I2P 0.7.3 erschienen
Vor kurzem ist ein Update der freien und plattformübergreifenden Netzwerk-Software I2P erschienen. Das Update umfasst zahlreiche Bugfixes und Verbesserungen.
(http://www.gulli.com/img/I2PLogo.jpg)
Was aber ist I2P? Dies ist eine Mischung aus dem zentralen Router und den einzelnen Applikationen, die von I2P angesteuert werden. Einige davon sind vorinstalliert im Paket enthalten, andere können nachträglich installiert werden. Der Router und die Anwendungen wurden aus Sicherheitsgründen streng voneinander getrennt. Was kann man mit I2P tun? Generell alles, was man sonst auch im Internet tut - dann bei Anwendung dieser Software allerdings anonym.
Wichtig: Windows-User sollten auf jeden Fall beachten, dass sie im Ordner "Program Files" ein eigenes Verzeichnis mit dem Namen I2P erstellen, ansonsten versagt die Software entgegen der Anleitung ihren Dienst.
Version 0.7.3 beinhaltet zahlreiche Fehlerbereinigungen und Verbesserungen der Software. So wurden beispielsweise die Applikationen SAM und BOB stark überarbeitet. Auch der interne Webserver Jetty wurde verändert, um vormals aufgetretene Probleme der Windows-Benutzer zu beenden.
Wichtig für Filesharer: Der Peer-To-Peer Client I2PSnark kann nun größere Torrents und auch mehr Dateien gleichzeitig verwalten. Auch am Interface des anonymen Filesharing-Clients wurde gearbeitet. So oder so, die Entwickler raten in jedem Fall zu einem Update. Weitere Informationen und die jeweiligen Installer und den Quellcode kann man der offiziellen Webseite des Projekts (http://www.i2p2.de/) entnehmen.
Quelle : www.gulli.com (http://www.gulli.com)
Anonymes Filesharing mit regulären Torrent-Dateien wäre der pure Horror der gesamten Content-Industrie. Abmahnungen wären dann nicht mehr möglich. Das Projekt Anomos ist nicht mehr allzu weit von dieser Zukunftsvision entfernt.
Bereits letzten Monat wurde Version 0.9.2 des Clients von Anomos für Windows und Linux veröffentlicht. Dieser kann von hier (http://anomos.info/wp/downloads/) heruntergeladen werden.Im Gegensatz zu Tor, Freenet oder I2P braucht man dafür keine extra Services im Hintergrund, die separat konfiguriert werden müssen. Anomos steht für sich alleine. Der Client wurde zudem so einfach wie möglich aufgebaut, um Anfängern die Benutzung zu erleichtern. Auf den ersten Blick ist kein Unterschied zu den anderen BitTorrent-Programmen erkennbar. Anomos ist eine Modifikation des regulären BitTorrent-Protokolls. Denn im Gegensatz zu den normalen BitTorrent-Transfers wird der Datenfluss strikt verschlüsselt durch ein gemischtes Netzwerk von Peers geleitet. Niemand weiß, wer einen Upload oder Download durchführt und wie die Informationen beschaffen sind.
Administrator Rich klärt die Anwender der letzten Betaversion im eigenen Forum (http://forum.anomos.info/viewtopic.php?f=3&t=6) auf: „Anomos kann eure Downloads nicht auf magische Art und Weise anonymisieren. Ihr könnt die gleichen Torrent-Dateien wie die von The Pirate Bay benutzen, die beinhalten aber nur die Metadaten. Jemand anderes muss die gleiche Datei auf dem gleichen Anomos Tracker anbieten, damit ein Transfer zustande kommen kann.“ Noch ist nicht aller Tage Abend für die Content-Industrie. Denn momentan kommt es noch unter verschiedenen Betriebssystemen zu kleineren Problemen. Sobald Anomos fertig ist und man dieses wie geplant in einen der regulären BitTorrent-Clients einbindet, so würde die Anzahl der Anwender sprungartig ansteigen, was das Anbebot für alle interessant macht.
Die Achillesferse des Systems ist ähnlich wie bei Napster der zentrale Server. Rich Jones sagte im Rahmen unseres Interviews vor 18 Monaten: „(...) die Identität des Trackers ist bekannt, weswegen wir keinen öffentlichen Tracker in den Vereinigten Staaten laufen lassen können. Es gibt aber glücklicherweise Nationen mit Regierungen, die noch nicht korrumpiert wurden. Und wo es den Bürgern möglich ist, öffentliche Tracker zu installieren.“
Auch zum Thema Musikwirtschaft fand er damals sehr klare Worte: „Es ist der verzweifelte Versuch P2P für die absolut beschissene moderne Mainstream-Musik verantwortlich zu machen. Ganz ehrlich, das ist der wahre Grund, warum niemand mehr Platten kauft. (...) Ich würde es begrüßen, wenn es Künstlern wie auch Produzenten von Inhalten möglich ist, von ihrem Geschäft zu leben. Die Industrie sollte sich aber wie ein Service mit einer freiwilligen Unterstützung zum Wohl der Konsumenten verstehen. Anstatt sich an die Gegebenheiten der Zeit anzupassen, verschickt die RIAA ihre Erpresserbriefe an junge Leute und korrumpiert unsere Regierung. Wer sich so verhält, kann von mir aus zum Teufel gehen. Natürlich wird es mit Anomos unmöglich sein zu beweisen, dass gegen Urheberrechte verstoßen wurde. Ich hoffe, sie werden nicht mehr in der Lage sein, irgendjemanden zu verklagen.“
Video: Kurzpräsentation von Anomos von Projektleiter Rich Jones auf dem 25C3.
Sobald Anomos in vollem Umfang läuft, werden Kanzleien wie Rasch, Schutt & Waettke, Kornmeier, Waldorf und Konsorten keine Chance mehr für ihr Treiben haben. Der Blog des Projekts befindet sich hier (http://anomos.info/).
Quelle : www.gulli.com
(http://static.gulli.com/media/2011/07/thumbs/370/anonymity-by-colbyfurniss-d270rn7.jpg)
Kürzlich erschien vom anonymen Netzwerk I2P eine neue Version für die Benutzer von Linux- und Windows-Computern. I2P ist ein kostenloses anonymisierendes Netzwerk, bei dem alle Daten in mehreren Schritten verschlüsselt werden. Für I2P (Invisible Internet Project) gibt es extra Clients für den IRC, P2P-Transfers, E-Mails etc. Das nächste Update der freien Software soll bereits im Juli erscheinen.
Im Gegensatz zu Tor (The Onion Routing) soll bei I2P nicht der Datenverkehr ins Internet verschlüsselt werden. Diese kostenlose Software reguliert stattdessen den Datenstrom innerhalb des eigenen Netzwerkes. Tor hat etwa 1.000 Exit Nodes, I2P nur eine einzige. Die Nutzer von I2P bewegen sich also stets in ihrem eigenen Netzwerk, statt die eingehenden und ausgehenden Daten nach außen hin zu verschlüsseln. Das Verlassen eines anonymen Netzwerkes ins reguläre Internet beinhaltet stets zahlreiche schwer wiegende mögliche Schwachstellen und fördert somit die mögliche Aufdeckung der Anwender.
Das Update der Software ist etwa vier Mal so umfangreich wie die sonstigen Updates. Neben zahlreichen Bugfixes wurden dem Netzwerk auch ein paar Neuerungen spendiert. I2P für Windows, Ubuntu, Debian & Co. ist leicht anzuwenden und somit im Gegensatz zu anderen anonymen Netzwerken durchaus auch für Einsteiger geeignet. Natürlich wird es bis zur Version 1.0, die sich an die Endanwender richten wird, noch etwas dauern. Dann soll I2P komplett unangreifbar und absolut frei von jeglichen Fehlern sein. Die Aufzählung aller Veränderungen von 0.8.7 kann hier im Detail eingesehen werden. Wer diese Version ausprobieren möchte, der Download kann hier durchgeführt werden.
Wer sich hingegen eher für die Hintergründe dieses Projekts interessiert: Wir haben bereits im März 2009 ein ausführliches Interview mit einem der Verantwortlichen von I2P durchgeführt.
Quelle: www.gulli.com
(http://static.gulli.com/media/2011/07/thumbs/370/anomos-anonymes-filesharing.jpg)
Auf dem 25C3 in Berlin präsentierte John M. Schanck (Rich Jones) erstmals sein Projekt, mit dem anonymes Filesharing ermöglicht werden sollte. Was im Sommer 2008 als hoffnungsvolles Vorhaben begann, liegt mittlerweile komplett auf Eis. Mit den momentan verfügbaren Mitarbeitern sei es schlichtweg unmöglich, die Sicherheit aller Filesharer zu gewährleisten.
