Slashdot Mirror
Self-Shredding E-Mail
yoink! writes: "I just read an article on CNN.com describing a self-shredding e-mail system. With all the persistent e-mail documents gathered by the Government in the MS Anti-Trust case, and the massive shredding of paper documents by parties in the Enron fiasco, it's no wonder people have been looking for an electronic solution to a material problem solved years ago with some cutting tools, a motor, and a garbage bag." One of the companies highlighted here was called Disappearing, Inc. when it was mentioned a few years ago, but now several others have joined the fray.
It might end at computer shredding software it doesn't like. ;)
How bout not sending anything that could get you in trouble? Common sense should prevail here. But in the wake on Enron, I am sure they will do well.
One thing I did not see in the article, what happens if the person on the other end saves the email as an attachment, or saves it? I doubt it would be able to "shred" that. This is a very niche market item imo. Once again, DON'T SEND IT IF IT COULD GET YOU IN TROUBLE.
Sent from your iPad.
just send them to /dev/null
I think that instead of devising ways to destroy damaging emails that you send we should instead focus on not sending damaging emails. Bill Gates sent out memos that the DOJ is now using against him. That'll teach him. If you have something that important to say it's probably best said in person.
People still will be able to print out messages, or make screenshots of their MUA - ESPECIALLY when they know that the mail is going to self-destruct. So these expensive systems still won't guarantee against a copy surviving (especially if it's something hot that could be used to blackmail somebody, such as the order to shred all records...).
;-)
In short: Why waste money on a system that prevents Email from getting read by Law-enforcement-officers? Why not simply do nothing illegal?
Many of these services can also restrict what recipients do with messages -- such as bar them from forwarding, copying or printing e-mail.
Can it stop them taking a screenshot? I find it very hard to believe that once you have something decrypted on your computer someone can stop you copying it in some way...
Why not use outlook. It does that whenever it wants on my Unverity (randomly).
I fear however that they might be in for a surprise when the apparently "self shredded" messages pop up at all those likely and unlikely places like backup tapes, swap files, printouts and the like.
It's probably safer to employ a clean and transparent corporate culture, then getting kicked in the but by embarassing messages popping up on ol' backup tapes.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
You give someone info, they have that info. Who cares for "remote cryptography keys" if you can keep the key. Or simply take a screenshot of the message.
I see a point in digital shredding, and it's to not leak information by human mistake. But then if they're willingly keeping the info safe and not trying to copy it, wouldn't sending a URL suffice? When the document isn't needed anymore, you change the URL content to "Not here anymore, sorry."
With a traditional document (esp. in the case of sensitive items) versioning is kept to a minimum, and hence the total destruction of a 'mail chain' would be possible. With digital documents it is too easy for multiple versions to exist - using the email example you could have multiple vendors and multiple sysadmins with mailbox backups, many of which could be unknown to the individuals concerned.
With digital documents there will always be an tension between the desire to be able to fix a system that breaks (using backups) and to digitally shred sensitive items. This will probably mean that there will never be as much certainty with digital shredding as traditional shredding.
have nothing to hide. I don't think shareholders would see an email shredder as good news. Sure, you've reduced "liability," but you could further reduce it by having a higher set of moral codes. If I was a shareholder, I'd probably dump the company if news that the company needed to protect itself from itself.
Its too bad that company execs won't see things that way. I guess the most valuable thing then to have as an investor is the list of Dissapearing, Inc's clients.
I Browse at +4 Flamebait
Open Source Sysadmin
When encrypting a message with PGP you can use the -m option (or sellect the 'secure viewer' if you are using one of the windoze versions) Doing this prevents the recipiant from saving a plain text version on their disks
No, it isn't as good as "shreading" and there are ways to cercumvent this if the recipiant was so incliend, but it is a good substitute providing you trust the recipiant.
If you dont trust the recipiant then WTF are you doing sending them such an e-mail in the first place!
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
I have a feeling that this technology will be used mostly by script kiddies to "shred" the pr0n that comes into their mailboxes on a daily basis.
