|
|
|
|
|
|
by scottpiper
4170 days ago
|
|
|
An important consideration when deciding if it is a good alternative is how good is it's security and ability to keep you anonymous? Since that's the whole point of using it anyway. When evaluating, it's important to look at past vulnerabilities. The following links are to posts from Exodus Intelligence about a vuln they found in i2p in July, 2014.
- http://blog.exodusintel.com/2014/07/23/silverbullets_and_fai...
- http://blog.exodusintel.com/2014/08/25/tails-from-the-cri2p/ On the one hand you could say it is more secure now because Exodus Intelligence reviewed it, and said "I2P had many cross-site scripting vulnerabilities" of which all were fixed. Also the way in this could be exploited is a little unique (by using XSS to hit the internal I2P router configuration intranet), so it's hard to fault the developers too much for overlooking those XSS problems originally. On the other hand, there is the view that the more vulns that are found, the more likely it is there are more as yet undiscovered vulns. |
|
|