Saturday, March 12, 2016

Bit Chat v4.2 Released

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

Bit Chat v4.2
Technitium Bit Chat version 4.2 (alpha) is now available to download from the main website and via automatic update mechanism for existing installations. The software checks for new update automatically with every start but, you can also use the Check For Updates option in the main menu to get an update instantly.

Bit Chat v4.2 Released
The latest update includes many protocol level changes which are not compatible with previous versions, due to this, all peers will need to update to the latest version to be able to chat. The latest version fixes some bugs and adds new features that are mentioned below:
  • Profile Image feature added to allow user to set a custom profile picture which is visible to all other peers.
    Bit Chat User Profile Viewer
  • Messages Store implemented to store all Bit Chat messages locally in an encrypted format so that, you don't lose all your conversations and don't have to worry about the security of the stored messages. All messages are stored securely using AES 256-bits encryption algorithm and can only be read using the profile password.
  • Bit Chat now fully supports IPv6 protocol and implements local peer discovery using IPv6 multicast.
  • Proxy settings have new Socks 5 (Tor Network) option to allow quick configuration.
  • Go Offline feature added to allow you to disconnect a private chat or chat group without having to delete the chat by leaving it.
  • Bit Chat Portable feature allows you to use Bit Chat without installing it on your computer. You can keep copy of the portable binaries on removable media like USB drives and carry Bit Chat with your profile to any other computer.
Know more about Bit Chat by reading Frequently Asked Questions (FAQ) and Bit Chat whitepaper. You can also view Bit Chat source code on GitHub and compile Bit Chat client yourself.

And as always, send your feedback to support@bitchat.im or write your comments below.

Thursday, November 19, 2015

Technitium MAC Address Changer v6.0.7 Released

Technitium MAC Address Changer v6.0.7 is now available for direct download and via Automatic Update. You can download the latest version release from this direct download link or via this official torrent.

Technitium MAC Address Changer

The software will check for update automatically as per a fixed schedule. If you want the update before the automatic update triggers, just start the software, click on Help > Check For Software Updates menu to get it done instantly.

This update fixes following issues:

  • OUI file update from IEEE.ORG fixed by updating file parser due to changes in the published file format.
  • Fixes error handling while reading IPv4 information.
  • Fixes some UI components that were getting distorted for some users.

You can read help topics for getting answers to common queries.

For any queries or issues related to this release, just post a comment below. You can also send screenshots of the software to support@technitium.com for feedback.

Sunday, November 8, 2015

Bit Chat v4.1 Released

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

Technitium Bit Chat version 4.1 (alpha) is now available to download from the main website and via automatic update mechanism for existing installations. The software checks for new update automatically with every start but, you can also use the Check For Updates option in the main menu to get an update instantly.

Bit Chat v4.1 Released
The latest update includes some protocol level changes which are not compatible with previous versions, due to this, all peers will need to update to the latest version to be able to chat. The latest version fixes some bugs and adds new features that are mentioned below:
  • HTTP Proxy support now added with existing Socks 5 proxy support.
    Bit Chat Http Proxy Config
  • Kademlia based Distributed Hash Table (DHT) now supports using both UDP and TCP (via proxy). The TCP protocol support allows peers who are using proxy to use the DHT feature.
Know more about Bit Chat by reading Frequently Asked Questions (FAQ). You can also view Bit Chat source code on GitHub and compile Bit Chat client yourself.

And as always, send your feedback to support@bitchat.im or add comments below.

Tuesday, November 3, 2015

How To Register Profile & Get Started With Bit Chat

Bit Chat is an open source, instant messenger, base on peer-to-peer technology that allows people to chat with each other by directly connecting via a secure TCP based protocol without any 3rd party server in between. The TCP based protocol implements end-to-end encryption to allow people share information securely. Due to the peer-to-peer nature of connectivity, it becomes necessary to have some sort of method to identify and verify the person you are chatting with.

For this reason, Bit Chat uses a profile certificate (a digital certificate) which is issued to each user after email address verification. This allows peers to be identified by their email address.

The profile certificate is exchanged with each peer that you chat with. It contains all the details that you enter during the registration process and hence its recommended that you keep your information brief enough to allow other users to identify you.

Profile Registration

Profile registration is a one time process that you need to do for using Bit Chat. On starting Bit Chat for first time, you will get a welcome screen. Click on the Register Now! button to proceed with registration.