Still corporations and individuals fail to understand a simple rule: Whatever you can see, you can store and copy. They failed to understand that with copy-prevention mechanisms, and the fail to understand it here. No crypto will help prevent seeing something that you already saw.
And no, hardware protection still can't help. In the worst case - take a camcorder and tape your screen contents. They can't overcome that!
Make even shorter URLs - 8LN.org
Ok, so the first time they need to review a document that is now "expired" they start copying the documents to their local harddisks for review or putting the information into databases and refering to them in memos. Nobody has time to scower a whole corporate network for copies of documents which should not have been copied so this is still not really a solution.
My $0.02 will always be worth more than your â0.02, so
Even if the self-shredding software disables printing, copying and screen-capture functions, nothing will stop a determined person from photographing the screen or jotting down the information by hand.
I can see it now. Interns' job descriptions will now include handwriting received email in addition to coffee-fetching, photocopying, and (in the case of Washingtonians) sexual favors...
The way I see it, (I'm not employed in a corporation, but I have received a few "confidential" emails) the (L)users can/will undermine this by simply hitting Print. Now you are back to square 1, having to manually shred a physical document. Yeah, forwarding emails all over the place is convenient, but there will always be someone who is militantly "anti-computer" and prints out hard copies of everything they get.
I kinda see the point behind this, they are playing off of Enron, milking that scandal du jour for all it's worth. I bet the scandal next month will have something to do with Linux and those pesky "h4ck3rs", right on time to push the SSSCA through.
like mentioned, one shouldnt send anything that will make you look bad later.
instead you should say it in person, and make sure the guy isn't wiretapped. then if you want to later _totally_ remove this message you said to him from existence(provided that he doesnt tell anyone), just dump him in the canal with heavy duty boots.
you just cant remove mails from all the machines they might get into..
world was created 5 seconds before this post as it is.
"Self-expiring" email schemes work essentially the same way: a trusted key authority generates and stores encryption keys for any and all email. Reading an email requires authentication to the key authority, which either returns the key or decrypts the email. After a preset time, the key authority purges the encryption key, after which the email encrypted with that key is theoretically unreadable.
These schemes have several practical problems and weaknesses:
1) These are closed email systems. Composing, sending, receiving and reading all protected email *must* take place within the system. Communication outside the system typically involves a web-based email solution-- you don't actually send the email, you send a URL to a server that hosts the email for the recipient, and a one-time authenticator to access it.
2) There is no protection for email that is removed from the system. Screen captures, saving as text, etc. all remove the email from the "expiry" system, rendering it moot.
3) The key authority is a central point of failure. Reading any protected email requires that the key authority be online and available, and that it's keystore be intact. Any interruption in this services makes *all* email hosted by that service unavailable-- and this is (conceivably) all email in your enterprise.
4) If the key store is ever archived-- a typical response to worries about (3), above-- the archived keys can be used to access old mail that has otherwise "expired," or "shredded." There is nothing in the application of the encryption that prevents an archived key from being used past its valid date, should it be recovered from a backup or recovered forensically the key server's storage.
Just some thoughts.
-- Cerebus
Does anyone have information on how this idea works?
Okay, you have a remote encryption key (Me to keyserver: "Please make this key publicly available until 5/5/2002") which you can use to decrypt documents for a while.
But what is to stop people taking a copy of this key, or of the decrypted message? Do you have to run a "trusted software" reader to view the message?
Either way, it sounds like the equivalent of sending a Yahoo card - "Click here to view your message, which we will store for 3 months"
But then, screenshots are still admissable in court.
And we all know how overwhelmingly successful those have been at preventing copying...
The old bromide that "information wants to be free" is not just a statement about copyright. It's a statement about privacy as well - whether you want it to spread or not, once you set information in a digital form and send it to someone else, controlling it becomes well-nigh impossible.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
I wonder if Enron had a hand in the creation of Disappearing, Inc.
"But e-mail is changing those rules, thanks to virtual shredding. Senders can destroy messages either remotely or automatically, without a recipient's consent or cooperation."
Yeah right! If that were true the RIAA would have been all over this 3 years ago. Sounds like a sales pitch, not news, to me.
