Forgot your password?
typodupeerror
Communications Security

This Text Message Will Self Destruct 233

Posted by ScuttleMonkey
from the should-you-choose-to-accept-it dept.
mwilliamson writes "Silicon.com is reporting that Staellium UK (cell provider) has created a protocol in which text messages disappear after 40 seconds. This, of course, relies on the implementation of the protocol in the device used to display the message. They're touting a future roll out for photos as well, and service in the US."
This discussion has been archived. No new comments can be posted.

This Text Message Will Self Destruct

Comments Filter:
  • by dada21 (163177) * <adam.dada@gmail.com> on Monday December 12, 2005 @03:11PM (#14240496) Homepage Journal

    For me, the first thing that comes to mind from "self destructing SMS" is the advertising potential. Combined with a locator, you could now receive "Eat at Wendy's!" messages that expire so you don't have to delete them.

    I don't really see it happening, but advertising in the old markets (TV, radio, newsprint) is not returning as big of a response as it used to. They'll always try to find more direct ways to advertise, and I wouldn't be surprised if this move is a predecessor to more direct advertising schemes.

    Hopefully I'll be able to opt-in rather than opt-out of any such programs.

    FWIW, I just can't imagine that people are SMS'ing proprietary information. If its private and confidential, keep it on paper (preferably typed with a typewriter). Digital information will always be too insecure.
    • by metlin (258108) on Monday December 12, 2005 @03:15PM (#14240537) Journal
      FWIW, I just can't imagine that people are SMS'ing proprietary information. If its private and confidential, keep it on paper (preferably typed with a typewriter). Digital information will always be too insecure.

      Oh, no. You'd be surprised.

      At a certain national lab I used to work at, people used to SMS system login information - of course, the presence of additional security (e.g. a Cryptocard which is basically like an RSA random number generator tag) minimized the risks of someone breaking into the system, but you'd be surprised.

      • by dada21 (163177) * <adam.dada@gmail.com> on Monday December 12, 2005 @03:17PM (#14240558) Homepage Journal
        I guess I shouldn't be surprised at the ineptitude of general humanity. What is the point of having any passwords if people don't keep them at least minimally protected? Sheesh!

        The only thing I use SMS for is contacting my employees that overslept, communicating with friends, using Google for SMS and looking up prices (froogle etc). Sending proprietary information using a text messaging service is crazy.
        • communication is kept. (Including this one since I'm typing this on the office computer.)

          Your SMS messages are no exception.

          Since there is no way to determine what might constitute 'insider codes' for stuff happening, you can look forward to your SMS messages hnaging around FOR-bloody-EVER!

          Work for an outfit with more than fifty staff in the US? (Notice it doesn't say where your head office might be because it doesn't matter.)

          Your documents, emails, SMS messages and every scrap of paper has to be kept for a
          • Interesting assertion. Got any links for that?

            There are some industries that require keeping of information. As well as legal reasons to do so if there is a suit in progress, or you have "reasonable belief" a suit is pending. Destroying information then can be viewed as obstruction of justice and get you in jail.

            But if you have a "policy" of removing stuff and do it before you know anything is pending, the lawyers can't do anything retroactively if the data is gone. So delete the logs (or don't generate
      • by gstoddart (321705) on Monday December 12, 2005 @05:03PM (#14241466) Homepage
        Oh, no. You'd be surprised.

        At a certain national lab I used to work at, people used to SMS system login information - of course, the presence of additional security (e.g. a Cryptocard which is basically like an RSA random number generator tag) minimized the risks of someone breaking into the system, but you'd be surprised.

        Indeed. I know if I walk around my office, I'm forced to conclude that probably 10-20% of all of our corporate communications are happening over MSN and Yahoo IM networks.

        It seems everyone uses these wonderfully convenient things without ever stopping to realize that all of their data is travelling over someone else's network and that they have no control over it. I wouldn't be at all surprised that you could probably violate insider laws at dozens of companies just by being able to intercept MSN's traffic.

        I complain about it frequently (I won't use MSN) but nobody seems to care that all of our internal decision making is way more public than we'd like to think. And this seems to travel from board-level down to the rest of us plebes -- it's almost become the defacto method of commincations.

        Scary stuff, but people will use third party technologies for the damndest things without giving it a second thought.