Bit Chat Welcome Screen
If you already have registered a profile and want to use it on another computer, you can export the profile file from existing computer and import it using the import profile option in the welcome screen.
Bit Chat Profile Registration
Once you proceed with new registration, you will get a Profile Registration window shown above. Enter your details in brief so that your peers can identify you. As mentioned earlier, all the information provided in this registration form will be visible to your peers. Your name, email address and country details are required fields and you can choose to leave all other fields empty.

You must not use email address alias for registration since, confirming your email address requires you to be able to reply to the confirmation email with the same email address provided during registration. Any mismatch in the 'From:' email address will not be considered for email verification.

You may wish to hide your IP address during registration by using the Enable Proxy option which can be configured to use any available Http or Socks 5 proxy server including Tor. Alternatively, you can also use any of the anonymous VPN services.

The profile registration process generates a RSA 4096 bit key pair which is used for generating and verifying digital certificate. The key can be automatically generated by Bit Chat or alternatively you can use tools like openssl to generate a key in PEM format and import it using the Import custom RSA 4096-bit key pair option.

The profile data is stored on your computer as a separate file. Since this file contains your RSA private key and your registration details it becomes important to store it securely. To protect the profile data it is encrypted by AES-256 encryption using a profile password. This profile password is not stored anywhere and cannot be recovered in case you forget it. It is important to use a strong password/passphrase and memorize it. In case of forgetting this password, you will have to register a new profile using the same email address.

Once you have completed filling all the necessary information, accept the terms and conditions after reading it and click on the Register button to proceed. It may take a while for the registration to complete since there might be a delay due to generation of RSA key pair on your computer. Once the registration request is submitted to the server, you will get an email for verification.

Bit Chat Profile Registration
The profile certificate is issued by the server upon email verification. To verify your email address, you need to reply to the verification email that you have received without changing the subject. You don't need to write anything in the email itself for this step. You should make sure that when you reply to this verification email, your From email address must match with the one provided during the registration. Using email address alias wont work for verification.

Bit Chat Verification Email
The email verification process takes a minute or two and you will receive a final email notification which completes the registration process. Upon receiving this notification email, you can click Start Bit Chat button in the registration window to proceed using Bit Chat.

Bit Chat Notification Email
You can view your profile certificate by clicking on your name that appears in the top left corner of the Bit Chat main window. The profile certificate looks like the one shown in the image below. The fields in green indicate that those were verified by the certificate issuer before signing it. In your case, the email address will be green indicating that it was verified successfully by the issuer. You can explore more technical information in the Details tab of the certificate viewer.

Bit Chat Profile Certificate Viewer
You can now create new group chat or private chat and ask your friends to join you on Bit Chat. Bit Chat does not have any option to directly send a contact request to your friends since we do not wish to know to whom you chat with. You can invite your friends by sending them details by email or via another instant messenger.

For any queries leave a comment below or send an email to support@bitchat.im.

Monday, November 2, 2015

How To Configure Bit Chat To Use Tor Network

Bit Chat now has Socks 5 proxy support which can be used to route all the network traffic via Tor network. Tor software provides a Socks 5 proxy service to allow the Tor Browser to access Internet via Tor network which can be used by any application on your computer.
Bit Chat Registration Proxy Option
The Bit Chat registration window allows you to configure a Socks 5 proxy even before creating a profile. To configure Tor, just click on the Enable Proxy check box and you will get a proxy configuration window. Just select Socks 5 Proxy as proxy type, set proxy address as 127.0.0.1 and proxy port as 9150 as shown in the window below. You can click the Check Proxy button to confirm if Bit Chat is able to access the Tor Socks 5 proxy.
Socks 5 Proxy Config for using Tor network
Once you have confirmed the settings, just click OK and proceed with the registration process. Bit Chat will configure the same proxy settings for your profile. If you already have a profile and want to configure Tor, just click the main menu and click Profile Settings. You will find proxy settings which you can use to configure for using Tor.
Profile Settings for using Tor network
You can click the Check Proxy button in Profile Settings window and confirm if Bit Chat is able to access the proxy. Once this is configured, all new network connections will start going through Tor.

Tor network supports only TCP protocol due to which Bit Chat will not be able to use UDP based torrent trackers. You will have to rely only on HTTP based torrent trackers and DHT to find peers.

For any queries write an email to support@bitchat.im or leave a comment below.

