Project

General

Profile

Feature #12264

Reintroduce I2P

Added by anonym over 2 years ago. Updated about 1 month ago.

Status:
Confirmed
Priority:
Low
Assignee:
Category:
-
Target version:
-
Start date:
02/25/2017
Due date:
% Done:

10%

Feature Branch:
Type of work:
Code
Blueprint:
Starter:
Affected tool:
I2P

Description

In order to get I2P back into Tails we primarily need someone to keep I2P nicely integrated in Tails in terms of user experience, security and similar, by improving the existing integration and also closely following the upstream developments and and syncing with it (e.g. making use of new features/configurations that makes sense for Tails' use case). To get some idea of what this could mean, here are some examples of work we did in this area:

  • the I2P Browser.
  • monitoring of the I2P bootstrapping process => notify users about its progress or failures.
  • the pre-configured Pidgin account for Irc2P.
  • configuring I2P itself to be in "Hidden mode" (i.e. don't be a relay) since the way Tails often is used (no persistence, abrupt shutdown) otherwise would leave dead relays on the network, hurting its performance.
  • AppArmor profile for I2P.

Let's call this person the Tails-I2P liaison. This person will need solid general Linux skills, as well as decent knowledge of I2P. Yeah, that's vague, but let's say that if you look at the diff of the removal of I2P and don't get scared (possibly excluding the stuff under the features directory, which is our automtaed test suite), you probably have what it takes. anonym will mentor this person about Tails development (e.g. building images will be a requirement for the liaison's tasks).

The Tails-I2P liaison's jobs are:
  • to test new I2P releases in Tails:
    • let us know when we should import the I2P package (i.e. when tests are good).
    • provide us with patches for any changes needed (e.g. new feastures/preferences/etc).
  • in general improve the I2P-integration in Tails.
  • And for the actual reintroduction we also want to be shown work and commitment that gives us hope that this effort will be kept maintained for a long time, and not abandoned shortly after the first few releases where I2P has been reintroduced. What I'd prefer to see here is:
    • Tails Greeter option for enabling I2P
    • a solution for #8280
    • fixing the I2P bootstrapping monitoring: there is a sleep 240 in wait_until_i2p_builds_a_tunnel which I find quite unacceptable. I don't even recall the specifics about this issue, and sadly we do not have a ticket, so an investigation of why we ended up having to do this will be required.

(When it comes to the Deiban packaging, it is currently done by zzz, the I2P Project Manager. zzz ideally does not want to be the Debian package maintainer, but the Tails-I2P liaison does not necessarily have to be the replacement -- that could be yet another person. Rationale: probably it will be easier to separate these responsibilities so the required skill-sets will be smaller.)

Step one to start working on this would be:
  • checkout a new Git branch
  • revert e9d02049b4086b3516224227dbb6d4c73f8ff159
  • add the deb.i2p2.de APT repo during the build, so I2P can be installed from there, since we don't have the packages in our repos any more.
  • start hacking!

failed.log.bz2 - Log from failed build with I2P (144 KB) mhatta, 12/23/2018 06:02 AM

ok.log.bz2 - log from ok build without I2P (152 KB) mhatta, 12/23/2018 06:05 AM


Related issues

Related to Tails - Bug #11276: Decide what to do wrt. I2P Resolved 03/23/2016
Blocks Tails - Bug #11114: I2P tests are fragile Confirmed 02/13/2016
Blocks Tails - Bug #11452: "I2P displays a notice when bootstrapping fails" test is fragile Confirmed 05/20/2016
Blocks Tails - Bug #11462: "I2P is running" test is fragile: may fail when the time has not sync'ed yet Confirmed 05/23/2016
Blocks Tails - Feature #7724: Sandbox I2P Confirmed 11/17/2015
Blocks Tails - Feature #5544: Persistence preset: I2P Confirmed
Blocked by Tails - Feature #16531: Define our core code base In Progress 03/05/2019

History

#1 Updated by anonym over 2 years ago

  • Related to Bug #11276: Decide what to do wrt. I2P added

#2 Updated by intrigeri over 2 years ago

  • Priority changed from Normal to Low

(Not something we collectively commit to do.)

#3 Updated by anonym over 2 years ago

To reintroduce I2P, revert e9d02049b4086b3516224227dbb6d4c73f8ff159 (and deal with a ridiculous amount of merge conflicts as time passes :)).

