I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

add the August trip reports collected from all over

Browse Source
This commit is contained in:
hankhill19580
2019-08-30 20:05:18 +00:00
parent 04fff79d15
commit fda99eb305
5 changed files with 341 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
i2p2www/blog/2019/08/30/defcon.rst Normal file
View File

@ -0,0 +1,89 @@
==============================================
{% trans -%}Def Con Trip Report- zzz{%- endtrans %}
==============================================
.. meta::
:author: zzz
:date: 2019-08-30
:category: release
:excerpt: {% trans %}Def Con Trip Report- zzz{% endtrans %}
{% trans -%}Def Con Trip Report{%- endtrans %}
==============================================
{% trans -%}
idk and I attended DEFCON 27 and presented two workshops on I2P for application
developers, with support from mhatta and Alex. I gave the workshop at Monero
Village and idk gave the one at Crypto/Privacy Village. Here, I will summarize
the Monero Village workshop, and a Tor talk by Roger Dingledine. idk will post a
trip report covering his workshop.
{%- endtrans %}
{% trans -%}
We had about 8 attendees for the Monero Village workshop, entitled "I2P for
Cryptocurrency Developers". We planned to discuss the particular networking
needs for each application and work through the various i2ptunnel and SAM
options available. However, all attendees were relatively unfamiliar with I2P,
so we pivoted and gave an overview of I2P. As none of the attendees had a laptop
with them, we helped several of them install I2P on their Android phone and
walked through some of the features of the app. For all users, the app appeared
to reseed and build tunnels fairly quickly.
{%- endtrans %}
{% trans -%}
One common question after installing the app was "what do I do now?". The app
doesn't have a 'hidden services of interest' section or first-run wizard like
our desktop application does, and most of the default addressbook entries are
long-dead. There's improvements we could make to the first-run experience.
Also, some of the more interesting parts of the app are hidden behind an
advanced setting; we should review those items and consider un-hiding some of
them.
{%- endtrans %}
{% trans -%}
It's always useful to go to Tor talks, not so much to find out what they're
doing, but to hear how they explain things to people, and what terminology they
are using. Roger's talk "The Tor Censorship Arms Race" was in a large room
attended by about two thousand people. He gave a very brief overview of Tor
with only three or four slides. He says they now have "two to eight million
users a day". Most of the talk was a review of national blocking attempts over
the years, starting with Thailand and Iran in '06-'07 through Tunisia, china,
and Ethiopia in 2011. He called Tor bridges a "crappy arms race". He showed a
new form to be showed to new users, with a checkbox "Tor is censored in my
country".
{%- endtrans %}
{% trans -%}
Their new pluggable transport "snowflake" uses a combination of domain
fronting, webrtc, javascript, brokers and proxies to reach a Tor bridge. Roger
only had one slide on it, and I wasn't familiar with it, so we should do more
research on what it's all about. He briefly mentioned some things they may be
working on next, including "salmon" distribution of bridges, FTE/Marionette,
decoy routing, and "cupcake" which is an extension of snowflake. While I don't
have any further information about them, they may be good buzzwords to keep an
eye out for on their mailing lists.
{%- endtrans %}
{% trans -%}
Much of Tor's censorship woes is due to Tor's popularity, but their TLS
handshake is a particular issue and it's been the focus of much of the "arms
race" over the years. In some ways we're in better shape, as we've taken
several features of their current-best obfs4 pluggable transport and build them
into NTCP2. However, we do have issues with our website and reseeds being
blocked, as Sadie and Phong will be presenting at USENIX FOCI this week.
{%- endtrans %}
{% trans -%}
Notes for next time: I do recommend DEFCON, as long as we find a village to
call our home. It's an enormous conference and the limited general hangout
spaces are massively overcrowded. Both Monero Village and Crypto/Privacy
Village were fantastic hosts and we had several hours at each spot to meet with
people. We should find more opportunities to work with both organizations.
There were also ZCash people at the Monero Village and we should work with them
also. Any future workshop should be targeted at a more general audience. We do
need a standard "Intro to I2P" slide deck; it would have been helpful at the
workshops. Don't expect attendees to have laptops with them, focus on Android
for any hands-on exercises. There's several improvements to be made in our
Android app. Drink lots of water in Vegas... and stay away from the slot
machines.
{%- endtrans %}

