|About this BitMessage Page|
BitMessage [archive] is a P2P asynchronous communications protocol used to send encrypted messages to another person or to many subscribers. The PyBitmessage client is written in Python with a Qt GUI. BitMessage is decentralized and trustless, meaning that users do not need to place faith in entities like root certificate authorities. The design employs strong, self-authenticating, Bitcoin-style addresses which prevents adversaries from spoofing messages so they appear to be legitimate.
The BitMessage protocol is quite flexible and robust: 
- Messages for offline recipients are stored for up to 28 days before being deleted.
- Proof-of-Work is relied upon to prevent spamming.
- Sender and recipient metadata is hidden by broadcasting all messages to everyone, thereby acting as a simple private information retrieval (PIR) system.
- Bridging services between the BitMessage network and legacy / regular email exist.
- Additional features include subscription support and Chans (Decentralized Mailing Lists). 
- Stronger anonymity is possible by running BitMessage in Whonix ™, since it works reliably.
BitMessage has not yet been independently audited by professionals to verify its security claims. That said, miscreants did use it to run a ransomware operation (over Tor) without being caught, demonstrating that it is somewhat "battle-tested."  While the Whonix ™ Project will never condone criminal abuse of technology, it is hoped that dissidents in oppressive states can profit from the protocol's underlying strength.
Email Bridging Services
Note: Bridging services are not required to use Bitmessage.
Bitmessage Mail Gateway (BMG) is a service that allows for seamless integration of email (webmail or email client) and the Bitmessage network. If this configuration is preferred, follow the instructions [archive] to set up an account, then register [archive] (v2 onion [archive]).
Note that for confidentiality, GPG must be used when communicating with email users. It is also possible to configure Thunderbird with Enigmail so it uses the BitMessage service [archive] (optionally over Tor) for seamless GPG support.
BitMessage Installation and Operations
The following instructions perform steps to compile and verify the BitMessage source code. Once the verification process is complete, BitMessage can be started and the networking appropriately configured.
Bitmessage developers use git [archive] to sign their source code.  Git is a distributed version control system (VCS [archive]) that has the ability to tag specific points in history -- such as version release points -- as being important. These (git) tags can be signed and verified with GNU Privacy Guard (GPG). For a basic overview of Tagging please read: Git Basics - Tagging [archive].
Start BitMessage by running the following command.
When BitMessage starts for the first time, this prompt will appear: "Bitmessage won't connect unless you let it." Choose: "Let me configure special network setting first" → press <OK>.
Figure: BitMessage Network Settings
Make the following changes:
- Proxy type:
- Server hostname:
Press <OK> and the application should be fully functional.
Figure: SOCKS5 Proxy Configuration
To upgrade BitMessage run the following command.
cd $HOME/PyBitmessage git pull
While explicitly attaching files is not supported, technically any file can be sent within the message body. 
First convert the file with base64 and then copy and paste the contents of the text file.
base64 < binary.file > text.file
Do not forget to include receiver instructions on how to decode it. In order to decode the file, the recipient can copy and paste the code into a file and convert it with the following command.
base64 -d < text.file > binary.file
It is not very practical to send large files with BitMessage. Alternatively, a file or archive containing a collection can be GPG-encrypted and uploaded to untrusted cloud storage, with a link sent to the intended recipient(s). Two methods of encryption are possible: relying on a contact's public key or using symmetric encryption and sending the password in BitMessage. For GPG symmetric encryption, follow this example:
gpg -vv -c --cipher-algo AES256 your-file.tar.gz
Note that the output of
diceware (pre-installed from Whonix ™ 14 onward) can be used for secure passwords.
Backup User Data
To backup the BitMessage profile and all user-generated program data:
- Copy the folder under this path to your shared folder: /home/user/.config/PyBitmessage
- Copy the folder to this location to restore BitMessage data for new installs.
It is recommended to use Multiple Whonix-Workstation ™ to safely separate BitMessage identities and running instances. For better security, do not run separate BitMessage instances concurrently in this configuration.
- The development of Android clients has unfortunately stalled. Connecting with a mobile client also requires a full node running on the user's PC.
- The service will be gracefully shutdown in stages over a period with the termination date of 1 January, 2020. Full details are available at http://bitmailendavkbec.onion/term.html [archive]:
The service will be gradually shut down. This is the plan (red steps are complete):
1. Disable registrations as of 2019-06-01.
2. Deny all outgoing E-mails as of 2019-07-01. You will no longer be able to send E-mails after that.
3. Deny all incoming E-mails as of 2019-12-01. You will no longer be able to receive messages after that.
4. Take the E-mail handler completely offline on 2020-01-01. You will no longer be able to log into your account after that.
5. Clear secret key storage for mailboxes and bitmessage addresses on 2020-02-01.
6. Delete all remaining accounts at 2020-06-01.
7. Take the service offline 2021-01-01.
We reserve the right to perform these actions sooner or later than initially planned. Please don't wait until the last moment.
- https://bitmessage.org/wiki/Decentralized_Mailing_List [archive]
- https://www.bleepingcomputer.com/news/security/chimera-ransomware-uses-a-peer-to-peer-decryption-service/ [archive]
- https://github.com/Bitmessage/PyBitmessage/issues/108 [archive]
- https://forums.whonix.org/t/gpg-recv-keys-fails-no-longer-use-keyservers-for-anything/5607 [archive]
- https://tedjonesweb.blogspot.fr/2013/06/how-to-send-files-like-e-mail.html [archive]
- https://bitmessage.org/wiki/Keys.dat [archive]
- https://bitmessage.org/wiki/Messages.dat [archive]
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)