Posts
Relatively recently, Hacker.ru published interesting news (thanks to Maria Nefedova) - Ja…
July 20, 2025 at 8:02 PM•Max Knyazev is typing…Telegram mirror
Relatively recently, Hacker.ru published an interesting
news
(
thanks to Maria Nefedova
) - Jack Dorsey, the same one who co-founded Twitter and now heads Block, decided to launch
Bitchat
: Bluetooth messenger without Internet and SIM card (
yes, this is not a joke
)
😳
The gist: BLE messages, mesh network, no servers, everything local, everything encrypted via Curve25519 and AES-GCM ( for details go to Hacker.ru ). In theory, you can transmit messages over a distance of up to 300 meters - in a chain through other devices. A kind of post-apocalyptic messenger that works even in the complete absence of infrastructure
😅
At first glance it sounds at least cool. There is even Panic Mode - triple tapping on the icon erases all messages from the device. Everything according to the canons of privacy, open-source, whitepaper ( on GitHub ), and no centralization. Briar and Firechat immediately come to mind - there were similar ideas before, just without the hype from a media person
😉
But here SecurityLab It knocks the rose-colored glasses off a bit. Firstly, Bitchat itself admits directly in the README: there was no audit, it’s not worth using in production. Secondly, researcher Alex Radocea found a hole in the identification mechanism: if someone intercepts your ID and public key, they can pretend to be a “verified” contact. And you won't even know
😏
Moreover, questions began to arise regarding the implementation of forward secrecy. It may be that the session keys are not being updated as expected. Plus hints at possible buffer overflow. In general, everything is still in the spirit of “cool idea, crude implementation”
👏
And here the classic question arises: how does the community feel about such experiments?
🧐
On the one hand, this is cool. This is a protest against centralization, this is an attempt to regain control over correspondence, etc. And projects like Bitchat, Briar, Firechat are important because, at a minimum, they expand the imagination. We stop thinking that messenger = WhatsApp or Telegram. That is, it’s cool that someone is doing something of a different nature, unlike anything else
❤️
But on the other hand, BLE as a foundation for reliable communication raises many questions. Radius is small, stability is poor and safety is a concern
🤬
Therefore, yes, Bitchat is worth watching. Perhaps he will become something more. Or maybe it will go down in history as another experiment that didn’t work out ( most likely, let's face the truth ). But personally, I find such things to be at least interesting. I love different kinds of experiments
😉
#information_security
Open original post on TelegramThe gist: BLE messages, mesh network, no servers, everything local, everything encrypted via Curve25519 and AES-GCM ( for details go to Hacker.ru ). In theory, you can transmit messages over a distance of up to 300 meters - in a chain through other devices. A kind of post-apocalyptic messenger that works even in the complete absence of infrastructure
At first glance it sounds at least cool. There is even Panic Mode - triple tapping on the icon erases all messages from the device. Everything according to the canons of privacy, open-source, whitepaper ( on GitHub ), and no centralization. Briar and Firechat immediately come to mind - there were similar ideas before, just without the hype from a media person
But here SecurityLab It knocks the rose-colored glasses off a bit. Firstly, Bitchat itself admits directly in the README: there was no audit, it’s not worth using in production. Secondly, researcher Alex Radocea found a hole in the identification mechanism: if someone intercepts your ID and public key, they can pretend to be a “verified” contact. And you won't even know
Moreover, questions began to arise regarding the implementation of forward secrecy. It may be that the session keys are not being updated as expected. Plus hints at possible buffer overflow. In general, everything is still in the spirit of “cool idea, crude implementation”
And here the classic question arises: how does the community feel about such experiments?
On the one hand, this is cool. This is a protest against centralization, this is an attempt to regain control over correspondence, etc. And projects like Bitchat, Briar, Firechat are important because, at a minimum, they expand the imagination. We stop thinking that messenger = WhatsApp or Telegram. That is, it’s cool that someone is doing something of a different nature, unlike anything else
But on the other hand, BLE as a foundation for reliable communication raises many questions. Radius is small, stability is poor and safety is a concern
Therefore, yes, Bitchat is worth watching. Perhaps he will become something more. Or maybe it will go down in history as another experiment that didn’t work out ( most likely, let's face the truth ). But personally, I find such things to be at least interesting. I love different kinds of experiments
#information_security
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.