Kernpunkt der Problematik ist die Absicherung aller Teilnehmer eines Transfers. Die Vorarbeiten zur Version 1.0 des Filesharing Clients drehten sich primär darum dafür zu sorgen, dass sich keine Rechteinhaber oder IP-ermittelnden Firmen in die Datenübertragungen einklinken können. Eine große Menge an Angriffen auf die Anonymität konnte nach Aussage von Schanck abgewehrt werden. Doch schnell zeigte sich, dass es mit ein paar Tricks immer wieder möglich war, die IP-Adressen der Filesharer zu erhalten. John M. Schanck, besser bekannt als Rich Jones, arbeitet auch beim Tor-Projekt mit. Dort sind zahlreiche Personen damit beschäftigt dafür zu sorgen, dass zur Sicherheit der Teilnehmer alle Bugs möglichst zeitnah gestopft werden. Er musste leider einsehen, dass er auch für sein Vorhaben weitaus mehr aktive Programmierer benötigen würde. Da Anomos nicht so bekannt ist, hielt sich der Zulauf an neuen Programmierern eher in Grenzen. Um angemessen arbeiten zu können, fehlen dem Projekt schlichtweg die Fachleute.
Anomos 0.9.5 für Linux, Windows und Mac OS X steht noch immer zum Download bereit. Und noch ist nicht aller Tage Abend. Möglicherweise wird eines Tages jemand anderes mit einem größeren Team das Vorhaben weiterführen. Doch im Augenblick ist für die nächsten Monate mit keinen weiteren Updates zu rechnen. Das ist besonders bedauerlich, weil Version 1.0 schon in greifbarer Nähe schien.
Auch PubZero, das Verzeichnis von anonymen Torrent-Dateien ist noch immer online. Allerdings wirkt die Datenbank mittlerweile stark verwaist. Auch an Seedern fehlt es an allen Ecken und Enden. Der Bezug der dort angebotenen Dokumente und Filme macht vor Erscheinen der ersten offiziellen Version sowieso aufgrund der fehlenden Absicherung aller Downloader und Uploader keinen Sinn. Auch wenn die Rechteinhaber aufgrund der mangelnden Popularität bislang wenig Interesse an Anomos gezeigt haben. Der Schutz der eigenen Identät sollte dabei stets an erster Stelle stehen. Und der ist vor Version 1.0 eben nicht zu gewährleisten.
John selbst ist wenig begeistert über den Verlauf der Geschehnisse. Er bedankt sich bei allen Lesern von gulli für das entgegen gebrachte Interesse am Projekt. Er hält uns auf dem Laufenden, sollte jemand anderes die Arbeiten wieder aufnehmen.
Quelle: www.gulli.com
Changelog
Bug Fixes
Fix parsing of ECDSA address helper in HTTP client proxy
Fix news last-modified processing which prevented notification of update
Improve handling of UPnP device changes
Don't hang at startup forever waiting for entropy
Possible fixes for high CPU usage in NTCP
Other
Publish router info faster when address costs change
Start i2ptunnel 90s sooner
Accept tunnels 10m sooner
Increase exploratory tunnel quantity during initial exploration
Latency reductions in several places
Add startup browser configuration with advanced config routerconsole.browser
Persistent leaseset keys to eliminate correlation with restart
Faster unchoking of new peers in i2psnark
More aggressive throttling of lookups at floodfills
Tunnel build request record refactoring
Reduce thread usage in i2ptunnel
Add i2ptunnel server option for multihomed sites
Disallow some common I2P application ports as router ports
Increase connection limits for fast routers
Add Save-As button for SusiMail messages
Use 'hidden service' terminology in the console
Encrypted netdb lookups for 32-bit x86
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
Floodfill performance improvements
Easier ways to reseed manually from a file or URL
New way to export reseed data for others
Support for installing plugin from file
Bug Fixes
Fixes for high CPU usage in floodfills
i2ptunnel locking fixes
Fixes for read timeout handling in streaming
Fix changing i2psnark data directory on Windows
Fix multiple SSL outproxies in HTTP client
Other
Update to UPnP library version 3.0
Improve tracking of floodfill lookup success
Direct router info lookups if connected to floodfill
Auto-adjustment of i2psnark tunnel quantity
Increase exploratory tunnel quantity when floodfill
Increase min and default bandwidth for i2psnark
Improved strategies for dropping jobs on high job lag to prevent overload
Drop tunnel build requests on high job lag
Increase allowed clock skew in I2CP
New HTTP error page when the server resets the connection
Require ECDSA support for floodfill
Republish router info faster when capabilities change
Better feedback in console for reseed errors
Apache Tomcat 6.0.43
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes:
Floodfill performance improvements
Add support for address book export
Add support for SSL in HTTP server tunnel
Allow class 'M' (64-128 KBps share bandwidth) to become floodfill
Raise connection limits for new classes 'P' (512-2000 KBps share bandwidth) and 'X' (over 2000 KBps)
Add support for signed development builds
Bug Fixes:
Fixes for high CPU usage in floodfills
Clock skew fixes
Fixes and configuration for when IPv4 is firewalled but IPv6 still works
Locking fixes for i2ptunnel clients to prevent hangs at startup
Verify hostnames when reseeding
Fix deletion of config files for deleted torrents in i2psnark
Fix hangs fetching proxy.i2p local resources via Privoxy
Fixes for duplicate shared clients
Fix for occasional page truncation in HTTP client
Fixes for handling corrupted SSU packets
Fix closing of SAM sessions when I2P session closes
Fix bugs in handling streaming resets
Other:
Reduce NTCP threads
Eliminate SimpleScheduler threads
Add continent-based NTP servers as fallbacks for country-based ones
Remove all default non-SSL reseed hosts
Disable fallback to non-su3 reseeding
Several fixes in streaming for better "loopback" performance
Reduce latency in i2ptunnel
Add a larger Bloom filter for very high bandwidth and memory
Add Bloom filter warning when configured for high bandwidth but not enough memory
Reduce max netdb search depth to reduce floodfill load
Improved header processing and error handling in i2ptunnel HTTP server
Better error handling and user feedback when HTTP client tunnel is disabled
More changes to improve floodfill capacity
New configuration for forcing IPv4 (only) to firewalled on /confignet
New configuration for floodfill on /configadvanced
Show separate IPv4 and IPv6 status in summary bar when appropriate
Better handling of corrupt SSU packets
Jetty 8.1.17.v20150415
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes:
Add multisession support for dual-signature crypto on the same tunnels
Use multisession for shared clients
Increase default outbound bandwidth limit to 60 KBps
Increase default maximum participating tunnels
Floodfills will send database store acks directly if connected, for efficiency
Set TCP keepalive on I2CP and SAM sockets
More efficient decompression in HTTP proxy, use less threads
Add support for fast extensions in i2psnark
i2psnark only autostarts torrents that were running previously
Add support for translated console news
Bug Fixes:
SSU fixes to compete better with NTCP for bandwidth when limited
Fixes to prevent SSU stalls
Wait for outbound tunnels before sending first leaseset to client, to prevent dropping first message
Clean up resources correctly when SAM stops
Better error handling and notification when HTTP proxy is not running
More i2ptunnel fixes at startup and shutdown of tunnels
Fix total_size in i2psnark metadata message
Restore dates in console news headers
Several I2CP fixes
Other:
Use same session for naming lookups in I2PSocketEepGet
Increase max bandwidth to 16 MBps, add larger Bloom filter
New floodfills will send their info to nearby floodfills to speed integration
Apache Tomcat 6.0.44
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes:
Start migration to Ed25519 router info signatures
Convert i2psnark destinations to Ed25519 signatures
Bug Fixes:
Fix i2psnark getting stuck before download complete, and not deleting temp files
Fix starting of torrents added by copying torrent file to i2psnark directory
Fix UPnP 'content not allowed in trailing section' error
Fix excluded SSL ciphers in console
Other:
Translation updates
http://www.i2p2.de/
Changelog
Changes
Accelerate transition to Ed25519
Bug Fixes
Fix some bugs soft restarting after a large clock shift (e.g. resume) (but more to do)
Fix streaming retransmission timers that were dying, and related timer bugs
Fix streaming connections rejected while tunnel is opening
Fix rare i2psnark and UPnP deadlocks
Fix lifetime participating bandwidth display in console
Other
Increase default outbound exploratory tunnel length to 3
Use max of 2 not-failing peers in exploratory tunnels to improve build success
Add support for hostnames prefixed with "www."
