[tor-talk] Mailpile SMTorP [ref: nexgen P2P email]

Mike Ingle mike at confidantmail.org
Fri May 29 03:21:08 UTC 2015 

On 5/28/2015 7:34 PM, Jonathan Wilkes wrote:
> On 05/26/2015 09:13 PM, Mike Ingle wrote:
>> I tried out Bitmessage and it did not seem to deliver without the 
>> sender and recipient online. It's supposed to, it just didn't. 
>> Waiting for key exchange.
>
> Any response from the devs/forum when you reported the bug?
I would have had to do a lot more troubleshooting before I went and 
complained about a bug. I was just testing it out between a couple of 
VMs to understand how it works and feels, because I am working with 
secure mail protocols and want to understand the existing ones. It 
worked fine with both of them up simultaneously.
>
>> It's also a bandwidth pig due to its broadcast nature.
>
> For those unfamiliar with Bitmessage, it is designed so that everyone 
> receives everything.
> Within a two-day buffer, at least according to the white paper.
>
> Why does it broadcast in this manner?  Imagine that you wish to read 
> blog entries
> of your 10 favorite bloggers, but you're afraid because 2 of the 
> bloggers may be
> considered dangerous by your favorite state-sponsored spy agency.
>
> Let's suppose you can choose one of the following methods to read 
> these blogs:
> a) read the blogs as web pages, accessing them through Tor
> b) read the blogs by subscribing to Bitmessage mailing lists
>
> If you choose Tor and the spy agency has a _full_ view of the network 
> traffic, then they
> can violate your reading privacy.  They could-- for example-- record 
> you as a reader
> of the 2 "dangerous" blogs, distinct from users who, say, only read 
> the 8 "harmless"
> blogs.
This is pretty similar to receiving a Usenet feed in the old days, and 
downloading all the messages so as to receive a few encrypted ones. That 
makes for the best recipient privacy, at the cost of bandwidth. From 
what I can tell, Bitmessage basically automates that process. If it 
moved beyond the Darknet Markets crowd, success would kill it or at 
least require compromising the broadcast-everything rule.

The project I'm working on is intended for large file distribution, and 
to look-and-feel like email without the limits. It uses TLS, GPG, and 
optionally Tor to provide strong privacy and pretty good anonymity. I 
just think we need to get away from SMTP for secure communication. 
Bitmessage is one extreme (broadcast everything), CM is on the other 
(server based with no size limits) and SMTP has none of the advantages 
of either. It is server based, has size limits, and exposes metadata.
>
> If you choose to read from Bitmessage mailing list posts and the spy 
> agency has
> a _full_ view of the network traffic, they cannot violate your reading 
> privacy wrt the
> 2 "dangerous" blogs. They can link you to "suspicious activity" due to 
> using
> Bitmessage.  But through traffic analysis alone they cannot separate 
> your reading habits
> from people who use Bitmessage to only read the 8 "harmless" blogs. To 
> them it
> just looks like everyone is downloading the same data.  And because 
> reading a Bitmessage
> mailing list doesn't require _any_ special request back to the 
> network, there's no way to tell
> from traffic analysis which lists someone happens to be reading.
>
> Bitmessage certainly has its share of issues, but I'm unaware of any 
> other extant piece of
> software that has a feature like that.
>
> -Jonathan
>
>>>
>>> What about Bitmessage?
>>>
>>> -Jonathan
>>>
>>>
>>
>

More information about the tor-talk mailing list