Hello from Russia!
This Friday, SurvivalBlog mentioned “Digital Security- Part 2, by Dakota”. As a computer specialist and a paranoiac, I must warn you about two things.
- Bitmessage is absolutely secure. (I mean that nobody can read an encrypted message or find the sender or recipient or fact of communication between them.) But the price of this fact is too high and is a security hole by itself:
Bitmessage client sends your message to every other client. What does it mean? In reality, every client would receive all the traffic the system creates. If, say, every one of 100 users sends one 10-kbyte message per day, then everyone would receive 1 MByte. Just 100,000 users would generate 1 GByte each. Also, as I can understand from their FAQ, the system finds connecting nodes automatically, so the adversary knows all the nodes.
So while the network is small enough the adversary could assume that every node is under suspicion and has enough resources to check all of them, but a big enough network would fall under its own weight.
I see two possible resolutions of this problem; one is use of some variants of Kademlia to route the mail to the nodes that are nearer in Kademlia meaning, and the second one is just I2P.
- MailPile security is not better than, say, Thunderbird configured to delete messages from the server since the official server may be (and often is) officially required to retain your letters for some period.
I see only one possible resolution of this problem if a standard e-mail protocol is used: install your own encrypted Sendmail on your own computer and ask your friends to do the same. But it still does not save you from metadata collection. (They know who writes to you.)
Best wishes. A.