Doug Hampshire, Peregrine's systems administrator, made the following statement in what I believe to be a futile attempt to give justification for the use of such an email system...
;-)
"Today's business market is so competitive, we want to make sure that communications that were meant to stay confidential and secure remain that way,"
Is it perhaps just me, or is this comparable to claiming that the chief reason for the development and use of the DeCSS decryption is to make local 'backup copies' of DVD's that you have already purchased!!!
In my opinion, little can be done to portray this software system as anything more than a means through which to destroy potentially incriminating documents/information. Not that this practice is illegal (I don't believe that paper shredders are considered contraband yet...), but it still amazes me how people incessantly try to provide wholesome and moral excuses for the world's necessary evils!!!
Beer is proof that God loves us and wants us to be happy. -- Benjamin Franklin
All this means is that people will set up invisible proxies.
A way round this using public key encryption: You set up a temporary key (using a big randomly generated passphrase), you submit the public key to open keyservers, giving it a shelf life of two-weeks, you receive email X which is encrypted using the public key, you decrypt email X using the private key. You then securely erase the private key (even better keep the key on a floppy disk and destroy it).
The private key is lost, voila, a useless email.
e4 e5
This has several drawbacks:
- A central server location can be attacked physically or subpoena-ed (don't know the spelling here)
- the client must connect to the server when the information is needed - we're not there yet, I'd think
- the information can be stored on the client in its uncrypted form.
Anyway, it's very interesting to think these paranoias. 8-)Yesterday was the time to do it right. Are we having a REVOLUTION yet?
Can I just go ahead and point out the obvious here. Self-shredding email or whatever you want to call it can only work with the consent of the recipient, which goes completely against the tone of the CNN article:
Senders can destroy messages either remotely or automatically, without a recipient's consent or cooperation.
Just like the whole digital-rights management problem, eventually you have to give access to the message to your recipient and they can store a copy. If it's displayed on your screen then even the most recalcitrant software can be bypassed with a screen-shot or at absolute worst, a photograph of your monitor.
All these schemes can do is make it less convenient to store the email you receive. Even so, the receiving software could be dissasembled (DeCSS style) and you could create tools that would store the plain-text like a normal email client.
Karma police, I've given all I can, it's not enough, I've given all I can, but we're still on the payroll.
Somehow, this just doesn't seem as cool as a pair of self-destructing sunglasses.
Think For Yourself. Question Authority.
I hope nobody reading this will rely on "pgp -m" for security
Thats why I said, you must still trust the recipiant not to take a screen shot!
This is a problem with ANY shreading system. Be it paper or electronic documents. There will always be somebody who takes a copy/screen shot to CYA (or is that CTA).
As I said, if you cant trust the recipiant, then you shouldn't be sending them sensative information in the first place!
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
Back in the distant mists of time, when we had cc:mail in house, messages were deleted from the server after 15 days. Since it was not pop3 and all messages were kept right on the server instead of downloaded to your hard drive, it meant that after 15 days it was gone for good. In theory, backups were made. But the person in charge of cc:mail and the backups had . . . issues with the backup, so itwas hit and miss anyway.
If people wanted to keep a message, they did what every one using these e-mail shredders will do: either print it directly or copy and paste it into word and print it from there.
Doesn't self shreading e-mails lack the feeling of a real shreader? I mean the whir of the motor, the sound of paper being cut; besides, how is one supposed to put a gremlin into it when they attack? (see the movie Gremlin's 2)
=================
Unix is very user friendly, it's just picky about who its friends are.
What's the matter, Slashdot? Is it contest for the stupidest article going on here? What makes you think that the average reader's IQ is decreasing? First Wal-Mart, then Futuristic Timeline, and now this. Are you competing with CNN? As the matter of fact, you can shred an e-mail message as many times you want, if it's already logged on dozen mail relay servers, routers, and couple of Carnivore systems. Well, maybe *I* just don't get it.
In a properly DRM enabled OS *Cough* such options simply won't be available for that particular window. In B2 OSes, covert channels (Whereby you copy information you are not entitled to copy) has always been a major issue and channels as esoteric as conveying information by varying processor load have been developed and presumably defended against. The difference in the past is that the machine has been a centrally administered box where it could be assumed that the administrator was a trusted party. In the new DRM paradigm, the administrator is considered a hostile entity not to be allowed full access to the hardware he purchased.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
If we used this system, I just *know* some HR director or marketing manager would come to me and ask for the backups of the shredded messages.