Store news feed items separately on disk, show on new /news page, limit display on home page to 2
Increase probability of rekeying to EdDSA
Detect for broken ECDSA support in Gentoo
Console: Add a Java 6 warning, this is the last release to support Java 6
Changes to prepare for Java 9 compatibility
i2ptunnel: Pass Accept-Encoding header through client and server proxies, to allow end-to-end compression
i2psnark:
Increase piece size, piece count, and file count limits
Save added and completed times
Save magnet parameters across restart
Don't delete .torrent file on errors at startup, rename to .torrent.BAD
Add recheck, start, stop buttons on details pages
Add option to disable "smart sort"
Speed up IP address validation
Separate streaming blacklists for ECDSA and EdDSA
Translation updates
Update GeoIP data (new installs and PPA only)
SHA256 Checksums:
306c0eeb4d0ff210b42cb0a6babe46da59d0f80317451f3fd40381bb79b54852 i2pinstall_0.9.23_windows.exe
843a8059830b009d10c47cc7c85e260ad88f7c3c16e289bbf80c0eb178318823 i2pinstall_0.9.23.jar
24e303f2af1b7b14ed3a6e17cc7d1b6432ec99d8d00246a88486922941c72345 i2psource_0.9.23.tar.bz2
d7f2f2349520071a3d19a4130a83ae1fb109f7924cb1eff5da020678787d3ad3 i2pupdate_0.9.23.zip
56afdecfc002c9a10f5ad5d224bbecdd3db30ddc522d194567aafb85ce0d2567 i2pupdate.su3
http://www.i2p2.de/
Changelog
Changes
Java 7 now required
SAM 3.2, with several new advanced features, command parser improvements, and lots of bug fixes
Router Family
Commons logging removed
Bug Fixes
Fix HTML escaping in the console plugin table
Fix rare deadlocks in the router
Fix the tunnel build Bloom filter
Don't remove tunnel on next-hop failure indication from transport, it isn't reliable
Fix formatting in summary bar to prevent overflow
Fix console links in i2ptunnel error pages when on nonstandard host/port
Don't query floodfills whose version is too old to support encrypted replies
Reduce out-of-order delivery in SSU
Fix a rare NPE in the tunnel build handler
Other
Listen for Windows Service shutdown events to shutdown cleanly
Fix some IPv6 issues on Windows
Change Jetty request logging from b64 to b32
New 'family' indication in netdb, don't use two of the same family in a tunnel
New overview picture in SusiDNS
Close connection faster if it's for a rejected tunnel request
Use SSU extended options field for session request message
Request introduction in the SSU extended options
Don't offer to introduce unless requested, to introduce only those that need it
Experimental Sybil analysis tool, requires routerconsole.advanced=true
Persist some profile netdb stats that weren't being saved
Memory reduction and other efficiency improvements throughout
Increase several limits in i2psnark
New streaming unit tests
Fix some SSU stats on /peers to be consistent with NTCP
Change default sig type for new i2ptunnels to Ed25519
Increase router rekey probability at startup again
New Chinese (Taiwan) translation
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
Display of identicons and QR codes in address book and i2ptunnel
SAM v3.3 with advanced features
Configuration page for router family
Custom icons for plugins
Internal implementation of self-signed certificate generation
Add i2ptunnel http server options to block by referer or user-agent
Bug Fixes
IRC server tunnel default fix to help reliability
Don't wait until a lease expires to switch to a new one
Other
Preliminary support for certificate revocations
Preliminary support for storing EdDSA and ElGamal keys in keystores
More efficient signing and verification with EdDSA
Increase default connection limits
Increase default inbound bandwidth
Increase max files per torrent in i2psnark
Add more sanity checks to detect bad system clock
Improve news styling in console
Improve certificate blacklist implementation
Faster disconnect after publishing router info to floodfill
Smooth out the dropping of idle SSU sessions
Add X-Content-Type-Options headers in console
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
GMP 6.0.0 and jbigi/jcpuid native libraries, enabling significant speedups on newer architectures, and constant-time crypto operations (new installs and Debian/Ubuntu builds only, will include in the updates in the next release, 0.9.27)
Addressbook subscription protocol, enabling signed addressbook updates
Generate signed authentication strings for subscriptions in i2ptunnel
Enhance hosts blockfile format to allow for multiple destinations per entry
Use system GeoIP database when available
Remove systray4j.jar from non-Windows installers and Debian/Ubuntu packages
Remove multiple external libraries from Debian/Ubuntu builds, and add dependencies on: geoip-database, gettext-base, libgetopt-java, libjetty8-java, libservlet3.0-java, glassfish-javaee
Store CRLs received in the news feed, to distribute key revocations when necessary
Enhancements to the desktopgui system tray feature, to be enabled by default in next release
Wrapper 3.5.29 (new non-Windows installs only)
Bug Fixes
Fix periodic timers not firing after a backwards OS clock shift, which caused widespread instability and gradual deterioration
Fix wrapper on FreeBSD 10 (new installs only, see ticket #1118 for manual fix)
Fix NPE on hostname lookup failure in SOCKS 4a
Fix setting JAVA_HOME on Mac OS X (new installs only, see ticket #1783 for manual fix)
Fix UTF-8 console passwords, and partial fix for usernames
Fix router family configuration form
Fix NTP sending random data in some fields that should be zero
Other
More verification of received NTP packets
Rework resource bundle generation for 20x speedup in build time (requires gettext version 0.19)
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
GMP 6 (in-net updates)
SSU Peer Testing for IPv6
Add outproxy plugin support for SOCKS
Enable desktop GUI (tray icon) on Windows
Bug Fixes
Fix reported GMP version when jbigi built as a shared library
Fix SSU peer test happening too frequently
Fix SSU peer test not terminating properly in some cases
Fix bote plugin not working in Debian/Ubuntu builds
Fix rare UPnP NPE when viewing /peers
Fix standalone i2psnark build and configuration
Hidden mode improvements: Enable tunnel testing and use fast peers
Fix possible CSRF in SusiMail
Fix i2psnark exception on bad configured announce URL
Fix layout issues on i2ptunnel registration page
Fix streaming accept() hang when session disconnects
Other
Split up the large /configclients web page into several
Add links to view complete router and wrapper log files
Block 'Proxy' header in i2ptunnel (HTTPoxy)
Recognize Kaby Lake CPUIDs
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
* 2016-12-12 0.9.28 released
2016-12-09 zzz
* Translation updates
2016-12-06 zzz
* GeoIP: Update from Maxmind 2016-12-06
2016-12-05 zzz
* Router:
- Revert default family sig type back to ECDSA
- Update blocklist
2016-12-02 zzz
* Cleanup: Single char indexOf()
* Console: Version the css links
2016-12-01 zzz
* NetDb: Peer selection tweaks
2016-11-27 zzz
* NetDb:
- Add same-port check in peer selector
- Add MTU, SSU caps, IPv6 prefix, and cost lookups
2016-11-26 zzz
* NetDb:
- Add advanced lookup form
- Add port and sig type lookups
- Fix /16 and /8 lookup
- Fix tab highlighted for all lookups
- Add sybil points for banlist
2016-11-25 zzz
* SU3File: Add types for blocklist (proposal #130)
2016-11-24 zzz
* Sybil tool enhancements
* Blocklist feed tweaks
2016-11-23 zzz
* Console: Support RI lookup by caps or IP
* NetDB: Penalize new and slow peers
* News: Add command line utility support
* Router: Support blocklist in the news feed (proposal #129)
2016-11-21 zzz
* NetDB: Fix detection of bandwidth class with multiple values specified
2016-11-20 zzz
* NetDB: When doing lookups, don't use floodfills too close
* Router: Change default family sig type to EdDSA
2016-11-17 zzz
* Build: Add attributes for java version to all jars and wars
* Blocklist: Add support for IPv6 in blocklist.txt
* Console: Add netdb lookup by family
* NetDB: When verifying store, don't use floodfills too close
* Tomcat 6.0.48
2016-11-16 zzz
* Console: Remove dead home page links (ticket #1882)
* Profiles: Pull same-IP detection into a utility class
* Router: Add methods to verify and track members of our family
2016-11-15 zzz
* Certs: Add Let's Encrypt ISRG Root X1 cert
2016-11-14 zzz
* Logs: Fix output of dup message after 30 minutes
2016-11-13 zzz
* Console: Add initial news to bottom of news page (ticket #1153)
* i2psnark: Periodically save DHT nodes (ticket #1328)
* UPnP:
- Prevent exception on bad HTTP header (ticket #1480)
- Prevent NPE on socket creation fail (tickets #728, #1681)
2016-11-12 zzz
* Console:
- Fix inadvertent config save when clicking sidebar
buttons on /configstats
- Add IPv6 firewalled setting on /confignet
* I2CP: Reduce error level on session closed while signing LS (ticket #1606)
* JRobin: Move DeallocationHelper logging from wrapper log to router log
* Profiles: Periodically save, delete old ones after saving (ticket #1328)
* Susimail:
- Add logout button to more pages (ticket #1374)
- Fix nonce error on login after logout