Sunday, November 1, 2015

Bit Chat v4 Released

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

Technitium Bit Chat version 4 (alpha) is now available to download from the main website and via automatic update mechanism for existing installations. The software checks for new update automatically with every start but, you can also use the Check For Updates option in the main menu to get an update instantly.

Bit Chat v4 Released
The latest update includes many protocol level changes which are not compatible with previous versions, due to this, all peers will need to update to the latest version to be able to chat. New features in this update are mentioned below:

  • Kademlia based Distributed Hash Table (DHT) implemented for allowing Bit Chat to rely less on torrent trackers for finding peers. DHT implementation uses a UDP based protocol to connect to other nodes.
  • Socks 5 Proxy support implemented to allow Bit Chat users to hide behind a proxy. User can even configure Bit Chat to use Tor Network, which provides a Socks 5 interface. However, since Tor doesn't support routing UDP packets, user will have to rely on Http torrent trackers to find peer.
Bit Chat Socks 5 Proxy Config
  • Bit Chat can now act as a TCP Relay for allowing other peers behind NAT to accept connection requests. This should allow two peers to connect with each other via a random 3rd peer. This feature depends on DHT module to find peers to start a TCP relay.
  • Network Info feature added to allow user to get internet connectivity related information including UPnP port forwarding & Socks 5 proxy status information.
Bit Chat Network Info

As the number of Bit Chat users increase, the peer-to-peer connectivity will improve due to DHT and TCP relay features.

Know more about Bit Chat by reading Frequently Asked Questions (FAQ). You can also view Bit Chat source code on GitHub and compile Bit Chat client yourself.

And as always, send your feedback to support@bitchat.im or add comments below.

Sunday, July 19, 2015

Bit Chat v3.1 Released

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

Technitium Bit Chat version 3.1 (alpha) is now available to download from the main website and via automatic update mechanism for existing installations. The software checks for new update automatically with every start but, you can also use the Check For Updates option in the main menu to get an update instantly.

The latest update includes many changes which are not compatible with previous versions, due to this, all peers will need to update to the latest version to be able to chat. New features in this update are mentioned below:

  • One-to-one private chat feature is added in addition to the existing group chat feature. This feature will allow users to do one-to-one secure chat by entering each other's email address and an optional shared secret.
  • Profile certificate registration process now allows you to import RSA private key in PEM format. So, you can use an existing key or generate a new key using OpenSSL and import it.
  • Profile certificate now can be reissued with ease using new Reissue button in profile manager. This feature allows you to make changes to your profile data, keeping the same email address and profile settings intact.
  • Additional authentication feature added in the protocol to verify if the peer has generated the same master key during the protocol handshake.
  • User typing notification feature added to let you know when peer on opposite end is tying message.
  • Copy files and paste it into the message text box to share them instantly.
  • User profile viewer now displays the cipher suite being used to secure the peer-to-peer communication.
  • Improved local peer discovery design implemented to avoid periodic announcements on local LAN. This module allows peers to discover each other over LAN networks to allow communication over private network without Internet connectivity.

And as always, send your feedback to support@bitchat.im.

Sunday, June 21, 2015

Bit Chat Version 3.0 Released With Upgraded Cryptography!

Technitium Bit Chat version 3.0 (alpha) is now available to download from the main website and via automatic update mechanism for existing installations. The software checks for new update automatically with every start but, you can also use the Check For Updates option in the main menu to get an update instantly.

The latest version has protocol level updates which makes it incompatible with the previous versions and thus all peers must use the updated version to be able to chat. You wont notice any changes in the user interface (UI) since the changes are only related to the protocol.

