
Bitmessage - a P2P communications protocol to send encrypted messages - shocks
https://bitmessage.org/wiki/Main_Page
======
sneak
Why does nobody use URIs? At least bittorrent magnet links got this right.

We have standards for a reason, guys.

Furthermore, any system in which all nodes receive all messages will not
scale. Additionally, without proof-of-work, it is trivial to disable the
network through flooding.

~~~
xyzzy123
> Why does nobody use URIs? At least bittorrent magnet links got this right.

Because a public key on its own isn't that useful as the address of a
resource?

> Additionally, without proof-of-work

"In order to send a message through the network, a proof‐of‐work must be
completed in the form of a partial hash collision." - paper, section 3.

> any system in which all nodes receive all messages will not scale

They discuss this in section 4 of the paper.

~~~
stormbrew
> Because a public key on its own isn't that useful as the address of a
> resource?

Why not? If I can send a message to someone with their public key, it is a
resource address. At least, I assume he's talking about these "BM-
BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s" (that's the author's) strings people are
sharing. It could easily be bm:BcJFNZDyzQKXCVJZtBJGqoon2f7GKo6s and that would
be a valid URI if the scheme were registered.

~~~
zanny
I'm always mad at URI's because file: required redundant slashes (ex:
file:///bin) until RFC3986 (which allowed file:/bin) but most apps that use
URIs (such as browsers, or Dolphin) still throw in the redundant host slashes.

~~~
gesman
Let redundant slashes be our last problem on the internet. Amen!

------
stormbrew
And we're back to Waste again. ;)

(<http://en.wikipedia.org/wiki/WASTE> for those who don't know)

~~~
kaoD
Not at all. This is more like Bitcoin. Instead of separate subnets, you have a
huge network where all clients receive all messages.

WASTE looks cool though. I've been concerned with communications lately, any
other secure messaging alternatives?

PS: BM-oqqCRUMao1hb5E1vyxJXkRLxdshzLDz1P

~~~
dok
There is a table here: <https://bitmessage.org/wiki/Faq>

------
famulus
I feel like bitcoin is the leading edge of a wave of peer to peer encrypted
technologies. Namecoin is also interesting.

<http://www.reddit.com/r/bitmessage>

<http://www.reddit.com/r/namecoin>

------
unimpressive
>Bitmessage is in need of an independent audit to verify its security.

Just saying.

~~~
drivebyacct2
What, exactly, are you saying? It's certainly much better than people who
blindly proclaim to be secure and don't even make an effort to be transparent
or truly secure in their actions.

~~~
chickopozo
He's saying it should not be considered secure until proven.

------
kaoD
Someone has set up an image board:

    
    
      BM-BbbuVnYuaSY6yjyhfQm5KVrJLqjiyetB
    

Subscribe to (and share) base64-encoded[1] images. Just send the base64
encoded image to the above Bitmessage address and it will be auto-relayed to
subscribers. _Don't forget putting the file name and extensions as the
subject!_

BEWARE! Medium/big images (>1Mb) may take hours to be work-proven before being
sent.

[1] Convenient online encoding/decoding (even from/to binaries)
<http://www.motobit.com/util/base64-decoder-encoder.asp>

~~~
BHSPitMonkey
Also, here is a little JSFiddle that can transform the encoded text into a
viewable image using JavaScript in the browser. It could be easily extended to
handle HTML5 audio and video formats, as well as automatic type detection.
Additionally, It seems that (at least with Chrome) the browser doesn't care
which filetype you specify; An <img> tag will render JPEG data prefixed with
"image/png".

<http://jsfiddle.net/RKNUM/>

------
juskrey
The biggest downside: If the sender transmits message to network and goes
offline for forever, and recepient goes online to pick up message only two
days or more after that, he will never receive a message.

------
betterunix
I seem to be missing the details on the cryptographic constructions here. Can
anyone point to the specification i.e. what ciphers, signature systems, etc.
are being used, and _how_ they are being used?

Also, they seem to be saying that they are secure against passive
eavesdroppers. We absolutely _must_ be thinking in terms of active attackers
in this day and age.

~~~
kaoD
Check the technical paper:
<https://bitmessage.org/Bitmessage%20Technical%20Paper.pdf>

------
dok
If you want to test your address. There is an echo server with the address:
BM-orkCbppXWSqPpAxnz6jnfTZ2djb5pJKDb

------
chickopozo
Great another unproven tool tech "journalists" will be dangerously touting as
secure.

See: cryptocat.

------
lucb1e
I had the exact same idea two days ago but didn't think it was a good idea.
For money (Bitcoin) I see no other way than to inform everyone of all
transactions, but messages can be of any length. I wouldn't want to download
or store the chatlog of everyone on the planet on my pc, simply because it's
the only way to ensure delivery once a client connects.

The only difference with the idea that I had was that a client might delete
messages once it receives an authenticated delete command from the recipient
(or perhaps the sender). This may still allow for people to use the system as
global backup though.

~~~
cjg
The proof of work is proportional to the length of the message, so it is
computationally difficult to send such long messages.

~~~
JoachimSchipper
It's definitely not.

~~~
cjg
Would you care to explain why?

------
RK
I was just recently wondering if you could use the bitcoin-style blockchain
concept to implement encrypted "email". It looks like this does exactly
that...

Their white paper seems to address some issues such as proof-of-work, spam,
and scalability (you'd likely have a _much_ larger blockchain than with
bitcoin).

I remember a proposal from a while ago by someone else that was essentially a
PGP-encrypted RSS scheme. You encrypted each message for the intended
recipient and recipients would subscribe (or choose not to) to a sender's
feed.

Bitmessage seems to have the advantage of being peer-to-peer, so RSS broadcast
is not an issue.

------
joelthelion
Can this be used to implement a decentralized version of twitter? I've been
wanting to do this for ages, but it's a difficult technical problem that
requires a large investment. This might just be it!

------
amitdugar
This looks interesting. Thank you for making this open source.

BM-opoQdjrXhZtCaZApEDDxmFtnMpXkLDqTs :)

------
yial
BM-BcTbch6A31m9zmA852xoTznmuPac9dS7

;)

------
shocks
BM-oqP41c8hK1YpawSWjJc6wAn7JN4WH2q5i

:)

~~~
shocks
Could someone that is down voting care to explain why?

