Was pondering what browser is best for using with i2p? You know that despite there not being a dedicated browser for i2p like there is Tor Browser with Tor.
Constantly in discussions online I hear Librewolf being used as a dedicated i2p browser and I think this is valid. In the not so distant past I have tried using Tor Browser with i2p. However I felt the concern for opsec mistakes or mis-configurations was not worth changing my Tor Browser.
Then I was ecstatic when Mullvad Browser was released but they now (last I tried) they block using policies and or custom prefs so this feels moot.
My 2¢ on the matter is can a dedicated browser for i2p be added?
Any chance of including Librewolf for this criteria?
– P.S. - If Mullvad Browser can be used currently with custom prefs and enterprise policies to force i2p settings let me know how you got it to work in the comments thx
There was some work on getting a Tor Browser variant that would automatically interact with i2p in the past, but it seems to have stalled. See tb-updater/usr/bin/update-i2pbrowser at master · Kicksecure/tb-updater · GitHub, but note that last time I tried to use this, it “didn’t work” (don’t remember the exact error messages but I believe I couldn’t even launch the browser).
One challenge with i2p is that the official Java client is not present in Debian, only a less-safe C++ implementation is available. The Java client is packaged in a way similar to Tor Browser (tarball that has to be extracted to disk, then the software within automatically updates itself), which may make it a serious pain to integrate into Kicksecure and/or Whonix. (Tor Browser uses this distribution method, and it requires a massive amount of code to download and install it safely.) Introducing an i2p-specific browser would require some way of actually installing i2p.
Unsure, see:
According to Installation on Debian based systems – LibreWolf, an extrepo is available for Librewolf, which would make it somewhat easy to create a browser-choice plugin for it. Making a plugin for Librewolf + i2p however is much more work as explained above.
Forgive me if I’m wrong on this, but last time I used i2p, I thought all I had to do after launching the i2p client was point my browser’s HTTP proxy at it. This was pretty trivial in Firefox, which Mullvad Browser is based on. I don’t think that requires enterprise policies?
Honestly I like i2pd tbh but the Java version is more rich
Well lets weigh in if including Librewolf installation to browser choice is worth it for starters. The i2p specifics could be discussed more and if anything a wiki documentation about how to set it up.
A plugin for i2p though would just be including a config file or policy file or both for Librewolf if checked. The maintainability of it though might not be worth the time or cost for Browser Choice.
If concluded that the final destination decided of not likely to due to the stated reasons and what you mentioned then I can understand. At the minimum installation of Librewolf would be a good add and leave it at that.
You are correct that it is as simple as changing your browsers proxy setting but let me explain more here. For starters I forgot to mention that when I updated Mullvad Browser (in the past when using with i2p) it changed my DNS setting, one thing of which is they use DOH by default. Even when you aren’t using the Mullvad VPN you are using DOH which is thier DNS unless you change it.
I was unsure if DOH settings or other about:config DNS settings but, i2p was leaking DNS queries in my pihole log after a browser update. The policies is to lock the proxy and DNS settings from changing from possible updates or whatever.
I’m unsure how and when things have changed with Mullvad Browser. I guess I could revisit i2p with Mullvad Browser but currently I have found Librewolf to be best browser choice for dedicated i2p use in my personal experience.
Forgive me if I’m wrong on this, but last time I used i2p, I thought
all I had to do after launching the i2p client was point my browser’s
HTTP proxy at it. This was pretty trivial in Firefox
This is how I use i2p proxy in Firefox, yes. Does one really need a
special browser for that? Why not just create a new user profile in
Firefox that uses 127.0.0.1:4444 as its HTTP/S proxy?
Difficult to guarantee proxy obedience. The browser must not bypass proxy settings. Historically there have been leaks where applications such as browser did not obey proxy settings such as DNS leaks, browser plugins, WebRTC, and whatnot.
Tor Browser - a browser optimized for use with Tor - does a lot more to protect user’s privacy and anonymity than routing traffic over Tor. References:
I2P browser development is out-of-scope for Kicksecure. Related:
