News and announcements
I2P 0.9.21 released!
Written for I2P by KYTV on 2015-08-02
0.9.21 contains several changes to add capacity to the network, increase the efficiency of the floodfills, and use bandwidth more effectively. We have migrated the shared clients tunnels to ECDSA signatures and added a DSA fallback using the new "multisession" capability for those sites that don't support ECDSA.
The speakers and the schedule of the I2PCon in Toronto 2015 have been announced. Have a look on the I2PCon page for details. Reserve your seat on Eventbrite.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
RELEASE DETAILS
Changes
Add multisession support for dual-signature crypto on the same tunnels
Use multisession for shared clients
Increase default outbound bandwidth limit to 60 KBps
Increase default maximum participating tunnels
Floodfills will send database store acks directly if connected, for efficiency
Set TCP keepalive on I2CP and SAM sockets
More efficient decompression in HTTP proxy, use less threads
Add support for fast extensions in i2psnark
i2psnark only autostarts torrents that were running previously
Add support for translated console news
Bug Fixes
SSU fixes to compete better with NTCP for bandwidth when limited
Fixes to prevent SSU stalls
Wait for outbound tunnels before sending first leaseset to client, to prevent dropping first message
Clean up resources correctly when SAM stops
Better error handling and notification when HTTP proxy is not running
More i2ptunnel fixes at startup and shutdown of tunnels
Fix total_size in i2psnark metadata message
Restore dates in console news headers
Several I2CP fixes
Other
Use same session for naming lookups in I2PSocketEepGet
Increase max bandwidth to 16 MBps, add larger Bloom filter
New floodfills will send their info to nearby floodfills to speed integration
Apache Tomcat 6.0.44
Translation updates
Update GeoIP data (new installs and PPA only)
I2P 0.9.15 released!
Written for I2P by KYTV on 2014-09-21
0.9.15 adds preliminary support for Ed25519 EdDSA signatures. It includes a new persistent configuration backend for i2psnark and fixes several issues with i2psnark's handling of file names. There are several improvements to speed up SAM. Plugins now support stronger signatures in the su3 file format. Plugin installation via the console, which was disabled in 0.9.14, is re-enabled.
We have supported ECDSA signatures since 0.9.12, and we would like to start using ECDSA by default. Unfortunately, some of you are still running older I2P versions, and for others, their distribution or Java runtime does not support ECDSA. Red Hat (RHEL, Fedora) distributions are reported to be missing ECDSA. Some have fixed the Java issues by upgrading from Java 6 to Java 7; others have had success with installing the "unlimited strength policy files". We've added information about missing crypto to the log file and the /logs page in the console. After you update to 0.9.15, please check if you are missing ECDSA support, and attempt to fix it if necessary. This is particularly important for those that run popular eepsites and services.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
I2P 0.9.14 released!
Written for I2P by KYTV on 2014-07-27
0.9.14 includes critical fixes for XSS and remote execution vulnerabilities reported by Exodus Intel. As an added precaution, we have disabled several advanced configuration features in the router console, including installation of new plugins. We plan to re-enable these in a future release after additional review.
Due to I2P library changes, I2P-Bote users must upgrade their plugin to version 0.2.10 to work with I2P 0.9.14. Your router should update the plugin automatically after the router restarts.
The release also contains several bug fixes in i2ptunnel, i2psnark, and other areas, and updates to the latest Jetty, Tomcat, and Wrapper. We've also implemented a faster and more secure method for reseeding. Of course, there's also the usual collection of minor bug fixes and translation updates.
You must update to this release immediately. The best way to maintain security and help the network is to run the latest release.
RELEASE DETAILS
Security Fixes
* Fix several XSS issues
* Disable changing news feed URL from UI
* Disable plugin install
* Disable setting unsigned update URL from UI
* Disable clients.config editing from the UI
* Add Content-
* Disable unused ExecNamingService (thx joernchen of Phenoelit)
Bug Fixes
* Fix tunnel building so it doesn't get "stuck" on a single pool
* Reject participating tunnels when hidden
* Several i2psnark improvements and fixes (GUI and DHT), including changes for better compatibility with Vuze
Other
* Reseeding now fetches a signed zip file containing router infos for security and speed
* Use JVM's AES implementation if it is faster
* More advanced options shown in the i2ptunnel edit pages
* Per-message reliabilitiy settings in I2CP and error propagation back from router to client
* Lots of findbugs fixes and cleanups
* Support signature types in SAM, bump rev to 3.1
* New event log page in console
* Jetty 8.1.15.v20140411
* Tomcat 6.0.41
* Wrapper 3.5.25 (new installs and PPA only)
Translation updates
Update GeoIP data (new installs and PPA only)
SHA256 Checksums:
8e400551866c790
a3731f5ac0ca1fa
30bb7bbfd1ff829
404b0e699747409
94eb8e05df8b9d9
fe64bfd41710a97
38b1966729e4646
I2P 0.9.13 released!
Written for I2P by KYTV on 2014-05-22
0.9.13 includes fixes for firewalled routers, netdb lookup improvements, and a big SusiMail update. Of course, there's also the usual collection of bug fixes and translation updates.
As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.
zzz has updated his GPG keys, and the release files are signed with his new keys. His new key fingerprint is: 2D3D 2D03 910C 6504 C121 0C65 EE60 C0C8 EE72 56A8
RELEASE DETAILS
SusiMail
Many UI improvements
Implement local storage of messages
Add offline mode
Messages now deleted on server after download
Several backend POP3 and SMTP speedups and fixes
Bug Fixes
NetDB lookup fixes
Fix transition from not-firewalled to firewalled
Fix plugin uninstall on Windows
SSU locking fixes
Fix rapid republishing of SSU addresses
IRC client exception fixes
Fix changing HTTP outproxy configuration without restarting tunnel
Other
New i2ptunnel server option for unique local address per-client
Warn in i2ptunnel on duplicate client ports
Update HTTP User-Agent to match TBB
Extend SSU establishment retransmission timer
Use constant-time method for HMAC verification
New translation: Slovak
Translation updates
Update GeoIP data (new installs and PPA only)
Malware at i2pbrowser.net
Written for I2P by KYTV on 2014-02-16
We have recently been made aware of the existence of i2pbrowser.net. This website copies our homepage and download page, and attempts to trick users into downloading Windows malware.
There are several indicators that point to i2pbrowser.net being a malware site:
The domain was registered on February 10th, 2014.
The download URLs for Windows, Mac OSX, Linux, Android etc. all link to the same .exe file.
The .exe is only 741 KB; the official Windows installer for I2P is 13 MB.
We have not examined the malware ourselves, but it does not appear to be very sophisticated; it is not integrated into or bundled with the I2P software. Information security expert Lance James posted a tweet labelling it as "a standard dark comet rat".
Spread the word. The only offical download locations for I2P are linked on our download page. All I2P download packages are GPG-signed by the release signing key.
Updated . Read more