipient.
Why is encryption called garlic?🧄
Now, let's talk about “garlic” encryption in detail. In I2P, your message is packed with others into one encrypted packet🗂, called garlic. This packet may include your message, others’ messages, and network data like tunnel commands⚙️
All these messages are encrypted together, and each layer of encryption (for nodes A, B, C) covers the entire large packet, not each message individually.
When node A opens its layer, it sees the instruction for the entire packet, such as “forward to node B,” and sends it on. It does not know how many messages are inside, whose they are, or where they are going. Node B does the same, opening its layer and forwarding the packet to node C. Node C, opening the last layer, can send the entire packet or parts of it (depending on the instruction) to the recipients, but it does not know how many messages are inside and to whom they are addressed. This makes it impossible to determine whose message is where, even when observing the network.
Each message in the packet is protected by individual encryption for its recipient🔑 so that no one but the intended person can open it.
The messages inside the packet are not explicitly separated they are sort of stuck together into one continuous encrypted piece of data. I2P can also add “garbage” data🗑 fake messages that masquerade as real ones but mean nothing.
In addition, I2P mixes♻️ your packet with other data on the network and can add random delays during transmission. This makes it difficult to analyze traffic. Tunnels change every 10 minutes, and the nodes in them are selected again, so it is impossible to track the path.
How does garlic encryption differ onion encryption?🧅
In onion encryption, each message is encrypted separately and transmitted through its own chain of nodes. Garlic encryption not only wraps your message in layers of encryption, but also combines it with other messages and fake data into a single encrypted packet.
#i2p #cryptography #garlic_encryption #anonymity #tor
Many people have heard of onion routing in Tor and have a rough idea of how it works. However, fewer people know about garlic routing.
That's why I decided to write a short note about what it is and how it works in I2P🚥
How is a message sent? ✉️
In I2P, your message travels through a tunnel—a chain of randomly picked computers (nodes) on the network. Each node only knows where to send the data next, not the message content, thanks to garlic encryption🧄.
Your message is first encrypted for the recipient using end-to-end encryption. Asymmetric encryption🔐 uses a public key to encrypt and a private key to decrypt.
How are encryption layers created?🔒
Now the process of wrapping the message in layers begins.
Imagine that you have a tunnel with three nodes: A, B, C.
The encrypted message (already protected for the recipient) must be passed through these nodes so that each one knows only the next step. To do this, I2P creates encryption layers one for each node.
Each layer is additional encryption with instructions for a specific node, such as “forward to node B” or “send to recipient.”
It works like this: you encrypt the message with the public key of node C, adding the instruction “forward to node B.” You encrypt this packet again with the public key of node B with the instruction “forward to node A.” Then the entire packet is encrypted with the public key of node A with the instruction “send to recipient.”
When you send the packet, it goes to node A. Node A opens its layer with its secret key, sees the instruction “forward to node B” and forwards the data. The data remains encrypted for other nodes. Node B opens its layer, sees the instruction “forward to node C” and forwards it. Node C opens the last layer, sees that it needs to be sent to the recipient, and does so.
Each node only knows its own step and does not see the content of the message, its sender, or its recipient.
Why is encryption called garlic?🧄
Now, let's talk about “garlic” encryption in detail. In I2P, your message is packed with others into one encrypted packet🗂, called garlic. This packet may include your message, others’ messages, and network data like tunnel commands⚙️
All these messages are encrypted together, and each layer of encryption (for nodes A, B, C) covers the entire large packet, not each message individually.
When node A opens its layer, it sees the instruction for the entire packet, such as “forward to node B,” and sends it on. It does not know how many messages are inside, whose they are, or where they are going. Node B does the same, opening its layer and forwarding the packet to node C. Node C, opening the last layer, can send the entire packet or parts of it (depending on the instruction) to the recipients, but it does not know how many messages are inside and to whom they are addressed. This makes it impossible to determine whose message is where, even when observing the network.
Each message in the packet is protected by individual encryption for its recipient🔑 so that no one but the intended person can open it.
The messages inside the packet are not explicitly separated they are sort of stuck together into one continuous encrypted piece of data. I2P can also add “garbage” data🗑 fake messages that masquerade as real ones but mean nothing.
In addition, I2P mixes♻️ your packet with other data on the network and can add random delays during transmission. This makes it difficult to analyze traffic. Tunnels change every 10 minutes, and the nodes in them are selected again, so it is impossible to track the path.
