this post was submitted on 14 Sep 2024
172 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

1445 readers
29 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Regular users in Sweden are in danger because a corporation needs to fill their pockets. Studios are suing your ISPs to get to you.

Use I2P. It will hide your IP address (among the many things it can do), afford you more privacy and allow you to torrent freely, even without a VPN/seedbox. The catch? You'll have to add the I2P trackers to your torrent.

I believe I2P is the way forward for piracy and I look forward to it getting bigger than it already is.

top 50 comments
sorted by: hot top controversial new old
[–] ExcessShiv@lemmy.dbzer0.com 32 points 2 months ago* (last edited 2 months ago) (4 children)

A proper VPN provider is sufficient to protect against this though. If you, as a Swedish citizen, weren't already using a VPN, you were being an idiot.

I mean, it still makes sense to also use I2P, but it is currently not good enough as a full replacement.

[–] Findmysec@infosec.pub 28 points 2 months ago (3 children)

A VPN company can easily give up your details to the police who are now actively going after citizens. VPNs are not enough anymore.

Is there a problem with I2P adoption? I'm sensing a massive lack of interest from this thread

[–] 1984@lemmy.today 24 points 2 months ago* (last edited 2 months ago) (3 children)

If there are no logs, there is nothing to give up. There is no law that they have to keep logs as far as I know.

Don't get me wrong, I'm interested in i2p. Thanks for posting.

[–] Findmysec@infosec.pub 7 points 2 months ago

The point is that logs are generated and then deleted but companies who do not wish to keep such logs (e.g. IP address of client who connects to the VPN). I2P sure to it's design, doesn't even generate such incriminating logs (it might generate other kinds of logs which is a different discussion).

Thanks

[–] onlinepersona@programming.dev 6 points 2 months ago (2 children)

If there are no logs, there is nothing to give up. There is no law that they have to keep logs as far as I know.

You have to trust that the VPN provider doesn't store logs. I2P is pretty much trustless besides where the binary comes from, but you can even compile it yourself.

Anti Commercial-AI license

[–] anzo@programming.dev 13 points 2 months ago (1 children)

Mullvad is trustworthy (imho, and because of audits).

Anyway, you can have both, and run purple i2p with blackjack and torrents!

[–] lud@lemm.ee 8 points 2 months ago (2 children)

Mullvad is great. I unfortunately had to switch because they removed port forwarding, but I highly wish they didn't.

load more comments (2 replies)
[–] Robust_Mirror@aussie.zone 3 points 2 months ago

I use PIA, cheap and they've been involved in at least 2 court cases where their no logging policies were proven.

[–] foremanguy92_@lemmy.ml 5 points 2 months ago

No logs policy are not trustworthy

[–] Abnorc@lemm.ee 12 points 2 months ago (3 children)

I admit that I’m skeptical since everyone is a node. It probably is fine, but I don’t know the risks that I take by volunteering as a node. I thought that VPNs can be fine as long as they don’t store logs, but I could be mistaken.

[–] ReversalHatchery 18 points 2 months ago

as a node

  • you are unable to see the contents of traffic you route thanks to layered encryption
  • you wont be routing traffic to the internet (unless you specifically set it up), but only to other I2P routers
[–] Findmysec@infosec.pub 10 points 2 months ago

VPNs usually do store your IP when you connect to them, even if they delete it later (it is technically impossible to not know the IP address of whoever is connecting to the VPN). And the likes of Mullvad and IVPN do not allow port-forwarding.

I will repeat what I said to the other commenter: please read the documentation. Being a router doesn't mean that traffic and its contents can be linked to your identity. Data is broken down into chunks and encrypted along with metadata being scrambled. Unless there's a zero day I'm unaware of, you are perfectly safe.

[–] onlinepersona@programming.dev 8 points 2 months ago

Being a node isn't an issue. The traffic is encrypted, the destinations are unknown to the nodes themselves, and the traffic does not leave the overlay network (I2P). In TOR, you also have something similar, but the traffic can exit the overlay network but to do so, your node must be an exit node. I2P nodes are internal by default and it's not that easy to make it an exit node.

You are very safe being a node in I2P.

Anti Commercial-AI license

[–] ExcessShiv@lemmy.dbzer0.com 7 points 2 months ago* (last edited 2 months ago) (1 children)

A good VPN won't have any details to hand over that will convict you, even if they wanted to (e.g. mullvad), so they most definitely are enough.

