Day 5 – November 8, 2013
Cheaters never win. Although, I kind of feel like I did because there are some lessons you can only learn through making mistakes. I made a big mistake.
When I decided to bypass going through the resources on my first assignment, I totally fucked up. Instead of creating a secure, encrypted messaging account through BitMessage, I had actually just created a regular email account through a website. Had I been sending and/or receiving sensitive information, I could have seriously put myself or Mister B at risk.
I first had a hint that I wasn’t going to get away with my cheat when Mister B repeatedly kept asking how I was using Squirrel Mail. For the first few days I just replied with cheeky answers around being nutty on the “interwebs”. But, in each message, he kept asking. Finally, I told him I was using a website to send the messages. And that’s when he freaked out. Then I freaked out.
If I had done my homework, I would had known right away that using http://www.bitmessage.ch was a horrible move. I would have learned right away that BitMessage is actually a type of client software that you install onto your computer, not a third-party service. I would have learned right away why Mister B’s original email to me was from an address containing a “@bitmessage.ch” at the end.
But, I didn’t. So, almost a week later, here is the deal with BitMessage.
What is BitMessage?
Basically, its a anonymous messaging service based off the principles of Bitcoin.
How is it anonymous?
Regular email services like Gmail or Yahoo require you to sign up with personal details that are all stored on a central server somewhere — and all of those details are connected to your email address. It requires POP3 or STMP, etc.
BitMessage is a program that runs on your computer. There are no details required to get an account and nothing is stored on their server longer than 2.5 days.
How are the messages secret?
All of the messages sent through BitMessage are encrypted. Only the person you’ve elected to receive the message has the power to decode it. Think of it like its being sent out with one-half of those broken heart pendants. The message gets passed around to other possible recipients on the peer-to-peer network, trying to find the matching other half of the pendant, but only the intended receiver possesses the half-heart with perfectly fitting jagged edges. Therefore, only that recipient can open and decode your message. It’s true love.
What are some positives of BitMessage?
Well, besides the whole anonymous angle, one big plus is that there is no spam. None at all. You can also send out (called “broadcasting” newsletters or group emails to people across your network, blacklist and whiltelist addresses. Also, because it is a peer-to-peer network, your messages are not being stored or Big Brother’d at any point.
What are some negatives of BitMessage?
Well, one of the most obvious is that you can’t send a freaking message to anyone through it who doesn’t also have the software downloaded on their computer. That’s a real drag since it’s not a mainstream thing yet — hence why Mister B initially sent me a message through bitmessage.ch. Bitmessage.ch allows people to generate random email addresses that are similar to Bitmessage addresses and send quasi-anonymous/secure messages to people off the peer-to-peer network. However, because you are sending them over the interwebs (as I so eloquently put it earlier), they can be monitored and stored — kind of defeating the majority of the purpose. In this sense, I don’t think it’s much different than a nonsensical hotmail account.
Another annoying thing about BitMessage is how long it takes to send a message. The longer the message, the more encoding it must do before sending it. The delay can be a nail-biter for impatient people like myself.
It is also not efficient for organizing your inbox (it’s in its beginning stages, let’s cut it some slack) and there is no way to attach, well, attachments. Wamp.
Can you really be totally anonymous with BitMessage?
No. But it’s one of the best options we’ve got at the moment. Unfortunately, the messages can be traced through IP addresses and the traveled route, so it is possible to ID the sender if really necessary. Although, I’m unclear on who has the ability to pick someone out of the line up.
Why should I use this then?
You don’t have to. But if you want to, it’s there. If you sign up, shoot me a message. I’m at: BM-2cVD8nxi31bvA2d8KEGx2mUzRNdAw3R7kS