#4 Updated by anonym over 2 years ago

  • Description updated (diff)

#5 Updated by vk over 2 years ago

I did start some work on this (see https://mailman.boum.org/pipermail/tails-dev/2017-May/011409.html for details).
There're some questions in the thread above regarding #8280, as soon as I get some guidance on those - I will send a patch for review.

#6 Updated by cypherpunks over 2 years ago

Stop shoving i2p down our throats! We don't want it and no one uses it. Stop wasting our RAM with this bloat.

#7 Updated by vk over 2 years ago

cypherpunks wrote:

Stop shoving i2p down our throats! We don't want it and no one uses it. Stop wasting our RAM with this bloat.

Hello, my friend, nice to see you too. before posting to tails-dev@, and in this ticket I did some research in this bugtracker and I2P Trac, and know that I2P has a rough history in Tails.
Unfortunately I fail to see the whole I2P issue takes too much of your RAM, so may I? Thanks.

To make it clear for those who don't want to follow the URL: I'm eager to pick up I2P testing, integration, and Debian packaging tasks to get I2P back to Tails. If I'm too late, and the decision was made somewhere to drop I2P forever - please close/reject this ticket with appropriate comment.
Otherwise - let's continue meaningful discussion; I will also be contacting zzz to sync up with him/her on this, he was heavily involved before according to #11276

#8 Updated by spriver over 2 years ago

  • Blocks Bug #10474: Scenario "Connecting to the #i2p IRC channel" is fragile added

#9 Updated by spriver over 2 years ago

#10 Updated by spriver over 2 years ago

  • Blocks Bug #11452: "I2P displays a notice when bootstrapping fails" test is fragile added

#11 Updated by spriver over 2 years ago

  • Blocks Bug #11462: "I2P is running" test is fragile: may fail when the time has not sync'ed yet added

#12 Updated by spriver over 2 years ago

  • Blocks Bug #11458: "I see the Unsafe Browser start notification and wait for it to close" step is fragile added

#13 Updated by anonym almost 2 years ago

  • Description updated (diff)

#14 Updated by anonym almost 2 years ago

  • Assignee set to mhatta
  • Target version set to Tails_3.9

At 34c3 I met with zzz and mhatta, the Debian package maintainer of the I2P package in Debian. mhatta intends to do the work needed to reintroduce I2P into Tails, and is committed to maintain the I2P-integration in Tails for the foreseeable future. Yay!

Our current goal is to reintroduce it with the improvements listed in this ticket's description in the Tails 3.9 release (or whatever we call the release happening on 2018-08-28).

#15 Updated by u almost 2 years ago

#16 Updated by u almost 2 years ago

#17 Updated by intrigeri over 1 year ago

  • Blocks deleted (Bug #11458: "I see the Unsafe Browser start notification and wait for it to close" step is fragile)

#18 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.9 to Tails_3.10.1

#19 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.10.1 to Tails_3.11

#20 Updated by CyrilBrulebois 11 months ago

  • Target version changed from Tails_3.11 to Tails_3.12

#21 Updated by mhatta 11 months ago

Finally, I began some work on reintroducing I2P into Tails. My repo is: https://gitlab.com/masayukihatta/tails/tree/feature/12264-reintroduce-i2p

The first problem I encountered is the official I2P apt repo only provides https. Tails won't support https transport (https://redmine.tails.boum.org/code/issues/8143).

#22 Updated by mhatta 11 months ago

I found there is still http://deb.i2p2.no/ (not .de), so I could add and install I2P tentatively.

Somehow the build fails, and I can't find out why. Any hints?

Here's log of "rake --trarce build". It goes well without I2P (ok.log).

#23 Updated by mhatta 11 months ago

Also log from successful build without I2P.

#24 Updated by anonym 11 months ago

It looks to me as if the builder VM started running out of RAM an OOM killed the mksquashfs process. I can see you are doing an in-RAM build, and the amount of build space we specify is pretty close to the actual minimum, so it makes sense that the extra space required by installing I2P cause issues.

