Regular users in Sweden are in danger because a corporation needs to fill their pockets. Studios are suing your ISPs to get to you.

Use I2P. It will hide your IP address (among the many things it can do), afford you more privacy and allow you to torrent freely, even without a VPN/seedbox. The catch? You’ll have to add the I2P trackers to your torrent.

I believe I2P is the way forward for piracy and I look forward to it getting bigger than it already is.

  • ExcessShiv@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    3
    ·
    edit-2
    3 months ago

    A proper VPN provider is sufficient to protect against this though. If you, as a Swedish citizen, weren’t already using a VPN, you were being an idiot.

    I mean, it still makes sense to also use I2P, but it is currently not good enough as a full replacement.

    • Findmysec@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      35
      arrow-down
      7
      ·
      3 months ago

      A VPN company can easily give up your details to the police who are now actively going after citizens. VPNs are not enough anymore.

      Is there a problem with I2P adoption? I’m sensing a massive lack of interest from this thread

      • 1984@lemmy.today
        link
        fedilink
        English
        arrow-up
        26
        arrow-down
        1
        ·
        edit-2
        3 months ago

        If there are no logs, there is nothing to give up. There is no law that they have to keep logs as far as I know.

        Don’t get me wrong, I’m interested in i2p. Thanks for posting.

        • Findmysec@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          2
          ·
          3 months ago

          The point is that logs are generated and then deleted but companies who do not wish to keep such logs (e.g. IP address of client who connects to the VPN). I2P sure to it’s design, doesn’t even generate such incriminating logs (it might generate other kinds of logs which is a different discussion).

          Thanks

        • onlinepersona@programming.dev
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          8
          ·
          3 months ago

          If there are no logs, there is nothing to give up. There is no law that they have to keep logs as far as I know.

          You have to trust that the VPN provider doesn’t store logs. I2P is pretty much trustless besides where the binary comes from, but you can even compile it yourself.

          Anti Commercial-AI license

          • adr1an@programming.dev
            link
            fedilink
            English
            arrow-up
            15
            arrow-down
            2
            ·
            3 months ago

            Mullvad is trustworthy (imho, and because of audits).

            Anyway, you can have both, and run purple i2p with blackjack and torrents!

            • lud@lemm.ee
              link
              fedilink
              English
              arrow-up
              10
              ·
              3 months ago

              Mullvad is great. I unfortunately had to switch because they removed port forwarding, but I highly wish they didn’t.

                • lud@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  ·
                  edit-2
                  3 months ago

                  I switched to AirVPN right after I used mullvad but I was not that happy with their speeds (max speeds were around 500-600 Mbit/s), so I now use Proton. Proton is nice except that the port changes with every connection. Fortunately I found a fork of the VPN app that has support for automatically changing the port in qbittorrent. Other than that I’m pretty happy with Proton. :)

          • Robust Mirror@aussie.zone
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 months ago

            I use PIA, cheap and they’ve been involved in at least 2 court cases where their no logging policies were proven.

      • Abnorc@lemm.ee
        link
        fedilink
        English
        arrow-up
        14
        ·
        3 months ago

        I admit that I’m skeptical since everyone is a node. It probably is fine, but I don’t know the risks that I take by volunteering as a node. I thought that VPNs can be fine as long as they don’t store logs, but I could be mistaken.

        • ReversalHatchery@beehaw.org
          link
          fedilink
          English
          arrow-up
          18
          ·
          3 months ago

          as a node

          • you are unable to see the contents of traffic you route thanks to layered encryption
          • you wont be routing traffic to the internet (unless you specifically set it up), but only to other I2P routers
        • Findmysec@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          3
          ·
          3 months ago

          VPNs usually do store your IP when you connect to them, even if they delete it later (it is technically impossible to not know the IP address of whoever is connecting to the VPN). And the likes of Mullvad and IVPN do not allow port-forwarding.

          I will repeat what I said to the other commenter: please read the documentation. Being a router doesn’t mean that traffic and its contents can be linked to your identity. Data is broken down into chunks and encrypted along with metadata being scrambled. Unless there’s a zero day I’m unaware of, you are perfectly safe.

        • onlinepersona@programming.dev
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          6
          ·
          3 months ago

          Being a node isn’t an issue. The traffic is encrypted, the destinations are unknown to the nodes themselves, and the traffic does not leave the overlay network (I2P). In TOR, you also have something similar, but the traffic can exit the overlay network but to do so, your node must be an exit node. I2P nodes are internal by default and it’s not that easy to make it an exit node.

          You are very safe being a node in I2P.

          Anti Commercial-AI license

      • ExcessShiv@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        4
        ·
        edit-2
        3 months ago

        A good VPN won’t have any details to hand over that will convict you, even if they wanted to (e.g. mullvad), so they most definitely are enough.

        And police are not going after citizens, rights holders are (like they always have been) by suing ISPs in hopes of getting your info.

        What in don’t like about I2P, is being a node for other peoples traffic.

