Questions for the Bitmessage Community

Feb 9 19:33

I think the bitmessage concept is unique and useful. Since I am not a computer guru how can I know that bitmessage works as advertised? How can I know it really secures my messages? How can I know that there are no back doors or special loopholes in the code that allow unknown persons to pentrate the sytem? Maybe someone will say, "It's open source." That proves nothing. It would require me to get a PhD in computer science so I might examine the source. Is this what is expected of users? How does one know that bitmessage isn't just a trap? How can one know? Where is the accountability for assurance? I don't know who any of the bitmessage developers are. Who are they? Who are their fellow travellers? Why did they create bitmessage? What agendas are at play?

[chan] bitmessage <<Ext>>
Feb 9 19:49

"How can one know? " one bloody doesn't.

[chan] bitmessage
Feb 9 20:29

use OTP to encrypt big session keys then send the encrypted keys in the postal mails. Then encrypt electronic messages with a stream cipher using these session keys. Use the last session key to encrypt a new OTP for the next round. Mail new session keys every so often and destroy the old keys. This is much more secure than any electronic key exchange protocol.

[chan] bitmessage
Feb 9 20:31

Are you questioning this for absolutely everything you're using? Did you question if the machine you're on can even be remotelly trusted? Do you know who EXACTLY the people that built the parts are? Did you question if there are no loopholes in the OS you're using? Can you truly trust the people that made it? Has any company given you a guarantee they will take accountability when shit hits the fan? Do you know that ALL OTHER SOFTWARE you're using is trustworthy? Do you know where each library or module from every program you have on your machine comes from? If you can't completely answer those questions, why do you aim this specifically at Bitmessage? What frees everything else from being subject to this?

Feb 9 20:47

> That proves nothing. It would require me to get a PhD in computer > science so I might examine the source. Is this what is expected of > users? Yea that's a great question. I'm open for suggestions. > How does one know that bitmessage isn't just a trap? How can one > know? Where is the accountability for assurance? How do you propose that would work? If you can't verify it yourself, then someone else has to verify it for you and you have to trust them. Or a tool can verify it for you, but then you have to trust the person who built the tool. Or you can post some information in a way that implies a crime and when you don't up in jail, it may mean that the law enforcement cannot identify you, or they are waiting for a bigger fish, so again there is someone you have to trust. You can also use a different implementation instead of PyBitmessage but then you have to trust the developers of these. > I don't know who any of the bitmessage developers are. Who are they? You can look me up on the internet, it's not like I'm incognito. You can look up some information on Jonathan Warren as well. The two of us probably contributed most of the code in PyBitmessage. I don't really know the other contributors other than their nicknames and sometimes real names. I do know Daniel Krawisz and Justus Ranvier slightly better, we got acquainted due to our shared interest in Bitcoin prior to our involvement in Bitmessage. Furthermore, bitmessage uses existing cryptographic standards and libraries (like openssl) and those also have developers. Many times I get bug reports or helpful tips anonymously. I really appreciate all the help and I don't really care who it comes from. Or to paraphrase the most interesting man in the world, "stay anonymous my friends". > Who are their fellow travellers? Why did they create bitmessage? Jonathan created bitmessage, and you can read about his motivations in the bitmessage whitepaper (inadequacies of existing solutions with respect to protecting metadata, and the increasing amount of mass surveillance). > What agendas are at play? I can't speak for the others, but I share the two motivations listed above. I think these issues are very important and there still aren't adequate solutions for protecting metadata. I would describe myself as a cypherpunk. Peter Surda Bitmessage core developer

[chan] bitmessage
Feb 9 21:19

> why do you aim this specifically at Bitmessage? Bitmessage makes specific reference to such security. "We propose a system that allows users to securely send and receive messages, and subscribe to broadcast messages, using a trustless decentralized peer ‐ to ‐ peer protocol. [ ... ] It is also designed to mask non ‐ content data, like the sender and receiver of messages, from those not involved in the communication."

[chan] bitmessage
Feb 9 21:30

So does every half-way modern processor containing stuff like the "TrustZone" in ARMs, or equivalents in Intel / AMD. Same with Memory protection, hardware random generators that some CPUs offer. AES-NI instruction set, the upcoming transparent RAM encryption that some CPU manufacturer announced. So does your OS when it uses these features. In things like Kernel Address Space Randomization or when it tries to isolate untrustworthy code via virtualisation. So does your webbrowser when it claims that it establishes a secure TLS connection, using a ton of libraries (not exclusive to TLS), some of which have been created in a similar environment as bitmessage has. There's a million things, all of which make claims of security, the interplay of which makes up the hardware and software you use. Sure, bitmessage makes this claim for security, but if you poke the question of "How can I trust that when it's done by people I don't know, and that don't guarantee by contracts / enforceability of laws against them, that their security works" at Bitmessage, you'll have to apply it in a similar way to everything below as well and ask if you can really trust the entire chain. Because in the end, if you can't answer the question about the stuff that BitMessage relies on, the question becomes pretty meaningless for BitMessage alone.