"But they're meant to be shredded for OTHER people" they'd say...
Erm, how about your latest, not yet patented invention?
Or salary details? Or pretty much anything sensitive?
Admittedly you'd be best off not sending these bits of information, but if you have to then you'd best protect it.
On the other hand I for one can see no possible way a self shred system can work. Once you have information, it's yours. The original may be wiped, but you can use a screenshot, saved copy, hexeditor, memory dump etc etc
He's learned to craft self shredding legislation, i.e. the M$+DoJ settlement terms.
A feeling of having made the same mistake before: Deja Foobar
Maybe for personal email. But a corporate email system is the property of the company. Anything you create on corporate time becomes the property of the company. An email you send to your co-worker does not become the "property" of the co-worker. It's still part of the corporate network and is still the property (and responsibility) of the company. Thus they have every right to "shred" the message.
They have every right to tell you not to print it out and save it; but of course that's what people will do if they know the messages will be deleted after a certain time. I print out and save messages to cover my own ass.
Which brings up a point. I print out the stuff with full headers, with message ID and info when it was sent; however, does it really serve a purpose? I remembered thinking that while watching "Clear and Present Danger", when Harrison Ford prints out a memo and shoves it into the other director's face saying something like "here's the proof". What good is my printout if I don't have server logs to back up that the message was actually sent to me? What good is a backup of the server logs if I can't prove it wasn't tampered by myself? I know my boss will believe me if I used it as proof to protect my ass, but would a jury? Am I just wasting trees?
-- If god wanted me to have a sig, he'd have given me a sense of humor.
...for better use it has independent software agents called win, outlook, exchange etc.
it even has remote control capabilities
this post is 100% redundant
You can save it....
Anything on computer readable format can't be copy protected.
Sorry
Thats just the way it is.
It doesn't matter. None of the copies will be readable either. From the article:
"Authentica and other companies make online shredding systems that scramble e-mail messages and limit access to the software key needed to decrypt them. To make messages "disappear," access to the key is withdrawn after a given time."
That FUCKIN' music has GOT to go!
A lot more companies are probably going to be switching to AIM (and similar) to conduct business to avoid a lot of this mess.
Something that allows you to communicate, but without keeping records. No evidence, no worry, I suspect will be a requirement for future messaging systems.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
I wonder how this stuff interacts with spyware that logs keystrokes, viewed screens, email, etc.
Of course, talk about being hoisted by one's own petard:
Company X installs spyware on its machines - "to protect itself"; and the results wind up as evidence in a court trial, including "shredded" emails. Concievably, Company Y could send the email, and have it recovered from X.
I'm a consultant - I convert gibberish into cash-flow.
i'm pretty sure this type of email would be delcared illegal faster than napster. business generally have to keep all business related financial documents for a period of time - seven years seems to come to mind. another dumbass idea by some dumbass people.
Automatic document shredding, unless specifically marked with the archive bit set to 1
It would sety a new standard for microsoft reliability.
"It is a greater offense to steal men's labor, than their clothes"
>"Self-expiring" email schemes work essentially the same way: a trusted key authority generates and stores encryption keys for any and all email.
>Reading an email requires authentication to the key authority, which either returns the key or decrypts the email. After a preset time, the key authority
>purges the encryption key, after which the email encrypted with that key is theoretically unreadable.
Now one must ask, is the encryption key truly purged, or merely taken offline? If the former, at what point does the FBI require that the keys NOT be purged, and be merely taken offline? Or for that matter, what about system backups that retain keys? You've got to backup your keys, in case of a true system failure, because unexpired messages MUST be read. But you then need to take care to purge backups of keyspace appropriately, as well.
And those are one two more points of failure, as well as the others people are mentioning.
Honesty is simpler.
The living have better things to do than to continue hating the dead.