- Fix internal error after cancel button on settings form when not logged in
2016-11-11 zzz
* Build: Truncate history.txt bundled in installers
2016-11-10 zzz
* Transport: Use NTCP for some outbound connections even before
SSU minimums are met (ticket #1835)
2016-11-09 zzz
* Transport: Add stats for inbound v4/v6 connections (ticket #1854)
* Tunnels: Reduce default VTBM records from 5 to 4
2016-11-08 zzz
* Build: Fix minimum Java version for Windows
* Install: Add max memory option to runplain.sh
* Crypto: Change serial number in selfsigned certs from int to long
* Router: Fix low-memory log messages for non-wrapper (ticket #1795)
* Transport: Improve IPv6 address selection logic
2016-11-06 zzz
* Console: Add Java 9 log warning (ticket #1870)
* Security: Consistently log authentication failures for all interfaces
* Util: Consolidate linux service detection code
2016-11-05 zzz
* Build: Add support for using libtomcat8-java package
* Console: Add message to ignore InstanceManager warning (ticket #1818)
* SusiDNS: Fix jsp EL syntax error with EL 3.0 (Tomcat 8) (ticket #1870)
2016-11-04 zzz
* Console: Improve handling and logging of webapps that fail to start
* i2psnark: Add launch-i2psnark.bat (ticket #1871)
* Transports:
- New config i2np.allowLocal, fixes test networks (ticket #1875)
- New configs i2np.udp.minpeers and i2np.udp.minv6peers, for testing (ticket #1876)
2016-10-29 zzz
* Console: Java 9 fixes for classloader (ticket #1870)
2016-10-28 zzz
* Build: Fix typo in jcpuid build.sh for Mac (ticket #1865)
* Crypto:
- Generate more-conforming selfsigned certs (ticket #1853)
- Remove deprecated Sha256Standalone as scheduled
* Utils:
- Fix Java version detection for Java 9 (ticket #1870)
- Add Addresses methods for multiple DNS results (ticket #1050)
2016-10-26 zzz
* Build: Mac jbigi/jcpuid improvements and docs (ticket #1865)
* JRobin 1.6.0-1
* Systray: Remove old 32-bit Windows implementation, replaced by DTG
2016-10-25 zzz
* i2psnark: Better calculation of total upload limit
* SSU: Increase max IPv6 MTU (proposal #127)
* Zxing 3.3.0
2016-10-23 zzz
* Crypto: Create keystore directory when making SSL keys (ticket #1866)
2016-10-22 zzz
* Build: Fix jbigi build in Arch Linux and others for Java 8 (ticket #1863)
* Console:
- New Korean translation
- New Chinese (Taiwan) translations for susidns, susimail, debian
- New initial news translations: Czech, Greek
* Jetty 8.1.21.v20160908
2016-10-21 zzz
* Console:
- New Galician translation
- Remove calls to deprecated two-arg setStatus()
* Crypto: Actually use a random nonzero byte in ElGamal
* Data: Cache serialized leasesets on floodfills
* NetDB: Disallow RSA for RI or LS
* Tomcat 6.0.47
* Utils: Add MTU to command line utils
* Wrapper 3.5.30
2016-10-20 zzz
* Build: Add library jars to i2p.jar classpath for Debian builds
* Console: Fix HTML error on /configservice
* Debian: Update package descriptions, allow Java 9
* i2psnark: Add ids to rows, add to per-torrent show peers link
* SSU: Fix minimum version check for IPv6 peer test (tickets #1829, #1861)
http://www.i2p2.de/
Changelog
0.9.29 contains fixes for numerous Trac tickets, including workarounds for corrupt compressed messages. We now support NTP over IPv6. We've added preliminary Docker support. We now have translated man pages. We now pass same-origin Referer headers through the HTTP proxy. There are more fixes for Java 9, although we do not yet recommend Java 9 for general use.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
RELEASE DETAILS
Changes
BOB database refactor
Fixes for Java 9, still not recommended for general use
NTP fixes for security and standards
NTP IPv6 support
Don't display very old news in console
Blocklist checking improvements
Add preliminary Docker support
Add Referrer-Policy headers to console
Pass same-origin Referer headers through proxy
Translated man pages
Bug Fixes
Add support for outproxy plugin to CONNECT proxy
Replace random tunnel keys when rekeying
Fix streaming optional delay and choking
Don't hard fail on message expired error in streaming
Fix javadoc errors
Fix broken unit tests
Ensure i2psnark finishes writing config files at shutdown
Fix rare NPE in AES via NTCP
Disable caching of compressors, in an attempt to fix corruption
Don't close SAM or BOB session on receipt of corrupt compressed data
Other
Add support for ports to CONNECT proxy
Consolidate stream copy code
Consolidate console timer threads
New streaming test harness
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
Jetty 9, Tomcat 8
Stretch / Zesty support
Migration support for DSA-SHA1 hidden services
ARM (non-Android) router signature type migration
ARM (non-Android) blockfile format migration
Introducer expiration (proposal 133)
Bug Fixes
Fix disappearing i2psnark start button
Fix saving of libjcpuid.jnilib file on Macs
Fix fallback to ‘none’ architecture for jbigi
Fixes for multiple destinations in SusiDNS
Fix config directory location in Gentoo
Fix rapid firewalled/not-firewalled transitions
Fix startup crash on very old Android platforms
Fixes for advanced authentication strings in i2ptunnel
Fix exception caused by corrupt stored i2psnark DHT data
Speed up writes of i2psnark files at shutdown
Other
Recognize AMD Ryzen processor
Support for new i2psnark-rpc remote plugin
Build addressbook as a jar, not a webapp
Support client registration in app context
Add support for i2psnark-rpc plugin
Adjust thresholds for probabalistic throttling on slow platforms
Add reset() to I2PSocket API
Add date parameter to subscription authentication strings
Add bash completion scripts to Debian packages
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes:
Console updates
i2psnark ratings and comments
Bug Fixes:
Fix compile error with Jetty 9.2.22
Preserve CRT parameters for RSA private keys
Fix AES NPE on 4-core Rasp. Pi
Fix NPE in GeoIP
Fix bencoding for scrape response in zzzot plugin
Fix display of default SusiDNS subscription
Fix Debian apparmor profile
Improve handling of read-only i2psnark directory
Other:
Hostname lookup caching improvements
Move blockfile support from i2p.jar to addressbook.jar
Locale-independent Jetty directory listing
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
Disallow hostnames in router addresses (proposal 141)
Validate Host header in console
Bug Fixes
Numerous console, i2psnark, susidns, and susimail UI fixes
Fix i2psnark issues with expanding sections in some browsers
Debian packaging fixes
Other
New benchmarking framework
New Indonesian translation
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
DesktopGui: Enable on OSX
i2ptunnel: Set default rate limits
Reseeding: Add support for proxies
Jetty 9.2.22
Tomcat 8.5.23
Wrapper 3.5.34 (new installs only)
Bug Fixes
Client: Remove key when stopping or disabling encrypted lease set
Console: Several keyring configuration fixes
EepGet: Detect and reject redirect to https
HTTP Proxy: Fix up characters in URLs not escaped by browsers
i2psnark: Fix bad completion status on recheck
i2psnark: Prohibit comments unless name is set
i2psnark: Fix crash stopping update torrent
i2ptunnel: Don’t erase messages on refresh in UI
i2ptunnel: Propagate reset to and from streaming
i2ptunnel: Add header read timeouts to client proxies
i2ptunnel: Prevent changing sig type after creating destination
Jetty: Fix zero length in request log for static content
Router: Reduce router info lock contention
Streaming: Fix loopback hangs
Streaming: Fix bug causing excessive acks
Streaming: Fix connection close after reset
SusiMail: Fix several issues when using multiple browser tabs
SusuMail: Fix bugs corrupting text attachments and large message bodies
SusiMail: Reject sending messages that exceed server limits
SusiMail: Reduce chance of crashes sending large attachments
SusiMail: Subject line encoding fixes
SusiMail: Fix Cc header
SusiMail: Fix encoding for attachment file names
SusiMail: POP3 socket close after failure
Unit test fixes
Utils: Use constant-time method to check passwords
Other
Build: Add partial Gradle support
Console: Hide or combine aliased tunnels on tunnels pages
Console: Note encrypted leasesets on netdb page
Console: Use bandwidth setting for burst bandwidth
Console: Refactor multipart form handling to use Servlet 3.0 API
Console: Move most handlers and helpers to the war
Debian: Xenial build is now separate, Zesty+ matches Buster
Debian: Remove ecj dependency; replace glassfish with libtaglibs where able
Debian: Fix builds for x32
i2ptunnel: Refactor edit jsps
i2ptunnel: Message box improvements
Session Key Manager: Delete excess tag sets
SOCKS: Move client code to core
Startup: Increase open files ulimit if able, in i2prouter script (new installs only)
SusiMail: UI tweaks and minor fixes
SusiMail: Use internal sockets to connect to servers
SusiMail: Encoder refactoring
SusiMail: State tracking refactoring
Translation updates
Update GeoIP data
http://www.i2p2.de/
Changelog
Changes
SusiMail: Improved startup and memory management
UPnP: Support IGD 2
Bug Fixes
Console: Numerous fixes
i2ptunnel: Fix servers not accepting after router restart
Router: Improved tunnel peer selection for hidden and IPv6-only modes
