I2P Browser Configurations and their Attackability
This information was never very complete, and it is currently out-of-date. I am working on updating it to reflect the current set of recommendations.
Testing the attackability and fingerprintability of various browsers in an i2p context, and where possible, reducing it via whatever available configuration.
Semi-Official Firefox Browser Profile
-
Standalone Page: firefox.profile.i2p
-
Tested on: Windows 10
-
Source Code used for Test: https://github.com/eyedeekay/firefox.profile.i2p
# Reproduce: 1: Open I2PBrowser launcher via the shortcut 2: Copy-paste the following base32 address: http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/ 3: Press the fingerprint button.
I2P in Private Browsing Mode Firefox Extension
-
Standalone Page: firefox.profile.i2p
-
Tested on: Debian GNU/Linux, OSX
-
Source Code used for Test: https://github.com/eyedeekay/I2P-in-Private-Browsing-Mode-Firefox
-
Home Page: I2P in Private Browsing Mode (Debian GNU/Linux)
# Reproduce: 1: Install I2P in Private Browsing Mode from [addons.mozilla.org](https://addons.mozilla.org/en-US/firefox/addon/i2p-in-private-browsing/) 2: Copy-paste the following base32 address: http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/ 3: Press the fingerprint button.
These 2 screenshots are from the same Firefox at the same time. As you can see, the fingerprints differ and obuscation measures have been taken.
Deliberately misconfigured Firefox(HTTPS leak)
-
Standalone Page: misconfigured firefox
-
Tested on: Windows 10
-
Source Code used for Test: N/A
-
Home Page: N/A
# Reproduce: 1: Configure Firefox to use a proxy by setting the common network settings 2: Copy-paste the following base32 address: http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/ 3: Press the fingerprint button.
Minimal correct configuration for Firefox
-
Standalone Page: Minimally configured firefox
-
Tested on: Windows 10
-
Source Code used for Test: N/A
-
Home Page: N/A
# Reproduce: 1: Configure Firefox to use a proxy by setting the common network settings 2: Copy-paste the following base32 address: http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/ 3: Press the fingerprint button.
lynx
-
lynx (On Debian GNU/Linux)
# Command used: http_proxy=http:/127.0.0.1:4444 \/usr/bin/lynx http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/
elinks
-
elinks (On Debian GNU/Linux)
# Command used: http_proxy=http:/127.0.0.1:4444 \/usr/bin/elinks http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/
ungoogled-chromium incognito mode
-
ungoogled-chromium (On Debian GNU/Linux)
# Command used: \/usr/bin/chromium --incognito --proxy-server="http:/127.0.0.1:4444" http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/
I2P Browsing Persona + I2P Proxifier Plugin on Chromium
-
Standalone Page: firefox.profile.i2p
-
Tested on: Windows 10, Debian GNU/Linux
-
Source Code used for Test: https://github.com/eyedeekay/I2P-Configuration-for-Chromium
-
Chromium Configuration (Debian GNU/Linux)
# Reproduce: 1: Install extension via the instructions 2: Copy-paste the following base32 address: http://teqk4zxf7xmfc7qtdepnaulopax4fzq3mwbfjfutdxqdvfp3dp2q.b32.i2p/ 3: Press the fingerprint button.
MIT License
Copyright (c) 2018 idk
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
I2P