eyedeekay
commented
1 year ago The things you are asking for directly already exist to an extent. We have: http://127.0.0.1:7657/console which contains said exactly that disclaimer and follow up security advice for browsing. It does need a drastic rewrite. Rewriting it is roughly equal to restructuring it entirely, so go for it. I believe you have re-written it some times before, if you intend to do it soon, let me know so that I can work with you on getting it in before translation tags are frozen. This has been held back before because we missed tag freeze.
Re: connectivity I2P is constantly checking own it's own connectivity and exposing that information to the user in the sidebar.
- It will say whether your network is "OK," meaning that it was possible to punch a hole and make you a full P2P participant in the network
- It will say "Firewalled" with some feedback on the type of Firewall, indicating you are a client-only of the I2P network
- "Hidden" indicating whether you are hidden from other routers in the I2P network, and thus a client-only
- or whether there is simply no network to connect to.
I do not think this information should be reduced, and I do not think that it should be moved to /home. I am open to the idea of a /dashboard page which exposes the information from the sidebar on it's own page.
The reason I'm nacking a move to /home for network status, even if the users can ignore "Firewalled" messages 99% of the time, we can't really responsibly expose fewer states than that, otherwise people won't tell us about it when they submit bug reports. We could move it to /home, but that would just make it less visible. We could make some new indicator on /home which will report readiness in the "Firewalled" state as well as in the P2P state, but that's giving the user less, arguably inaccurate information just because some fraction of users is misinterpreting an accurate message? I just don't see the point of saying in another place exactly the same thing we say in the sidebar, except maybe less information? It sounds like creating a footgun to me. Maybe if you made it much clearer what your idea is?
In our chat, you suggested connectivity checks for applications like outproxy. I can think of a way to do this which is reasonable, with the caveat that it only works at configuration time, and not at use-time. Since I2P outproxies are configured on the Hidden Services Manager page for the HTTP tunnel, it makes sense to give feedback about whether they are configured correctly from that page as well. This could be done with stoplight-style indicators for outproxy connectivity, one for each configured outproxy, below the outproxy configuration on: http://localhost:7657/i2ptunnel/edit?tunnel=0, however, I am not OK with it being anywhere other than that page. The reason being that I do not want our users to think they are using an application which is configured with the outproxy when they are not. So, in the console apps, the place where it makes sense to have it is in the HTTP proxy configuration.
Regarding outproxy checks for HTTP proxy clients, we can host a service which checks if a request came from a known outproxy. We can find known outproxy IP addresses by connecting through them, and adding them to the service. This service would look like: https://check.torproject.org/ or http://torcheck.xenobite.eu/. This would be a service which we, or one of the outproxy providers, would need to host, it would be unsafe to include in the router itself because it would need to expose a clearnet service to perform a check. Somebody who can safely host the clearnet service has to do it.
- If we host it, we enumerate all outproxy providers and check client requests for whether it came from one we knew about.
- If the provider hosts it, they could only check for their own outproxies and not for every outproxy.
- OR anyone who hosts such a service could check for all known outproxies.
This service would become a bookmark in the bookmark set used in our browsing toolkit on Windows.
EOT.
Shoalsteed
Can we add a check I2P option to /home.
This could be just a simple page that participants are sent too that says "Your router is configured to use the I2P network" and then adds a disclaimer that I2P sites may or may not be reachable due to operators or traffic congestion, and maybe some basic follow up security advice for browsing.