SusiMail: Numerous fixes
Transport: Better selection of IPv6 addresses
Other
Prep for HTTPS console and eepsite
Prep for splitting up Debian package
Streaming: Return HTTP response when limits exceeded
Console: Number formatting changes
EdDSA cleanups
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
New Hidden Service SSL Wizard
SusiMail support for Folders, Drafts, background sending
Jetty 9.2.24, Tomcat 8.5.30
Bug Fixes
Console: Fix changes to wrong tunnel on /configtunnels
CPUID: Fix TBM detection
i2psnark: Fix torrents ignoring priority settings when autostart enabled
i2ptunnel: Retry accept after server socket closed
NTCP: Fix bug causing initial latency for outbound connections
SusiMail: Include attachments in forwarded mail
SusiMail: Many other fixes
Tunnels: Prevent zero-hop even when no active peers
Other
Add support for notes in Addressbook
Rewrite and new translations for eepsite help page (new installs only)
DNSoverHTTPS (disabled by default)
Prep for HTTPS console and eepsite
Prep for splitting up Debian package
NTCP refactoring in prep for NTCP2
Move SusiMail logging to router logs
SusiMail BCC-to-self feature replaced with Sent folder
Fix eepget handling of response line with no status text
i2psnark UI cleanups
New Azerbaijani translation
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
i2psnark: Add sequential order option
Jetty 9.2.25.v20180606
NTCP2 (disabled by default, enable with advanced config i2np.ntcp2.enable=true)
Transport performance improvements
Bug Fixes
Console: Catch rare session exception
Crypto: EdDSA constant-time fix
i2psnark: Handle deleted files on recheck/reopen
i2psnark: Fix error stopping torrent when allocating
Installer: Fix wrapper selection on Windows 10
Streaming: Change behavior on read timeout
Other
Console: Split netdb output into pages
Debian: Add dependency on famfamfam-flag-png
Debian: Check for missing libtaglibs at build time
I2CP: Add option for forcing gzip on/off per-message
i2psnark: Add icon for comments
i2ptunnel: Change read timeout defaults to account for streaming changes
JBigI: Detect processor change at at startup, reselect lib
Streaming: Performance improvements
Translation updates
Unit test fixes
Update GeoIPv6 data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
Enable NTCP2 by default
Tomcat 8.5.34
Bug Fixes
NTCP2 fixes
Workaround for build hang with Tomcat 8.5.33/34
Other
Progress on reproducible builds
Additional Arabic translations
Translation updates
Update GeoIPv6 data (new installs and PPA only)
http://www.i2p2.de/
Changelog
Changes
New setup wizard with bandwidth testing
New beta OSX installer
New Firefox profile installer
Preliminary floodfill support for LS2
Sybil tool background analysis
Add support for Maxmind GeoLite2 GeoIP format
Switch JSON lib to json-simple, add Debian dependency
Bug Fixes
Fix NPE in GeoIP
Fix RouterInfo publishing for IPv6-only routers
I2CP error propagation fixes
Fix rare NetDb deadlock
Fix several bugs with susimail attachments
AppArmor fixes
Other
Refactoring to support LS2
Preliminary LS2 support in I2CP
ShellCommand and UrlLauncher refactoring for security
Split /peers page into tabs
New background for light theme
Translation updates
Update GeoIP data (new installs and PPA only)
http://www.i2p2.de/
Changelog
* Fix Debian builds with Jetty 9.4.15 (ticket #2457)
2019-03-11 zab
* Startup: make negative client app delay value mean waiting
for router to be RUNNING (ticket #2377)
* I2PTunnel: make I2PTunnel default to negative startup delay value
(ticket #2377)
2019-03-11 zzz
* Console: New home page icons
2019-03-09 zzz
* Data: Consolidate offline key check
* I2CP: Add support for blinding secret
* i2ptunnel: Prevent registration auth if key offline
2019-03-07 zzz
* NetDB: Minor performance improvement in selectors
2019-03-06 zzz
* NetDB: Fix flood version check, add version check for RedDSA
2019-03-05 zzz
* Data: Update Encrypted LS2 blinding and encryption
2019-03-04 zzz
* Console: Fix NPEs displaying encrypted LS2
* Data: Fix NPE in debug logging
* I2CP, NetDB: More fixes for encrypted LS2 (proposal 123)
* NetDB: Call fail callback when lookup is negative cached (thx zab)
2019-03-02 zzz
* I2CP, NetDB: Fixes for encrypted LS2 (proposal 123)
2019-03-01 zzz
* Streaming: Fix sending messages with expired times (ticket #2451)
2019-02-28 zzz
* Console:
- Fix router logs not shown if first msg is a dup
- Change fallback client names to use b32
2019-02-26 zzz
* SSU:
- Fix scheduling of peer test at startup (ticket #2441)
- Fix RTT/RTO calculations (ticket #2443)
2019-02-25 zzz
* NetDB: Fix dup publish of RI at startup
* NTCP: Fix number of SendFinisher threads (ticket #2438)
2019-02-23 zzz
* Console: Flip order of router logs
* NetDB:
- Use published date, not earliest lease expiration, for LS2 comparisons
- Fix earliest LS expiration adjustment when publishing for LS2
- Increase flood candidates for LS2
- Don't start new store after verify fail if we've already done so
- Version checks for encrypted LS2
* NTCP: Loop in pumper if more to write (ticket #2440)
2019-02-21 zzz
* Crypto: Keygen for RedDSA, allow RedDSA for unblinded keys (Enc LS2)
* Data: Always set unpublished flag for inner LS (Enc LS2)
* I2CP: Force i2cp.leaseSetType option for offline keys
2019-02-20 zzz
* Crypto: ChaCha20 and RedDSA for Encrypted LS2 (proposal #123)
* Data: Encrypt/decrypt/sign/verify for Encrypted LS2 (proposal #123)
2019-02-19 zzz
* Crypto: Implement blinding, add sig type 11 (proposal 123)
2019-02-18 zzz
* Console: Drop midnight and classic themes (ticket #2272)
* Tomcat 8.5.38
* Transport:
- Fixes for NTCP when SSU disabled (ticket #1417)
- Delay port forwarding until after UPnP rescan complete
2019-02-08 zzz
* Console: Hide disabled transports on /peers
* SSU: EstablishmentManager fixes (ticket #2397)
2019-02-07 zzz
* NTCP:
- Add option to disable NTCP1 (ticket #2328)
- Don't bid for outbound-only NTCP2 addresses
- Fix NTCP2 cost when transitioning to inbound
* SAM: Support offline keys
* Streaming: Fix exception after sig verify fail
2019-02-06 zzz
* Build: Add targets for alternate debian distros (ticket #2410)
* Crypto: Shortcut GroupElement representation conversion
* I2CP: Prevent use of repliable datagrams with offline keys
2019-02-05 zzz
* Transport:
- Clean up unreachable() methods (ticket #2382)
- Speed up NTCP allowConnection() (ticket #2381)
- OutNetMessage cleanup (ticket #2386)
- SSU PacketHandler cleanup (ticket #2383)
2019-02-04 zzz
* I2CP: Change format and message type of CreateLeaseSet2 message
2019-02-03 zzz
* I2CP:
- Remove revocation private key from CreateLeaseset2 message
- Use correct key to sign SessionConfig with offline keys
* i2ptunnel: Fix HTTP websockets by passing through
Connection headers containing "upgrade" (ticket #2422)
* Streaming:
- Support offline signatures (proposal 123)
- Don't send FROM in RESET, not required since 0.9.20
- Send RESET when SYN signature verification fails
- Use cached buffers for signature verification
- Always verify packets with signatures, even if not required
* Test: Disable NTP in LocalClientManager
2019-02-02 zzz
* Debian: Fix build of i2pcontrol
2019-02-01 zzz
* Debian: AppArmor fix for Oracle JVM (ticket #2319)
* i2ptunnel:
- Caching of outproxy selection, avoid last-failed outproxy
- More localhost checks
- Handle PUT like POST
2019-01-31 zzz
* Debian: Fix version detection of Tomcat 9 required
for reproducible builds (ticket #2279)
2019-01-30 zzz
* Build: Fix javac.classpath in junit.compileTest targets (ticket #2333)
* I2CP: Fixes for CreateLeaseset2 message with multiple keys
2019-01-28 zzz
* Bundle i2pcontrol
* EdDSA: Make more classes serializable (Github PR #68)
2019-01-27 zzz
* NDT:
- Catch exception on DNS lookup failure (ticket #2399)
- Add support for specifying server in CLI (ticket #2413)
2019-01-24 zzz
* Debian:
- Fix Debian control files (ticket #2401)
- Add build option for libtomcat9 (ticket #2364)
- Fix PPA builds for precise and trusty (ticket #2408)
http://www.i2p2.de/
Changelog
Changes
Change installer to IzPack 5.1.3
Change Windows installer from launch4j to izpack2exe
Sign Windows installer
Console, SusiDNS: New icons
Disable NTCP 1
New SusiDNS import feature
Add UI and router support for Encrypted LS2 (proposal 123)
Add support for new base 32 format for Encrypted LS2
New incoming connection filter for i2ptunnel
Add Red25519 signature type option for server tunnels
OSX: Theme selection, auto updater, upgrade to newer swift version
Bug Fixes
Several fixes for Android
Fixes for SSU disabled (NTCP only)
Fixes for encrypted LS2 (proposal 123)
Fix for rare 100% CPU in NTCP
Fixes for NTCP 1 disabled
Other
New supported Docker image
Support for SAM 3.2 features in SAM libraries
Remove connect delay, profile, and I2CP options in i2ptunnel UI
Tomcat 8.5.40
Translation updates
Update GeoIP data
http://www.i2p2.de/
Changelog
Changes
Add configuration UI for encrypted leasesets, including per-client authentication (proposal 123)
Switch to IzPack 5 for non-Windows installer
Implementation for sending Meta LS2 to floodfills (proposal 123)
Wrapper 3.5.39 (new installs only)