AOL is not exactly a bastian of security. If my university really, really wanted to, they could intercept all my aim conversations. AIM is only secure as the ISP you are using to connect to it.
Got Freedom?
Thinking?
The header reminded me of maxwell smart / inspector gaget: This letter will explode in 15 seconds. *poof*
The problem was, how does one create a system to help with document retention policies that a company creates? Up until companies like Omniva, there wasn't a software process to handle electronic documents where you can say "I don't have that document as it has been destroyed through our retention process".
BTW... These products are not just for large companies like Microsoft. Individuals can benefit through it. Email to your tax accountant would be examples of mail that you may want to disappear after you file your returns. A number of great example on how folks have gotten screwed by electronic documents can be found in Jeffrey Rosen's book, "The Unwanted Gaze : The Destruction of Privacy in America".
If the recipient does make a copy of the email (copy by hand into a notebook or take a picture of the screen), his copy becomes the only existing copy of the message. He could then create a "smoking gun" message that you would be hard pressed to deny since the original message is now shredded. Plus, you already look suspicious since you sent the message in self shredding form.
Morals:
Don't send messages that would look bad on the front page of the NY Times.
Consider using PGP to sign all your messages.
Select nude beaches as the venue for setting up those illegal conspiracies.
>>and (in the case of Washingtonians) sexual favors...
They're supposed to provide those? God damn. Why didn't anyone tell me!?
From a security standpoint, this is great, but from a historical perspective, this is an archivist's nightmare. How do you write a biography of a famous figure of the information age without their email to go through? (I know, insert MS trial email joke here.) How many current biographies of presidents, CEOs, entertainers, etc. are based on their mounds of personal correspondence squirreled away in six million shoeboxes in the family archives? With self-destructing email, the possibility of finding such a treasure trove in email form just got even smaller than it already was.
Was that out loud?
Just use an encrypted filesystem and make sure you can trust the people you're emailing. Self-shredding documents will only work better if you're sending to someone you can't trust that doesn't know anything about computers.
Oh, brother. "You need to look what this is targeted at". It's targeted at pointy-haired, tech illiterate bosses who have access to the budget and like the idea of "shredable email" despite the fact that this is totally insecure, and the claims are ludicrous.
I'm sure the people trying to push this would *love* to get their propriatary email formats adopted in the business world so that they can put the squeeze on business. But from a tech point of view, this is bullshit.
In which case, I can automatically make chats logs of all my conversations.
Provided AOL actually lets me get into the system of course....
describing a self-shredding e-mail system.
Been out for years, described here. You can even get a demo version!
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Self-shredding e-mail is cool. But messages that kill themselves if they contain the strings "Get Out of Debt" or "Penis Enlargment" would really kick ass.
One of the guys from the 2600 radio program has the right idea.
Basically, any computer document is vulnerable to reproduction. Anyone can 'PRT SCRN' or copy and paste. Anyone can retype the document in word.
"...Many of these services can also restrict what recipients do with messages -- such as bar them from forwarding, copying or printing e-mail..."
This is the closest to the best I have seen so far. However, things don't have to be eletronic copies either, someone can always take a photograph of the screen or pick it up on video survelliance.
Encryption does not work, PGP is breakable and anything new is bound to be broken by someone. Add to that the fact that such lovely technologies as Canivorie and Magic Lantern as government controlled and funded.
It stuff is just a joke, nothing is private.
forget it.
You were saying?
- Macintosh AIM logs. PC version has a Save option for each individual chat.
- ircle logs.
- BitchX logs.
- mIRC logs.
- pIRCh logs.
- And in programs that dont have a log or save feature, theres always select, copy, paste.
Need I say more?Liberty in your lifetime
A fundamental law of information sharing is this: if I can read (or watch or listen to) it once, I can read (etc) it forever. I have the message, and I have all of the keys necessary to view it. All I have to do is keep them. Even simpler, I can copy and paste text out of the document, or I can just print it. Faced with the knowledge that all of your e-mail will be deleted after N days, you are much more likely to print anything of lasting value.
For the recipient to choose not to copy, print, or keep the message, he is cooperating with you. There is no way to prevent re-readability when the recipient is untrusted. Period. Saying otherwise is like claiming to have discovered perpetual motion.
