Topic: [ANNOUNCE] Bitmessage - P2P Messaging system based partially on Bitcoin - page 12. (Read 89814 times)
July 19, 2013, 05:23:04 PM
Someone will make an online version soon. But it will probably have to be paid cuz of spam.
July 19, 2013, 05:20:59 PM
If this service had an android app, I would use it a lot daily
i think it would take your phone a very long time to do the proof of work
July 19, 2013, 04:18:43 PM
If this service had an android app, I would use it a lot daily
July 19, 2013, 03:55:49 PM
Hey a couple years of water boarding is better than execution
July 19, 2013, 02:51:46 PM
Just realize, if you use encryption, you must think in terms of life in prison or why use encryption in the first place
Or you could spend life in prison for failing to turn over your keys.
Or perhaps you just don't want your identity stolen.
oh you mean the keys i accidentally lost?
July 19, 2013, 03:36:17 AM
Just realize, if you use encryption, you must think in terms of life in prison or why use encryption in the first place
Or you could spend life in prison for failing to turn over your keys.
Or perhaps you just don't want your identity stolen.
oh you mean the keys i accidentally lost?
July 18, 2013, 02:49:27 AM
After what happened with first bits, I'm not relying on something like that again.
But there must be a way to do it right without serious issues involved...
Take a look: https://bitmessage.org/forum/index.php/topic,2563.0.html
(Sorry for advertising my own work here, though. But I think this can be really useful.) July 18, 2013, 02:33:14 AM
Yeah a local address book that can't be compromised or close
July 18, 2013, 02:31:51 AM
After what happened with first bits, I'm not relying on something like that again.
But there must be a way to do it right without serious issues involved...
July 17, 2013, 12:37:53 PM
Just realize, if you use encryption, you must think in terms of life in prison or why use encryption in the first place
Or you could spend life in prison for failing to turn over your keys.
Or perhaps you just don't want your identity stolen.
July 17, 2013, 11:56:25 AM
Just realize, if you use encryption, you must think in terms of life in prison or why use encryption in the first place
July 17, 2013, 10:02:16 AM
what are you some sort of russian spy or something? 
what are you going to get life in prison over should your security become compromised?
what are you going to get life in prison over should your security become compromised?
C'mon, this is the interwebs, do not take everything that is being said that seriously
Mr. bitpop is probably just having some fun here.
July 16, 2013, 08:03:43 PM
Let's just say I have a special pen pal
July 16, 2013, 07:16:15 PM
Redundant vs life in prison...
what are you some sort of russian spy or something?
what are you going to get life in prison over should your security become compromised?
July 16, 2013, 07:15:30 PM
Redundant vs life in prison...
July 16, 2013, 06:04:42 PM
The encryption behind BitMessage is solid and adding PGP is entirely redundant.
The problem with OTR is exchanging the initial public key. DH does not prevent man in the middle attacks. The problem with Certificate Authorities is they are only as secure as the weakest link. Other forms of key exchange are not 'easy to use' and ultimately result in BM style 'address exchange' over an out-of-band channel.
BitMessage has some weaknesses and the whole address structure, signing key vs encrypting key is ultimately based upon a poor understanding of the possibilities with ECC DH. I am working on a C++ / Qt based enhanced version of BitMessage that solves many of the problems of BM including the addresses and use of ECC that is lower bandwidth and yet more secure.
This will be released as part of beta-testing the P2P network / broadcast code behind BitShares.
The problem with OTR is exchanging the initial public key. DH does not prevent man in the middle attacks. The problem with Certificate Authorities is they are only as secure as the weakest link. Other forms of key exchange are not 'easy to use' and ultimately result in BM style 'address exchange' over an out-of-band channel.
BitMessage has some weaknesses and the whole address structure, signing key vs encrypting key is ultimately based upon a poor understanding of the possibilities with ECC DH. I am working on a C++ / Qt based enhanced version of BitMessage that solves many of the problems of BM including the addresses and use of ECC that is lower bandwidth and yet more secure.
This will be released as part of beta-testing the P2P network / broadcast code behind BitShares.
July 16, 2013, 11:51:53 AM
I would still use pgp.. for certain messages. Bm hasn't been fully audited yet, a vulernability could exist.
Plus your keys could be stolen like a wallet.
Its motivating that Im not the only paranoid person here Plus your keys could be stolen like a wallet.
I believe that paranoia is an evolutionary benefit in the society we got today.How much would an audit cost? Which entities could perform a trusted audit?
July 14, 2013, 06:14:03 PM
I managed to create a .app/dmg of Bitmessage after I got it to successfully install on my Mac. So far I've had a couple of people report that it works, but feel free to test it out.
Credit: medoix for technical assistance
Ok, here's the link: https://mega.co.nz/#!PJFB3bjQ!N_4SGGxo5gcr65ubabowd1dZPTpIOdf_Pb2j7hBO9js
Credit: medoix for technical assistance
Ok, here's the link: https://mega.co.nz/#!PJFB3bjQ!N_4SGGxo5gcr65ubabowd1dZPTpIOdf_Pb2j7hBO9js
July 13, 2013, 03:02:30 AM
Hmm whatever keeps me out of jail ;-)
July 13, 2013, 02:52:48 AM
I don't see how it's better and there's no client.
The point with OTR is (as also written in the article linked from the previous poster) is that, as far as I understand it, it creates a "temporary secret" used only for one session and discarded afterwards. This makes it impossible for an attacker in the middle to store the communication and decrypt it later if the private key of one of the users involved is disclosed after the communication. It also gives deniability unlike PGP where, if a key is compromised, your messages give for instance perfect proof (in court or for whatever reason else) that you actually wrote them (because of your signature).
I'm not sure about an "official client", but there's a library released by the project and it is actively used for instance in Pidgin or Jitsi (also mobile clients are available). I use Pidgin with OTR for encrypted XMPP chats regularly and it works very, very well.
Note however that I think OTR is much better suited to "instant message like" communication than emails (because it requires a handshake to establish a secure connection, AFAIK), thus I'm not sure how well it would fit to Bitmessage, where sending a message is also quite expensive and takes time because of PoW.
Jump to: