Read the Bitmessage white paper and you'll know why you should avoid Bitmessage: Every node will have a copy of every single message sent across the entire network. I believe the meme to use here is "Fail".
This is an erroneous assertion, sending every message to every client on the network was a valid design choice. By delivering every message to every client it is ensured that envelope information (to whom, from whom, etc.) isn't leaked. Even if you can see all of the BitMessage network traffic, you still can't deduce who sent and received a particular message.
They do have an acknowledgement mechanism that may make some level of envelope leaking possible but it's optional on the client side.
If you trust that the messages are properly encrypted, there's no reason to fear distributing those encrypted messages as widely as possible.
Message security is actually quite good with Bitmessage -- the issue is scaling the network and correspondingly, its vulnerability to traffic analysis.
Yes, it's not scalable. Even the Bitmessage creator acknowledges this. They've been at an impasse for quite a while trying to come up with a better system with which to scale.
I realize not reading Bitmessage's documentation is lazy, but could you explain the inability to scale such a system? Is it simply the chicken or the egg dilemma of nobody using it currently (and so, pretty much the same issue BitTorrent originally had)? Or is it some technical reason?
I get that completely. It's just...I don't believe using 4k bit keys would expose the system anytime in my lifetime. I, obviously, could be wrong. But, I think I would take that chance. I was just hoping someone could convince me that I should't (now that I think about it).
These guys are complaining about disk space and bandwidth, not message security.
Even so, the current network can probably handle 100,000 messages a day, and the bottleneck there is some side channel timing attack mitigation code that causes the client to sleep while syncing with a peer. If you separate out the message syncing from the decryption process and eliminate the timing attack potential, the network can easily scale to a million messages a day or more.
At that point, the messages will need to be broken into 'streams' so that you can partition the traffic. The protocol supports this, but punts on the implementation details, so there's no easy way to implement multiple streams at this point in time.
But I would hardly describe that as full-on 'fail'. Everyone-shares-everything is a design feature to preserve anonymity. It's more difficult to tell who sent a message, who received it (if anyone), who was able to read it (if anyone), etc.
Reading more on this software, it seems like they try to solve the capacity/bandwidth problem by using a distributed hash table, but now the protocol requires a lot of handshaking with specific machines that has potential to remove some anonymity, and also potentially makes it easier to prevent a user from getting messages. Block enough traffic at the Great Firewall and you might not be able to get messages. [Take the above listed weaknesses with a grain of salt, I haven't done an in-depth look at the protocol.]
But in general it's probably premature to worry too much about scaling, since the bitmessage network can already handle several more orders of magnitude than the current traffic levels:
BTW, what is wrong with just hiding real activity with an artificial traffic made of random bits sent to random addresses? The only thing I can think of is that bulk senders may get uncovered, but this is actually good for fighting spam.
