Untraceable Messaging Service Raises a Few Eyebrows

netbuzz writes "A messaging service called VaporStream announced today at DEMOfall will allow any two parties to communicate electronically without leaving any record of their interaction on any computer or server. Messages cannot be forwarded, edited, printed or saved. After they're read, they're gone."

Making the news

[sporkme]

The article assumes (US govenrment) suspicion and pressure to kill off the project, but neither is cited. This is not news (yet anyway).
TFA:

"Good guys need confidentiality, too," notes DEMO Executive Producer Chris Shipley.

This software sounds pretty damned cool. The article does not discuss specifically end user concern over the loose security (or even outright disclosure) practices of service providers (for profit, etc.) here lately, and I think that this user is the market for this software. People just aren't tickled by the idea of companies databasing and exploiting private conversations for the purpose of ad display. While this is certainly not the first software that is able to address these concerns, this is the first time I have seen it discussed in the context of who may not like it instead of the opposite. No specific information about the mechanics of the system is given.

While the idea of governmental interest in the personal conversations is not exactly preposterous, there is an awful lot of political hype on the subject. I think that the article could have given some more insight and a lot less innuendo. Potential for controversy does not controversy make. The article is actually bracketed by assumptions.

Void Communications had better be ready for a call from Department of Homeland Security.

and

...but that's not going to stop people from raising concerns.

Could not a software roundup have given a little pertintent information in place of all the speculation?

Hardly novel technology

[saforrest]

I don't understand all the hype about this here, of all places. Obviously this is well-marketed, but unless I'm deeply misunderstanding something, it would be damned easy to achieve the same result this using various open-source tools. Something like:

1. Get a Linux box with Apache and some database engine (PostgreSQL or MySQL)
2. Make a database for user accounts and user messages.
3. Throw together some web form for users to leave messages for one another. Use SSL for all HTTP requests.
4. Write a client-side script (Java, maybe even Javascript) for user's machines that
   
   1. checks for the existence of a new message
   2. displays it when the user is ready, confirming sender using senders's public key
   3. sends authentication to the server that the message was received.
   4. prompts for a response back to the original sender, signing any response using local user's private key
   
   
5. When the server receives authentication of message receipt, delete M.

Now, there is the issue that the server database is still presumably storing messages on disk, so we aren't matching up to the featured product's boast of never writing messages to disk. Offhand, I don't see a problem with this, since I think we have to trust in the physical integrity of the server. However, there's a simple solution: keep the database on a RAM disk.

In any case, I think this whole boast of the message never being written to disk is ridiculous, because you have absolutely no assurance that some intermediate machine is not caching it in transit.

Re:obligatory

This comment is obligatory, so I'm going to give it a useless subject line which tells nothing new to the people who would find the humor with this inside joke. After all, they're in the know, so they know it's obligatory. The obligation of the comment is intrinsic. Telling somebody who doesn't know a running joke that the statement being made is obligatory is not suddenly going to make it funny, so stating that it is, in fact, obligatory is entirely useless to the reader. In fact, I'd venture to say that using the subject "Obligatory" is merely fishing for positive moderation. A truly funny post such as the comment made in the parent wouldn't need such a ruse and would be better if the clever comment was accompanied by a clever subject.

It's not that I'm picking on you, I think your joke was definitely funny and worthy of its moderation. I'm just sick of seeing "Obligatory" as the subject, especially in a forum that mainly discusses logical subject matter.

Re:There's always a way.

I think it's wonderful that courts take email as valid communication, and I know from expereince that logs are almost never checked.

For those people who understand deeply SMTP and how email MTA and clients work - this gives them much power in the current legal system.

I wonder, does /. track anon post ids? Would they turn them over to the feds if were asked to?

Is it secure? One way to find out

[ajs318]

Whether or not the system is secure, can be determined by (1) reading the source code and (2) ensuring that the object code you are actually running matches the source code you read. Closed source software can never be considered secure; but neither can open source software when it is running on an untrusted third party's server.

I call "Snake oil"

[querist]

I have (just completed) a Ph.D. in Information Security (*), and I have to call "snake oil" on this one. Unless they've managed to re-write TCP and IP or have somehow managed to coordinate a one-time pad encryption key exchange (which, itself, would be loaded with security issues) I cannot see how this will work.

I suspect that this is intended to give a false sense of security while providing Big Brother a way to watch people who _think_ that their communications are secure. Digital cell phones, anyone? Yes, it is illegal to listen in on the cell phone frequencies in the USA unless you are in law enforcement, but since when are criminals interested in obeying the law except to prevent drawing attention to themselves (e.g. -- don't speed on your way _to_ commit a crime, and don't speed on the way out unless you are already fleeing from someone who spotted you).

I also suspect that the hype about the government not being pleased with this is inteded to further the false image that this is secure.

There are ways to communicate securely in the digital age, depending on how you define "securely". The longgevity of the data is critical. Being able to decrypt today's troop movement orders for tomorrow morning after six months' time is not very useful because the data will be useless after tomorrow morning. Being able to decrypt, for example, today's communication about a terror plot to take place on January 20, 2009 (the day the next new President will be sworn into office in the USA for our non-US readers) in six months would be very valuable.

You cannot make a blanket statement that a system is "secure". A system is only secure for a given use in a given context.

Again, I have to call "Snake oil" on this one.

(*) This note was added in response to a comment in the Capacitor thread yesterday about people wanting information from "qualified" individuals, therefore I felt it appropriate to state my qualifications in this area.

Re:There's always a way.

[jbert]

Just had an interesting thought.

Scanners, photocopiers and printers already (so I understand) refuse to scan/copy/print images containing the eurion constellation.

If DRM'd images were displayed with a similar type of watermarking, which digital cameras could detect, then that could close off taking photos. (Screenshots themselves won't be possible with the DRM operating system in control - the DRM'd content won't display on screen with an app capable of taking a screenshot).

OK, so you could get away with film (you might need to do your own processing), but good luck digitising it. I guess you might be able to retype any text, though.

Given how quietly the eurion constellation was deployed, I wonder when we'd know if a similar blocking pattern is interpreted by digital cameras?