The primary aim of this update is to improve the cryptography implementation used in Bit Chat. The newly added code provides strong cryptography with following features:
  • The new protocol (v3) implements Perfect Forward Secrecy (PFS) using Elliptic Curve Diffie-Hellman (ECDHE_RSA 256bits) and Diffie Hellman (DHE_RSA 2048bits) for ephemeral key exchange mechanism with RSA for authentication using certificate (Bit Chat profile certificate). Mono framework doesn't implement ECDHE algorithm and hence Linux version of Bit Chat can use only DHE algorithm while Windows version of Bit Chat is able to use both the algorithms. AES 256bits in CBC mode is used to encrypt the data as it was in previous protocol.
  • Key re-negotiation feature is added to protocol to negotiate new ephemeral key for data encryption based on time and data transferred. This allows the encrypted data channel to remain always ON while ensuring the protocol security by using different ephemeral keys.
  • Authenticated encryption (Encrypt-then-MAC) is implemented using HMAC-SHA256 to check if the encrypted data was authentic (that is, to check if the encrypted data was modified in any manner while in transit).
  • In addition to profile certificate based authentication, pre-shared key is used to establish the encrypted channel. The pre-shared key used here is the Group Chat password that was set while creating the chat. So, using a password for your Group Chat will improve the protocol security.
  • The security of encrypted profile file (which is stored on your computer and contains your RSA private key for the profile certificate) is also improved by implementing PBKFD2 using HMAC-SHA256 with 200,000 iterations. This implementation will improve security of the file against password cracking or brute force attacks.

The above features updates are in addition to the existing ones listed below:
  • Peer-to-peer architecture similar to how Bittorrent works. Infact, Bit Chat uses Bittorrent trackers to find peers in your group chat. So, you connect directly to peers without any server in the middle! Another advantage is that the data is routed through shortest path, that is, if your friend uses Internet from the same service provider as that of you, then the communication is not going to leave the local network of the service provider. And if your friend is on private LAN network, the communication stays in the private network itself, so you don't even need Internet for private LAN chat!
  • A complete end-to-end encryption with digital certificate (profile certificate) based authentication combined with peer-to-peer network means nobody can snoop on your messages and you can ensure the identity of your friends.
  • Transfer huge files with ease! All peers in the group that participate in file transfer share the bandwidth. It works similar to how files are shared using Bittorrent but, in a close group of users. Also, files transfered are encrypted just like your messages.

The source code is updated on GitHub and you can inspect the TechnitiumLibrary.Security .Cryptography project for verifying the implementation. And as always, send your feedback to support@bitchat.im.

Tuesday, May 12, 2015

Running Bit Chat on Ubuntu Linux

This post is written for Ubuntu Linux but, you can easily follow similar steps on your favorite distro. Technitium Bit Chat is developed in c# and requires you to have Mono Framework installed on Linux to run it.

Start Terminal and follow the steps below to run Bit Chat on Ubuntu:
  1. Download Bit Chat from the website using wget as shown below.
    $ wget https://technitium.com/download/bitchat/linux/BitChatPortable.tar.gz
  2. Extract the files and run install-mono.sh as root to install mono framework.
    $ tar -xvzf BitChatPortable.tar.gz
    $ cd BitChat
    $ sudo ./install-mono.sh
    
  3. To run Bit Chat each time do following:
    $ sudo ./start.sh
    
The install-mono.sh is not really an application installer. It will just help you to install mono-complete framework and import root certificates. Below is the install-mono.sh file contents if you wish to run the commands manually.
#!/bin/sh

apt-get -y install mono-complete
mozroots --import --ask-remove
If you encounter the below error message during Profile Certificate registration, it means the mono framework's root certificate store is empty. Due to this, mono applications won't trust any SSL certificate and you will see this error for every HTTPS website that gets called by a mono application.
Technitium Bit Chat Profile Registration Error
Technitium Bit Chat Profile Registration Error

To resolve this error you need to import root certificates as shown below:
$ sudo mozroots --import --ask-remove
For any related queries, feel free to comment on this post.

Sunday, May 10, 2015

Technitium Bit Chat Released!

I am happy to announce the release of Technitium Bit Chat which is currently available for both Windows and Linux platforms. Version 2.1 (alpha) can be downloaded from here. You will need Mono Framework to run it on Linux.

Technitium Bit Chat
Technitium Bit Chat

Introduction

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

The architecture is designed keeping in mind the security principle that everybody is secure or no one is. There is no meta data generated when you use Bit Chat. The only thing that we know, is the email address of the user who registered for a digital certificate. The digital certificate tells that the email address was verified, which is similar, in concept, to any domain validated SSL certificate issued to a website.

Development is still in progress and new features will be made available as an when they are coded. The software has automatic update feature which will keep you updated with latest version available.