[chan] bitmessage

Subject Last Count
bliss Feb 25 09:34 4
no TLS Feb 25 09:01 2
How to start an argument in geekspace Feb 25 08:43 43
Anonymity improvement idea for Bitmessage Feb 25 07:49 8
interface improvement Feb 25 02:05 1
Abit 1.0-rc1 Feb 24 18:18 2
http://33xtkivab2nthghe.onion/7uim34gdxs5z6b5l72nbji7ste Feb 24 08:36 1
Bitmessage security suggestion Feb 24 04:01 27
Fixes #1131 -- typo corrected Feb 23 22:19 1
little fish Feb 23 20:07 1
test Feb 23 17:43 3
Fixes #1134 Feb 23 14:42 2
Fixes #1131 Feb 23 11:37 1
Bitmessage feature request for API commands Feb 23 01:19 10
bitmessage launches cmd and then powershell Feb 22 15:53 56
bitmessage tor service Feb 22 13:31 6
I want the FEDS on this chan to know I identified one of their new tactics. Feb 20 12:03 2
Mitigating exploited software with firejail Feb 19 22:42 8
Critical vulnerability in v0.6.2 Feb 19 16:51 50
message database seems to be corrupted after all that upgraes and attacks Feb 19 14:55 7
Since upgrading yesterday to 6.3.2, Bitmessage is not connecting Feb 19 11:12 7
Inflood of old messages Feb 18 19:16 23
It is slow making connection. Feb 18 18:04 1
Globewashing Feb 18 17:44 1
how to make bitmessage secure Feb 18 05:02 1
Are you blacklisted/whitelisted? Feb 18 04:19 2
Are Linux systems vulnerable to recent attack? Feb 18 02:19 12
Are you blacklisted? Feb 18 02:09 1
address on Peter's reddit account Feb 17 23:51 3
Can't add entries to black list using Add Entry button Feb 17 15:20 4
Errors while trying to run 0.6.2 or 0.6.1 Feb 17 15:20 4
Bitmessage project looking for auditors and/or security specialists (reddit crosspost) Feb 17 13:21 6
Download it. Feb 17 07:59 2
passphrase strength ? Feb 16 20:34 8
$ cd PyBitmessage ; git log | grep Author | sort -u | blacklist Feb 16 15:54 18
diagram Feb 16 01:46 1
Bitmessage components security seclusion example Feb 16 01:24 1
⩩ 𐄉 ㎮ ䷦ 🞳 🆁 ㍝  f 𝙲 🄦 ➇ ⨘ ㊳ 𝐗 ⦱ 󿿻  🄹 𝟒  ䷄  K  🆙  ䷤ 𝐙  ⒄ ₹ ꠲  Feb 16 00:04 1
NOTICE: Address Revocation Feb 15 18:28 12
Cannot connect since yesterday Feb 15 17:59 2
Questions regarding recent bitmessage data exploit Feb 15 03:46 2
Latest commit borked Feb 14 05:26 5
BM-onion Feb 14 05:22 5
That's my new address Feb 14 03:40 1
BM massacre! Feb 13 21:23 2
Namecoin integration Feb 13 20:18 11
Hashwalling Functions for Security Feb 13 17:58 2
Same old problem connecting to network Feb 13 17:12 4
Injection attack mitigation Feb 13 16:52 7
This denial of service shit needs to be patched Feb 13 12:00 7
Test Feb 13 11:37 1
Proving that BM was sent? Feb 13 11:07 10
bitmessage ... Feb 13 08:13 1
Improve icon for chan + messages: important or not Feb 13 05:25 2
pickle puzzle Feb 13 01:03 20
so happy Feb 12 16:32 2
Fwd: Re: Did everyone else's BM starting freezing up Feb 11 03:54 10
hacker service Feb 10 03:48 2
another feature request Feb 10 01:12 1
bitmessage feature request Feb 10 01:10 1
feature request Feb 10 01:04 1
Questions for the Bitmessage Community Feb 9 21:30 7
Did everyone else's BM starting freezing up Feb 9 03:21 4
A light weight version of the denial of service message Feb 8 13:22 3
RE: Hello. Feb 8 11:48 1
WWtest Feb 8 10:44 1
test1 Feb 8 10:37 1
WARNING! denial of service message Feb 8 10:19 3
extended encoding Feb 8 01:24 7
bountyfy -- 7 € payout Feb 5 20:59 2
clean up pyBM github landing page, please Feb 4 23:00 2
Running BM daemon as a service Feb 4 13:47 6
hidden service - long names Feb 4 12:37 7
RAM consumption - RAM not released Feb 3 21:05 4
Bug? First connection quickly breaks Feb 3 11:41 6
Request: debug.log initialization / termination Feb 2 18:30 2
kqueue poller in asyncore bounty -- no payout Feb 2 14:23 5
Bitmessage bug in Help > About Feb 2 13:59 7
Message size is metadata Feb 2 13:25 6
New warning "sni-qt/5864" WARN Feb 2 12:12 2
ordering Feb 1 10:38 12
RAM consumption Feb 1 10:14 5
discrepancy in transmit/receive byte counts Feb 1 07:53 6
BM CPU time Feb 1 02:39 5
kqueue poller in asyncore bounty Feb 1 00:13 15
new theme for beamstat Jan 31 11:35 2
Support request -- dontconnect in pyBM 062 not being honoured Jan 31 10:16 1
python IDE Jan 31 10:15 2
My BM is connected to one peer twice Jan 30 06:36 7
Support request/Bug report: keys.dat gets corrupted when running out of disk space Jan 29 15:44 2
Feature request/idea/suggestion: user-defined data directory (command-line argument) Jan 29 15:16 2
GUI dontsendack Jan 29 05:15 1
Another message problem Jan 29 03:49 3
Message deletion broken Jan 29 00:28 3
bitmessage on android device Jan 29 00:03 1