        Cheers
        • Why not set up internal Jabber and/or IRC servers? If you can give (and demonstrate) a reasonable alternative to ICQ etc., and present your concerns along with that, surely your opinion will be weighing much more heavily.
    • FWIW, I just can't imagine that people are SMS'ing proprietary information. If its private and confidential, keep it on paper (preferably typed with a typewriter). Digital information will always be too insecure.

      While it should be kept under lock and key, have you any idea how much sensitive information is stored digitally? I think you would find that going back to a paper-based society (we're talking pre-1970s terminals here, people) would be very cumbersome. Just keep a sense of proportion, I mean we have
      • I definitely agree there is a balance between security and ease-of-use. I personally keep all my confidential data on a portable hard drive, and it is fairly insecure. Nothing I have is really all that important to me.

        For people who have unique security needs, though, I am surprised that they'd need to have SMS messages deleted. If someone sends you proprietary information through SMS, how hard is it to just delete it yourself? Why is 40 seconds picked over 30 seconds or 80 seconds? The idea that a com
    • by CaymanIslandCarpedie (868408) on Monday December 12, 2005 @03:21PM (#14240588) Journal
      I don't know here is what I was thinking:

      Not sure what to get for the WorldCom/Enron executive on your Christmas list who has everything? Well look no further! Now available just in time for the holdidays, the self destructing SMS client!!! Works with all the speed and convience of a regular SMS client, but without the pesky audit trail those nosey SEC investigators are always looking for! The perfect gift for that special someone who just dosen't have the time to fully cover up their embezellment/fraud! Saving someone a prison sentence shows you really care.
      • The sad thing is that what you describe was precisely the first thought I had when I read the blurb....

        The even sadder thing is that the second thing I thought of was that this would be a new way for the RIAA to shove DRMed music down our throats. Pay per listen....

    • The way the article is written the obvious different story that comes to my mind plays out as follows

      MSG from 555-5555:
      Feds hav wrrnt. Shred all accnting files. Luv Ken L.
      MSG will self-destruct in 40 s
    • The first time that happens to me, I'm going to the nearest sporting good store, buying a baseball bat, and breaking every bone in the manager's body. I'll then force him to tell me where regional hq is, where I'll do the same thing. And thus continue up the chain, until the cops shoot me or the evil is destroyed.
    • Why yes, I do see a different story. Here's my rendition of the headlines:

      Wireless Execs Hold Hands, Sing Songs of Praise and Feast On Fresh Babies Over New Text & Picture Messaging Protocol!

      So in other words expect something like this to start showing up in your mobile plan details. New and exciting value butt-fuck messaging pack: 300 text messages / mo. $9.99 + $0.25 per message you want to retain beyond 40 sec. timeout. Unlimited messaging + retention for $21.99 a month. Void where prohibited, 1

    • If its private and confidential, keep it on paper (preferably typed with a typewriter). Digital information will always be too insecure.
      Oh boy, I'd love to see you start up an FDIC-approved bank running solely on paper! (No telephones or electronic funds transfers either, since those are increasingly digital). Just think of all the jobs you'd create in typing and pony express riding. And customers would flock for the awesome check-kiting potential.
  • Nooo! (Score:2, Funny)

    by creepynut (933825)
    My ASCII Porn! 40 seconds isn't nearly enough!
  • yay! (Score:2, Funny)

    by boog3r (62427)
    They will call their new technology... Divx?
    • Exactly. Although a bit of a troll, I can see the MPAA lobbying for new laws that require any movies recorded to a DVR expire after 40 seconds.
      • I don't think it's a troll at all. The minute I read this story the word "DRM" popped into my head.

        Why should a sender be able to control what happens to a message that my device receives? It's all well and good that they can tell the network to drop the message after X seconds (assuming it isn't delivered) -- but why the hell should they be able to tell my device what to do with that message?

        What's next? A new e-mail protocol where you can add an "X-No-Archive" like header to your messages and force the
        • another example in a long list of why we should have a not-for-profit tech hardware company.

          what drives these conflicts is the need for profit and growth in the existing companies
          • You realize that "not-for-profit" only means that the company doesn't post a dividend: all revinue is reinvested into the company. In the case of unscrupulous CEOs, all that reinvestment is appropriated for his use.
  • For instant notifications powered by Upoc [upoc.com], I certainly wouldn't mind this. If I leave my phone off for a couple hours (no signal at work) I get an SMS flood soon after leaving and end up having to delete messages after I read them. While it's not big deal it would be nice if I didn't even have to think about it.