And police are not going after citizens, rights holders are (like they always have been) by suing ISPs in hopes of getting your info.

What in don't like about I2P, is being a node for other peoples traffic.

[–] Findmysec@infosec.pub 9 points 2 months ago* (last edited 2 months ago) (2 children)

VPNs log your IP. And Mullvad doesn't allow port-forwarding, which means you can't seed.

Being a node for traffic doesn't mean it can be linked to your identity, because everything is encrypted and metadata is scrambled. TOR node operators take much greater risks because depending on how they have set it up, it can lead to their identity being compromised. It's a small chance but it can happen.

I can't convince you. I only hope that people start seeing the need for it and begin reading the documentation to see its strengths

[–] tate@lemmy.sdf.org 8 points 2 months ago (2 children)

I use Mulvad, and seeding seems to work for me. Am I missing something?

[–] Saik0Shinigami@lemmy.saik0.com 5 points 2 months ago

and seeding seems to work for me.

You can only seed to people who have ports open. At least one side of the connection needs to be reachable.

It's people like me who keep ports available that are able to seed to you.

load more comments (1 replies)
[–] ExcessShiv@lemmy.dbzer0.com 3 points 2 months ago* (last edited 2 months ago) (1 children)

VPNs log your IP.

But they don't log the data going through. The IP alone will not be enough for a conviction at all. They also need to prove that you acquired/shared copyrighted content. Any proper VPN isn't going to log that.

But if you think like that I suppose you aren't very interested in running TOR relays or exits either.

No, I'm not at all interested in that either. I don't want to risk any nefarious traffic that I have no control over running through my network.

I get the appeal of I2P for torrenting and I can absolutely see the value it can bring. But as long as I will have to be a node for other random peoples traffic, I'll pass.

[–] Scary_le_Poo 4 points 2 months ago (1 children)

I feel as though this take is fully fud. It sounds like a take that came from seeing tons of advertisements for vpns without really understanding how they work. Maybe I'm wrong about you. That said, in general, a VPN is not a great cloak for piracy.

[–] ExcessShiv@lemmy.dbzer0.com 4 points 2 months ago* (last edited 2 months ago) (1 children)

If there was a completely zero percent risk that I would be used as a node for something truly horrible, I also wouldn't mind. But I'd rather torrent with a slightly elevated risk rather than enabling things that should not be enabled. By torrenting with a VPN, at least I have the control over what happens on my network and exactly what data I'm part of sharing.

[–] ReversalHatchery 3 points 2 months ago

there is 0% risk until your country makes a law that prohibits any and all P2P communication. That would not only break torrents, but would thwart signal/telegram/whatsapp calls too, Jitsi meetings, probably google meet and zoom too, as all those use P2P traffic for performance.

So far there are only such laws in far east countries, and the official java I2P router is smart enough to not participate in routing when you are in such a place.
Also, I think for routing to work you need to open a port, without it that won't be done.

[–] melroy@kbin.melroy.org 14 points 2 months ago

People who accepted this situation, promoted or even have implemented this are also idiots. Be warned, this can happen in every country, both US and in EU..

load more comments (2 replies)
[–] Andromxda@lemmy.dbzer0.com 24 points 2 months ago (2 children)

Does anyone know of a fairly uncomplicated method to set up my seedbox, so I can seed on the clearnet and I2P at the same time, without having to store two copies of all my torrents? I already seed terrabytes of torrent data, and I don't want to store duplicates of all that.

[–] Findmysec@infosec.pub 15 points 2 months ago (1 children)

Unfortunately, Qbittorrent's I2P support is still experimental. Assuming your seedbox provider can let you run BiglyBT or any other client that can cross-seed, all you have to do is add I2P trackers to your torrent file. You can also upload your torrent files to Postman on I2P for them to be registered.

[–] Andromxda@lemmy.dbzer0.com 6 points 2 months ago

Thanks for the informative reply

[–] ReversalHatchery 10 points 2 months ago (1 children)

I know nothing about seedboxes, but on a computer you can point multiple torrents to the same directory. If you make it read-only, by permission or mount options or whatever, the torrent client can't even fuck it up

[–] Andromxda@lemmy.dbzer0.com 7 points 2 months ago (14 children)

I know nothing about seedboxes

It's basically just a cheap virtual server running e.g. Deluge or ruTorrent, hosted by a torrent-friendly provider in some country that doesn't give a fuck about DMCA notices. Most don't allow the user to access the underlying Linux system though, but mine does actually give me a root shell.