        • Findmysec@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          4
          ·
          edit-2
          3 months ago

          VPNs log your IP. And Mullvad doesn’t allow port-forwarding, which means you can’t seed.

          Being a node for traffic doesn’t mean it can be linked to your identity, because everything is encrypted and metadata is scrambled. TOR node operators take much greater risks because depending on how they have set it up, it can lead to their identity being compromised. It’s a small chance but it can happen.

          I can’t convince you. I only hope that people start seeing the need for it and begin reading the documentation to see its strengths

            • Saik0A
              link
              fedilink
              English
              arrow-up
              5
              ·
              3 months ago

              and seeding seems to work for me.

              You can only seed to people who have ports open. At least one side of the connection needs to be reachable.

              It’s people like me who keep ports available that are able to seed to you.

          • ExcessShiv@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            3
            ·
            edit-2
            3 months ago

            VPNs log your IP.

            But they don’t log the data going through. The IP alone will not be enough for a conviction at all. They also need to prove that you acquired/shared copyrighted content. Any proper VPN isn’t going to log that.

            But if you think like that I suppose you aren’t very interested in running TOR relays or exits either.

            No, I’m not at all interested in that either. I don’t want to risk any nefarious traffic that I have no control over running through my network.

            I get the appeal of I2P for torrenting and I can absolutely see the value it can bring. But as long as I will have to be a node for other random peoples traffic, I’ll pass.

            • Scary le Poo@beehaw.org
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              3 months ago

              I feel as though this take is fully fud. It sounds like a take that came from seeing tons of advertisements for vpns without really understanding how they work. Maybe I’m wrong about you. That said, in general, a VPN is not a great cloak for piracy.

              • ExcessShiv@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                edit-2
                3 months ago

                If there was a completely zero percent risk that I would be used as a node for something truly horrible, I also wouldn’t mind. But I’d rather torrent with a slightly elevated risk rather than enabling things that should not be enabled. By torrenting with a VPN, at least I have the control over what happens on my network and exactly what data I’m part of sharing.

                • ReversalHatchery@beehaw.org
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  arrow-down
                  1
                  ·
                  3 months ago

                  there is 0% risk until your country makes a law that prohibits any and all P2P communication. That would not only break torrents, but would thwart signal/telegram/whatsapp calls too, Jitsi meetings, probably google meet and zoom too, as all those use P2P traffic for performance.

                  So far there are only such laws in far east countries, and the official java I2P router is smart enough to not participate in routing when you are in such a place.
                  Also, I think for routing to work you need to open a port, without it that won’t be done.

    • melroy@kbin.melroy.org
      link
      fedilink
      arrow-up
      14
      arrow-down
      1
      ·
      3 months ago

      People who accepted this situation, promoted or even have implemented this are also idiots. Be warned, this can happen in every country, both US and in EU…

    • Jessica@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      You also need to fully encrypt the traffic in your bit torrent client. You will get fewer peers, but it’s much safer

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    27
    ·
    3 months ago

    Does anyone know of a fairly uncomplicated method to set up my seedbox, so I can seed on the clearnet and I2P at the same time, without having to store two copies of all my torrents? I already seed terrabytes of torrent data, and I don’t want to store duplicates of all that.

    • Findmysec@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      18
      ·
      3 months ago

      Unfortunately, Qbittorrent’s I2P support is still experimental. Assuming your seedbox provider can let you run BiglyBT or any other client that can cross-seed, all you have to do is add I2P trackers to your torrent file. You can also upload your torrent files to Postman on I2P for them to be registered.

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      10
      ·
      3 months ago

      I know nothing about seedboxes, but on a computer you can point multiple torrents to the same directory. If you make it read-only, by permission or mount options or whatever, the torrent client can’t even fuck it up

      • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 months ago

        I know nothing about seedboxes

        It’s basically just a cheap virtual server running e.g. Deluge or ruTorrent, hosted by a torrent-friendly provider in some country that doesn’t give a fuck about DMCA notices. Most don’t allow the user to access the underlying Linux system though, but mine does actually give me a root shell.

        I’m gonna have to look into deploying another torrent client on the seedbox, besides my current ruTorrent installation. My provider also offers dedicated servers. They’re more expensive, but I might go with one so I can seed on the clearnet and I2P. It will probably have enough overhead CPU, RAM and bandwidth, so I can also run a Tor node and maybe IPFS.

        • Findmysec@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          I’m assuming your seedbox providers allows you root access to the server? Which provider is this?

              • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                3 months ago

                Currently on Iridium G10, I was on Gold G10 before, but ran out of storage. It’s pretty expensive though, and I’m open for better suggestions. I think the next one I’m gonna try out is AppBox. Unfortunately no XMR, but they offer other crypto currencies such as BTC, ETH, LTC, BCH and others. seedboxes.cc also seems interesting. I’m also looking into getting a dedicated server from seedhost.eu for ~30 EUR/month.

                What do you use now?

                • Findmysec@infosec.pubOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  3 months ago

                  I still have one of their ECO boxes but it’s not doing much. I haven’t torrented anything in the last 2 months I think (didn’t find a need to).