    *NO* text message that *I* get is worth keeping around after I read it. If it was, I'd just e-mail it to myself or copy/paste it to another application.

    I like the idea, YMMV.
  • One more reason... (Score:5, Insightful)

    by Gruneun (261463) on Monday December 12, 2005 @03:13PM (#14240521)
    As if the average person wasn't already running under the assumption that they were somehow anonmyous in their electronic communications. Frankly, I wouldn't knowingly buy a phone that implemented this protocol and didn't allow it to be toggled.
    • As if the average person wasn't already running under the assumption that they were somehow anonmyous in their electronic communications.

      Assuming they do include photos in a bit, just think of the various "send your husband a hot image" ads we'll see for it. Polaroid cameras tried to pitch themselves that way based on the supposed privacy of not needing to develop anything, at least back in the day, and I've seen at least one video-enabled phone commercial in which someone picked up someone else's call an

  • by hattig (47930) on Monday December 12, 2005 @03:13PM (#14240528) Journal
    I thought the text message got routed to their servers, and the receiver got a message with a link to the wap site. they'd then get sent to the wap site to see the text message, and the wap site would redirect or do something after 40 seconds to remove it from the viewer's screen. Standard http redirect?
  • Double Take (Score:3, Funny)

    by kadathseeker (937789) on Monday December 12, 2005 @03:14PM (#14240530) Homepage
    When I first glanced at this I though of exploding phones, perhaps a la Rammstein. Now you can send death threats and stalking messages without those pesky records to catch up and convict you!

    • Just as governement agencies can request your telephone records if you call someone with a death threat (now, in complete secrecy, whether or not you've violated the law), it's hard to imagine them not being able to acquire the same kind of information from the service responsible for routing them.
      • Just as governement agencies can request your telephone records if you call someone with a death threat (now, in complete secrecy, whether or not you've violated the law), it's hard to imagine them not being able to acquire the same kind of information from the service responsible for routing them.

        So the protocol would force the message to be deleted off the headset but the network would retain a copy? Kinda defeats the purpose of the security doesn't it?

        Do the cell networks even keep a copy of normal

    • a la Rammstein

      Du

      Du hast

      Du hast 40 zeconds to read zis message...
  • Oh, goodie ... (Score:5, Insightful)

    by kitzilla (266382) <paperfrog@gmail.cRASPom minus berry> on Monday December 12, 2005 @03:15PM (#14240535) Homepage Journal
    ... a new messaging protocol demanding my IMMEDIATE response. I don't have enough electronic intrusion from my cellphone and email already. This is great. My boss will love it.

    Text messaging reduced to the level of that arcade game where alligators poke up through holes, and you have to hit them on the head before they disappear. Maybe I can try this while driving, just to make it more interesting.

  • Sure you can do it in a totally captive corporate environment (sort of), but companies like "Disappearing Inc" tried to make it a product/service combo. As far as I can tell, it was an utter failure. Email -is- an archival medium. Which is why it shows up in the discovery phase of just about every business civil action these days. SMSes are generally not worth bothering with, in the "I'm waiting for you at the OTHER end of the pub"...
  • "No additional technology was required beyond [Microsoft] IIS," said a spokesman, "Once the message is read, the server crashes, and subsequent attempts to read the message fail. As they say, a crashed server is a secure server."
  • Just who owns a text message anyway? It's my contention that once it arrives on my telephone that it's mine. I predict this will not prove to be a popular feature.
    • I'm not a lawyer, but I think that text messages would be the "intellectual property" of the writer unless the receiver had a written agreement with them that said otherwise. Ownership is technically given upon creation in the US, though a court usually asks for some sort of proof (ie, poor man's mail-in copyright).
  • Assuming your intended recipient doesn't have some covert means of recording the messages (in which case this is as much nonsense as it sounds), what's wrong with sending a flash SMS which many mobile phones won't store? Plus it usually appears more prominently than a regular one. If that won't work, what about a one-time automated voice recording? You can't make data self-destruct if the receiver doesn't want it to :-)
  • by billybob2 (755512) on Monday December 12, 2005 @03:21PM (#14240586)
    Richard Stallman correctly predicted this was going to happen as a result of of DRM, also known as Digital Restrictions Management, Treacherous Computing, or Handcuffware. To quote from his essay "Can you trust your computer? [gnu.org]":

    ...There are plans to use the same facility for email and documents--resulting in email that disappears in two weeks, or documents that can only be read on the computers in one company.

