These Hackers Want to Neutralize the Biggest Threat to Secure Messaging: You

With data mining and surveillance showing no real signs of abating, it seems more likely than ever that secure, encrypted communication will come from the activist coders rather than Silicon Valley corporations or government.

TextSecure, an encrypted messaging app co-created by crypto-engineer and anarchist Moxie Marlinspike, is a good example. Now Bitmask hopes to provide another "easy and secure encrypted communication."

Bitmask is an encrypted communications app that grew out of the LEAP Encryption Access Project. It offers an auto-configuring VPN (which auto-connects to a private network) and an encrypted email service, Bitmask Email. The big draw here is that Bitmask doesn't collect user data, and blocks internet service providers from accessing it too.

Easy is the key word; as the group write on their website, "Unfortunately, when people use secure email they often use it in ways that compromise their confidentiality and the confidentiality of the people they communicate with." Bitmask aims to eliminate this kind of human error.

Its encrypted email system provides a proxy that existing email clients can connect to, and LEAP is making Bitmask's free software compatible with anyone who runs its platform. "There are lots of VPN providers with easy, custom VPN clients," said LEAP's Elijah Sparrow. "But Bitmask is the first auto-configuring client that is also free software."

Encrypted messaging apps are generally centralized, with a single authority users must trust for everything, or peer-to-peer, in which case issues of usability and availability can keep them from broader adoption.

But Bitmask takes a different approach. Users run the application, then register with a compatible service provider, and are up and running soon after. The VPN and email security, Sparrow said, is nearly invisible.

Bitmask currently gives users the option of choosing service providers like Riseup.net, Calyx.net, or Oblivia.vc, as well as Bitmask's own "demo" VPN, demo.bitmask.net. In the future, it will also be compatible with provider ThoughtWorks, the German open-source software company.

According to Sparrow, the main distinction between good and bad encrypted messaging apps boils down to one question: Who is the application requiring users to trust?

With Bitmask, users are asked to place their trust in LEAP. Described by Sparrow as a group of "rabid anti-surveillance activists," many of whom have been working on the project for 14 years, LEAP writes all the code, and builds the packages and executables.

Sparrow said their app also takes greater measures than other encrypted apps to keep unencrypted traffic from leaking from the user's device. With Bitmask, users won't accidentally bypass their security with an incorrect setup, as can happen with some commercial apps. The system also encrypts received messages that come in unencrypted, which is a big upside for those who won't be communicating only with other Bitmask users. All of this security basically helps users not to fuck up.

"With Bitmask Email, we are meeting people where they are now, using email, making this as secure as we can," Sparrow said, "and then we will transition to new protocols like those used by TextSecure and Pond in the future, when both sender and recipient support it."

The downside to Bitmask Email is that it doesn't track with just any email provider, which has to be running the LEAP software platform for it to work. Also, LEAP currently isn't providing email support to the public.

Another catch is that, as with all VPNs, the ISP is able to see traffic as it enters and exits the VPN gateway. So a provider could potentially see email metadata as it comes in, whether encrypted or not. LEAP is currently working on ways to remove this vulnerability.

Bitmask also retains some data. Listed in their privacy policy, this data includes user registration information, customer code for billing formation, and public key, among other information. On the other hand, it doesn't retain IP addresses, browser fingerprints (browser information, plugins, and so on), credentials for encrypted internet service, message metadata, and cleartext messages, or those sent to a party that isn't running unencrypted messaging.

Since LEAP is currently in the midst of a slow release of Bitmask, there aren't a ton of users yet. Sparrow and his team want to be able to fix any snags before too many people jump on board.

It would be rash to expect the masses to use Bitmask. But if LEAP keeps data from providers, smooths out any vulnerabilities, and most importantly makes it easy for users not to make mistakes, it could be another worthwhile tool in encrypted messaging.