How does garlic encryption differ onion encryption?🧅
In onion encryption, each message is encrypted separately and transmitted through its own chain of nodes. Garlic encryption not only wraps your message in layers of encryption, but also combines it with other messages and fake data into a single encrypted packet.
#i2p #cryptography #garlic_encryption #anonymity #tor
Please open Telegram to view this post
VIEW IN TELEGRAM
0•Bytes•1
monero_en.pdf
Hello, my Mad Hatter friends! 🎩
Let me ask you a question: have you ever wondered how Monero's security works and whether it is as reliable as they say?🪙
In my new article, I figured this out and also explained how to further protect yourself so that your transactions remain invisible even to the most curious eyes.🛡
I describe in detail how Monero works, how resistant it is to attacks, and what measures will help you maintain your anonymity. 🔑
The article covers attacks ranging from Black Marble Flooding to Eclipse Attacks, and I also share practical tips on how to run your own node and configure Tor to increase your privacy.
I hope you will find it interesting to delve into this topic. 🧩 At the end of the article, there are links to additional materials so that you can explore this topic in more depth if you wish. ⚙️
Enjoy your tea! ☕️🩷
English version:
#Monero #XMR #cryptography #privacy #blockchain #ring_signatures #stealth_addresses #RingCT #Tor #I2P #crypto_wallet #security #anonymity #decentralization #Kovri #FCMP #crypto_protection
Let me ask you a question: have you ever wondered how Monero's security works and whether it is as reliable as they say?🪙
In my new article, I figured this out and also explained how to further protect yourself so that your transactions remain invisible even to the most curious eyes.🛡
I describe in detail how Monero works, how resistant it is to attacks, and what measures will help you maintain your anonymity. 🔑
The article covers attacks ranging from Black Marble Flooding to Eclipse Attacks, and I also share practical tips on how to run your own node and configure Tor to increase your privacy.
I hope you will find it interesting to delve into this topic. 🧩 At the end of the article, there are links to additional materials so that you can explore this topic in more depth if you wish. ⚙️
Enjoy your tea! ☕️🩷
English version:
#Monero #XMR #cryptography #privacy #blockchain #ring_signatures #stealth_addresses #RingCT #Tor #I2P #crypto_wallet #security #anonymity #decentralization #Kovri #FCMP #crypto_protection
Media is too big
VIEW IN TELEGRAM
A Botnet Accidentally Destroyed #I2P (The Full Story)
https://www.youtube.com/watch?v=VZ-7t1fN7eI
#p2p #mesh
https://www.youtube.com/watch?v=VZ-7t1fN7eI
#p2p #mesh
NoGoolag
A Botnet Accidentally Destroyed #I2P (The Full Story) https://www.youtube.com/watch?v=VZ-7t1fN7eI #p2p #mesh
On February 3, 2026, the I2P anonymity network was flooded with 700,000 hostile nodes in what became one of the most devastating Sybil attacks an anonymity network has ever experienced. The network normally operates with 15,000 to 20,000 active devices. The attackers overwhelmed it by a factor of 39 to 1.
For three consecutive years, I2P has been hit with Sybil attacks every February. The 2023 and 2024 attacks used malicious floodfill routers and remain unattributed. When the 2026 attack began, most assumed it was the same state-sponsored operation continuing its annual disruption campaign. The assumption was wrong.
The attacker was identified as the Kimwolf botnet, an IoT botnet that infected millions of devices including streaming boxes and consumer routers throughout late 2025. Kimwolf is the same operation behind the record-setting 31.4 terabit per second DDoS attack in December 2025. The operators admitted on Discord they accidentally disrupted I2P while attempting to use the network as backup command-and-control infrastructure after security researchers destroyed over 550 of their primary C2 servers.
The I2P development team responded by shipping version 2.11.0 just six days after the attack began. The release includes hybrid ML-KEM plus X25519 post-quantum encryption enabled by default, making I2P one of the first production anonymity networks to ship post-quantum cryptography to all users. Additional Sybil mitigations, SAMv3 API upgrades, and infrastructure improvements were included.
☆-----☆-----☆-----☆-----☆ CHAPTERS ☆-----☆-----☆-----☆-----☆
00:00 What is I2P?