Read Frequently Asked Questions (FAQ)

Features

  • Provides end-to-end encryption using peer-to-peer technology, designed for privacy, delivered using strong cryptography.
  • Many-to-many group chat using peer-to-peer technology, so no servers involved in message delivery!
  • Can be used as a LAN chat instant messenger in your private LAN network the same way you can use it on the Internet.
  • Allows file transfer which works similar to torrents. File is split in parts and each peer participating the file sharing distributes different parts to each other. This leads to better network bandwidth utilization.
  • Each user has to perform a one-time profile registration. A profile digital certificate is issued to each user after email address verification. So, you can make sure that the person on the other side is really your friend by checking the profile email address.
  • Profile digital certificate is signed using RSA 4096bit key and SHA-256 hash algorithm.
  • Profile data is stored securely on your computer by encrypting with a profile password. So all your settings are encrypted using AES-256 encryption.
  • The peer-to-peer connection is completely encrypted using AES-256.
  • Automatic port forwarding using UPnP implemented for your home router/access point.
  • Automatic software update to keep you updated with the latest version.

The Concept

Since the software architecture is peer-to-peer, the usual concept of having a 'username' and 'password' for authentication and identification doesn't work here. There is no 'log in' or 'log out' here in that sense, due to the fact that there are no centralized servers involved to do the logging! Nobody knows if you left the chat group or you just went offline, unless of course, you tell them that yourself!

To understand this better, just imagine meeting with one or more friends at a place. You call up the people willing to meet and tell them a location and time. Everyone gets to the decided location, have fun and leave.

Bit Chat is exactly the same thing just over Internet. You email or message your friends and ask them to come on Bit Chat and give a chat group name. Everyone starts their client and join a chat with the decided name. The software does its peer-to-peer connectivity and everyone is connected to each other. Then you chat, transfer files, go offline and come back again to same chat group later or leave the chat group.

To make sure the identity of the peer in your group, you can check the email address of the peer. Each peer has to register for a profile certificate which is basically a digital certificate issued after email address verification. So, the email address in the profile certificate helps you make sure that you are chatting with the right person.

A chat group name is converted into an identifier which each peer in group tries to connect to using Bit-torrent trackers. Thus anyone who enters a chat group will get connected to other peers with the same chat group name. To avoid connecting to unintended people on the Internet, you can set an optional password or a shared secret to the chat group. The password will be used to generate the identifier for the chat group and only the people who enter a correct group name and password combination will be able to connect to each other. So, if you suddenly see some unknown people joining your group, don't panic, just leave current chat group and create another group with a different password.

The messenger connects each peer in a chat group in a mesh network topology, that is, a peer is connected to all other peers in that chat group to form a network. To find a peer on the Internet, Bit-torrent trackers are used and to find peers on local network, local peer discovery via UDP broadcast is used. If you are behind a router, you can enable UPnP feature in the router or access point and Bit Chat will do automatic port forwarding for you.

The network strength icon against each person's name indicates the current status of connectivity of that person. If the icon is green, it means, the peer is connected to all other peers in the group. An orange icon will indicate that the peer is not connected to someone in the group. You can click on any of the peers and check to whom they are connected to and to whom they are not.

It is important to note that, for Bit Chat to work successfully, at least one person in your chat group must be able to accept incoming TCP connection. If UPnP feature is available in your router/access point, automatic port forwarding will be performed. Otherwise, you will need to manually configure port forwarding. Bit Chat is designed to allow virtual connections to be made via another peer thus, just one peer able to accept incoming connection will make the entire chat group to work well.

In Windows, automatic firewall configuration feature will add entries for the application to accept incoming connections. For Linux, if there is any firewall configured, you will need to perform manual configuration to allow the software to accept incoming connections.

Features Planned

There are many features that are thought about to be implemented in Bit Chat however, following list gives some of the important features that are planned. There are no timelines for the implementation but they will be made available as soon as the implementation is completed.

  • NAT-PMP port mapping support.
  • Distributed Hash Tracking (DHT) support to rely less on torrent trackers.
  • One-to-one voice chat.
  • Emoticons support.
  • Alternate display name and profile picture support.
  • Store chat messages in the encrypted profile file.
  • Android mobile app with all the features.

Open Source

Technitium Bit Chat source code is available under GNU General Public Licence v3 on GitHub. The software code is made open source to increase confidence in the security that we intend to provide.

Alpha Version

Technitium Bit Chat current release is in alpha version. This means the software is not fully complete and will undergo major changes in its protocol or user interface design. There may be noticeable bugs which will be addressed with an automatic update. You are welcome to report any issues by sending an email to support@technitium.com.

Further, you may like to read the original concept in this old blog post.