Add wrapper for arm7 and aarch64 (new installs only)
Bug Fixes
Fixes for transitioning out of hidden mode
Fix i2psnark writing config files at shutdown
Fix netdb ready after initial reseed
Fix delivery of acks for a database store message
Fix delivery of large messages in SSU
Fix console install for IzPack 5
Fixes for webapps in Jetty eepsite
Other
New console logos and icons
Update hidden mode country list
Limit UPnP lease duration
Faster netdb startup
Startup improvements for Android
New X25519 code for LS2 per-client authentication (proposal 123) and upcoming new encryption (proposal 144)
Sybil tool enhancements and bug fixes
Start first geoIP lookup sooner
Translation updates
Update GeoIP data
http://www.i2p2.de/
Changelog
Changes
Console: Split up help page, tag text for translation
Console: Hide NetDB RI and LS tabs
Debian: Update files for Buster
i2psnark: Add last-activity to details page
i2ptunnel: Split i2ptunnel.config into individual files per-tunnel
JBigI: GMP 6.1.2 (Linux 64-bit only)
NetDB: Choose alternate gateway for store replies to reduce connections
Router: Split clients.config into individual files per-client
SSU: performance improvements
Transports: Cross-network prevention (proposal 147)
Bug Fixes
i2psnark: Autostart fixes
i2psnark: Dup. data checks
i2ptunnel: Failsafe timeouts
NetDB: Fix NPE on store of encrypted LS2
Router: Fix Bloom filter false positives
Other
Initial support for encryption types
Support for new LS2 bit for blinding (proposal 123)
Unit test fixes
Translation updates
Update GeoIP data
http://www.i2p2.de/
Changelog
Changes
Console setup wizard improvements
Tunnel wizard simplification
New I2CP BlindingInfo message for LS2
New proxy page to enter encrypted leaseset credentials
Bug Fixes
Fix tunnel SSL wizard
Fixes for SusiMail sent and drafts folder page
Detect IPv6 address changes
Fix detection and handling of IPv6 firewalled
Fix manual reseed from URL
Other
i2ptunnel support for quoted custom options
i2psnark now starts with reduced tunnel count then increases as necessary
NTCP performance improvement
Refactor and speed up tunnel AES processing
Preliminary support for Servlet 3.0 webapps
Standardize date/time formatting in console
Tomcat 8.5.46
Translation updates
Update GeoIP data
http://www.i2p2.de/
Changelog
* Pull translations
2019-11-30 sadie
* Console, SusiDNS: CSS updates
2019-11-29 zzz
* Console, proxy, SusiDNS: Add partial Persian translations
2019-11-27 zzz
* GeoIP update
2019-11-24 zzz
* Debian: Add apparmor support for Java 11 (Github PR #19)
* i2psnark: File system error message improvements
2019-11-23 zzz
* Router:
- Don't count zero-hop tunnels as part of the pool when building
- Don't build more than one zero-hop tunnel in a pool
- Assume high build failure rate for new installs
- Reduce threshold for tunnel length override
2019-11-20 zzz
* I2CP:
- Prevent an uncaught OCMOSJ exception from killing the session
- Don't put ECIES first in LS2
2019-11-17 zzz
* SSU: Lower ACKSender log level (ticket #2651)
2019-11-16 zzz
* Transport: Save IPv6 firewalled state across restarts (ticket #2175)
2019-11-15 zzz
* Console: Fix plugin icon-code images
* i2psnark: Don't start tunnels when autostart enabled but no
torrents set to autostart (ticket #2662)
* SSU: Remove redundant field (ticket #2659)
2019-11-14 zzz
* Transport:
- Fixes for IPv6 firewalled logic (ticket #2175)
- Fix SSU log value (ticket #2652)
- Remove unused currentReceiveSecond (ticket #2661)
2019-11-13 zzz
* Console: Hide buttons on /configkeyring if no entries
* i2ptunnel: Don't delay after ConnectException if stopped
(fixes zzzot stop delay)
2019-11-12 zzz
* i2psnark:
- Audio playlist support
- Restrict mime types for HTML5 players
2019-11-11 zzz
* KeyGenerator: Use new PrivateKey constructor
* Router: Set default sig type to EdDSA for Android (ticket #2643)
2019-11-08 zzz
* i2psnark: Add HTML5 players on details page
2019-11-06 idk
* Router: Use Local Application Data(%LOCALAPPDATA%)
instead of Roaming for config (ticket #1258)
* Console: Change home page organization and headers
2019-11-05 zzz
* Router: No longer check the clove ID in the Bloom filter
2019-11-02 zzz
* Router: NSR/ES fixes for proposal 144
2019-10-31 zzz
* Router: Updates for proposal 144
2019-10-27 zzz
* NetDB: Don't send encrypted lookup reply to ratchet dest
* OCMOSJ:
- Bundle unwrapped ack with LS for ratchet dest
- Keep bundling LS until acked
2019-10-25 zzz
* Router (proposal 144):
- Set client SKM based on configured encryption
- Select target key in LS based on local client's support
- Hook new SKMs and engines into Garlic Message encryption/decryption
* Transport: Publish IPv6 address on transition to non-firewalled
(ticket #2175)
2019-10-24 zzz
* Router: New SKMs and Engines for Ratchet (proposal 144)
2019-10-23 zzz
* Build:
- Recognize gettext 0.20
- Make 3 release targets, with jbigi/geoip/neither
* Crypto:
- New KeyFactory interface
- Base classes for ECIES-Ratchet (proposal 144)
* Data:
- Reduce SessionTag size
- Cache public key in private key class
- Add LeaseSet methods to get encryption key by type
* I2CP:
- Fix error message for config errors (ticket #2639)
- Add config to disable loopback for testing
* i2ptunnel: Add encrytion type selection to form (proposal 144)
* NetDb: Don't garlic encrypt netdb messages with a ECIES key
* Router (proposal 144):
- Add KeyManager support for multiple leaseset private keys
- Fix logic error in check for local destinations
- Register all LS2 keys with KeyManager
* Startup: clients.config.d files must end in ".config"
http://www.i2p2.de/
Changelog
Changes:
Dark theme improvements
Console icon changes
Move some translations from console to router and core for embedded uses
Jetty 9.2.29
Tomcat 8.5.50
i2psnark HTML5 preview player for partial files
Bug Fixes:
Numerous bandwidth test fixes
Hidden mode fixes to prevent losing peers
Hebrew translation fixes
Other:
Content Security Policy improvements
SSU extend timeout for large messages
ECIES-X25519 continued development and fixes
Cancel timeout jobs on message reply
Add SSL and SSL redirect support to EepGet
Translation updates
Update JBigI library
http://www.i2p2.de/
Changelog
Changes
ECIES-X25519-AEAD-Ratchet encryption complete, ready for testing (proposal 144)
Hidden Services Manager: Redesign edit pages
i2psnark: Fix marking torrents as BAD at startup
NetDB: Support ECIES replies to lookups (proposal 154)
RRD4J 3.5 replaces jrobin
Streaming performance improvments using Westwood+ congestion control
Bug Fixes
Hidden Services Manager: Fixes for changing shared client options, prevent changing certain options while tunnel is running
Reproducible build fix
Streaming: Multiple fixes
UPnP: Several fixes for changing interfaces and devices
Windows: Fix permissions on install directory
Other
Build process changes to support git
Console: Don't show IPv6 temporary addresses as bind options
Console: Fix up javascript, stricter Content Security Policy
Crypto: Disable speculative tagset usage
Eepsites: Add Jetty GzipHandler for Jetty 9.3+
I2CP: Disable gzip for HTTP server tunnels and i2psnark
i2psnark: Connect out to other seeds to fetch new comments
i2psnark: Support file paths in add form
NetDB: Don't send "fake hash" to indicate exploration
Profiles: Change decay algorithm
Profiles: Limit average speed calculation to high capacity peers
Router: Auto-floodfill now class N minimum
Router: Checks for key certificates in destinations (proposal 145)
Router: Enforce minimum version for tunnel peers
SusiDNS: Support adding Base 32 addresses
Translation updates
http://www.i2p2.de/
Changelog
2020-08-14 zzz
* Profiles: Create profiles in the nonblocking path
2020-08-10 idk
* Replace all icons with icons from a single consistent source/style, icons
used from FontAwesome suggested by design team and selected and edited by
Sadie.
2020-08-01 zzz
* Debian: Support libjson-simple-java 3 for bullseye
* I2NP: Locking for message ID
* NetDB: Track client that requested LS
* OCMOSJ: Don't send to a RAP LS
* Router: Logging fix for client start failures
* Util:
- More efficient use of random data
- Add KeyStore and SHA256 to CLI
2020-07-28 zzz
* Data: Don't check LS1 revocation signature
2020-07-22 zzz
* i2ptunnel:
- Change default encType to both for new tunnels, http client,
shared clients, and all tunnels for new installs (ticket #2751)
- Change IRC tunnel sigType to EdDSA for new installs (ticket #2749)
- Change CONNECT tunnel default sigType to EdDSA (ticket #2749)
2020-07-19 zzz
* i2psnark: Increase max pipeline, negotiate actual value (ticket #2280)
2020-07-11 zzz
* NTCP: Atomics for NTCP final state (ticket #2701)
* OCMOSJ: Don't lookup an expiring LS2 if unpublished
2020-07-07 zzz
* i2psnark: Change ETA default sort order (ticket #2733)
* Reseed: Enforce minimum version in generated bundle
2020-07-02 zzz
* i2ptunnel: Fix missing throttling section for non-HTTP servers (ticket #2758)
2020-06-28 zzz
* NetDB: Check signature in verify
2020-06-23 idk
* Update the images on the bandwidth wizard, based on undraw
assets, used under licenses/LICENSE-Undraw.txt. Design and assets
were developed by @sadie.