00:58 The 700K Node Attack
01:45 History of Sybil Attacks on I2P
02:19 It Was Actually a Botnet (Kimwolf)
03:49 Why Kimwolf Targeted I2P
04:27 The Sybil Vulnerability Researchers Warned About
05:48 What a State Actor Could Do
06:34 Government Attacks on Privacy & Anonymity
08:23 I2P's Response: Version 2.11.0
09:41 Post-Quantum Crypto & Sybil Mitigations
10:31 I2P vs Tor Project Comparison
10:53 Kimwolf Is Falling Apart
11:31 The Bigger Protocol-Level Problem
12:45 Update Now & Final Thoughts
#i2p
For three consecutive years, I2P has been hit with Sybil attacks every February. The 2023 and 2024 attacks used malicious floodfill routers and remain unattributed. When the 2026 attack began, most assumed it was the same state-sponsored operation continuing its annual disruption campaign. The assumption was wrong.
The attacker was identified as the Kimwolf botnet, an IoT botnet that infected millions of devices including streaming boxes and consumer routers throughout late 2025. Kimwolf is the same operation behind the record-setting 31.4 terabit per second DDoS attack in December 2025. The operators admitted on Discord they accidentally disrupted I2P while attempting to use the network as backup command-and-control infrastructure after security researchers destroyed over 550 of their primary C2 servers.
The I2P development team responded by shipping version 2.11.0 just six days after the attack began. The release includes hybrid ML-KEM plus X25519 post-quantum encryption enabled by default, making I2P one of the first production anonymity networks to ship post-quantum cryptography to all users. Additional Sybil mitigations, SAMv3 API upgrades, and infrastructure improvements were included.
☆-----☆-----☆-----☆-----☆ CHAPTERS ☆-----☆-----☆-----☆-----☆
00:00 What is I2P?
00:58 The 700K Node Attack
01:45 History of Sybil Attacks on I2P
02:19 It Was Actually a Botnet (Kimwolf)
03:49 Why Kimwolf Targeted I2P
04:27 The Sybil Vulnerability Researchers Warned About
05:48 What a State Actor Could Do
06:34 Government Attacks on Privacy & Anonymity
08:23 I2P's Response: Version 2.11.0
09:41 Post-Quantum Crypto & Sybil Mitigations
10:31 I2P vs Tor Project Comparison
10:53 Kimwolf Is Falling Apart
11:31 The Bigger Protocol-Level Problem
12:45 Update Now & Final Thoughts
#i2p
Forwarded from 0•Bytes•1
Enjoy your tea, Hatters🎩
Today I want to share an interesting project with you: Ermine OS 🗻🦦. It’s a private live system based on Debian, created specifically for secure crypto operations 💲 and anonymous web browsing (for example, visiting forums)🌐.
Here is the repository: https://github.com/ermiusio/ermine_os
In addition to the system itself, the author has written a fairly long article that provides a detailed analysis of popular privacy-focused live distributions.
I particularly liked the breakdown of Tails OS🧅.
It explains the inner workings of the system "related to privacy"⚙️
For example, at the level of systemd services, scripts, and iptables, it shows how the killswitch works. It also covers issues with video memory (yes, this was a known problem, but I hadn't seen a breakdown of it in other reviews before). It even explains why Persistent Storage partially undermines the Tails concept itself and analyzes how application protection is implemented via AppArmor. It's a shame the author didn't go even deeper (for example, looking for backdoors in the source code), but overall, I hadn't seen such a high-quality review in Russian available publicly before.
The article also covers other "private live" systems like Whonix Live, Heads, Kicksecure Live, and so on.
And now about Ermine OS 🦦 itself:
The system runs entirely from a USB drive and writes almost nothing to the disk. All traffic goes exclusively through Tor with a kill-switch (if Tor were to suddenly fail, the network simply shuts down). There is an automatic MAC address and hostname changer. Among the applications, it includes Tor Browser with the author's own Fingerprint Spoofer plugin, a separate browser for I2P🚦, a separate i2pd with a GUI using zenity, and Cake Wallet.
Regarding security: it has custom AppArmor policies for all programs🔒, kernel hardening via sysctl, protection against cold-boot attacks using sdmem, and a completely disabled swap.
Additionally, the author has created an experimental option - RAM-mode which can be selected at boot. In this mode, the system continues to work even after the USB stick is removed, staying entirely within RAM.
