Geek Excursions: BitMessage

Along with my curiosity surrounding Bitcoin, there is a similar technology that has been released for public use called BitMessage. This system is a really neat way to securely communicate in a secure method that involves absolutely no trust whatsoever. It’s a completely decentralized email infrastructure and has captured a lot of my spare attention. BitMessage works a lot like how Bitcoin does, you can create email addresses on the fly, they are a long sequence of random characters that your system can display because you have both a public key and a private key. In a lot of ways BitMessage deals with the biggest problem surrounding PGP/GPG, which is key management. Nobody really wants to manage keys or use the system because it’s extra work. Plus even with PGP/GPG, your identity is written on your keys for everyone to see.

Getting started with BitMessage is a snap. First you need to download the BitMessage client, and you can get that at bitmessage.org. There’s a Windows and Mac client available, you can start it and be instantly attached to the BitMessage network, ready to create new “BitMessage Addresses” and throw them away just as easily. So, for example, you could reach me by sending me a BitMessage to this address: BM-2cWAk99gBxdAQAKYQGC5Gbskon21GdT29X. When you send a message using BitMessage, its to this address and from an address that your client makes, so the conversation occurs securely and since every node has a copy of the data it’s impossible to tell who is getting what information. I think an even more secure method would be to cross BitMessage with a PGP/GPG key. The only problem with a key like that is that classically PGP/GPG keys require that you include your email address as a subkey so that you can be identified by a human-readable email address when looking for your public key or when someone else is looking for it, to verify a signature for example. The PGP/GPG system doesn’t require an email address, you can of course create a public and private keypair using PGP/GPG and make the email address up from whole cloth, and instead just let people know the key ID that you want them to use. So technically if Alice wanted to secretly communicate with me, we could give each other our public keys to start and then use BitMessage as the messaging mule. I don’t see how any eavesdropper could make sense out of any of that data flow. It’s unclear what the contents are, the PGP/GPG encryption keeps the contents of the message secure, and BitMessage itself seriously obfuscates if not outright eliminates being able to tell where the messages are ultimately going to or coming from.

I have to admit that BitMessage is very user friendly and very handy to have. My only issue with it is that I don’t know anyone who uses it, but perhaps this blog post will change that. If you are interested in this bleeding-edge crypto/privacy software, I encourage you to chat me up on BitMessage for serious matters or for fun.

Geek Excursion: Cryptocurrencies

I’ve been thinking on and off about Bitcoin ever since it was written years ago. Right around the end of last month, in December I thought I would look into it again. Turns out the environment has grown considerably since the last time I looked at it, by leaps and bounds! I figured now would be a great time to dip my big toe into the stream, so I found an online exchange and pursued Bitcoin with them. This exchange was ExpressCoin and the purchase deal was mailing them a US Postal Money order, they’d cash it and then send me the Bitcoin equivalent. Since this was a conversion from Fiat money (in this case United States Dollars) to Bitcoin, the exchange rate was around $330 per Bitcoin. The $10 investment gave me 0.03120712 Bitcoin.

Right after that I started lurking on the Bitcoin subreddit on Reddit and discovered two other currencies, Litecoin and Dogecoin. Then just after that I discovered the Cryptocurrency Faucet websites, places where they hand out free money for proving that you’re human with a captcha, and the off chance that exposing you to advertising will pay for the money flowing out of the faucet.

I still think a great part of all these cryptocurrencies is still quite firmly fixed in the hobbyist framework, the enthusiasts are on the “bright” side of the currency and the speculators are on the “dark” side of the currency. All of these currencies that I’ve engaged with display pretty wild volatility in comparison with any linked Fiat. My buy-in rate was around $330 per Bitcoin, and now weeks later, that’s at $218.87 per Bitcoin. There seems to be two camps developing, the first camp is quite keen on ignoring the Fiat exchange rate and trying to ignite their currencies inside themselves. One of the most positive and tightly knit communities surrounds the Dogecoin. Seeing how the Dogecoin enthusiasts communicate and cope with their currencies volatility is a lesson in lighthearted, altruistic generosity. People who hold Doge appear to be very ready to donate it to other people as encouragement, sympathy, or even on a lark. As you go from Doge to Litecoin to Bitcoin you see a lot less of the pleasantries and a lot more of the cold hard business of currency work and trading.

I think one of the most fascinating parts of these new currencies is how everything is starting from the very beginning – including questions of trust and honor. Because all of these coins are decentralized and unregulated there is no capacity for a “chargeback” mechanism, and when this runs up against mechanisms in other currencies, like the Fiat, where there are “chargeback” mechanisms in place, you run the risk of being seriously defrauded. I completely understand the fear and the very careful progress that these cryptocurrency traders make, but it does speak volumes about just how awful and corrupt some people are. We don’t assume people are trustworthy and honorable, so we need many complicated structures in place to cope with the unknowns. This gap in honor is, I feel, a huge part of what these currencies should work on next. How do you measure honor? How do you establish trustworthiness? I got to thinking about it, and every time I think I have a solution I run into an edge case that blows my concept out of the waters. The only thing that I think might work is arranging honor and trustworthiness in a way similar to the “Web of Trust” that PGP and GPG cryptographic systems rely on to establish trust. PGP/GPG never really took off for mass adoption and that’s always been a very sad thing for me, but I really like the “Web of Trust” idea that they pioneered. That people can trust others when there is reputation on the line, backed by money perhaps, there would need to be some sort of contingency addressing on the line as well. So if Bob wants to establish his trustworthiness and his honor he puts his money on the line for it. But the problem with this is that someone who is not honorable could just come along and lie about Bob and take his money, sending you right back to the start again. It’s fascinating, that Bitcoin decentralized money, but we need to figure out how to decentralize trust as well.

The US Government has done its due diligence in preventing egregious misuse of the Bitcoin currency to be used for illegal purposes by attempting to regulate how centralized exchanges transfer Fiat into the cryptocurrencies. It seems that Bitcoin and all the others are very elegantly designed in so far that despite all these regulations there is a community of individuals willing to operate as nano-exchanges that help bring everything back to its decentralized and unregulated roots. Half of the fun of playing with cryptocurrencies is being at ground zero for all these fascinating developments and arguments and seeing how something so new develops and unfolds.

So far I’ve got some small parts of a Bitcoin, some small parts of a Litecoin, and gobs of Dogecoin. For myself, I am very interested in figuring out ways to secure the relationships between traders, working on terms of honor, trust, and faith. If anyone has ideas that they would like to share, please leave them in the comments below. I would really love a nice conversation about securing honor, trust, and faith between traders.