Slashdot Mirror
Facebook Images To Get Expiration Date
Pickens writes "BBC reports that researchers have created software that gives images an expiration date by tagging them with an encrypted key so that once this date has passed the key stops the images being viewed and copied. Professor Michael Backes, who led development of the X-Pire system, says development work began about 18 months ago as potentially risky patterns of activity on social networks, such as Facebook, showed a pressing need for such a system. 'More and more people are publishing private data to the internet and it's clear that some things can go wrong if it stays there too long,' says Backes. The X-Pire software creates encrypted copies of images and asks those uploading them to give each one an expiration date. Viewing these images requires the free X-Pire browser add-on. When the viewer encounters an encrypted image it sends off a request for a key to unlock it. This key will only be sent, and the image become viewable, if the expiration date has not been passed."
Slashdot users debunk this scheme as stupid in 5... 4... 3...
Cue the plugin which takes a screen capture of the decrypted image and re posts it in its original form. If you can read it you can copy it forever.
because you can't lock the print screen out, right?
`echo $[0x853204FA81]|tr 0-9 ionbsdeaml`@gmail.com
I wish Facebook would expire... the sooner, the better.
What one fool can do, another can. (Ancient Simian Proverb)
I am kind of used to Slashdot headlines that exaggerate the original article, but how do you go from a company has made some software that might be useful to social networks *like* Facebook to Facebook is going to get images with expiration dates?
This particular "solution" sounds like the result of somebody thinking in a human-shaped problem space, which is psychologically understandable enough; but is a bias you have to get over if you want to get anywhere in tackling internet problems. And that is my best attempt at a charitable interpretation. Worst case, somebody is a dumbass.
For the sake of charity, we will ignore obvious fuckuperry like "the project runs out of money in three months, and the keyservers go dark, millions of people's pictures(which, being users, they won't have backups of...) get hosed 15 months early" or "the keyserver gets rooted, a relatively small file called 'facebook_camwhores_dont_want_u_to_have_this.zip' appears on every torrent tracker on the wrong side of the tracks and the whole scheme collapses"...
First, the same psychological biases(excessive time discounting, poor inhibition triggering models, bad stability assumptions) and social processes(booze, peer pressure, etc.) that cause people to post pictures and stuff that they will later come to regret will, almost certainly, cause them to assign incorrect 'blackout dates' to the material they do post. 18 months is like, what, 3 failed attempts at "serious" relationships, a number of booze fueled rebounds, and an ill-advised make-up or two? It is also plenty of time for what you did last summer to appear before school officials, what you did a few semesters back to make the HR snoop's radar, etc. Even in a world of purely human, purely manual, threats, this scheme is going to be minimally effective in protecting the people who need it most(while, at the same time, managing to scotch a bunch of happily-married-high-school-sweethearts who have lousy backup practices).
Now, where this scheme really falls flat: This is the internet. It is more full of bots and spiders than is sci-fi written for the arachnid audience. Whatever tag or code is used to clue the plug-in in to the need for a decryption key is going to become a de-facto signal for "High probability of being juicy and/or embarassing". Now the bottom-feeding amateur porn sites won't even need humans or machine vision to find cheap filler content... Hell, facebook, and virtually all even slightly shady crawlers will likely fully support this scheme long before Apple approves iPhone support for it(Hey guys, now you can post your pictures to Facebook in a format your friends can't even see! Hooray!)...
That's the basic problem, right there. If the internet's long memory were confined to some specific location, the simple solution would just be to lean on them legally to provide twilighting tools. Trouble is, the internet's memory is long. And it is distributed across countless entities and jurisdictions. And much of the copying between memory stores is automatic. And records may not exist of a copy operation having occurred. And, with cheaper HDDs, even individual users on cheap laptops are now a formidable chunk of storage. If this scheme ever takes off(doubtful), how long do you think it will be before there exists the following: An OSX application called "iCrawl" that has an excellent UI, costs $20, and crawls and archives the facebook profiles of friends, friends of friends, out up to N levels, 3 competing win32 applications(one trialware, $19.99, with a totally custom widget set, one free, that crashes all the damn time and doesn't work, and one free and more or less functional; but installs a trojan), and a set of python wrappers for unixlike operating systems that make crawling your friends and fetching decryption keys as easy as writing a few scripts?
Barring the full-blown emergence of the dystopian trusted-computing future, with end-to-end DRM and hunter-seeker drones with worldwide lethal force authorization doing 24/7 traitor tracing, you don't get to time-limit stuff you put in widely accessible places on the internet. Sorry about that.