HowTo/EepProxyAnonymity

Introduction

This page lists things you can do to increase your anonymity while browsing eepsites.

Improving your anonymity on I2P

Most of these potential attacks will be impossible to exploit once I2P has a functional filtering proxy in place. Until then, here are temporary solutions to reduce the potential problems. Remember, I2P is only a transport layer, which other protocols work on top of. This means, that if your client or server program has security holes, they can be likely exploited through I2P. This goes especially for Internet Explorer users.

Configuring I2P

• The I2P network uses cryptographic keys ("Destinations") instead of IP addresses for communication. Destinations, which are created on tunnel build, are unique and long-lasting by default. Using the same destination to visit multiple sites harms unlinkability, and therefore anonymity. To protect against this, go to the Hidden Services Manager in the I2P Router Console. Select the I2P HTTP Proxy and go to the advanced networking options. Enable "Close Tunnels When Idle," and enter a value in minutes. Suggested values are 20, 10, or 5 minutes. Also, enable "New Keys on Reopen." You can use similar settings on other client tunnels.

Misc

• Hinder fingerprinting by using the Tor Browser. You can browse I2P with it if you enable and configure the FoxyProxy add-on. Visit TheTinHat: I2P Browser Setup Tutorial | Using The Tor Browser For I2Pfor instructions.

• After you have configured your browser to HTTP through eepproxy, you should also, insert a bogus address, such as 127.0.0.1, with an unreachable random port into all the other protocol fields (HTTPS, FTP, Gopher, etc). This protects you from sites which try to make your browser request some data over other protocols that you don't use the eep proxy for. It would effectively reveal your IP address. Note, that Internet Explorer and a few other browsers also accept URL's which begin with telnet:// or irc:// and are sent to other programs. Since these programs might not have a proxy in place at all, you are once again vulnerable to revealing your IP. Note, that this attack can't only be exploited using clickable links, but also using images, frames, javascript, etc. This vulnerability isn't necessarily exploited on malicious sites, but can also be inserted onto sites, which contain XSS (Cross-site scripting) security holes (and might be otherwise innocent).

• When you have the eepproxy in place, don't use the browsers' host exception feature (under the proxy settings) for hosts that are out of your control. (Eg, localhost is fine, .com is not).

• Configure your browser to reject all third-party cookies. They can be used to identify you if you visit a certain site after an eepsite has set a cookie for that site.

• Site with java applet are potentialy dangerous so if you can disable java on your browser, do it...

• Some media players, notably Windows Media Player, can reveal your anonymity. Most media files can contain tags, that open up web pages at a certain time of the playback, for example. Most media players don't allow them, but WMP is an exception to this.
• ... Insert new suggestions here

Specific to some softwares browsers

• If you're using Internet Explorer, or any other ActiveX-compliant browser, disable this feature immediatelly. Accepted ActiveX components, can do virtually everything on your computer. Also, if your browser has the option to disable the plugins, you should do that, because their file formats (QuickTime, Real, Flash) are proprietary, and can also potentially contain malicious information.

• The Webbrowser Google Chrome is a security hole!! Chrome sends all ever URL you enter, whether it's regular, .onion, or .i2p to Google's servers so that they can "protect" you from phishing scams, etc. This, clearly, is undesirable if you wish to remain anonymous.

Following an URL from I2P to the outside Internet

When following an URL from I2P to the outside Internet, always use I2p Squid or another anonymizing service/proxy.

• Tor: https://www.torproject.org/

• JAP: https://anon.inf.tu-dresden.de/index_en (not recommended: Known to cooperate with authorities)

• Proxy lists: http://www.samair.ru/proxy/

• Web-based proxies: http://www.the-cloak.com/, http://www.proxify.net/

Use Privoxy. It will hide most/all of your personal information when you're browsing webpages. Privoxy is a mix of the words Privacy and Proxy.

• Download it from www.privoxy.org, follow the instructions.

• The default configuration for I2P would perhaps look something like this:

  forward-socks4a / localhost:9050 . 
  forward .i2p localhost:4444
  

  Just add it to the bottom of privoxy's config file (the first line is to route everything that is NOT in the I2P network through Tor, the 2nd line will handle all addresses inside I2P).

The obvious things

• Don't execute files of unknown or suspicious types. Don't open files that might contain malicious content (example : PDF files).
• Don't trust people in anonymous networks unless you've known them for a long time.
• Don't send any sensitive information through I2P. Use separate PGP keys for your real-world identity and your anonymous identity.
• Don't choose names, passwords or any other information, that can be associated with your identity or personality in the real life.

Tips and Tricks

For Opera browser desktop users

• Up to Opera v12 (2013) you can quickly switch between some settings (such as enabling or disabling javascript, java, plugins, proxies, etc) using the popup menu, that appears when you press F12. Use it, it's very convenient once you get used to it.

• From Opera browser v13 (2013), Opera is "chrome based" (the whole Opera software engine was changed), a lot of features were lost (until now, mean v17, october 2013).