I titled the post "(Mostly) smoke and mirrors" because a self-deleting e-mail system works unless the recipient specifically subverts it. In a normal e-mail system, messages are saved forever unless specifically deleted. So the marginal improvement is one of default behavior, not one of security.
--Patrick
The Outlook e-mail shredder too often gets jammed and reboots.
Got Rhinos?
Its a pretty ironic post. Just so you know, I haven't had any prescriptions in a long time. And im pretty sure they're useless now. As for the legal fees: typically they're covered in the suit. Damages plus legal fees. Now you see why the lawyers always win.
And for the record, I'm no business man. Just a simple college student. But if you want to bring up conspiratical investigations of computers, just look at how the Steve Jackson Games incident turned out.
I Browse at +4 Flamebait
Open Source Sysadmin
Do you really want to see some whitey tighties and a few dirty dishes? And you don't need root to view stuff on a windows box.
- If it is truly meant to make incriminating e-mail disappear, it will fail. Recipients of incriminating e-mail are likely to make durable storage copies, with a camera if nothing else. The crypto software cannot possibly prevent this.
- If it is only meant to make casual e-mail disappear, then it is a great deal of fuss for something that can be handled by simpler means, such as corporate policy, leaving e-mail on mail server spools, and having the system administrators delete it.
Crispin----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase
first, the already-hammered screenshot effect. Some systems (infraworks comes to mind) disable various features (cut, copy, paste, screenshots, etc) in the filesystem (which restricts it to Windoze) (but doesn't address the person with a video-out card recording on a VCR, or photos of the screen, etc.
Secondly, this means that the private keys to your documents are stored on a server accessible via a website! Boggle! Have we not learned anything about the general security of most web services? And even presuming it has technical security, how secure is their identification scheme? Passwords, mostly, with no out-of-band ID system. Hi, I'm Santy Claus. My password is 122502 .
Sigh. All these wonderful sounding ideas, and me without my cluestick.
Returned Peace Corps IT Volunteer
How easily they forget the fundamental axiom of copy protection: if the user can see it, the user can record/copy/save it.
I could just point a camera at the screen and take a picture....
Unlimited growth == Cancer.
You should be a writer. ;)
anyone see Despair's new paper-shredder decals?
you can now convert your boring old office paper shredder into one of three types- an "employee suggestion box", "customer suggestion box" and my favorite, an "Enron Document Storage" system.
funny stuff. how long til they get sued?
Maybe saving all traffic through a mail server is a good thing. This could prevent someone from forging a mail or a reply. It's not hard to craft a mail message. The mail servers at my last company were all screwed up IMHO. They used HP Openmail servers with Outlook clients. You could craft emails to look like anyone from the company to anyone at the company with absolutely no tracking from the client end. All you had to do was send an Internet email with a From: header that someone in the company had, like some_user@company.com. When it got to our mail servers, it would recognized the From: field as an internal user, attach all the associated Openmail routing stuff, remove the SMPT stuff and send it to the specified recipient. Result? A forged email that appears in every instance to have come from an employee at the company, to an employee at the company and sent internally (no indication that it was sent from the internet and sent via SMTP). You could send mail from one supervisor to another explaining how you thought they sucked and no one would know the difference, we had >50000 employees so you could find other useful things to do with it. Hell, I don't even work there anymore, have no access to their network and I could still send mails between employees. I never got involved with our Openmail setup but I assume that it was configured that way by our headquarters and not the default behavior. I for one would like to think that logging and backing up of email would prevent someone from getting away with this or being blamed for something they did not do.
Bad boys rape our young girls but Violet gives willingly.
Yet again, someone with little real-world experience reduces this to a simple moral issue. The comment of "If you don't send anything incriminating, you have nothing to fear" demonstrates only that the speaker has never been on the receiving end of a subpoena.
I'll say it once more, in simple language, for everyone who hasn't been in this situation, so pay attention.