Enabling more build space is just a matter of:

--- a/vagrant/lib/tails_build_settings.rb
+++ b/vagrant/lib/tails_build_settings.rb
@@ -10,7 +10,7 @@ VIRTUAL_MACHINE_HOSTNAME = 'vagrant-stretch'
 VM_MEMORY_BASE = 1024

 # Approximate amount of extra space needed for builds
-BUILD_SPACE_REQUIREMENT = 12*1024
+BUILD_SPACE_REQUIREMENT = 13*1024

 # Virtual machine memory size for on-disk builds
 VM_MEMORY_FOR_DISK_BUILDS = VM_MEMORY_BASE

#25 Updated by mhatta 11 months ago

Bingo! Thanks anonym!

#26 Updated by intrigeri 10 months ago

  • Target version deleted (Tails_3.12)

#27 Updated by intrigeri 8 months ago

  • Blocks deleted (Bug #10474: Scenario "Connecting to the #i2p IRC channel" is fragile)

#28 Updated by sajolida 3 months ago

#29 Updated by sajolida 3 months ago

I had a chat with some people from I2P today to discuss whether we want to reintroduce I2P in Tails and what it would take.

Even if the I2P developers do all the work they can on their side to make I2P "Tails-ready", reintroducing I2P in Tails will have a cost for us:

  • Integration work that they won't be able to do themselves: test suite, Tails Greeter, etc.
  • Non-coding work that they won't be able to do themselves: UX, doc, help desk, translations, etc.
  • Maintenance cost. We've already removed I2P once from Tails because of maintenance issues.
  • UX cost: more options means more things for our users to understand, more choice to make, and more confusion and errors. Keeping software limited and focus in the features it offers is a virtue. The opposite is a problem called feature creep: https://en.wikipedia.org/wiki/Feature_creep.

In terms of user base, I2P has between 25k and 50k connected users. Tor has 2.5M connected users (100 times more). Tails has 25k users as well, that's 1% of Tor users. The intersection of Tails and I2P might be very small (and might not be our most important users either). If Tails ends up being 1% of I2P users, like it is for Tor, it would be 250–500 daily users, 1–2% of our user base.

Exciting news from I2P:

  • Someone told them that I2P works in China in places where Tor is blocked. Though China has tried to block access to some aspects of I2P, it's still work in some places.
  • I2CP (I hope I got the acronym right) has obfuscation properties similar to obfs4 that might help some people circumvent censorship. We should check whether these properties could also benefit the PT community in general or are specific to I2P.

I told the I2P folks that we would make a decision regarding a possible inclusion of I2P in Tails as part of the discussion that we will have on #16531. Until then, we should stop sending them mixed signals: it's not clear yet whether we want I2P back in Tails or not.

#30 Updated by mgerstack about 1 month ago

Tails should not underestimate his influence on some userbases.

During the last months where a big amount of hidden services were (and still are) getting harsh DDoS attacks with the INTRODUCE2_CELL scheme there often was the idea from various sides to switch to I2P.
Some tried and failed hard because the userbase went to zero.

Many users who visit hidden services only trust and use Tails as the OS of choice to browse anonymously and uncensored.

I think if Tails would reintroduce I2P that would be a big benefit.
Maybe the influence wouldnt be seen directly but especially the last months showed that having an anonymous and uncensorable working backup network to Tor could get important again.

But with the current style Tails is not ready for using it with I2P.
There is a workaround but installing I2P in Tails currently is difficult and unsupported.

So if a user trust into Tails they are sticked to Tor.

And its working the other way round too. If the Tails userbase would get a little bit more familiar with I2P then i think I2P would see a few users more because maybe some hidden services would went into I2P.

Its the electro car - power socket problem. (I am pretty sure there is a real word for what i mean.)
I2P was removed from Tails because of less userbase and the users will not come back because they are now glued to Tor because of the decision to remove I2P.

I dont know how costly it is (or if there even is someone who would like to spend time on reintroducing I2P but maybe dont get the feedback that its important) to reintroduce I2P and if its not worth it i can understand the decision but for diversity it would be important to reintroduce I2P and the current INTRODUCE2 DDoS attacks confirm that.

#31 Updated by intrigeri about 1 month ago

mgerstack wrote:

I2P was removed from Tails because of less userbase

FTR, this is incorrect. Here's why we removed I2P:

tails (2.12) unstable; urgency=medium

 * Major changes
- Completely remove I2P. :( We have decided to remove I2P (see
 #11276) due to our failure of finding someone interested in
maintaining it in Tails (Closes: #12263).

Also available in: Atom PDF