    Imagine if you get an email from your boss telling you to do something that you think is risky; a month later, when it backfires, you can't use the email to show that the decision was not yours. "Getting it in writing" doesn't protect you when the order is written in disappearing ink.

    Imagine if you get an email from your boss stating a policy that is illegal or morally outrageous, such as to shred your company's audit documents, or to allow a dangerous threat to your country to move forward unchecked. Today you can send this to a reporter and expose the activity. With treacherous computing, the reporter won't be able to read the document; her computer will refuse to obey her. Treacherous computing becomes a paradise for corruption...
    • Unless you work for a company that is publicly listed, since SEC regulations call for the permanent archiving (on "non-editable" media) of all electronic communications. Penalties for non-compliance are very steep...
    • Imagine if you get an email from your boss telling you to do something that you think is risky

      You tell him no, and if he insists, you leave.
    • ...There are plans to use the same facility for email and documents--resulting in email that disappears in two weeks, or documents that can only be read on the computers in one company.

      Imagine if you get an email from your boss telling you to do something that you think is risky; a month later, when it backfires, you can't use the email to show that the decision was not yours.


      Imagine if there was a button labeled 'print screen' on the keyboard that sent the screen data to the printer... or at least the clip
  • by mrRay720 (874710) on Monday December 12, 2005 @03:21PM (#14240587)
    Please sign me up for your new service.

    Love and kisses,
    Paris Hilton.
  • I seem to have read quite a few cases of people soliciting minors via cell phones, sending messages and such. Can you say "self-destructing evidence"? Step 2: Require cell phone providers to log all SMS messages. Step 3: Give unlimited access to FBI to catch terrorists.
  • by felipecoury (771350) on Monday December 12, 2005 @03:21PM (#14240597)
    This kind of message already exists for GSM mobile phones. It's called WIG Push (SIM Browsing or SAT) messages. They are visible for a short time and vanish after a timeout.

    For more information check http://www.smarttrust.com./ [www.smarttrust.com]

    Regards!
  • The original article notes that, even though the recipient loses access to the message, it's still stored for law enforcement, the intelligence community, and probably for marketing purposes.
  • I predict (Score:5, Insightful)

    by this great guy (922511) on Monday December 12, 2005 @03:25PM (#14240625)

    I predict:

    • bad implementations which will only delete the message's metadata instead of the data itself (which will remain visible in the memory chip, and forensic investigations will be able to recover deleted text messages)
    • hacked phone firmwares that will violate the protocol by allowing users to prevent the deletion
    • people who will think this technology is secure but will realize later how easy it is to circumvent

    From my personal point of view this "auto descruction" feature should only be seen as a convenience where phones autodelete messages to keep enough free memory space.

  • Just save/copy/print it before it goes away. Take a picture of the screen if you really need it for proof of something.
  • Great Idea (Score:5, Funny)

    by ehaggis (879721) on Monday December 12, 2005 @03:27PM (#14240647) Homepage Journal
    Sounds like a great idea. What happens if you can't finish reading it in ti..
  • by tyrions (884908) on Monday December 12, 2005 @03:31PM (#14240680)
    ... because the system simply sends a WAP push to a page which expires after a given period of time - the request is made over plain HTTP. The problem is that WAP gateways often choose to ignore the "no-cache" directives as do a lot of WAP browsers, which means that the message remains in the cache and can still be read both by the client and the gateways along the route after it has expired. A quick test we ran showed the messages being stored on the memory of a phone even thought it wasn't supposed to be cached. Also, it is always possible to simply save the page source to a different file on the phone.

    A mobile software consultancy [ionsquare.com] I work for is actually working on a project for a client which takes things a step further by encrypting the traffic from the server to the client and allowing the user to read it only via a J2ME MIDlet which never stores the messages to the RMS (persistent storage). For more information check out www.simtext.com [simtext.com]
  • Is this just the precursor to the next version of Sony DRM... ??

  • Big deal (Score:3, Funny)

    by Quiet_Desperation (858215) on Monday December 12, 2005 @03:39PM (#14240729)
    I invented a protocol that can make the sun shine out of your ass, but you need to use an instant messenger that supports it.
  • manufacturers announced today they will try and sell a security related service over a copmletely insecure and unreliable communication system

    imagine that
  • by TomDLux (28486) on Monday December 12, 2005 @03:39PM (#14240735)
    But security agencies will require the company to archive all messages for five years ... or is it ten?