    • sploodged@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      31
      ·
      3 months ago

      similar yes but not the same. tor held together by volunteer that run nodes, i2p everyone is a node. tor good for clearnet things, i2p good for in-network things. torrenting in i2p is good for i2p, not tor. torrenting in i2p stays in the i2p network, doesn’t go through exit nodes. there’s only about 3 of those. it’s torrenting as a darknet hidden service.

        • Findmysec@infosec.pubOP
          link
          fedilink
          English
          arrow-up
          7
          arrow-down
          1
          ·
          3 months ago

          Unless there’s a zero-day, no. All traffic is encrypted and it should be impossible to correlate traffic chunks to identities like that

        • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          3 months ago

          No, since they don’t act as exit nodes (they’re called outproxies in I2P), unless you specifically configure that. It’s like running a Tor middle/guard relay. I2P was specifically designed that way, so everyone can use I2P and be a node by default without causing any trouble.

      • 8andage@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        I tried to find the answer to this in i2p docs, maybe you would know more

        As I understand, i2p traffic still needs to send packets over TCP/IP, so what stops the nodes you communicate with from knowing your IP? Its the only thing that makes me cagey about it since other p2p services like local game servers require sharing your IP to work. Hoping to get back into torrenting, thanks!

        • sploodged@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          3 months ago

          Here’s the scary sounding part that can be counterintuitive. The routers you’re communicating with do know your ip, since they have to like you mentioned. Your ip address is also in i2p’s DHT as a “router info” which functions as a network addressbook for routers and services so things can be found without needing a centralized lookup service. Again, because for the network to work, routers need to be able to find eachother, or they can’t communicate.

          But, routers function on a need to know basis. i2p uses separate up and down links for each tunnel, and your side of the tunnel by default has 3 hops. other side usually also has 3 hops. typical unidirectional tunnel looks like this with total of 7 hops:

          A-x-x-x=x-x-x-B

          None of the chains in the link know what position they’re in (except for the endpoints). They also don’t know how long the whole tunnel is. The sender and receiver only know their parts of the tunnel. On the dht side, by design no single router has a whole view of the network, but there isn’t a whole lot of information you get from that other than knowing that person at stated ip address uses i2p, which your isp would be able to tell for example anyway just like using tor or a vpn. There’s no reason to try to obfuscate that except for getting around restrictive countries firewalls.

          The way i made sense of it was like you have an envelope that is inside several other envelopes, with each envelope representing a layer of encryption. You get an envelope from kevin, so you know kevin. You open the envelope and see another envelope addressed to george, you give the envelope to him. So you know kevin and george. But the rest is unknown to you. You don’t know who the true originator of the envelope is or where the message is ultimately going.

          Not a perfect analogy, but because of this the ultimate sender and receiver are blind to each others ip address. It’s layered encryption allowing this to happen which is similar to onion routing. Called garlic routing in i2p since there are some tweaks.

          https://geti2p.net/en/docs/how/garlic-routing

          • 8andage@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            So ip is only visible to the first/last hop, and they wouldnt know where youre going. That helps, thanks!

  • Grass@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    14
    ·
    3 months ago

    I haven’t used I2P since high school or maybe earlier if it existed then. Was it one of those faster the more people are using it things? I was skimming over setting up the docker container thinking even if I don’t use it myself it might help others (and I have unlimited data on the isp plan) but I haven’t gotten around to actually setting it up.

    • Findmysec@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      14
      ·
      3 months ago

      Yes, because it’s P2P, every node acts as a router and thus distributes bandwidth to prevent congestion

  • GatoEscobar@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    3 months ago

    Another question would be how to make a seedbox service use I2P. I have seem some but none of those didn’t mention I2P as a feature

    • Findmysec@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      Yes, that’s a bit of a problem on the average seedbox. You’d have to modify your torrent to seed on I2P by adding I2P trackers (just a couple of them, nothing much), and then run either BiglyBT or I2PSnark to seed them on I2P. Unfortunately, most seedboxes don’t give you root access, neither do they bundle these apps. Qbittorrent doesn’t have good support for it yet unfortunately.

      If you have an SBC/spare computer at home, would be great if you could attach a hard drive to it, install i2p/i2pd and either of the mentioned torrent clients, and seed from there in the meantime. Qbittorrent has seen community interest in I2P, unfortunately it’s just not there yet

  • Pulptastic@midwest.social
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    I have lots of questions. I’ve always heard to use a VPN that doesn’t keep logs, this is the first I’ve heard of i2p. If I add i2p trackers that implies I still have non-i2p trackers so can still be identified. I feel like I need way more information on how to do this safely before I change anything.

    • Findmysec@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      3 months ago

      Obviously, this doesn’t change anything if you’re still seeding to the clearnet. All this would do is cross-seed your torrents to the I2P network. I assume you have a suitable torrenting strategy already for the clearnet. If some day you were to abandon the clearnet for I2P, you would no longer need to take the precautions you do now because I2P is inherently private.

      Please skim through the documentation for a high-level overview on I2P, and ask here if you don’t understand something