Topic: [ANNOUNCE] Bitmessage - P2P Messaging system based partially on Bitcoin - page 26. (Read 89873 times)

No, although if the receiver is offline for more than two days then the sender will have to resend the message (the client does this automatically) because the network will clear the old message from memory.

This "two days" value can very easily be changed if people agree that it should be changed.

woow, I just tried it with a friend,
it really works

p2p e-mail, I have been looking for this for a long time.

Does it require the receiver and sender to be online at the same time like retroshare does ?

The forum is up but I am having database corruption with the Wiki and may have to restore from the backup which is a couple days old which I am trying to avoid.

All back up. The wiki database is from a backup several days old. I expect no problems on my new host. Please pardon the downtime.

@Atheros
Thanks for Your reply !

On determ. addresses:
 my idea was, that
user will store (on paper or on metal)
only his "source string". recreating
his addresses from it, if needed.

With new addr. version announced before
 the version shift all users will
exchange new addresses in advance.
-------
Or maybe it is possible to have
addresses in All streams, generated from
one "source string"

On forum-like features:
I have another several crazy (but nice)
ideas, but i doubt that You will
implement all of them
in Bitmessage. ))

Better way is to code separate
from Bitmessage
forum-like software.
we will crowdstorm it's design :
See this post:
https://bitcointalksearch.org/topic/retroshare-bitcoin-forum-key-swap-and-discussion-113835

You are very welcome there ! )

Well BitMessage has been around for only about a week from what I can tell. (OP Date is November 28, 2012, 06:13:37 PM), and Wickr was first mentioned on Forbes back on June 27th, so it's got a little bit of a head start.

Edit: Ocay, it was apparently up on Nov. 11th, and second commit to Github was on the 18th.

Also, a message to Atheros, I miss the website   Any ETA on it being not not up?

What is this "bitcoin" you speak of?  

thanks for the response!  Very helpful.

I'll add that Wickr has been mentioned on NPR; while Bitmessage has not.

Wickr -

• Closed Source
• Only for iPhone (Android coming soon)
• Written in (Objective-C? Cocoa?)

BitMessage -

• Open Source
• Cross-platform
• Written in Python

Its architecture is also "based partially on Bitcoin", which I'm going to guess %99 of us use.

I didn't have time to catch up on this forum yet, but I thought I'd leave these two thoughts/links:

http://bitcoinmagazine.net/bitmessage-a-model-for-a-new-web-2-0/

How is this better/different from https://www.mywickr.com/

I'll be back later to read responses.

Right. It seems at a first glance that the signature verification would stop the ACK from being sent.

Still the attack can be executed using a timing attack. It's easy to detect if 100 RSA blocks are being decrypted or just only two. You send another message right after the Bleichenbacher message. If it takes one second to process, then 100 blocks have been decrypted. If it takes 100 msec, then only two blocks have been decrypted.
I'm sure there are still other ways to detect the correct/incorrect PKCS padding and carry the attack.

When a crypto protocol shows many vulnerabilities, then is better to make a pause and re-design carefully from scratch than to start patching.

I recommend you that you first write a technical paper on the crypto protocol, and send it to some researchers for them to analyze. If they say is ok, then go on and implement it. I offer my free advise to read the paper and give it some thought.

Last, there is still another vulnerability in the anonymization logic: If a node X receives a message and immediately sends an ACK then an attacker Z connected to X can detect that X is the receiver of the message.

To deter this attack nodes should continuously send messages at a fixed rate, creating new ones (with no destination) when no new message is received. Other solution is that nodes should be protected with Tor at all times. I will post about this in the bitmessage forum.


Best regards,
 Sergio.

PS: I never meant to say that the idea is bad. Go ahead and improve it!

There is already a project that works as a forum:
http://www.osiris-sps.org

But it isn't completed and it isn't open source.
Anyway devs are still working on it, and they will probably release the new version ( v1.0 ) in 2013 and it will be completely open source

It's slightly counter-intuitive to try to hide one's public key from a specific person. The current Bitmessage client implements "ignoring" using the blacklist.  So it's already done!

To mitigate this, I hope to host the binaries on SourceForge and used the same management practices used for Bitcoin. I completely understand that many people are hesitant to trust binaries. For them Bitmessage can be run from the source code and there are step-by-step directions on how [Windows] user can do that on the Wiki (which will return tomorrow).

Yes, the code is still up to download and run. The main site will be back shortly; I'm abruptly switching hosts.

I hadn't given thought to a forum-like feature. It would be neat indeed. My initial idea on how it could work is this: A 'forum' type message with a field for the thread-name which would be specified by the person who starts the thread and spread through word-of-mouth through some other centralized mechanism OR via search functionality. To join the thread, you would would put the thread name in your Bitmessage client and it would display all messages that have been posted in that thread thus far. This idea has the following problems:
* Spam bots would see popular threads and would be willing to put fourth the POW to spam therein.
* Messages could appear in slightly different orders for different people.

Another option is having the software of the person who started the thread (let us call him Bob) be responsible for receiving thread submissions and broadcasting them. To submit to the thread, other clients would do the POW and Bob would sign the broadcasts and broadcast them. This would guarantee message order because the time in each message from Bob would be accurate (as long as Bob doesn't modify his software and lie). This idea has the problem that Bob could ignore messages from people he doesn't like. I suppose this would give him the ability to act as a moderator. This seems like a workable idea.

Other ideas are welcome and I will politely confirm or deny what I think would or wouldn't work.

Concerning deterministic addresses, if they are possible with Bitcoin then they'll be possible with Bitmessage with one issue: You would also have to remember and specify the address version number and the stream number OR they would have to be stored on disk.  After Bitcoin moves onto the next address version number then Bitcoin deterministic addresses will face the same problem.

I'm aware of what a backdoor is .... I just don't see how BitMessage represents a "backdoor". Just throwing out the term does not make it so, just makes the person doing look like a FUD-monger.

I'm sure there are people on slashdot that were saying "bitcoin is a backdoor" also ... it sounds cool if you don't know what you are talking about I suppose.

when it was still up, i was unable to register there...

Even if the site is down and/or the main dev disappeared, there is the source code here
https://github.com/Bitmessage/PyBitmessage

Website seems to be down. Please don't let the project die. We need some user-friendly app to communicate privately.

Because i can not post on the Bitmessage forum,
for some reason, i will leave it here :
Regarding to Sergio's suggestion of using
 http://en.wikipedia.org/wiki/Authenticated_encryption
i found interesting links )
http://www.daemonology.net/blog/2009-06-24-encrypt-then-mac.html

http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html