So how long will it be before someone comes up with a distributed decentralized solution for encrypted "e-mail", much like a kind of BitTorrent+DHT+Tor for communications?
With some kind of intermediate "routing" where a few clients keep a message "online" until the intended recipient finally downloads it, or some kind of timeout expires?
But also supporting G-Chat-like functionality whenever both computers are online at the same time?
I mean, forget about interoperability with SMTP or existing e-mail addresses... just make it crypto-only, with client software just like BitTorrent programs like uTorrent, Transmission, Vuze, etc.
There are a few people who have made decent DHT implementations similar to even what Kademilla's protocols are open sourced on github( https://github.com/isaaczafuta/pydht ). The real deal is people are ok with using just p2p clients with some chat features. It's much easier to be secure on p2p.
Tor is the opposite of privacy as far as i'm concerned as well. Tor mail was being targeted a lot recently.
I'm looking more forward to the newer skype called Tox: http://tox.im/, though it still doesn't sound like a perfect solution yet.
By your logic people shouldn't be using Linux, Windows or any other software because people have found exploitable bugs in them.
There has never been a backdoor in Pidgin. Instead Pidgin has a very healthy security community and they release several CVE's each year.
I would use Pidgin over Tox without a blink since Pidgin has been around the block longer (almost 10 years now) while Tox hasn't released a single Security advisory yet. So I'm sure there's a lot of "low hanging fruit" exploits waiting to be found in Tox.
Well, I think what you proposed is better than Bitmessage. But to end user Bitmessage provides same benefits (+ a few backdraws). I have been thinking exactly what you have proposed. But based purely on DHT, with intermediate hops and message polling when retrieving data, without direct connections between clients. If you have read freenet's freemail implementation paper, that describes parts of the process. Because freenet is distributed encrypted key/value storage solution.
Basic feature of DHT is that data automatically expires after a while if not refreshed to group of nodes. This would allow more efficient routing that what Bitmessage does. That's one of the primary reasons why I don't like it. I also suspect that a key streams in bitmessage could become overloaded, because there's no way to loadbalance key streams.
> With some kind of intermediate "routing" where a few clients keep a message "online" until the intended recipient finally downloads it, or some kind of timeout expires?
That's an issue I've looked at while developing BitWeav [1]. Basically you can either make it a requirement that nodes store content or get them to do it voluntarily.
In the former circumstance, Bitcoin basically makes it a requirement that blocks are stored in the blockchain for the functioning of the payment system (correct me if I'm wrong, but that's the gist of it).
So the other more feasible alternative is incentives. The main approach I took with BitWeav is severing the connection to the node if they don't store certain messages for the benefit of the network. To explain briefly, BitWeav is a scalable decentralised and P2P microblogging system, and when nodes send a message in reply to another message, they MUST store and serve it if required, for the purposes of improving the quality of service. If they don't, they will be 'booted' from the network, a fair exchange. It is also worth noting that there are always people who donate resources to the network selflessly.
To finish off with a quote that comes from the early days of the Bitcoin mailing list: "Yes, [we will not find a solution to political problems in cryptography,] but we can win a major battle in the arms race and gain a new territory of freedom for several years." — Satoshi Nakamoto. Cryptography is not the end-all solution to all our problems, but it is good for escalating the situation until people enact change. We should solve the problem at its root.
Darknet is silly and confusing name for technology. Even if it sounds so cool. I think that Friend to Friend (F2F) network is much more descriptive name for technology, if you don't want to sound so elitistic.
With some kind of intermediate "routing" where a few clients keep a message "online" until the intended recipient finally downloads it, or some kind of timeout expires?
But also supporting G-Chat-like functionality whenever both computers are online at the same time?
I mean, forget about interoperability with SMTP or existing e-mail addresses... just make it crypto-only, with client software just like BitTorrent programs like uTorrent, Transmission, Vuze, etc.