The key distribution is the actual problem that bitmask try to address (https://leap.se/en/docs/tech/hard-problems), it tries to make transparent the key discovery but keeping it as secure as possible. But this is still a work in progress.
Bitmask actually uses OpenVPN, just makes easy to use it securely. One summer of code has implemented support for obfsproxy (https://www.torproject.org/projects/obfsproxy.html.en), that hopefully will solve the problem in places like China.
Bitmask doesn't want to provide a proper VPN service, for the moment there is a demo service to try it. But the idea is to provide all the software easy to set up for providers, and the providers will charge you for it to sustain themselves. The nice thing of this model is that the provider only provides the service but your client comes from an independent organization, your provider can not put back doors on it.
The trust is a hard problem, we are moving the trust from the ISP to your provider (https://leap.se/en/doc/platform). Your ISP is something that you can not choose much, but on the provider you can choose or set up your own (https://leap.se/en/doc/platform).
"Only the person you send the message to can read it. Period."
To use this kind of sentences on new software not reviewed by the comunity is dangerous. There is people that risk their lifes using this kind of app.
The thing that puzzles me is that sentence:
"You can delete your message from the receivers phone."
I don't see in the 'how it works' any information about it. Do they do that in a cryptographic way somehow that I can not imagine? Or is basically that the application removes the content if the server request it, something we could avoid just with a backup or modifying the code of the app.
You can never, ever be assured that a message has been deleted. There's always packet sniffing, a modified client, even just taking a screen dump. It requires trust in the participant.
Recently I read a whitepaper where a security tester was talking to a malware author on Skype. The author mentioned an IP address and deleted it moments afterwards. The researcher dumped their ram into a file and searched for the string (successfully).
Indeed. More like, the person that has recorded your encrypted message probably won't be able to read it until they're able to get a hold of the session key, perhaps by gaining physical access to yours or the receivers phone, or by installing malware on either phone, or because of a flaw in the (p)rng that was used to generate the key.
It is open source, so at least it is trivial to create a clone that interops flawlessly, while copying off plaintext to a third party (That's not a flaw with the project as such, but it is a risk with using "security" software in general -- how do you verify the security software? In some ways this is made worse by app stores -- because they delegate trust away from the user and into obscurity; the appstore assures you that the app you installed is the app someone uploaded -- not that it does what you think it does).
> "Only the person you send the message to can read it. Period."
> To use this kind of sentences on new software not reviewed by the comunity is dangerous. There is people that risk their lifes using this kind of app.
It is also false, since it seems that their threat model also includes the server being able to transparently MITM you and read all your messages. A pretty egregious overstatement, I think.
Yeah, I guess verifying the full length of the fingerprint would mitigate that, and not doing that exposes you to a MITM attack anyway. Not much less secure than exchanging the keys directly, then, you are right.
sounds like the same problem as DRM. Once content is made available to the user, there's always a chance to intercept and copy it (unless we can install a DRM chip inside people's brain and even then I imagine there would be some hacks).
Basically I'd like to eventually have a stand-alone app. No point in making a web app if people can just like on another tab. So I've picked what I'm most comfortable with in stand-alone apps: Microsoft stack with F#. I'm using Webkit as a browser and doing some persistence in a MS Access database for now, although that will probably change.
I think I'm pretty far along for just a solo effort. It pulls all the main articles from HackerNews, Digg, Reddit, and a couple more places. You can view the target article and vote them up or down, all without leaving the app. Of course, like any project, still a long ways to go.