2020-06-22 zzz
* Sybil: Enable analysis and blocking by default
2020-06-12 zzz
* I2CP: Meta LS2 error code handling
2020-06-10 zzz
* Util: Support hostname lookups in LookupDest CLI
2020-06-07 zzz
* i2ptunnel: Fix missing tunnel quantity section for servers (ticket #2747)
* Jetty: Update servlet-api
2020-06-06 zzz
* Data: Fix creation of Encrypted LS2 (ticket #2746)
* I2CP: Fix issues with persisted leaseset private keys
* I2CP, i2ptunnel: Check for expired offline signature client-side
2020-06-03 zzz
* i2psnark: Enable dual-keys
* Router: Implement ratchet-layer acks (proposal 144)
2020-06-01 zzz
* Profiles: Make more calls nonblocking
* Transports: Make unreachable maps concurrent
2020-05-31 zzz
* Tomcat 9.0.35 (Servlet 4.0)
* Util: Update json-simple lib to 2.3.0
2020-05-30 zzz
* Streaming: Increase MTU for ratchet (proposal 155)
* Util: Fix DoH handling of Cloudflare responses
2020-05-28 zzz
* Console: RRD4J 3.6 (ticket #2716)
2020-05-27 zzz
* Installer:
- Require Java 8 (ticket #2511)
- Sign the dlls (ticket #2704)
* Jetty 9.3.28 (ticket #2098)
* UPnP: More fixes
* Util: Faster gzip
http://www.i2p2.de/
Changelog
Changes
Avoid old DSA-SHA1 routers for lookups, stores, and tunnel peers
Block same-country connections when in hidden mode
BOB: Add deprecation warning
Build: Drop support for Xenial; ant 1.9.8 or higher required to build
i2ptunnel: Enable dual-key encryption for most tunnel types
JBigI: Add library for Linux aarch64, zen, and zen2
Preliminary support for ECIES-X25519 routers (proposals 152 and 156)
Ratchet: Efficiency improvements and memory reduction
SSU: Randomize intro key
SSU performance improvements
System tray: Enable by default for Linux KDE and LXDE
Bug Fixes
Build: Set release property for better runtime compatibility
Console: Fix Jetty not starting on Java 11.0.9.1
i2psnark: Limit size of embedded video
Improved IPv6 address validation
Installer: Disable pack200 to support Java 14+
Installer: Add missing linux armv7 and aarch64 wrapper binaries
i2ptunnel: Filter server response headers when not compressing
NTCP2: Fix sending termination message on idle timeout
Streaming: Fix handling of tag options
Other
Build: Reproducible build fix
Core: Refactoring of data structures to reduce memory usage
Crypto: Cache HMAC256 instances
i2psnark: Hide BEP 48 padding directory in UI
i2psnark: Checks for unsupported v2 torrents
i2psnark: Remove old opentrackers
i2ptunnel: Improved support for offline keys
Jetty 9.3.29
NetDB: Increase minimum floodfill version for leaseset lookups
NTCP: Set nodelay on sockets
Proxy: Remove old jump servers
Ratchet: Rotate keys faster
Tomcat 9.0.40
Wrapper 3.5.44 (new installs only)
Zxing 3.4.1
New partial translations for Kurdish, Turkmen, Argentinian Spanish
Translation updates
http://www.i2p2.de/
Changelog
Changes
Build: Git migration
Build: Move web resources to wars
i2psnark WebSeed support
i2psnark padding file support
i2ptunnel: Move proxy resources to jar
Router: Redesign ECIES encryption for floodfills (proposal 156)
Router: Verify RI stores after startup
Router: Reduce Sybil threshold
Router: ECIES for new routers
Router: Start of ECIES migration
SSU: Send individual fragments of messages
SSU: Westwood+ congestion control
SSU: Fast retransmit
Bug Fixes
Build: Fix Gradle build
Crypto: Increase ratchet tag window to prevent message loss
I2CP: Fix encrypted leaseset combined with ECIES crypto or offline keys
i2ptunnel: Fix config file saving issues
Router: Fix leaseset request fails causing watchdog to bark
Router: Hidden mode fixes
SSU: Fix partial acks not being sent
SSU: Fix occasional high CPU usage
Other
Crypto: AES performance improvements
DoH: Change to RFC 8484 style
i2ptunnel: Remove DSA shared clients
Proxy: Add jump servers
Router: Add more countries for hidden mode
Router: Tunnel peer selection changes
Router: Move Sybil subsystem from console to router for embedded use
Router: Verify RI stores for a while after startup
Util: New unit tests
Translation updates
http://www.i2p2.de/
Changelog
Changes
Docker improvements
NTCP: Remove support for version 1
Reseed: Use DNSOverHTTPS
Router: Increase ECIES rekey probability
Router: Persist Sybil blocklist
SSU: Enable introducers and introductions via IPv6 (proposal 158)
Tomcat 9.0.45
Transports: Publish support for outbound IPv4/v6 (proposal 158)
UPnP: Add support for IPv6
Bug Fixes
Debian: Fix link to compiler jar
i2psnark: Fix theme selection
Jetty: Fix detection of SSL connector
NetDB: Fix NPE when validating expired blinded leaseset
NTP: Year 2036 fixes
Router: Fix rekeying every restart on ARM
Router: Fix decryption of encrypted leasesets
SAM: Fix removal of subsessions
SSU: Fix excessive dropping by the bandwidth limiter
SSU: Fix publishing 'C' capability when not an introducer
SSU: Fixes for firewalled/not firewalled state transitions
SSU: IPv6 fixes
SSU: Peer test fixes
SusiMail: Fix theme selection
SusiMail: Fix stream closed errors
SusiMail: Fix corruption in display of large, new messages
Tunnels: Several fixes in the participating tunnel bandwidth limiter
UPnP: Fix leases not being renewed before expiration
Other
Build: Remove empty jars and wars from installers
Build: Prep for different release and API versions
Build: Remove launcher code
Gradle build fixes
Profiles: Disable tunnel peer test
Profiles: Remove unused tunnel test response time stat
SSU: Avoid outbound connections to buggy routers
Transports: Increase connection limits for some platforms
Translation updates
http://www.i2p2.de/
Changelog
Yes, that's right, after 9 years of 0.9.x releases, we are going straight from 0.9.50 to 1.5.0. This does not signify a major API change, or a claim that development is now complete. It is simply a recognition of almost 20 years of work to provide anonymity and security for our users.
