Many people have heard of onion routing in Tor and have a rough idea of how it works. However, fewer people know about garlic routing.
That's why I decided to write a short note about what it is and how it works in I2P🚥
How is a message sent? ✉️
In I2P, your message travels through a tunnel—a chain of randomly picked computers (nodes) on the network. Each node only knows where to send the data next, not the message content, thanks to garlic encryption🧄.
Your message is first encrypted for the recipient using end-to-end encryption. Asymmetric encryption🔐 uses a public key to encrypt and a private key to decrypt.
How are encryption layers created?🔒
Now the process of wrapping the message in layers begins.
Imagine that you have a tunnel with three nodes: A, B, C.
The encrypted message (already protected for the recipient) must be passed through these nodes so that each one knows only the next step. To do this, I2P creates encryption layers one for each node.
Each layer is additional encryption with instructions for a specific node, such as “forward to node B” or “send to recipient.”
It works like this: you encrypt the message with the public key of node C, adding the instruction “forward to node B.” You encrypt this packet again with the public key of node B with the instruction “forward to node A.” Then the entire packet is encrypted with the public key of node A with the instruction “send to recipient.”
When you send the packet, it goes to node A. Node A opens its layer with its secret key, sees the instruction “forward to node B” and forwards the data. The data remains encrypted for other nodes. Node B opens its layer, sees the instruction “forward to node C” and forwards it. Node C opens the last layer, sees that it needs to be sent to the recipient, and does so.
Each node only knows its own step and does not see the content of the message, its sender, or its recipient.
Why is encryption called garlic?🧄
Now, let's talk about “garlic” encryption in detail. In I2P, your message is packed with others into one encrypted packet🗂, called garlic. This packet may include your message, others’ messages, and network data like tunnel commands⚙️
All these messages are encrypted together, and each layer of encryption (for nodes A, B, C) covers the entire large packet, not each message individually.
When node A opens its layer, it sees the instruction for the entire packet, such as “forward to node B,” and sends it on. It does not know how many messages are inside, whose they are, or where they are going. Node B does the same, opening its layer and forwarding the packet to node C. Node C, opening the last layer, can send the entire packet or parts of it (depending on the instruction) to the recipients, but it does not know how many messages are inside and to whom they are addressed. This makes it impossible to determine whose message is where, even when observing the network.
Each message in the packet is protected by individual encryption for its recipient🔑 so that no one but the intended person can open it.
The messages inside the packet are not explicitly separated they are sort of stuck together into one continuous encrypted piece of data. I2P can also add “garbage” data🗑 fake messages that masquerade as real ones but mean nothing.
In addition, I2P mixes♻️ your packet with other data on the network and can add random delays during transmission. This makes it difficult to analyze traffic. Tunnels change every 10 minutes, and the nodes in them are selected again, so it is impossible to track the path.
How does garlic encryption differ onion encryption?🧅
In onion encryption, each message is encrypted separately and transmitted through its own chain of nodes. Garlic encryption not only wraps your message in layers of encryption, but also combines it with other messages and fake data into a single encrypted packet.
Interesting thread!
ChatGPT quietly scrubbed today nearly 50,000 shared conversations from Google's index.
FixupX
𝚑𝚎𝚗𝚔 𝚟𝚊𝚗 𝚎𝚜𝚜 (@henkvaness)
ChatGPT quietly scrubbed today nearly 50,000 shared conversations from Google's index after our investigation. They thought they'd solved the probl...
ChatGPT quietly scrubbed today nearly 50,000 shared conversations from Google's index after our investigation. They thought they'd solved the problem. They were wrong. (1/5)
A new Digital Digging investigation, conducted with @ osint77760, has uncovered 110,000 ChatGPT conversations preserved in
http://Archive.org's Wayback Machine—a digital time capsule OpenAI can't touch. (2/5)
@ osint77760 While OpenAI scrambled to de-index conversations from Google, they forgot the internet's most basic rule—nothing truly disappears.
Internet Archive: Digital Library of Free & Borrowable Texts, Movies, Music & Wayback Machine
had already captured everything. (3/5)
@ osint77760 In one particularly damning conversation, an Italian-speaking lawyer for a multinational energy corporation laid bare their strategy to displace indigenous Amazonian communities. (4/5)
@ osint77760 Read the full story here
ChatGPT Confessions gone? They are not !
OpenAI closes gap, but another opens of 110.000 chats
The intuitive introvert sees too much.
This archetype is so rare, even Jung found it challenging to define. In his words:
“Lives in a world that is only indirectly accessible to others… immersed in symbolic content, archetypes, and images which may seem foreign or irrational to most.”
They don’t just observe life, they decode it.
While others look at what is, they feel what’s becoming.
This depth is a gift, but it often feels like a burden, because when you see beyond the veil, it’s hard to unsee.
EU age verification app to ban any Android system not licensed by Google
Reddit:
Reddit - The heart of the internet
The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
.
Problem is, the app is planning to include remote attestation feature to verify the integrity of the app:
GitHub
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.
. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means:
• The operating system was licensed by Google
• The app was downloaded from the Play Store (thus requiring a Google account)
• Device security checks have passed
While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems.
This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it.
The issue has been raised here
GitHub
Do not add Google Play Integrity integration · Issue #18 · eu-digital-identity-wallet/av-doc-technical-specification
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to st...
but no response from team members as of now.
In short: You can only be a full citizen of the EU if you accept the ToS from Google.