The author has also prepared a detailed step-by-step guide on how to build your own live system in the second part of the article, plus they tested the killswitch and other important features.
The project looks quite interesting. Yes, it is still a bit rough around the edges, but as an article with a working example of a private live system, it is already excellent material.
It will be especially useful for beginners who want to build their own distribution for privacy purposes 🧩. There aren't many projects like this with decent articles and guides.
Of course, Heads also has documentation, but it's from 2017 and lacks such an in-depth comparison with other systems.
In general, big thanks to the author☝️ I don't understand why the repository is still so niche; in my opinion, it deserves much more attention. Alas, the article is written in Russian, and the author did not provide a translation. But I have translated it into English for them; enjoy it🌟
P.S. I only translated the md, the images are not included, but you can view the original tests and images in the github.
I hope you find it useful too ❤️
#anonymous_networks #crypto_protection #browsers #OPSEC #linux #i2p #privacy #tools #tor
Today I want to share an interesting project with you: Ermine OS 🗻🦦. It’s a private live system based on Debian, created specifically for secure crypto operations 💲 and anonymous web browsing (for example, visiting forums)🌐.
Here is the repository: https://github.com/ermiusio/ermine_os
In addition to the system itself, the author has written a fairly long article that provides a detailed analysis of popular privacy-focused live distributions.
I particularly liked the breakdown of Tails OS🧅.
It explains the inner workings of the system "related to privacy"⚙️
For example, at the level of systemd services, scripts, and iptables, it shows how the killswitch works. It also covers issues with video memory (yes, this was a known problem, but I hadn't seen a breakdown of it in other reviews before). It even explains why Persistent Storage partially undermines the Tails concept itself and analyzes how application protection is implemented via AppArmor. It's a shame the author didn't go even deeper (for example, looking for backdoors in the source code), but overall, I hadn't seen such a high-quality review in Russian available publicly before.
The article also covers other "private live" systems like Whonix Live, Heads, Kicksecure Live, and so on.
And now about Ermine OS 🦦 itself:
The system runs entirely from a USB drive and writes almost nothing to the disk. All traffic goes exclusively through Tor with a kill-switch (if Tor were to suddenly fail, the network simply shuts down). There is an automatic MAC address and hostname changer. Among the applications, it includes Tor Browser with the author's own Fingerprint Spoofer plugin, a separate browser for I2P🚦, a separate i2pd with a GUI using zenity, and Cake Wallet.
Regarding security: it has custom AppArmor policies for all programs🔒, kernel hardening via sysctl, protection against cold-boot attacks using sdmem, and a completely disabled swap.
Additionally, the author has created an experimental option - RAM-mode which can be selected at boot. In this mode, the system continues to work even after the USB stick is removed, staying entirely within RAM.
The author has also prepared a detailed step-by-step guide on how to build your own live system in the second part of the article, plus they tested the killswitch and other important features.
The project looks quite interesting. Yes, it is still a bit rough around the edges, but as an article with a working example of a private live system, it is already excellent material.
It will be especially useful for beginners who want to build their own distribution for privacy purposes 🧩. There aren't many projects like this with decent articles and guides.
Of course, Heads also has documentation, but it's from 2017 and lacks such an in-depth comparison with other systems.
In general, big thanks to the author☝️ I don't understand why the repository is still so niche; in my opinion, it deserves much more attention. Alas, the article is written in Russian, and the author did not provide a translation. But I have translated it into English for them; enjoy it🌟
P.S. I only translated the md, the images are not included, but you can view the original tests and images in the github.
I hope you find it useful too ❤️
#anonymous_networks #crypto_protection #browsers #OPSEC #linux #i2p #privacy #tools #tor
GitHub
GitHub - ermiusio/ermine_os: Репозиторий объясняет работу приватных дистрибутивов и содержит обзор защищённых ОС. В качестве примера…
Репозиторий объясняет работу приватных дистрибутивов и содержит обзор защищённых ОС. В качестве примера выложена Ermine минималистичная Live-система на Debian с kill-switch, AppArmor и усиленным яд...
Forwarded from 0•Bytes•1
README_en.pdf
1.3 MB
Аrticle about private live Linux from the repository ermine_os translated into English
#anonymous_networks #OPSEC #linux #i2p #privacy #tools
#anonymous_networks #OPSEC #linux #i2p #privacy #tools