[Noisebridge-discuss] P2P messenger!

grey artkiver at gmail.com
Thu May 14 00:09:10 UTC 2015


Cool, though bittorrent's migration away from F/OSS implantations makes
claims of security impossible to audit. I know I am not the first person to
criticize that shift; indeed despite your organization's recent round of
layoffs, I knew people who left long before over such things. And quite
rightly.

There are already protocols with multiple client implementations which
offer end to end encryption with perfect forward secrecy and have source
available to audit such as SILC and OTR. Indeed, I even released and
encrypted VM last year showcasing how one can tunnel OTR over SILC, for
those who are too inexperienced to know how to do such things themselves.

Good luck! I hope you go back to having open source implementations in the
future. As it stands, last I looked, BitTorrent inc does not even use a
signed developer certificate from Apple and your uTorrent client cannot be
installed on OS X without making a Gatekeeper exception, which is very poor
form. I have increasingly fewer reasons to trust BitTorrent personally and
would advise others to be more mindful of the codebases they adopt that are
"free" yet unavailable for peer scrutiny.

On Wednesday, May 13, 2015, Adam Munich <adam at aperture.systems> wrote:

> Hi all,
>
> Bit torrent released a p2p messenger today! I know you're the type of
> crowd who likes security, so I figured it'd be worth sharing.
>
> http://labs.bittorrent.com/bleep/
>
> Cheers,
> -Adam
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20150514/422192c4/attachment.html>


More information about the Noisebridge-discuss mailing list