About hidden networks and the anonymity of their developers

Totalitarianism and dictatorship took place in any historical period that modern science knows about. However, a person is prone to freethinking and dissatisfaction with everything that interferes with this. In our time, both sides of the issue are still relevant: some tirelessly try to prohibit and punish objectionable statements, others constantly generate these statements.

In order not to sharpen the ideological corners of the article, we will omit discussions about the possible infringement of freedom of speech, conscience and other things that supposedly should be free. For one reason or another, people often want to remain anonymous, resorting to anonymization software to do this. In this article you will learn why developers of programs for anonymity on the global network themselves should remain terra incognita.

Seduction of the Onion Web

The most popular online anonymity tool is Tor. For a user who is far from the topic of networks and the process of creating software in general, Tor is a Pandora's box and the Holy Grail of anonymity. This opinion is suggested by many sources, including the Tor project itself, which is supported mainly not by voluntary donations, but by the US Department of Defense and State Department. It should be noted that Tor was originally a development of the law enforcement agencies of this country (since 1995). Only in 2006, the non-profit organization Tor Project was created to develop the network, which to this day is the cover of the Tor browser, so beloved by young seekers of anonymity.

An astute reader may experience slight cognitive dissonance at this point: the United States of America, famous all over the world for scandals about total surveillance for the population of the planet, developed and made available for public use an instrument of freedom of speech!

To the credit of all admirers, it must be said that Tor is an open source project, which allows programmers around the world to check the quality of the program and identify possible weaknesses. Also in 2011, Tor received the Social Impact Award Free Software Foundation, and in 2012 - awards EFF Pioneer Award.

Despite the open source code of the Tor client, the network has architectural weaknesses in the form of start and consensus nodes that ensure its global functioning. Critical network infrastructure is distributed among authoritative institutions such as universities and public organizations, but the very fact of knowingly known guarantors of network performance raises concerns. Some of the guarantors are organizations directly dependent on the state.

Tor has several documented cases of operational failure. Basically, such news is associated with attacks from outside, and not with architectural shortcomings of the project itself. Most incidents are difficult to Google or are completely absent from search results. A possible reason lies in the fact that the network is so uninteresting to anyone that they don’t bother writing about it (although this is unlikely).

The last major incident with the Tor network that was directly related to the network's vulnerable architecture was the shutdown of more than half consensus nodes in January 2021, which surprisingly coincided with riots in America. As a result of the attack, all intranet “.onion” domains» v3 were unavailable for several hours, i.e. it was impossible to access anonymous network resources.

The information given is enough to suggest that Tor is not a tool of free speech in general, but “out there somewhere”, but when this “somewhere out there” begins in the USA, whose government keeps a hidden network under its wing, the network may cease perform its functions. You can also find an opinion on the Internet according to which Tor was released to the public in the early 2000s with the main focus on China, which maintained its socialist bias in politics even after the collapse of the USSR - once the main ideological enemy of the States.

Some enthusiasts of hidden networks, resistant to censorship and monitoring, consider Tor to be self-indulgence and call for its abandonment, especially in situations where the importance of maintaining user anonymity reaches the state level.

Incognito will save the situation

The second among anonymity tools is the network I2P. Less fame is due to a higher entry threshold for a newcomer, as well as the lack of advertising sponsored by the government of any country. There are two independent network clients: Java router And i2pd.

Unlike Tor, the I2P network is developed from the very beginning by a community of enthusiasts and is not affiliated with law enforcement agencies. All available I2P starting nodes needed for the first launch of the network client are held by enthusiasts (unnamed persons in the majority), who are more difficult to put pressure on than on a university, because there is an additional task of finding them. In addition, you can start an I2P router at all without accessing start nodes.

Questions arise from decisions made when developing a Java router, which stem from illogicality and deliberate ignoring of identified vulnerabilities. For reference: the Java router is a popular network client developed since the early 2000s (the alternative “i2pd” router dates back to 2013).

The development of the popular client for more than ten years has been supervised by one person with the nickname zzz. Under his control is the most authoritative resource stats.i2p: a directory of hidden sites and a (free) registrar of short domain names in the “.i2p” zone. Claims have been repeatedly made against stats.i2p due to censorship. Censorship on the main resource of an anonymous, uncensored network?! When there was a wave of #BlackLivesMatter in the world, zzz without discussion with the community changed the word "master" to "primary" in many places in the I2P router code, and also began to even more aggressively ignore new and delete old resources from right subject. Ultimately the controversy community an independent registrar reg.i2p was created, which zzz refuses to add to the Java router, citing lack of censorship.

Long-term neglect is egregious. critical vulnerability, which allows you to de-anonymize the administrator of a hidden resource. The developer of the Java router acknowledged the danger of the attack, but did not take any action. Vulnerability made public lead developer an alternative client where the problem is solved at the initial development stage.

The veil of zzz’s mysterious behavior, which is inconsistent with the spirit of I2P, is lifted by the fact of its publicity. His personality googles not the first line of search results, but quite simply: he personally participates in meetings dedicated to the development of.

In order not to increase the conspiracy level of the article, I will not make assumptions about the nature of zzz’s interaction with law enforcement officers. A sensitive reader can imagine the level of responsibility that the public wants to place on the shoulders of a person working on an anonymity tool. Anything will come into play: crime, violence, perverts and the like. Only a few will soberly say that such tools are used for criminal purposes. in a minority of cases, however, it allows users to share opinions on any topic without regard to Big Brother.

The developer of i2pd under the nickname orignal, unlike his colleague zzz, remains a secretive person, and, according to him, does not intend to change this state of affairs. He is open to criticism and suggestions, is actively working on an alternative I2P router and laughs at censorship. To a greater extent, he is the ideological inspirer of this material and an example for developers of similar projects: If someone needs a personality hype, or at least some kind of media presence, there is no place for him in the development of means of communication, which are a balancing force against the despotism of political regimes. In turn, no regime can provide a “pure” means of struggle without providing for its own protection from it.