BitTorrent Bleep Now Publicly Available Across All Major Platforms

BitTorrent Bleep Now Publicly Available Across All Major Platforms(blog.bittorrent.com)

97 points by xngzng 11 years ago | 70 comments

joshstrange 11 years ago |

I don't trust anything released by BitTorrent. Sync was a huge let down and frankly I'm not going to waste my time on any more of their software after the ad/toolbar/bitcoin-mining infested installers they put out for uTorrent...

solomatov 11 years ago | |

Completely agree with you. If they want it to be focused on privacy, they should at least document their protocol.

reymus 11 years ago | | |

I dont understand. Could you explain why?

guelo 11 years ago | |

I totally agree with you that they are total scumbags. At the same time, I am amazed that they've been able to keep that company going for so long, probably close to 10 years. They've somehow stayed afloat and kept producing new products while so many other more worthy startups came and went that I can't help but give them some grudging respect. How do they stay alive?

hkmurakami 11 years ago | | |

Toolbar installs were responsible for most of their revenues before the ads came to be on their clients.

Meebo (remember them?) was also staying afloat with toolbar installs.

joeyspn 11 years ago | |

> Sync was a huge let down

Same with BitTorrent Live...

GutenYe 11 years ago | | |

Syncthing is the way to go.

higherpurpose 11 years ago | |

Care to elaborate on why Sync is a huge let down?

zaroth 11 years ago | | |

Sync was great until it locked all my folders and demanded $39 to start working again. Their free tier makes it sound like you get 10 shares free but I think it actually turned out to be 10 folders including sub-folders within a share...

black_puppydog 11 years ago | | |

https://news.ycombinator.com/item?id=8626931

chanux 11 years ago | | |

Also they call it peer-to-peer (IIRC) and now it comes with an annual fee (how about, maybe a one time charge?). Also the software felt pretty complicated with the Pro update.

In the beginning it was all amazing. But we all know we can't have nice things.

Cantremeber 11 years ago |

No mention of it being open source and after what happened with Sync I don't understand who would use this.

lewisl9029 11 years ago | |

Yeah I'm not sure what their target market is either.

Proprietary software is fine for a lot of things, but anything concerning security and privacy absolutely requires the additional transparency and scrutiny offered by open-source.

I guess they are planning to market it to people who are worried about privacy but not tech-savvy enough to be able to understand these fundamental deficiencies of proprietary software, but that just seems really unsavory to me... But then again this is the same company that tried to sneak crypto-mining software as a value added offer to their installers so I can't really say I'm surprised.

azdle 11 years ago | |

Wait, what happened to sync?

rpedroso 11 years ago | | |

There was some concern about the security of the product:

http://2014.hackitoergosum.org/bittorrentsync-security-priva...

These concerns were amplified by the difficulty of auditing a closed-source product. Their argument that hashes are one-time secrets and not permanent keys is difficult to validate without access to the source.

anonbanker 11 years ago | |

Do you like Bittorrent? Do you like Chatting with others?

Then You'll Love Bittorrent Bleep!

EDIT: I didn't say it was a good mindset. I just think Bittorrent is trying to leverage it's name into new markets, while alienating it's core users and promoters.

unmagnet 11 years ago | |

It would be nice to have a simple user-tag and official-tag customizable field for tagging related research and development patterns.

Every time a closed source nightmare reoccurs, we can just let newbies find the related open source alternative.

black_puppydog 11 years ago |

I am particularly annoyed by the name "Whisper" for the "25 seconds only" messages: It got me to read on because I thought they interfacing with WhisperSystem's protocol for TextSecure. Because, open protocols, federation and all that. Would have been nice, right? Well, thumbs down for that.

Also, if you don't trust the other to not want to log your conversation, don't send sensitive stuff. But then again people do seem to like snapchat and thelike, so I shouldn't judge too much there maybe.

robmcm 11 years ago | |

I guess it's a slight reassurance, for example if I want to send a password to someone I trust, I could do it with whisper knowing if someone picks up their phone in a weeks time it will be gone.

pnt12 11 years ago |

That screenshot protection thing is kind of dumb. As they show in their website, you take 2 screenshots and there you go, name and message.

You can say you make it harder to take screenshots but you cant promise a secure way to prevent people from saving the data you send them. That's unfeasible, its promotion of false security.

sandebert 11 years ago |

Apparently "all platforms" means Mac, Win, IOS and Android. Not to be snarky, but that's not even close to "all", even if we exclude esoteric ones with extremely few users.

derefr 11 years ago | |

Now available across all major app stores.

sarciszewski 11 years ago |

Warning: This is going to sound mean. Feel free to skip it if mean words upset you.

They claim to support "all major platforms" then completely skimp out on Linux and BSD.

Bleep isn't open source.

They claim to provide privacy, and their testimonials read:

    Software Engineering at it's finest. If you haven't read
    the blog post on this app then you need too. Once you see
    how it works your gonna want it. Most secure messaging
    I've seen yet.

That's great, now show me the source code so I can decide whether or not it's the most secure messaging _I've_ seen yet.

Publish the git repository. Make it run on GNU/Linux and *BSD.

Or get the fuck out and stop making claims you cannot back up.

    DDDD   i    t          h      TTTTT  h     i   sss 
    D   D     ttttt   ccc  h        T    h        s 
    D   D  i    t    c     hhh      T    hhh   i   sss
    D   D  i    t    c     h  h     T    h  h  i      s
    DDDD   i     tt   ccc  h  h     T    h  h  i   sss
    
      BBBB   U   U  L    L     SSSS   H  H  I  TTTTT !
      B   B  U   U  L    L    S       H  H  I    T   !
      BBBB   U   U  L    L     SSSS   HHHH  I    T   !
      B   B  U   U  L    L         S  H  H  I    T    
      BBBB    UUU   LLLL LLLL  SSSS   H  H  I    T   !