76
i2p2www/blog/2019/08/30/defcon2.rst Normal file
View File

@ -0,0 +1,76 @@
==============================================
{% trans -%}Def Con Trip Report- idk{%- endtrans %}
==============================================
.. meta::
:author: idk
:date: 2019-08-30
:category: release
:excerpt: {% trans %}Def Con Trip Report- idk{% endtrans %}
{% trans -%}Def Con Trip Report{%- endtrans %}
==============================================
{% trans -%}
I went to Def Con 27 last weekend to give a workshop on I2P application
development, and to meet zzz, mhatta, and Alex in person.
{%- endtrans %}
{% trans -%}
My workshop went well, we even had a few application developers attend! In
particular I had a pretty lengthy conversation with a person named Mary about
how I2P could be used to eliminate centralization and enhance privacy in
a "Magic Wormhole" type of application. While I wasn't totally familiar with
Magic Wormhole at the time, I think most of my advice was usable. I think Mary
had some very interesting and workable ideas about sharing information in more
human-centric ways that could be interesting in I2P applications, and am looking
forward to experimenting with some of those.
{%- endtrans %}
{% trans -%}
The materials I made for the application development workshop are available on
Github! https://github.com/eyedeekay/defcon Please consider it a living document,
your input is desired! As it is licensed permissively, you are free to fork it
and make it your own as well. Share your examples, your hacks, or correct my
comma use, complain about my document preparation style, or just print off your
own copy in booklet form!
{%- endtrans %}
{% trans -%}
I also talked to a guy who gives advice to the government about the differences
between I2P and Tor, why I2P is more P2P-friendly, and some scenarios in which
peers in a P2P application might want to have enhanced privacy from each-other,
and why I2P is perhaps uniquely suited to accomplish that.
{%- endtrans %}
{% trans -%}
In general, both the application development workshops went well, even though
they didn't go entirely according to plan in that only a small proportion of the
audience were application developers. The impression I got was that many people
are very interested in I2P, but also many people are confused by how interacting
with I2P works. By re-focusing on their questions and by teaming off with zzz,
mhatta, and Alex we were fairly successful at dealing with our audience, which
was more varied in terms of occupation, interest, and I2P knowledge than
expected.
{%- endtrans %}
{% trans -%}
Besides that, I also talked to Alex about my experimental contextual-identity
driven I2P proxy plugin for Firefox and eventually, Brave Browser. Got to talk
a little about bundling, but not too much, as it was a very busy convention. I'm
looking forward to following up with him on that soon.
{%- endtrans %}
{% trans -%}
mhatta and I almost won a lobster from a claw machine, but it was a real
fighter and got away at the last second. Really thought I had it for a moment
though. :)
{%- endtrans %}
{% trans -%}
To add to zzz's notes for next time, aside from being more general I believe our
workshops would not have been as able to adapt to the needs of the audience
without the support of mhatta and Alex. Having people who can help particpants
individually or in small groups was immensely helpful, many, many thanks to both
of them for helping us out.
{%- endtrans %}

79
i2p2www/blog/2019/08/30/foci.rst Normal file
View File

@ -0,0 +1,79 @@
==================================================
{% trans -%}USENIX FOCI Trip Report{%- endtrans %}
==================================================
.. meta::
:author: sadie
:date: 2019-08-30
:category: release
:excerpt: {% trans %}USENIX FOCI Trip Report{% endtrans %}
{% trans -%}USENIX FOCI Trip Report{%- endtrans %}
==================================================
{% trans -%}
Over the past year I have had the good fortune to participate in the research
Nguyen Phong Hoang from Stony Brook University has been doing regarding I2P
censorship. The infrastructure used for this research provided numerous and
geographically diverse vantage points, and also the ability to conduct in-depth
measurements across all levels of the network stack. I2P services which were
measured for availability included official homepage, mirror site, reseed
servers and active relays.
{%- endtrans %}
{% trans -%}
The presentation on Tuesday went very well, and Phong was very busy afterwards
answering questions about his work. I was busy too answering questions about
I2P and what it does. The new stickers featuring the updated logo by Ura Design
got rave reviews! It was a very positive experience and I will be looking
forward to continuing to work with Phong and monitoring I2P censorship. I would
encourage anyone who has encountered blocking, or has had success using I2P to
communicate in restricted environments to reach out if you can. I2P is
currently working on new solutions to circumvent internet blocking. Having met
people this year who have given me first hand accounts of the effects of
censorship and the need to stay connected, makes the need for I2P to be more
resilient where it needs to be and for the team to be creating guides for using
I2P in these situations.
{%- endtrans %}
{% trans -%}
I will be putting together better resources for researchers interested in I2P,
as well.
{%- endtrans %}
{% trans -%}
I also had the good fortune to spend time with Mhatta, who is an I2P
contributor, and to make connections for future funding. A huge thank you to
the community builders I met in Tunis who I met again and who are offering so
much support to the project. This has been an exciting year so far, and I2P has
so much work to do. Please consider donating your time or funding the project
as it needs to scale quickly to new challenges.
{%- endtrans %}
{% trans -%}
If you have an opportunity to, you can read the full report Measuring I2P
Censorship at a Global Scale here
https://www.usenix.org/conference/foci19/presentation/hoang
{%- endtrans %}
{% trans -%}
Another great workshop in the measurements workshop was On the Importance of
Encrypted-SNI (ESNI) to Censorship Circumvention
https://www.usenix.org/conference/foci19/presentation/chai
{%- endtrans %}
{% trans -%}
There are so many great workshops that I attended - anyone who would like too
can access the program and related materials here:
https://www.usenix.org/conference/foci19/workshop-program
{%- endtrans %}
{% trans -%}
I will be attending Our Networks in Toronto next month https://ournetworks.ca/
- and so should you! The program can be viewed here
https://ournetworks.ca/program/
{%- endtrans %}
Sadie

