Anonymous Node's without i2p?
Started by anon 44aada36cb287bc8... ·
What interfaces or connections ensure that the location can't be traced back besides i2p?
You can use Reticulum over Tor.
Interloper has/had a RNS over TOR server and I asked him a while ago how he did it and the setup was rather simple.
For the Server side:
- Install Tor
- Set the hidden service in the torrc file tosomething like
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 4245 127.0.0.1:4245
- In the RNS config you can use the TCP Server Interface or the Backbone Interface, for example:
[[Tor Backbone]]
type = BackboneInterface
interface_enabled = true
listen_port = 4245
listen_ip = 127.0.0.1
- Start Tor and get you host address from the hidden_service folder you defined in step 2.
- You are done.
For the client side:
- Install Tor or just run the Tor-Browser or install Orbot
- Since the reference implementation of RNS doesn't come with a Socks-Interface, you have to download one from here: https://codeberg.org/SkyGuy/reti_socks_client
- Put it into the .reticulum/interfaces folder or in /data/data/io.unsigned.sideband/files/app_storage/reticulum/interfaces if you are using sideband
- In the rns config add something like:
[[Tor Client]]
type = SOCKSClientInterface
enabled = true
target_host = YourOnionAdressp9ae8asdsdzheap9fa7fha9if.onion
target_port = 5959
proxy_host = 127.0.0.1
proxy_port = 9150
- Note that the Socks port of Tor might be different for Orbot (I think 9050?)
- You are done.
The only Server I know of is the one from Interloper and should be reachable on intrcxv4fa72e5ovler5dpfwsiyuo34tkcwfy5snzstxkhec75okowqd.onion. But I didn't test if it is still online.
Columba has a Socks-Interface but I think it's broken at the moment. If you really want to use Columba instead of Sideband you could start your rns instance with sideband and share it with Columba I guess.
Disclamer: while the setup works, I'm far from qualified to give advice about security. I also didn't check the SkyGuy interface if it is secure. So use at your own risk.
CarL_PetErson: thought about that too, but I think tor is less secure/anonymous than i2p and i2pd does provide a stable and fast connection, once node's are already discoverd.
I guess what I am asking is kind of an imossibility or would not really be discuessed on this board.
I mean even just using a normal backbone connection is already be pretty anonymous because either the backbone you are connecting to has to be compromised or someone has to follow the chain of connections manually which is possible but difficult.
Add in a tor connection and I think you are in the clear. I'd be way more worried about other opsec mistakes rather than tor deanonymizing you, and if the off chance it did (if all the relays are in germany or something and traffic analyis becomes possible), they'd still have go through reticulum to figure you out exactly what you are doing. Unless every single government agency is after you, you'll be fine.
If you don't want to use tor you might be able to add some more plausible deniability by spoofing the hops count so your destination to everyone else seems further away topologically and then making yourself a transport node so that your traffic blends in with everything else. Though I wouldn't call that a perfect solution and spoofing the hop count isn't built into reticulum (yet).
My question is why not i2p? Unless you are just looking for some redundancy in case i2p goes down/tunnels fail.
Cudanet:
well for one I'd like to move past TCP/IP.
- You need a ISP, that's not very independent/resilient.
- I think it's all bloated. I2p is quite resource intensive and crashes quite often. so yeah kind of agree, but Tor is similar to that.
welo: your suggestions sound interesting.
just to quote the official manual:
TCP connections reveal the IP address of both your instance and the server to anyone who can inspect the connection. Someone could use this information to determine your location or identity. Adversaries inspecting your packets may be able to record packet metadata like time of transmission and packet size.
For me it was unclear if this means any node that connects to the node is traceable for any connected node.
Often when using TCP I'm only in a 2-hop connection I think that's quite traceable.
welo wrote:
Doesn't tor just use tcp/ip and where does a ISP come into this?
Yep that's why I'm not a big fan of tor either.
how do you connect to tor (I need an ISP no?)?
anon wrote:
welo wrote:
> Doesn't tor just use tcp/ip and where does a ISP come into this?Yep that's why I'm not a big fan of tor either.
how do you connect to tor (I need an ISP no?)?
Yea everything you do through the internet goes your isp, and that's the case of normal connection, tor connections and i2p connections too. You cannot hide that you are uploading or downloading data from your ISP, you can only hide exactly what you are downloading or uploading and from who and tor and i2p do those thing pretty well which then forward it to the rest of the reticulum network.
Only real exception would be sending reticulum packets as lora or radio but those are very localised with usually ranges less than 15km at best and it's pretty trivial to locate the guy blasting 5 wats of electromagnetic radiation out some homemade antenna
anon wrote:
For me it was unclear if this means any node that connects to the node is traceable for any connected node.
Only the transport node you connect to knows your ip address and which destination you are sending packets to though that information isn't sent in the reticulum packets themselves. But yes if someone could correlate your reticulum destination with that tcp connection either by compromising that server you are connecting to or traffic analysis, they could eventually figure where/who you are.
Only real exception would be sending reticulum packets as lora or radio but those are very localised with usually ranges less than 15km at best and it's pretty trivial to locate the guy blasting 5 wats of electromagnetic radiation out some homemade antenna
well you forgot Ethernet and IR. While requiring low maintenance and interference, these are kind of sketchy x)
Only the transport node you connect to knows your ip address and which destination you are sending packets to though that information isn't sent in the reticulum packets themselves.
thanks that makes me ease a bit