Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Vanish' Makes Sensitive Data Self-Destruct

Posted by Soulskill on from the also-doesn't-appear-to-be-a-fire-hazard dept.

Hugh Pickens writes "The NY Times reports on new software called 'Vanish,' developed by computer scientists at the University of Washington, which makes sensitive electronic messages 'self destruct' after a certain period of time. The researchers say they have struck upon a unique approach that relies on 'shattering' an encryption key that is held by neither party in an e-mail exchange, but is widely scattered across a peer-to-peer file sharing system. 'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears,' says Amit Levy, who helped create Vanish. It has been released as a free, open-source tool that works with Firefox. To use Vanish, both the sender and the recipient must have installed the tool. The sender then highlights any sensitive text entered into the browser and presses the 'Vanish' button. The tool encrypts the information with a key unknown even to the sender. That text can be read, for a limited time only, when the recipient highlights the text and presses the 'Vanish' button to unscramble it. After eight hours, the message will be impossible to unscramble and will remain gibberish forever. Tadayoshi Kohno says Vanish makes it possible to control the 'lifetime' of any type of data stored in the cloud, including information on Facebook, Google documents or blogs."

4 of 171 comments (clear)

  1. Copypaste by sopssa · · Score: 5, Insightful

    'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears,'

    And yet after a copypaste or screenshot it wont disappear anywhere.

  2. Let's not kid ourselves by Bruce+Perens · · Score: 5, Insightful

    If the decryption key is ever available to the browser, a modified version of the tool could store it and decode the document forever.

    --
    Bruce Perens.
    1. Re:Let's not kid ourselves by Eevee · · Score: 5, Insightful
      No disrespect, but read the article. It explicitly states that this is not designed to keep the parties from saving the information.

      It is technically possible to save information sent with Vanish. A recipient could print e-mail and save it, or cut and paste unencrypted text into a word-processing document, or photograph an unscrambled message. Vanish is meant to protect communication between two trusted parties, researchers say.

  3. Corporate crimes by wjousts · · Score: 5, Insightful

    I can see this being useful for corporations that want e-mails to be destroyed before they can be used against them in court. Sure you could take a screen shot or copy/paste the text before the e-mail is permanently destroyed, but can you prove that your copy wasn't tampered with? Can you prove that was what the e-mail originally said? Plausible deniability!