Comment by trueno
3 hours ago
that is a super good callout.
this is prob the 100th time ive read about bitchat here, and the comments are largely the same (use briarchat, none of these really work that well, i dont like jack dorsey, etc) every time.
but this is interesting. and i agree strongly with this: "While this adds overheads, it's table stakes for real-life usage."
i suppose events like iran are really making me wonder if this stuff is possible it feels like anyone who's under the chokehold of regimes has completely run out of options, but even in America I'm getting the sweats wondering if there's going to be a time where such techs are needed. from what i gather none of these decentralized p2p messengers work well at all, but I also haven't truly tried. I can think of some moments that would've been viable test grounds though. Was at Outsidelands festival in San Fran and cell service was pretty much DOA due to the volume of people trying to hit the same tower(s). Even airtags which everyone in the group had on their beltloop weren't working.
It's funny how 3 or 4 similar BLE systems each are slightly different, and yet no one wants to just merge all the features for an obviously superior product. Everyone seems fine squabbling about which incomplete app/system is better.
Just take what's there and include the obvious next steps:
- Meshtastic and Meshcore ability to use relay nodes for long range BLE networks (Briar doesn't allow)
- Store and hold encrypted messages, as noted above.
- Ability to route through the internet, prioritize routing methods, disable internet routing, etc.
- Ability to self-host server for online relays (similar to Matrix)
Lack of retention can actually be a feature in these types of situations. It should be opt-in. The government would actually need to infiltrate the network in order to read the conversations, instead of just retrieving the messages from the cache on a confiscated phone
I'd consider end-to-end encryption to also be table-stakes, at least opportunistically after the first message in each direction. With encryption cached messages are far less harmful (though still leaking very useful metadata), without encryption it seems almost trivial to spy on any communications
E2E encryption probably isn’t enough to protect activists trying to organize. Without doing onion routing where you pre-compute some nodes it in the network that it MUST transit prior to delivery and having them decrypt it until it arrives to the recipient (like Tor) you still leak who’s talking to who.
> instead of just retrieving the messages from the cache on a confiscated phone
why wouldn't encryption be a part of recipe here rendering government acquisition of such a cache moot?
If the user can get immediate access to older messages then normally those messages will be available on a confiscated phone. That's why things like Signal have you set a retention period. A retention period of zero (message is gone when it scrolls off the screen) is safest.
If you want to protect older messages you can have the user enter a passphrase when they are in a physically safe situation. But that is only really practical for media like email. Good for organizing the protest but perhaps not so great at the protest.
From white paper:
>At its core, BitChat leverages the Noise Protocol Framework (specifically, the XX pattern) to establish mutually authenticated, end-to-end encrypted sessions between peers.
> The government would actually need to infiltrate the network in order to read the conversations
If I understand correctly, this would still be true if the recipient is connected.