[tor-talk] OT: Bitmessage
Jeremy Rand
biolizard89 at gmail.com
Sat Jan 30 10:47:31 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 01/30/2016 04:30 AM, Anthony Papillion wrote:
> Thanks Tom but I want even aware that Bitmail existed lol. I think
> these are problems I've seen talked about around Bitmessage. For
> example, someone can observe you connect to peers and know you're
> transmitting data through them. But maybe not to whom or what your
> saying. Am I wrong? If I am, this is going to make my day. I
> love Bitmessage but this has always bugged me. Also, what about a
> security audit?
>
> Anthony
AFAIK you are correct; your peers and anyone watching you talk to them
can easily see when you send a message in Bitmessage. In theory this
is obscured by relaying messages from other people, but I suspect that
in practice it would be trivial to Sybil the network and see which
node sent you a message first. (This attack is regularly performed on
Bitcoin, whose network structure is somewhat similar to, though shares
no code with, Bitmessage.)
Also, since Tom spammed a link to BitMail, it's worth noting that
BitMail appears to be developed by the same people who made GoldBug.
For those of you keeping score at home, GoldBug falsely claimed to be
a project of EFF and CCC. It would be wise to assume that BitMail is
malware or backdoored unless proven otherwise. As with all other
software hosted by SourceForge these days.
- -Jeremy Rand
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWrJSbAAoJEAHN/EbZ1y06AhAQALDx8+Hgcsn+xzYR1xzwADo7
aCZTjowri0skbZ0gfEXZu2IikTQAMRSeGMykCeCpy8bv2wESFZEI7lCbBB16Iktk
jYVMaG6XComcL2sTwiecz++1wCYnp5hA5KDjQxZ70T9K2+ro0duXidFW674lKaB0
qW2y13p1amWi3yKNosUait1+IhI2z6VUMAxL3O1jBICxQVBIMVuvgzRxZ9SpzWSR
vDD7Yg3mrTjcyVHB0p/Qt1IQNCDqO0MN/5GRQONOf4wOJe4GFFaGq67ycPde352/
/Bfye8keSQR1SjImrF0ncKNC3pSjJEA4YZb8TLVWdYSxzreA5D62GtKFWfRl8N7o
diSkt3jW+Pnj/YncjZcI807CrRgesXGcvck1czJ+f0YpQ4ieRr5OMYPPamPeiekI
BXSN3wyH3Z+tTlYfmEn3lvfzS2QkS+/klDtdFOVBmhX2Fkqb4Wrs33VNC4n1kuOt
R5elW2U1xsomFFJWAvORbozvJ5ntrKdBW17mUSQ4r2/KaVrs/meeq+S2c2lp5bUl
8+YLaHWDHYgiWdR4l09UNA+j4PN3ip22RTC2S+1fwvkURzo3ftn+VYd4YXr+71oj
ZW2Fojtn+p6N+b5kAcv4u8aiKIk3xCDseaHO6EczSRCs9ismcAlbPY2WscL7URHL
TiDKZdWwZ6xxDEx6x50c
=sHWr
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list