'Vanish' Makes Sensitive Data Self-Destruct 171
Hugh Pickens writes "The NY Times reports on new software called 'Vanish,' developed by computer scientists at the University of Washington, which makes sensitive electronic messages 'self destruct' after a certain period of time. The researchers say they have struck upon a unique approach that relies on 'shattering' an encryption key that is held by neither party in an e-mail exchange, but is widely scattered across a peer-to-peer file sharing system. 'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears,' says Amit Levy, who helped create Vanish. It has been released as a free, open-source tool that works with Firefox. To use Vanish, both the sender and the recipient must have installed the tool. The sender then highlights any sensitive text entered into the browser and presses the 'Vanish' button. The tool encrypts the information with a key unknown even to the sender. That text can be read, for a limited time only, when the recipient highlights the text and presses the 'Vanish' button to unscramble it. After eight hours, the message will be impossible to unscramble and will remain gibberish forever. Tadayoshi Kohno says Vanish makes it possible to control the 'lifetime' of any type of data stored in the cloud, including information on Facebook, Google documents or blogs."
Copypaste (Score:5, Insightful)
'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears,'
And yet after a copypaste or screenshot it wont disappear anywhere.
Let's not kid ourselves (Score:5, Insightful)
Re:Let's not kid ourselves (Score:5, Insightful)
Re:We already have better tools for that (Score:4, Insightful)
True, however, in the many years between the invention of Public Key Crypto and today, no one has come close to being able to come up with a way to easily and automatically distribute the keys that doesn't rely on some third party having all of them on file.
There's a reason that encrypted e-mail is pretty non-existent and it's because key management remains unsolved. Manually passing your self generated keys back and forth is all well and good, but it's not all that scalable, and most folks don't know how to do it. I don't know if this works any better mind you, it's probably really more of a nifty trick/experiment, but pretending that Public Key Encryption has solved the secure communication problem is at best naive.
Corporate crimes (Score:5, Insightful)
Re:Copypaste (Score:3, Insightful)
So this is really just a very obfuscated way of achieving what DRM providers have been trying to [favourably] do when they (willfully) allow their authentication services to die or go the companies hosting them plunge into insolvancy.
And to think people thought we were crazy when we warned them that the above DRM 'technique' was a bad idea for consumers from the get go. Pitty "a do over" or repurchase isn't a very good business plan for message encryption -
"Sorry about this, can you send me your email from last week since it's expired now and I need to check up on a few things?"
"No can do, we didn't actually mean anything we said in it. But we didn't lie either. Got proof?".
Sad that it works for media formats.
Just imagine if we allowed the reasons behind why we went to war or how the recession occured to expire like this! Blame would be apportioned in terms of aquiessence rather than proof, "Yes sir, it's definitely not our fault, since we have no records of that - and there's no point in looking since all the keys have expired! If only it had crossed our minds a little sooner, we could have looked at our records when it was politically damaging..."
Re:Copypaste (Score:4, Insightful)
Re:Adaptability (Score:3, Insightful)
Re:Not useful for DRM (Score:4, Insightful)
Re:Corporate crimes (Score:4, Insightful)
Plausible deniability!
The judge and jury get to decide what is plausible.
It won't look good if the erasure violates standard practice or professional guidelines, legal obligations or existing corporate policy.
In criminal law, a guilty verdict demands proof beyond a reasonable doubt.
That does not mean that every piece of evidence has to carry the same weight - only that the evidence when viewed as a whole is damning.
If the state's witness performs credibly on the stand, that will carry over to whatever documents he is asked to describe and identify.
"Plausible denial" is a world of hurt.
Re:Adaptability (Score:3, Insightful)
The only answer to that problem is lots and lots of jewelry.
Let me know how that works for you. Seems to me like you are training your wife to bring up something again every time she wants a shiny new trinket...