Main Area and Open Discussion > Living Room
Bitmessage - a protocol for secure decentralized e-mail
Stoic Joker:
Found the following thread at their forums:
My Security Analysis of Bitmessage
Quite technical. IIUC there are some references to other similar independent efforts as well.
-ewemoa (June 16, 2013, 11:32 PM)
--- End quote ---
Ouch, that does not look good. My impression of what the analyst is carefully not saying is not good. Especially if one assumes who is the most likely choice for a local external "attacker", hm...
@ 40hz - What is second choice?
40hz:
Ouch, that does not look good. My impression of what the analyst is carefully not saying is not good. Especially if one assumes who is the most likely choice for a local external "attacker", hm...
-Stoic Joker (June 17, 2013, 06:54 AM)
--- End quote ---
Yup. Problematic. At least in its current implementation - which is why it's so important to have people who really understand signal and data security take a very hard look at these things.
Although it is very nice that people are working on creating secure and anonymous messaging systems, I am afraid that BitMessage is weak to a variety of attacks. I fear that the people working on it do not have sufficient expertise, in the fields of security and anonymity, to design and implement a proper cryptographic communications system + anonymity network. After reading the two design .pdf documents, I have identified a variety of weaknesses and overall poor design choices in the BitMessage protocol.
--- End quote ---
And therein lies the problem with so much of this - and also shows the value of building such protocols in an open fashion - many eyes (often with greater expertise) can chime in with corrections and suggestions. Something which is absolutely critical here. Because the only thing more dangerous than lacking security is the false belief you have some.
At any rate, the discussion on their forum is most instructive. I've learned more than a few of things I didn't know after reading through it slowly - then giving it some serious thought a few hours later while gazing at the stars with a nice glass of ale by my side.
Be interesting to see if this is an issue of detail and implementation - or - if the fundamental design itself is flawed and needs to be scrapped. But at the very least, people are thinking, talking and working on this idea. And that can only lead to good things down the road.
@ 40hz - What is second choice?
-Stoic Joker (June 17, 2013, 06:54 AM)
--- End quote ---
Nothing else like it so far. At east from what I've seen. Right now encryption+proxy is the only other viable alternative AFAICT.
Onward! :Thmbsup:
wraith808:
(had to look up browncoats...ah, firefly, why is joss wheden so prolific?!)
-superboyac (June 16, 2013, 07:31 PM)
--- End quote ---
More like... why is he not more prolific?
Sorry that this didn't pan out. Seems a good idea with a bad implementation.
40hz:
(had to look up browncoats...ah, firefly, why is joss wheden so prolific?!)
-superboyac (June 16, 2013, 07:31 PM)
--- End quote ---
More like... why is he not more prolific?-wraith808 (June 17, 2013, 09:46 AM)
--- End quote ---
He is. He just can't get anybody behind him. ;D
Joke:
Q: What's are two the best ways to guarantee a good TV show will be canceled early?
A: 1) Have Joss Wheden write it. 2) Give Summer Glau a role in it.
It's a fiendish plot. They'll never convince me otherwise. :-\
Sorry that this didn't pan out. Seems a good idea with a bad implementation.
--- End quote ---
So it goes. Onward!... :) :Thmbsup:
wraith808:
And the funny thing is looking back at Buffy (7 seasons) and Angel (5 seasons) is that their beginnings weren't as good as the endings. There were glimmers, for sure, but it just wasn't there. Given that, how good would Firefly have been after a few seasons? It was just starting to get into the main plot...
...A special hell indeed.
Navigation
[0] Message Index
[*] Previous page
Go to full version