GutenYe 11 years ago | |

Open source is the way to go.

FreeKill 11 years ago |

I'm very intrigued by Bleep, I think that attempting to leverage the bitorrent protocol in a chat platform is a unique take, that I would like to see continue to evolve.

However, I think it's important that they open the source up for this project and even potentially offer the ability for me to install and run my own server. I think until they take those steps, it will be difficult for them to gain any kind of large following.

mike-cardwell 11 years ago | |

Run your own server? From my understanding there is no server involved. It is peer to peer and peers find each other by using DHT. It's closed source though, so you have to take their word on that.

gcb0 11 years ago | | |

it's bi bittorrent. you need a tracker.

how do you think one client can find another? i hope you don't think it was a internet wide broadcast... :)

GutenYe 11 years ago | | |

How does it manage the offline messages without a server?

spullara 11 years ago |

There is no way to make a service that guarantees that messages are erased with current mobile technology that doesn't allow you to make another client that saves the message. Snapchat and the FTC had a conversation about this.

https://www.ftc.gov/news-events/press-releases/2014/05/snapc...

lenova 11 years ago |

I would love to hear Moxie's thoughts on Bleep and whether he thinks this is secure or not...

JshWright 11 years ago | |

Unless they have published their source code (or at least a protocol spec), then I don't think there's much in the way of 'thoughts' to be had.

dmix 11 years ago | |

Two benefits over TextSecure that I can see:

- Doesn't require your mobile phone number to use it

- Not dependant on google services on Android

Downsides:

- Cant beat Textsecures crypto - Not opensource

The last two points make this a no-go for me.

higherpurpose 11 years ago | | |

Another benefit is that it's P2P, which doesn't do much in terms of privacy (although Bleep's website claims that it does somehow...) but it can help with censorship - think Turkey, Iran bans of apps and services. I think even Brazil wanted to ban Whatsapp at some point.

I wouldn't consider it a top 5 priority right now, but I do hope OWS takes into consideration making Signal P2P as well in the future (perhaps with some new technologies that may appear or mature by then).

My own priorities for what I want to see in Signal/Textsecure next:

1) integrated Android app

2) desktop client (ideally web/browser-based, but if that's not too secure, I could live with a native app, too, maybe one that works only through Windows 10's store for the sandbox security and digital signing benefit, as well as for the new auth features)

3) video-chat support

dotBen 11 years ago |

Some things are highly valuable but just don't make sense to monetize. Bit Torrent is a great example of that.

BitTorrent Inc is evidently scrambling to find a way to monetize the core technology having raised money and promised investors it would do that.

They just laid off a %age of their staff, which indicates to me the end of the road might be nearing and Bleep maybe one of the last attempts they have to pull something off.

I love Bram, but IMHO Bit Torrent should return to being a true open source technology developed by the community.

Thlom 11 years ago | |

They could potentially have sold BitTorent technology/software to companies that needs to move lots of data across multiple nodes. Instead most of them use libtorrent.

zbyte64 11 years ago | | |

I don't think that makes sense. It is kind of like selling TCP/IP before the internet age ; network standards should be just that - an open standard that is open to all players.

microtonal 11 years ago |

One thing that is missing from the marketing copy: even if you accept a closed-source messenger and forget the whole uTorrent saga, what's the monetization model here? What costs can we expect in the future and where?

(The cynic in me thinks: Bleep 2 offers many new features, buy Bleep 2 Pro if you communicate with more than 10 contacts.)

cmdrfred 11 years ago |

What are the limits on implementing the bittorrent protocol? A open source sync alternative seems doable (even if I had to resort to port knocking or something), maybe build it on top of owncloud and get the best of both worlds?

leni536 11 years ago |

So far I know these decentralized (supposedly) secure messaging software/protocols:

   1. Bleep
   2- Tox
   3. Ring (formerly SFLphone, DHT based authentication)

zbyte64 11 years ago | |

Add OTRTalk to the list:

https://github.com/mnaamani/otrtalk

higherpurpose 11 years ago |

What's with the super weird installation process on Windows?

Also very little information about how everything works on its website (the technical stuff, especially for security).

sarciszewski 11 years ago | |

Security through obscurity, exhibit A.

Just kidding, we know there are too many exhibits for even Unicode to enumerate.

tui 11 years ago |

I tried it for 5 mins,the encryption is freaky slow. Telegram is still my favorite private chat app

lxgr 11 years ago | |

"Private"?

baran1 11 years ago |

What about Telegram?

MichaelGG 11 years ago | |

Telegram should be avoided. They do weird things with their security and ignored criticism on it. The key verification requires checking an image, so you can't do it over the phone. Plus closed source, so you're very likely entirely depending on trusting Telegram.

Their response to using AES IGM? It's along the lines of "yeah this strange mode no one uses has issues but not in the way we use it so whatever. We've got math PhDs, so trust us."

I'm no expert, but I get a really bad feeling about them, since it's the totally wrong attitude to take.

leni536 11 years ago | | |

>closed source

I can't comment on the other arguments, but the client of Telegram is certainly FOSS [1]. Their service being open source is irrelevant, since you couldn't verify it anyway.

[1] https://f-droid.org/wiki/page/org.telegram.messenger

vonuebelgarten 11 years ago | |

Due to the general architecture, I think it's better compare Bleep with Tox.

userisuser 11 years ago |

Why not use Kik? Its a more popular closed source messenger.

mike-cardwell 11 years ago | |

Kik is not end to end encrypted. Kik the company can access any message you send or receive.

cbd1984 11 years ago | | |

And how do you know the same isn't true here?