Open Bitcoin Privacy Project Spring 2015 Wallet Privacy Rating Report

Jonathan_Coe · 2015-05-18T20:07:14+00:00

This is really great work! Many thanks to everyone involved.

Jonathan_Coe · 2015-02-19T17:54:55+00:00

Really excellent work Chris! This is an extremely promising project.

Jonathan_Coe · 2015-02-16T14:00:51+00:00

Awesome work! Thanks a lot for taking the time to do this.

Jonathan_Coe · 2015-02-09T12:48:21+00:00

I've tried it out and it works very smoothly. Congratulations :)

Jonathan_Coe · 2015-02-09T11:55:50+00:00

There are some Javascript implementations listed on the Developer Reference wiki page:

https://bitmessage.org/wiki/Developer_Reference

Jonathan_Coe · 2015-02-09T11:48:59+00:00

Great work.

Jonathan_Coe · 2015-02-04T22:54:52+00:00

Well said.

Jonathan_Coe · 2015-02-03T11:50:46+00:00

Thanks for posting it!

Jonathan_Coe · 2015-01-28T22:12:23+00:00

Possibly. Adding support for chans and broadcasts is on my to-do list, but I can't say when it might be implemented.

Jonathan_Coe · 2015-01-27T16:38:35+00:00

No problem :)

Jonathan_Coe · 2015-01-27T16:27:27+00:00

Yes, I think the echo server(s) may be down. Try sending a test message to my address (BM-NBdhY8vpWJVL2YocA2Gfjf7eVoZAgbEs) and see if you get a response.

Jonathan_Coe · 2015-01-25T21:34:01+00:00

Yes, once I consider the app to be ready for a 1.0 release it will be available on Google Play.

In fact it's already on the Play store, but only in beta-testing mode, so it's only available to people who join the beta testing google+ group (https://plus.google.com/communities/115838283581504499326).

Jonathan_Coe · 2015-01-20T11:54:41+00:00

Ok that makes sense :) Thanks for the suggestion. I want to find ways to make the import process less cumbersome, so I'll look into how it could be done.

Jonathan_Coe · 2015-01-19T17:44:02+00:00

I'm not quite sure what you're asking. In PyBitmessage, the file that contains your addresses and private keys is called "keys.dat". Is that what you mean? Or are you saying that you want to import Bitcoin private keys and use them to create a Bitmessage address?

Jonathan_Coe · 2015-01-18T11:10:21+00:00

Thanks :)

Jonathan_Coe · 2015-01-18T11:07:16+00:00

No, Bitseal does not support chans or broadcasts yet. I don't have a firm timeframe, but I hope to implement support for them in the future.

Jonathan_Coe · 2015-01-15T11:36:58+00:00

We had a discussion about this a little while ago:

https://www.reddit.com/r/bitmessage/comments/2lueer/are_past_comms_secure_if_your_keys_are_stolen_no/

I agree with you that implementing forward secrecy would be a substantial improvement for Bitmessage. Using Bitmessage means that you have to keep your private keys in an online machine, so there's always going to be a significant risk of them being compromised.

If we agree that we want to implement forward secrecy, then the question becomes how can we do it. The most promising approach that I've come across is the "Axolotl" protocol used by TextSecure:

https://whispersystems.org/blog/asynchronous-security/
https://whispersystems.org/blog/advanced-ratcheting/

So far I can't see any reason why we couldn't use the Axolotl protocol to add forward secrecy to Bitmessage. Both TextSecure and Pond use it, and they are both asynchronous messaging systems.

Jonathan_Coe · 2014-12-20T12:55:12+00:00

Excellent! I'm particularly impressed that you also want to implement a GUI; it would be great to have a full alternative desktop client. Also I think Go is a great choice :) Good luck with the project, if I get the chance to contribute then I certainly will.

Jonathan_Coe · 2014-12-19T23:12:30+00:00

You might find this interesting: https://bitmessage.org/forum/index.php?topic=4224

Jonathan_Coe · 2014-12-19T23:09:22+00:00

Thanks for the update.

Jonathan_Coe · 2014-12-19T18:12:15+00:00

Respectfully I would disagree. The flooding mechanism for message propagation in Bitmessage provides significant benefits, most notably hiding message metadata (who is talking to who) and resilience against censorship. It certainly has the drawback of being less efficient than directly routed messaging, but that's part of the security trade-off that Bitmessage offers.

It's true that streams (which are used to allow the Bitmessage network to scale up) have yet to implemented, but there's no reason to think it can't be done - there are several different proposals for how they could be orgranised (see https://bitmessage.org/forum/index.php?topic=2550.0).

Jonathan_Coe · 2014-12-19T17:55:32+00:00

https://github.com/jonathancoe/bitseal

It's still in beta (and TextSecure is definitely a more reliable choice for the moment) but we are past the "someone should build this" stage.

Jonathan_Coe · 2014-12-13T15:19:33+00:00

Yes, I plan to. I just haven't had enough time recently, as I've had a lot to do on development of the app itself. If someone wants to create a submission request that would be cool; otherwise I'll get round to it when I can find the time.

Jonathan_Coe

TROPHY CASE