A document retention policy (with document destruction schedules) is necessary even for a company that adheres strictly to the moral "up-and-up" to prevent lawsuits from inflicting huge cost and manpower burdens. For example, let's assume that you keep your records forever, so you have five year's worth of emails. Let's also assume that you don't have anything incriminating in these emails. Someone presses a sexual harassment lawsuit against you and subpoenas all of your email records relating to the lawsuit. Now, even though you didn't do or say anything wrong, you (not they) get to pay your IT person to dig through every email sent by every employee for five years (and an attorney to sit with him/her, fending off the plaintiff's attorney, who will also insist on sitting with him/her) just to prove that there's nothing there that relates to the lawsuit. Sounds expensive, doesn't it? With a retention policy that says email is to be destroyed after six months, you can answer the judge by saying, "our policy for email includes destruction after six months, so we have no records farther back than that" and thereby limit the scope of a subpoena (and the time and money spent fulfilling it). There are other reasons, including taking comments out of context and such, but as you can see, even companies with a perfectly sterling record benefit from such policies.
Virg
I can see it now, Tom Cruise reading an e-mail which ends in "This message will self-destruct in five seconds." Or rather, the computer reading it FOR him in a synthesized voice à la the speaking clock in Spy Hard.
After that, we are treated to a typical Hollywood-esque deletion of an email (typically a rendering of a screen melting or so, accompanied by the sound of jam pouring out of its jar).
*idea* Hey, I thought of it first! I should have royalties for the linking "Self-destructing email messages" to the phrase "This message will self-destruct in n seconds"! (I wonder if ye olde Aussie Patent Works will grant me that, now that they're done with the wheel?)
> > Shredding paper always gives me this warm fuzzy feeling.
> The same feeling I get when I put body parts through the wood chipper.
Really? I'd think that would hurt a lot. And you can really only do that four times (or five, if you're a fellow) before you'd run out of parts.
Virg
Corporations are not people and they do not have a similar sense of moral compunction. Their rights should therefore be heavily restricted compared to us.
Mike
"Not an actor, but he plays one on TV."
A better way to do it is to have a system where all the emails are anonymous - and at the end of the message a one time SSL url (possibly javascript) that would allow the recipient to verify it once against it's md5 sum. This way it wouldn't matter what the email said, because anybody could have faked it. Only the person who checked knows for sure if it's real.
..that if you can read a message 'just once', then you can keep a copy of it. And if it's a juicy message which the sender thinks will be destroyed in day or so, you can bet that they will keep a copy of it.
Lame - sponsored by people who dont have a clue.
I'll think of a funny sig later on
The real purpose for email shreding is in the liability. A company wants to comply with its obligations to it's customers to destroy sensitive documents in-spite-of its employees. My boss is a perfect example. He lives out of his deleted box. From a company standpoint-iso 9000 and process controls- that is a terrible thing. Deleting email forces people to properly document what they read. From a coperate point of view your cute letters to girlfriends, chain lettters, jokes, ect. are all liabilites. It's nice to let you use them but why should the company get in trouble over them. Also, the issue is proof of destruction. Having electronic automated policies in place so that if the lawyers do come, you can prove to a reasonable judge that your company has made effort to comply with supeonas without stopping the entire business to go thru every PC hard drive and backup tape. A $10,000 wrongfull termination suit could cost $50,000 in fees at a 500 person company if every computer had to be searched.
The alternative is to have the MIS department read each and every email (you signed that paper when you hired in!) and sort it for each employee.
This will require changes that will never happen. The protocols used to handle mail were established and pretty much set in stone before 90% of the people currently on the internet even knew what it was. The way things work now, once email is sent, you have no control. Period. Sure there are some proprietary systems that let you send out "delete that message" messages or request return receipts and the like but complying with those requests is entirely voluntary. I never send back return receipts unless I know the person. My email program pops up a warning that says, "Yo! This dude wants to know that you've read this email. Should I tell him?" Similar messages pop up when people try to retract email.
The only way to take this control away from the recipient would be to have a central email pool which is controlled by the senders. But even that doesn't stop the recipient from printing the email or copying it to a local file.
Once email is sent, it's out of your hands.
Yeha that has hapend to!
:-)
Those micro people
That should fix it!
Quando Omni Flunkus Moritati
-Possum Lodge Motto