This release finishes implementation of smaller tunnel build messages to reduce bandwidth. We continue the transition of the network's routers to X25519 encryption. Of course there are also numerous bug fixes and performance improvements.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
RELEASE DETAILS
Changes
RRD4J 3.8
Tunnels: Finish support for new build messages (proposal 157)
Updates: Support for .dmg and .exe updates
Bug Fixes
Console: Fix generation of SSL keys on Java 17
i2psnark: Fix autostart for magnets
Router: Fix rare deadlock in publishing our RI
SSU: Fix handling of bad peer test responses
UPnP: IPv6 fixes
Other
Jetty: Improve sort in directory listings
Jetty: Add X-I2P-Location header
Router: Increase probability to rekey to ECIES
Streaming: Performance improvements for low-latency connections
Translation updates
Full list of fixed bugs (http://trac.i2p2.de/query?resolution=fixed&milestone=1.5.0)
http://www.i2p2.de/
Changelog
Changes
Console: Add theme selection to new-install wizard
Jetty 9.3.30.v20211001
Router: Increase probability of rekey to X25519
SSU: Performance improvements
SSU: Improve security of peer test
Tomcat 9.0.54
Tunnels: Enable sending new short build messages
Bug Fixes
i2ptunnel: Fix encryption type selection logic
Other
Improve support for non-Java plugins
Router: Reduce tunnel build Bloom filter memory usage
Updates: More changes to support bundled updaters
Translation updates
http://www.i2p2.de/
Changelog
Changes
BOB: Remove
i2psnark: New torrent editor
i2psnark standalone: Fixes and improvements
i2ptunnel: Support IRCv3 message tags
NetDB: Lookup/store reliability improvements
System tray: Add popup messages
Transport: NTCP2 performance improvements
Transport: NTCP2 clock skew handling improvements
Transport: Use priority in SSU sender queue
Tunnels: Remove outbound tunnel when can't connect to first hop
Tunnels: Fallback to exploratory for building after repeated build failure
Tunnels: Enable tunnel testing by default
Tunnels: Use tunnel builds as a tunnel test
Bug Fixes
Plugins: Fixes for webapps named different from the plugin
Reseed: Fixes for IPv6-only
Router: Fix rare deadlock at startup
Tunnels: Restore IP restriction tests
Other
API version: 0.9.53
i2pcontrol: Improved state mapping
i2ptunnel: Refactor UDP support
Plugins: Fixes for webapps
Router: Workarounds for i2pd 2.40.0 SSU bug
Translation updates
http://www.i2p2.de/
Changelog
Changes:
SSU2: Preliminary implementation
Tomcat 9.0.62
Bug Fixes:
Crypto: Fix handling of EdDSA certs with official OID
I2CP: Fix external connections when session ID is 0
I2PSnark: Fix size calculation causing tracker errors
I2PSnark standalone: More fixes and improvements
Router: Family fixes and improvements
Router: Fix database store logic
Router: Fix invalid store and rekeying at startup
Router: Don't use he.net addresses for GeoIP
Router: Soft restart fixes
SSU: Peer test fixes
SSU: Publish empty IPv6 address when missing introducers
SSU: Reduce ack delay to improve performance
Transport: Fix UPnP deadlock
Tunnels: Don't build client tunnels shorter than minimum length
UPnP: IPv6 fixes
Other:
API version: 0.9.54
Console: Setup wizard redesign
i2psnark: Load system mime types if available
I2PSnark standalone: Add system tray
Router: Reduce build reply timeout so we will retry faster
Router: Avoid Sybil penalty for trusted large families
Source: Remove BOB
Translation updates
http://www.i2p2.de/
Changelog
Changes
Add deadlock detector
Periodically send our RI to connected peers
SSU MTU/PMTU improvements and fixes
SSU2 base protocol fixes and improvements
SSU2 peer test and relay implementation
SSU2 published address fixes
SSU2: Enable for Android, ARM, and a small portion of others at random
Bug Fixes
Clock: Fix deadlock after clock shift
Debian: Apparmor profile fixes
Don't allow family key errors to crash router
Fix EC family key loading on Android
Fix EdDSA key loading on Java 15+
i2psnark: Fix DHT not restarting after router restart
OSX: Prevent hangs at shutdown after dock right-click quit
SSU: Fix publishing of MTU in addresses without IPs
SSU: Fix rare HMAC NPE
SusiDNS CSS fixes
Transport: Improve processing after message delivery failure
UPnP: Don't briefly bind to all addresses at startup
Other
Set outproxy to exit.stormycloud.i2p (new installs only)
Disable SSU introductions on Android
API version: 0.9.55
New translation: Spanish (Argentina)
Translation updates
http://www.i2p2.de/
Changelog
Changes:
i2ptunnel: Support SHA-256 digest proxy authentication (RFC 7616)
SSU2: Connection migration
SSU2: Immediate acks
SSU2: Enable by default
Bug Fixes:
i2ptunnel: Fix IRC USER line filtering
Installer: Fix path for Windows service, caused local eepsite to be broken
Installer: Fix error on Windows when username contains a space
NetDB: Database store message handling fixes
NetDB: Fix reseeding when clock is skewed
Router: Deadlock fix
SSU2: Fix packets exceeding MTU
SSU2: Fix ping packets less than minimum size
SSU2: Fix handling of termination acks
SusiDNS: Fix adding entry to empty address book
SusiMail: Fix dark theme button icons
UPnP: IPv6 fix
Windows: Fix launching preferred browser at startup
Other:
Deadlock detector improvements
Debian: Change dependency from libservlet3.1-java to libjsp-api-java and libservlet-api-java
i2psnark: Increase max pieces to 64K
i2psnark: Add links to additional instances in the console
Option to compress router logs
Translation updates
http://www.i2p2.de/
Changelog
Changes:
i2psnark: New search feature
i2psnark: New max files per torrent config
NetDB: Expiration improvements
NetDB: More restrictions on lookups and exploration
NetDB: Store handling improvements
NTCP2: Banning improvements
Profiles: Adjust capacity estimates
Profiles: Expiration improvements
Router: Initial support for congestion caps (proposal 162)
Transports: Add inbound connection limiting
Tunnels: Refactor and improve peer selection
Tunnels: Improve handling of "probabalistic" rejections
Tunnels: Reduce usage of unreachable and floodfill routers
Bug Fixes:
Docker: Fix graphs not displaying
i2psnark: Fix torrents with '#' in the name
i2psnark standalone: Fix running from outside directory
i2psnark standalone: Remove "Start I2P" menu item from systray
i2ptunnel: Fix typo in HTTPS outproxy hostname
i2ptunnel: Interrupt tunnel build if stop button clicked
i2ptunnel: Return error message to IRC, HTTP, and SOCKS clients on failure to build tunnels
NTCP2: Ensure an IPv6 address is published when firewalled and IPv4 is not
Ratchet: Don't bundle wrong leaseset with ack
Router: Fixes for symmetric NAT errors on 'full cone' NAT
SAM: Interrupt tunnel build if client times out
SSU2: Fix rare peer test NPE
Sybil: Don't blame i2pd publishing ::1
Sybil: Memory usage and priority reduction
Transports: More IP checks
Other:
Blocklist efficiency improvements
Bundles: Identify Win and Mac bundles in version info
Console: Identify service installs, revision, and build time in version info
Console: NetDB search form and tunnels page improvements (advanced only)
Router: Reduce stats memory usage
Tunnels: Reduce "grace period"
Translation updates
http://www.i2p2.de/
Changelog
Fix missing Java options in docker/rootfs/startapp.sh
Detect when running in Podman instead of regular Docker
Update Tor Browser User-Agent String
Update local GeoIP database
Remove invalid signing keys from old installs
Update Tomcat version in Ubuntu Lunar and Debian Sid
Full list of fixed bugs: http://git.idk.i2p/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=2.2.1
http://www.i2p2.de/
Release Notes
This release contains fixes for CVE-2023-36325. CVE-2023-36325 is a context-confusion bug which occurred in the bloom filter. An attacker crafts an I2NP message containing a unique messageID, and sends that messageID to a client. The message, after passing through the bloom filter, is not allowed to be re-used in a second message. The attacker then sends the same message directly to the router. The router passes the message to the bloom filter, and is dropped. This leaks the information that the messageID has been seen before, giving the attacker a strong reason to believe that the router is hosting the client. This has been fixed by separting the bloom filter's functionality into different contexts based on whether a message came down a client tunnel, an exploratory tunnel, was sent to the router directly. Under normal circumstances, this attack takes several days to perform successfully and may be confounded by several factors such as routers restarting during the attack phase and sensitivity to false-positives. Users of Java I2P are recommended to update immediately to avoid the attack.
In the course of fixing this context confusion bug, we have revised some of our strategies to code defensively, against these types of leaks. This includes tweaks to the netDb, the rate-limiting mechanisms, and the behavior of floodfill routers.
This release adds not_bob as a second default hosts provider, and adds notbob.i2p and ramble.i2p to the console homepage.
This release also contains a tweakable blocklist. Blocklisting is semi-permanent, each blocked IP address is normally blocked until the router is restarted. Users who observe explosive blocklist growth during sybil attacks may opt-in to shorter timeouts by configuring the blocklist to expire entries at an interval. This feature is off-by-default and is only recommended for advanced users at this time.
This release also includes an API for plugins to modify with the Desktop GUI(DTG). It is now possible to add menu items to the system tray, enabling more intuitive launching of plugins which use native application interfaces.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
DETAILS
Changes
netDb: Throttle bursts of netDB lookups
Sybil/Blocklist: Allow users to override blocklist expiration with an interval
DTG: Provide an API for extending DTG with a plugin
Addressbook: add notbob's main addressbook to the default subscriptions.
Console: Add Ramble and notbob to console homepage
Bug Fixes
Fix replay attack: CVE-2023-36325
Implement handling of multihomed routers in the netDb
Fully copy new leaseSets when a leaseSet recievedAsPublished overwrites a leaseSet recievedAsReply
Full list of fixed bugs: http://git.idk.i2p/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=2.3.0
http://www.i2p2.de/
Release Notes
Changes
I2PTunnel: Implement support for Keepalive/Server-side Persistence
Susimail: Add markdown support for formatted plain-text content
Susimail: Add HTML Email support
I2PSnark: Add search capability
I2PSnark: Preserve private=0 in torrent files
Data: Store compressed RI and LS
Bug Fixes
Susimail: Fix handling of forwarded mail with attachments
Susimail: Fix handling of forwarded mail with unspecified encoding
Susimail: Fix forwarding of HTML-only email
Susimail: Bugfixes in presentation of encoded attachmments, mail body
I2PSnark: Handle data directory changes
SSU2: Cancel peer test if Charlie does not have B cap
SSU2: Treat peer test result as unknown if Charlie is unreachable
Router: Filter additional garlic-wrapped messages
I2CP: Prevent loopback messages to same session
NetDB: Resolve Exploratory/Router isolation-piercing event
Other
API 0.9.62
Translation updates
http://www.i2p2.de/
Release Notes
I2P 2.5.1 is being released to address Denial-of-Service Attacks affecting the I2P network and services. With this release we disable the IP-based parts of the Sybil attack detection tool which were targeted to amplify the effect and duration of the attack. This should help the network return to normal operation. Those of you who have disabled the Sybil attack detection tool may safely re-enable it. Adjustments to other subsystems to improve RouterInfo validation and peer selection have also been made.
http://www.i2p2.de/
Release Notes
Changes
Console: Update rrd4j to 3.9.1-preview
Router: Publish G cap if symmetric natted
Bug Fixes
i2ptunnel: Fix bug causing truncation of some HTTP content
i2ptunnel: Fix custom option form width (light theme)
Tunnels: Fix selection of peers with expired RIs
Other
Translation updates
http://www.i2p2.de/