50
i2p2www/blog/2019/08/30/freedom.rst Normal file
View File

@ -0,0 +1,50 @@
================================================================
{% trans -%}Internet Freedom Festival Trip Report{%- endtrans %}
================================================================
.. meta::
:author: sadie
:date: 2019-08-30
:category: release
:excerpt: {% trans %}Internet Freedom Festival Trip Report{% endtrans %}
{% trans -%}Internet Freedom Festival Trip Report{%- endtrans %}
================================================================
{% trans -%}
This was my first time attending IFF, and what a great experience for I2P this
was! I met with human rights defenders, people who work on censorship metrics,
and of course UX and security professionals.
{%- endtrans %}
{% trans -%}
My goal was to connect with people to further support I2Ps UX overhaul,
keeping in mind security and UX considerations for frontline workers. As it was
pointed out to me, people see I2P as a very important and powerful resource to
circumvent censorship and support safe communication, however the interface
suffers from some usability concerns. People were happy with our initial steps
to make first time users have a better experience, such as our set up wizard
and bandwidth detection tool. I also received positive reviews on our changes
to the website and /home icons. It was very encouraging to hear directly from
the community that small changes we have made are in the right direction.
{%- endtrans %}
{% trans -%}
Things like having configuration happen out of the box and not having to put
people in the position where they need to rely on reading so much documentation
or chasing documentation were discussed. Also, improved documentation for
setting up outproxies and and site mirroring were requested and suggested.
Please see Mikals very good instructions on setting up an I2P outproxy that
came out of the suggestions this week —
https://0xcc.re/howto-setup-an-i2p-outproxy/. Another suggestion was to make
bug reporting easier.
{%- endtrans %}
{% trans -%}
To this point, I truly hope that the project will secure resources to continue
the improvements to its usability that it requires to meet the growing demand
for I2P services. It is humbling to to be working with such talented people and
to be able to work together with our community during a time when people all
over the globe need all of the privacy protecting resources we as people who
develop, design and educate can offer.
{%- endtrans %}

47
i2p2www/blog/2019/08/30/rights.rst Normal file
View File

@ -0,0 +1,47 @@
================================================
{% trans -%}RightsCon Trip Report{%- endtrans %}
================================================
.. meta::
:author: sadie
:date: 2019-08-30
:category: release
:excerpt: {% trans %}RightsCon Trip Report{% endtrans %}
{% trans -%}RightsCon Trip Report{%- endtrans %}
================================================
{% trans -%}
The messages from activists in Syria during the Access No\_! session on the
first day were deeply moving and really drove home why I work in digital
rights. We listened to the experiences of activists who are unable to travel
due to lack of status, documentation and active conflict. For these people
“the internet is the only passport (they) carry.” Human rights defenders
spoke of the importance of digital training to keep people protected when they
are communicating with family inside of the country, as well as with family and
friends who have left. They had created digital clinics to show people how to
use services securely, for instance, how to use features like Signals
disappearing messages so that those messages could not be used against them
when devices are searched at security check points. Continuing to pursue
education was also very important, the internet being relied on to access
resources.
{%- endtrans %}
{% trans -%}
The following days we met with people who had both questions about I2P and
suggestions for potential use cases. We also discussed overhauling the project
documentation for threat models, improving guides for users with little
technical background, and ensuring that these guides are easily translatable. I
made a note that I should go through the proposals and connect then to human
use cases and solutions. This will be part of the projects continued effort
to improve its user guides and onboarding.
{%- endtrans %}
{% trans -%}
The opportunity to meet face to face with people who are using I2P and have
successfully used it to circumvent internet blockages was inspiring. As the
project has began working on its own browser and is examining outproxy
packaging, it needs as much feedback and testing as possible to create secure
and frictionless experiences for people. Also, the I2P network needs more
hosted content and mirrored sites in order to expand resources for its users.
{%- endtrans %}