BitTorrent unveils NSA-proof online calling and messaging software

BitTorrent

BitTorrent Inc., the San Francisco company behind the most popular technology for sharing files online, is branching out into a new arena: snoop-proof calling and texting.

The company announced the availability Wednesday of a preliminary, test version of BitTorrent Bleep software, which will enable people to make calls (voice only) and send messages over the Internet without using a central server to direct traffic. Instead, users will find one another through groups of other users, with no records of the calls or texts stored anywhere along the way.

Once a connection is made for a call or text, the communication travels directly between the two computers involved. That peer-to-peer approach also defies mass surveillance. Granted, it doesn't pay to underestimate the National Security Agency's ability to monitor even well-hidden communications. But Bleep certainly makes the job harder than the most popular online calling and messaging apps do.

Bleep will be available by invitation only for now, the company said, because it still has plenty of rough edges. It's also limited to computers running Windows 7 or 8, although support for more platforms is coming.

The product reflects BitTorrent's effort to find more applications for the distributed-computing technology that underlies its file-sharing software. It launched BitTorrent Sync last year to provide an alternative to cloud-based programs that synchronize files across multiple devices. Shortly before that it unveiled BitTorrent Bundles, a publishing platform for digital content. The company has been working on Bleep at least since September, when it announced its plan to develop a secure online chat service.

Online calling and messaging services typically seek to preserve privacy by scrambling the communications between the sender and the recipient. The problem is that they rely on central servers to handle the electronic signals that establish the connection. The metadata that passes through those servers can be monitored or intercepted, potentially exposing the calls and texts themselves to surveillance, as leaked NSA data has revealed about Skype and other Voice over Internet Protocol services.

Bleep encrypts its traffic too, as well as enabling users to keep their identities secret even from those with whom they're communicating. But the main reason it's more secure, the company says, is because it has no central servers. "We are not even storing data temporarily on servers and then deleting it," Farid Fadaie, head of the Bleep project, wrote in a blog post Wednesday. "We never have the metadata in the first place."

Nor does anyone else. Unlike BitTorrent's file-sharing technology, there are no central, surveillance-susceptible indices helping to connect one user to another. Instead, when User X tries to start a call or send a text to User Y, X's Bleep software asks other BitTorrent users if they know Y's IP address. Their query eventually reaches a computer that Y's Bleep software has made contact with, revealing Y's address. The information is sent back to X, enabling X and Y to connect directly.

"Consider Bleep your personal redaction pen controlled by you and only you," Jaehee Lee, senior product manager at BitTorrent, wrote in a blog post Wednesday. "Anything you say is Bleep-ed out to us and everyone else for that matter."

This seems technologically nifty, but who would go to the trouble of running Bleep when millions of people around the world can easily be reached through Skype, WhatsApp or any number of other VOIP and chat apps? Lee offered four possible use cases: diplomats sharing sensitive dispatches, businesses safeguarding communications from industrial espionage, reporters protecting sources, or friends keeping their conversations private.

I could suggest any number of less noble uses for the software too. But as with the BitTorrent protocol itself, Bleep shouldn't be judged by the things people do with it. Instead, it should be judged by its ability to deliver on its promise of security.

The isn't interoperable with other chat or VOIP clients, at least not at this point, so its utility will be limited unless and until it gains a critical mass of users. The tremendous popularity of the BitTorrent protocol gives Bleep a strong global foundation, but not much else. That could change, though, if Bleep were built into updated versions of the apps people use to share torrent files.

One other potential factor is whether Congress changes the 1994 Communications Assistance for Law Enforcement Act to require data communications services to support wiretaps, as the Justice Department and federal security agencies have sought. Today, the wiretap requirement applies only to phone networks (including mobile ones) and online services that are effective substitutes for them (such as Vonage). If CALEA were extended to all online voice and messaging services, BitTorrent might be faced with the choice of withdrawing Bleep somehow from the United States or re-engineering it to remove its distinguishing feature.


Explore further

Researchers find most BitTorrent users being monitored

©2014 Los Angeles Times
Distributed by MCT Information Services

Citation: BitTorrent unveils NSA-proof online calling and messaging software (2014, August 1) retrieved 18 August 2019 from https://phys.org/news/2014-08-bittorrent-unveils-nsa-proof-online-messaging.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments

Aug 01, 2014
Only criminals have something to hide.

Because all laws are Just. /s

What if your legal activity today becomes illegal tomorrow?
How about if I don't trust an individual in the NSA chain not to abuse their position?
If I'm collaborating with someone about an idea we've yet to patent, should our discussions be broadcast to our competitors?

Let's just go with my life isn't your business, or the government's. Remember, there is no single entity "The Government". They are comprised of fallible, corruptible, sanctimonious humans.

Aug 01, 2014
Instead of trying to hide our communication online and elsewhere, why can't we just be more open? Only criminals have something to hide.
not necessarily...
there should be a right to privacy within certain circumstances, as well as protection from abuse of privilege like SoylentGrin points out above

would you want your ex-spouse/enemy to be able to bring up all your personal data whenever they please for revenge purposes?
how about someone that just hates you because you are religious?
or maybe someone who thinks you should be dealt with severely because THEY are religious?
How about watching you as a threat to whatever just because of your public posts on a pop-sci site?

there are things that need to be kept private. like:
e-mails to your kids? wife? girlfriend? boyfriend? business partner? secret new business patented technology? classified documents? investigations that are on-going? HIPA data? STD/medical/lab results? clinical trials? new meds?

Aug 01, 2014
That peer-to-peer approach also defies mass surveillance.
Just because it is peer to peer does not mean it is not capable of being monitored... only that it is harder to monitor. glad it is also scrambled.
i know that you can tap a phone line without even violating the integrity of the line.
certain direct scrambled hard lines in the former USSR were tapped (without physically damaging the lines) while underwater by our gov't during the cold war
Lee offered four possible use cases: diplomats ...businesses ...reporters ...friends keeping their conversations private
I would also add private com between law enforcement during investigations (like above), ANY Dr. to Dr. consult/interface for HIPA protection, any private info that should be protected from 3rd party discovery...

I hope this does not get undermined by CALEA
it looks like it would be far too useful...

Aug 01, 2014
I don't buy that p2p makes communications any more secure in the face of the NSA et al, because it'll still be easily characterized and there is every reason to believe that they have access to all major transport into and out of ISPs. Anybody who knows the terrible state that our nationwide backbone diversity has fallen to would certainly agree that it wouldn't really be that hard, or require "taps" in that many locations. At least not as long as you're only looking to snoop on internet traffic - it would be a nightmare to try to tap every literal p2p transport fiber that businesses have run for their WANs and whatnot, but anyway...

In my opinion, if anything this service is probably more likely to get your communications stored than more conventional services.

Aug 01, 2014
...And not just their metadata.

Aug 01, 2014
This comment has been removed by a moderator.

Aug 01, 2014
This comment has been removed by a moderator.

Aug 04, 2014
Its not the government that worries me as much as malicious people. Our data in the wrong hands, is the reason I'd choose to be private.

Aug 04, 2014
How is this secure at all? If i maliciously modify my bittorrent code to LIE and say yes i know the IP address of Y it's my IP address. Then wouldn't X attempt to connect to me instead. i Could even connect to the REAL Y and just be a middle man they dont know about.

Aug 05, 2014
How is this secure at all? If i maliciously modify my bittorrent code to LIE and say yes i know the IP address of Y it's my IP address. Then wouldn't X attempt to connect to me instead. i Could even connect to the REAL Y and just be a middle man they dont know about.


This is not possible unless you have the private key of the person who is being queried.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more