I'm gonna have to look into deploying another torrent client on the seedbox, besides my current ruTorrent installation. My provider also offers dedicated servers. They're more expensive, but I might go with one so I can seed on the clearnet and I2P. It will probably have enough overhead CPU, RAM and bandwidth, so I can also run a Tor node and maybe IPFS.

load more comments (14 replies)
[–] melroy@kbin.melroy.org 18 points 2 months ago (1 children)
[–] sploodged@lemmy.dbzer0.com 30 points 2 months ago (2 children)

similar yes but not the same. tor held together by volunteer that run nodes, i2p everyone is a node. tor good for clearnet things, i2p good for in-network things. torrenting in i2p is good for i2p, not tor. torrenting in i2p stays in the i2p network, doesn't go through exit nodes. there's only about 3 of those. it's torrenting as a darknet hidden service.

[–] melroy@kbin.melroy.org 19 points 2 months ago (3 children)

Yeah, thanks for clearing this up. I was also reading: https://geti2p.net/en/comparison/tor if people want to know more in depth.

load more comments (3 replies)
[–] AlexWIWA@lemmy.ml 11 points 2 months ago (2 children)

Does being a node open one to liability?

[–] Findmysec@infosec.pub 7 points 2 months ago

Unless there's a zero-day, no. All traffic is encrypted and it should be impossible to correlate traffic chunks to identities like that

[–] Andromxda@lemmy.dbzer0.com 6 points 2 months ago* (last edited 2 months ago)

No, since they don't act as exit nodes (they're called outproxies in I2P), unless you specifically configure that. It's like running a Tor middle/guard relay. I2P was specifically designed that way, so everyone can use I2P and be a node by default without causing any trouble.

[–] cupcakezealot@lemmy.blahaj.zone 17 points 2 months ago (1 children)

remember kids do what johnny appleseed did and always seed more than you take.

[–] Findmysec@infosec.pub 8 points 2 months ago

If only people with the resources would seed

[–] foremanguy92_@lemmy.ml 12 points 2 months ago

100% right this is the way of helping the piracy

[–] randint@lemmy.frozeninferno.xyz 9 points 2 months ago

yes! Please seed more on i2p!

[–] narF@lemmy.ca 4 points 2 months ago (1 children)

Isn't it difficult to setup?

[–] Findmysec@infosec.pub 9 points 2 months ago

It's very easy to set up. Windows now has a slick installer.

[–] GatoEscobar@lemmy.dbzer0.com 4 points 2 months ago (1 children)

Another question would be how to make a seedbox service use I2P. I have seem some but none of those didn't mention I2P as a feature

[–] Findmysec@infosec.pub 3 points 2 months ago

Yes, that's a bit of a problem on the average seedbox. You'd have to modify your torrent to seed on I2P by adding I2P trackers (just a couple of them, nothing much), and then run either BiglyBT or I2PSnark to seed them on I2P. Unfortunately, most seedboxes don't give you root access, neither do they bundle these apps. Qbittorrent doesn't have good support for it yet unfortunately.

If you have an SBC/spare computer at home, would be great if you could attach a hard drive to it, install i2p/i2pd and either of the mentioned torrent clients, and seed from there in the meantime. Qbittorrent has seen community interest in I2P, unfortunately it's just not there yet

[–] Pulptastic@midwest.social 3 points 2 months ago (1 children)

I have lots of questions. I’ve always heard to use a VPN that doesn’t keep logs, this is the first I’ve heard of i2p. If I add i2p trackers that implies I still have non-i2p trackers so can still be identified. I feel like I need way more information on how to do this safely before I change anything.

[–] Findmysec@infosec.pub 7 points 2 months ago* (last edited 2 months ago)

Obviously, this doesn't change anything if you're still seeding to the clearnet. All this would do is cross-seed your torrents to the I2P network. I assume you have a suitable torrenting strategy already for the clearnet. If some day you were to abandon the clearnet for I2P, you would no longer need to take the precautions you do now because I2P is inherently private.

Please skim through the documentation for a high-level overview on I2P, and ask here if you don't understand something

load more comments
view more: next ›