Anonymous encrypted communications with LEAP Bitmask

Bitmask is an open source cross platform bundle from the LEAP Encryption Access Project, a non profit group dedicated to protect the right of leaking information. Bitmask can be used to send anonymous email messages, hide your computer IP when visiting websites, circumvent Internet filters and encrypting your Internet activities to stop ISPs from logging them.

You can either set up your own Bitmask server to tunnel your traffic or find a provider that supports the application. To open a Bitmask account you only have to cook up a username and password, no additional information is required. Currently Bitmask only works with LEAP own Bitmask server but activist privacy providers like Riseup and Calyx plan on implementing it soon.

To anonymously send email with Bitmask a help guide explains how to manually set up SMTP and IMAP to proxy messages in any email client or you can download Bitmask Thunderbird addon with a wizard guiding you through the proxy set up process, the addon also prevents Bitmask account caching.

LEAP Bitmask anonymous email configuration

LEAP Bitmask anonymous email configuration

Bitmask has been designed to automatize anonymity, it uses OpenPGP for email encryption but you don’t have to exchange encryption keys with anybody, the program does it for you. Encryption takes place in your computer and should stop Gmail or Outlook from handing over email contents to the NSA, emails are stored encrypted in your computer.

One of Bitmask email downsides is that you can not use it with webmail, it only works with email clients, and in case you wonder, the difference in between Enigmail and the Bitmask Thunderbird addon is that Bitmask exchanges encryption keys automatically.

Encrypted Internet activities and hiding your computer IP from websites is attained with a VPN tunnel, to mitigate the risk of a VPN provider eavesdropping on you Bitmask authenticates with the VPN using an anonymous digital certificate. What I could not see if any counter measure to stop a rogue VPN from logging computer connection IP and timestamps.

Bitmask stated goal of bringing easy always on network encryption bets on safe technologies like OpenVPN and OpenPGP, some trust is placed on the VPN provider, and although it allows organisations to roll out their own server, so does OpenVPN. I did not find Bitmask any easier than downloading a VPN program and using webmail for pseudo anonymous encrypted Internet communications. The best points of LEAP Bitmask are that it is open source, it allows people to run their own server and has detailed technical documentation.

Future plans include anonymous chat on top of XMPP, secure VoIP, LEAP Tor hidden services and creating a darknet in between all LEAP platform providers. Of all those things the most exciting feature for me is the Bitmask darknet, for those who don’t know, a darknet is a closed private network of computers that can only be accessed by approved members.

Note: At the moment Bitmask Windows only works with 32bits OS, if you have a 64bit OS download the Thunderbird addon..

Visit Bitmask homepage

Leave a Reply

Your email address will not be published. Required fields are marked *