    Tom
  • by Mr_Silver (213637) on Monday December 12, 2005 @03:41PM (#14240749)
    There is already support in the protocol for text messages which are never saved in the users inbox. These are generally called "flash sms" and, whilst not being quite the same, work close enough, are supported in the majority of handsets and is here today.

    Whilst I don't doubt that this kind of functionality has the potential to be good and bad - anything which requires support from the majority of vendors before it can be used will fail unless there is a significantly compelling reason to have it (eg. T9).

    I don't see this as being quite in the same league as T9 though.

    • There is already support in the protocol for text messages which are never saved in the users inbox. These are generally called "flash sms" and, whilst not being quite the same, work close enough, are supported in the majority of handsets and is here today.
      yeah my network (02 in the uk) uses those for balance information after each call (pay as you go service).
  • First Post! (Score:3, Funny)

    by penguinoid (724646) <spambait001@yahoo.com> on Monday December 12, 2005 @03:50PM (#14240821) Homepage Journal
    I got a first post, but it self-deleted after 40 seconds...
  • Staellium UK said that its StealthText service will allow business executive dealing in sensitive information to send texts which will delete themselves from the recipient's mobile phone as soon as the person has read them.

    Um... this sound like it is just a time-to-live applied to a service protocol... it's not exactly rocket science or a new concept. But they've got a buzzword to file off to the patent office. Fantastic!

  • by fullofangst (724732) on Monday December 12, 2005 @04:10PM (#14240978)
    I signed up for an initial batch of 5 messages. I did of course immediately write two fairly sexual messages to girls I know, seeing as its anonymous. Great fun.

    Anyway, nothing comes across as a text message. Rather, the phone will display the received item as a Service Command message. Clicking 'open' automatically starts the WAP on the phone, which connects to the StealthText server and displays the message. Standard operator charge applies however, so it's probably something that people are going to complain about when they notice that tiny increment on their bills.

    But still .. anonymous text messaging. I've got three left and then I'll unsubscribe, it's far too pricey for what it is. But at least I get to tell the boss what I thought of his new shirt without him knowing it was me :)
  • Good luck complaining about offending messages and spam. Man - I'm missing the point here. Tell me again what good this protocol is?
  • Distruct (Score:2, Funny)

    by certel (849946)
    Excellent! No more waking up in the morning feeling guilty that someone might have some incriminating evidence on you while text messaging drunk! I see the definate benefits!
  • Controlling how long written information exists is tantamount to un-inventing writing. Written language ceases to be a permanent record and becomes a sort of buffered version of spoken language. The idea that communication, the foundation of civilization itself, would undergo such a giant step backwards for the sake of a business model completely boggles my mind.
  • Saw an advert for it on Gmail. http://www.boomspeed.com/akito/GmailSMS.png [boomspeed.com]
  • who wishes it were available for use earlier this month [sfgate.com].

    Clearly, this is a bad idea.

    All it will result in is more cyber-bullying, among other things.
  • Expect text message persistancy as an added value service next year, charged per minute of retency.
  • Would make more sense to delete it after its read.
  • Upon recently turning 30, I told myself that if I'm ever working for a company again that tries something like this, I will stand up and say "That is a great idea! I don't see how it could possibly fail." Then, if by the end of the meeting I haven't totally convinced everyone who matters to drop the idea, I will quit or be fired.

    You can spend hours telling me about how this will work for the majority of non-hackers and how it will be of some benefit to some very wealthy companies, but in the end all you'r
  • by abulafia (7826) on Monday December 12, 2005 @04:56PM (#14241376)
    So, someone sends me one of these messages. That means I have 40 seconds to pull out my other phone and take a picture of the message.

    Anyone depending on this for any real "security" is an idiot.

  • New? (Score:3, Informative)

    by codegen (103601) on Monday December 12, 2005 @05:07PM (#14241508) Journal
    I remember seeing something like this about 5-6 years ago (during the
    dot boom) for email (funny how the article mentions they plan to add
    email soon). I don't remember the details, but I remember being
    unimpressed by the tech.

    Same concept as this article: You sent your email to the service, they saved
    it on a server and sent the recipient an email with a link. After the mail was
    read it was deleted.

    I never heard about it again. I don't think the company made enough
    money to stay in business.

Do molecular biologists wear designer genes?

Working...