VPNs, Tor, and Bitmessage

For obvious reasons, I'm becoming more and more concerned with privacy. The goal isn't to make yourself impossible to hack; there's no way of accomplishing that. But you can make penetrating your security cost more than it's worth. Unfortunately, the world of available tools is confusing, and frankly, a little frightening.

I've taken up using a VPN (Private Internet Access, if you're interested) which theoretically helps anonymize all my internet traffic. A VPN encrypts all my traffic and sends it through one pipe, where it gets mixed with everyone else's traffic before it leaves. So everyone can see who my VPN is, but as long as the VPN provider can be trusted, I'm anonymous. Good luck with the trust part.

Tor can be used to similar ends, but there's no single person to trust. The network is peer-based, not client-server. Your traffic is encrypted in several layers, then bounced from node to node in the network, each node decrypting a single layer of encryption. When the final layer is reached at the exit node, the data leaves the Tor network and goes to its destination. But no single node knows where everything is going. It's not perfect, of course, but it's got fewer trust issues than a VPN.

Tor is great if your goal is to circumvent law enforcement. Whether that's a good thing or not, naturally, depends entirely on who's law we're talking about. If you're circumventing censorship laws to publicize human rights abuses, more power to you. But Tor doesn't know the difference between that and hiring an assassin. I'm not making that up; on the front page of Tor's internal wiki are links to services where you can have drugs delivered to your door, buy a stolen Paypal account, have someone murdered, and order counterfeit currency.

These are evil things, and I'd rejoice to see all that shut down. But the Tor network has also done a lot of good in places where governments are abusive and censorious. (You know, Iran, Egypt, the United States of America...) Perhaps this is a corollary to government being the price we pay for civilization; crime is the price we pay for privacy. Perhaps one day we'll have a world where privacy isn't necessary to survive our government.

Moving on.

Bitmessage looks fascinating. Email sends messages to your destination through a series of forwarding servers. Bitmessage instead has everyone's inbox encrypted and mixed together, and that database is shared peer-to-peer. Everyone has a copy of everything, but only the recipient can decrypt their own messages. Like Tor, there's no one to trust.

Unfortunately, I can't make it work. I've yet to successfully send a message to anyone besides the echo address (BM-orkCbppXWSqPpAxnz6jnfTZ2djb5pJKDb). And the only messages I've received were from a newsgroup that was full of racists. If anyone has better luck, please let me know. And feel free to message me at BM-2DCANQGGBZeRkZRhFBmErnApJ7d38s2A2L