What, exactly, are you saying? It's certainly much better than people who blindly proclaim to be secure and don't even make an effort to be transparent or truly secure in their actions.
Tried compiling latest beta but I think the wxwidgets in repositories are too new. I keep getting deprecation warnings and then an error when trying to "make" (./compile works just fine.)
Bitmessage did however work for me. I was able to send a message. Haven't received one though...
WASTE is quite old and bitrotted. It's possible there's updated versions out there, but it effectively got killed when AOL forced Nullsoft to stop developing it. It was a bit before its time, really.
Why does nobody use URIs? At least bittorrent magnet links got this right.
We have standards for a reason, guys.
Furthermore, any system in which all nodes receive all messages will not scale. Additionally, without proof-of-work, it is trivial to disable the network through flooding.
> Because a public key on its own isn't that useful as the address of a resource?
Why not? If I can send a message to someone with their public key, it is a resource address. At least, I assume he's talking about these "BM-BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s" (that's the author's) strings people are sharing. It could easily be bm:BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s and that would be a valid URI if the scheme were registered.
I'm always mad at URI's because file: required redundant slashes (ex: file:///bin) until RFC3986 (which allowed file:/bin) but most apps that use URIs (such as browsers, or Dolphin) still throw in the redundant host slashes.
I suppose that's a valid point. However, you can always treat address encoding and URI schemes separately. Email addresses aren't URIs, but mailto: links are.
The biggest downside:
If the sender transmits message to network and goes offline for forever, and recepient goes online to pick up message only two days or more after that, he will never receive a message.
Subscribe to (and share) base64-encoded[1] images. Just send the base64 encoded image to the above Bitmessage address and it will be auto-relayed to subscribers. Don't forget putting the file name and extensions as the subject!
BEWARE! Medium/big images (>1Mb) may take hours to be work-proven before being sent.
Also, here is a little JSFiddle that can transform the encoded text into a viewable image using JavaScript in the browser. It could be easily extended to handle HTML5 audio and video formats, as well as automatic type detection. Additionally, It seems that (at least with Chrome) the browser doesn't care which filetype you specify; An <img> tag will render JPEG data prefixed with "image/png".
I was just recently wondering if you could use the bitcoin-style blockchain concept to implement encrypted "email". It looks like this does exactly that...
Their white paper seems to address some issues such as proof-of-work, spam, and scalability (you'd likely have a much larger blockchain than with bitcoin).
I remember a proposal from a while ago by someone else that was essentially a PGP-encrypted RSS scheme. You encrypted each message for the intended recipient and recipients would subscribe (or choose not to) to a sender's feed.
Bitmessage seems to have the advantage of being peer-to-peer, so RSS broadcast is not an issue.
I had the exact same idea two days ago but didn't think it was a good idea. For money (Bitcoin) I see no other way than to inform everyone of all transactions, but messages can be of any length. I wouldn't want to download or store the chatlog of everyone on the planet on my pc, simply because it's the only way to ensure delivery once a client connects.
The only difference with the idea that I had was that a client might delete messages once it receives an authenticated delete command from the recipient (or perhaps the sender). This may still allow for people to use the system as global backup though.
Can this be used to implement a decentralized version of twitter? I've been wanting to do this for ages, but it's a difficult technical problem that requires a large investment. This might just be it!
I seem to be missing the details on the cryptographic constructions here. Can anyone point to the specification i.e. what ciphers, signature systems, etc. are being used, and how they are being used?
Also, they seem to be saying that they are secure against passive eavesdroppers. We absolutely must be thinking in terms of active attackers in this day and age.
37 comments
[ 4.6 ms ] story [ 85.0 ms ] thread:)
Just saying.
(http://en.wikipedia.org/wiki/WASTE for those who don't know)
WASTE looks cool though. I've been concerned with communications lately, any other secure messaging alternatives?
PS: BM-oqqCRUMao1hb5E1vyxJXkRLxdshzLDz1P
Bitmessage did however work for me. I was able to send a message. Haven't received one though...
http://www.reddit.com/r/bitmessage
http://www.reddit.com/r/namecoin
We have standards for a reason, guys.
Furthermore, any system in which all nodes receive all messages will not scale. Additionally, without proof-of-work, it is trivial to disable the network through flooding.
Because a public key on its own isn't that useful as the address of a resource?
> Additionally, without proof-of-work
"In order to send a message through the network, a proof‐of‐work must be completed in the form of a partial hash collision." - paper, section 3.
> any system in which all nodes receive all messages will not scale
They discuss this in section 4 of the paper.
Why not? If I can send a message to someone with their public key, it is a resource address. At least, I assume he's talking about these "BM-BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s" (that's the author's) strings people are sharing. It could easily be bm:BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s and that would be a valid URI if the scheme were registered.
Also the dev answered your question about URI's here http://www.reddit.com/r/bitmessage/comments/1ay3kh/why_not_u...
;)
BM-opoQdjrXhZtCaZApEDDxmFtnMpXkLDqTs :)
BEWARE! Medium/big images (>1Mb) may take hours to be work-proven before being sent.
[1] Convenient online encoding/decoding (even from/to binaries) http://www.motobit.com/util/base64-decoder-encoder.asp
http://jsfiddle.net/RKNUM/
Their white paper seems to address some issues such as proof-of-work, spam, and scalability (you'd likely have a much larger blockchain than with bitcoin).
I remember a proposal from a while ago by someone else that was essentially a PGP-encrypted RSS scheme. You encrypted each message for the intended recipient and recipients would subscribe (or choose not to) to a sender's feed.
Bitmessage seems to have the advantage of being peer-to-peer, so RSS broadcast is not an issue.
See: cryptocat.
The only difference with the idea that I had was that a client might delete messages once it receives an authenticated delete command from the recipient (or perhaps the sender). This may still allow for people to use the system as global backup though.
BM-onWV4PZKAr8AGdsoSgCLsLqo8wp3c3DHA
Also, they seem to be saying that they are secure against passive eavesdroppers. We absolutely must be thinking in terms of active attackers in this day and age.