Conclusion: Bitmessage looks something like a hybrid of Bitcoin and Freenet Frost. In other words it looks like a greatly watered down version of Freenet, but using an everybody gets everything distributed PIR based on bitcoin instead of a demand based redundant distributed storage cache where everybody gets somethings + what they want. The lack of link level encryption (which is an enormous flaw), as well as the lack of swarming and padding, has opened it up to deanonymizing attacks by local external adversaries that Freenet is protected from. It supports a mode that attempts to give plausible deniability to all users, but instead of having this behavior set as default for all clients, it has it as an optional setting for some clients that they hope will give deniability to all clients. Because everybody gets and tries to decrypt everything, it is much less scalable than Freenet. Additionally, Bitmessages plausible deniability system is fixed at using one layer of indirection, whereas Freenet uses a variable number of indirection layers that can get very deep. The incorrectly used RSA at first, and the still suboptimal usage of ECC today, makes it not something I would want to trust to do my encryption for me. Its one real advantage over Freenet is that it uses an information theoretically secure PIR for message retrieval, rather than relying entirely on plausible deniability and link level encryption. This advantage is entirely negated by its many other shortcomings, which leave an overall impression of having been designed and implemented by amateurs. No offense meant to any of the people who worked on it, everybody starts somewhere and the first security oriented things we design and make are likely to be horrible. I just hope that when such things are made, they are not used in a security critical fashion by people, until the flaws are fixed.