i2p

[Huxley]

Trust no system completely would be the take away here ;-)

Best advice you can get right here.

If anyone is a member of Silk Road here, you might look into a product that I remember being on the site called SecureVM, sold by a vendor named SecuritySolution.
It's basically a USB key with a VM on it with all sorts of security solutions on it including a preconfigured tor instance, email and IM client set up to route through tor.
I'd buy it if I had the coins, just to see how well they did it, but for now I'll suffice to admire from afar.

[braindead0]

I believe Tor has a portable apps setup.  Portable apps would probably be a good place to start for most folks.  I've got a key I setup that opens ssh tunnels to a secure server for mail/http/https.  Each key (I carry two) has it's own pre-shared key and that's the only auth method my server allows... so if I lose one invaliding the key is trivial.

That works well enough for my needs.

[quanta]

I still don't understand why, exactly, the web addresses of .onion sites must be so convoluted. Within the .i2p network web addresses are coherent. Would you consider i2p to be more or less secure than Tor?

I just scanned the thread to make sure someone else didn't already address this issue Seth. If someone has already answered, I'm sorry.

On i2p the addresses are incoherent too just like on Tor. However, the difference is that i2p devs are aware of this and include the "Address book" that essentially acts as a DNS for the 'nice' URL of an eepsite to map to the convoluted 32-bit (or whatever) jumble of numbers that is the true URL of an eepsite.

They are actually automatically generated at the creation time of the site based on some public key, if my understanding is correct. Thus, the site has very limited control over their address(One would think they have no control, but silkroad has silkroad in their onion like, so there must be some method to it).

There is some control over the name of an .onion site. There is a utility called Shallot that runs almost identically to the bitcoin vanity address generator. The internals are similar but not identical. All I'm saying is that they both generate huge numbers of possible keys and then compare each key generated to the specified string. Shallot is not available as an executable, you have to get the source from GitHub and compile yourself.

[Seth King]

I still don't understand why, exactly, the web addresses of .onion sites must be so convoluted. Within the .i2p network web addresses are coherent. Would you consider i2p to be more or less secure than Tor?

I just scanned the thread to make sure someone else didn't already address this issue Seth. If someone has already answered, I'm sorry.

On i2p the addresses are incoherent too just like on Tor. However, the difference is that i2p devs are aware of this and include the "Address book" that essentially acts as a DNS for the 'nice' URL of an eepsite to map to the convoluted 32-bit (or whatever) jumble of numbers that is the true URL of an eepsite.

They are actually automatically generated at the creation time of the site based on some public key, if my understanding is correct. Thus, the site has very limited control over their address(One would think they have no control, but silkroad has silkroad in their onion like, so there must be some method to it).

There is some control over the name of an .onion site. There is a utility called Shallot that runs almost identically to the bitcoin vanity address generator. The internals are similar but not identical. All I'm saying is that they both generate huge numbers of possible keys and then compare each key generated to the specified string. Shallot is not available as an executable, you have to get the source from GitHub and compile yourself.

Why does this "address book" exist for i2p but not for Tor? Also, who are these "devs?" Can these registries get nailed? I really like the idea of having a dailyanarchist.i2p website. The other question I have is how search engines work. Mainstream search engines use the URL's of websites to help rank. So, when somebody searches the term "anarchist" my site will rank higher than most because it has anarchist in the name. But with web addresses like sdfhsdf897u34nwef8.onion I don't see how a search engine could be very efficient. Thoughts?

[braindead0]

<snip>
Why does this "address book" exist for i2p but not for Tor? Also, who are these "devs?" Can these registries get nailed? I really like the idea of having a dailyanarchist.i2p website. The other question I have is how search engines work. Mainstream search engines use the URL's of websites to help rank. So, when somebody searches the term "anarchist" my site will rank higher than most because it has anarchist in the name. But with web addresses like sdfhsdf897u34nwef8.onion I don't see how a search engine could be very efficient. Thoughts?

You can usually find out who's working on projects (aka "devs" via the project home page).

Having anarchist in your address means nothing to any search engine I'm familiar with, the content is indexed and various other factors depending on search engine. 

[quanta]

Sorry for a late reply. The previous post pretty much summed it up: I just called them 'devs' out of hand. I meant to say the developers of the i2p project. And why does i2p have this and not Tor? I have no idea. It could be done with Tor, I suppose. I found a page http://www.i2p2.de/naming.html on the i2p site that explains the technicalities behind their 'Address Book' implementation. They use several local host files that contain the mapping between the incomprehensible hashed eepsite link and the friendly version of the link.

As far as search engines etc -- I'm not sure on i2p, there is a Tor search engine that alleges to have some reasonable number of onion sites indexed. This really gets beyond my technical expertise and I'll have to bow to anyone else out there that knows more about SEO type stuff and these darknets.