Gmail Messages Can Now Self-Destruct

New submitter Amarjeet Singh writes: Dmail is a Chrome extension developed by the people behind Delicious, the social bookmarking app/extension. This extension allows you to set a self-destruct timer on your emails. You can use Dmail to send emails from Gmail as usual, but you will now have a button which can set an self destruct timer of an hour, a day or a week. Dmail claims it will also unlock a feature that won't allow forwarding, meaning only the person you sent your message to will be able to see it.

Won't allow forwarding?

[elgholm]

Please explain.

Re:Won't allow forwarding?

[Impy+the+Impiuos+Imp]

Really. Is there some hidden API into gmail? And receiver can do whatever it wants with the email, includ8ng forward, via cut and paste if necessary, assuming bizarre behavior from gmail.

And what of gmail's safety backups? How long before gmail clobbers those?

Re:Won't allow forwarding?

[intermelt]

It probably meant to say "Hide/disable forwarding button" and maybe "Disable right click for copy paste menu option"

However maybe the "encrypted" email comes in as an image. Harder to copy/paste, but still easy to forward/screenshot.

Re:Won't allow forwarding?

[John+Allsup]

(GUESS) If you don't have their app installed in Chrome and view within Chrome, you get emailed a link, which opens in a browser. Most likely it will be a rendered image (or something like that), though of course you could still attach that. (/GUESS)

If I receive a 'click on this to see your message', like many, I will probably email back whoever sent it, ask them to resend as a conventional email (that is, disable Dmail) or else I will simply delete it. Quite possibly I might consider writing an app which goes through my gmail via IMAP and automates this process (that is, scan inbox, detect dmail messages, auto-reply requesting conventional email, and move to dmail-spam).

Re:Won't allow forwarding?

[phantomfive]

It wouldn't be surprising if in a near version of Windows, we see a way to have 'uncopyable' or 'unscreenshotable' sections. We already have DRM embedded in popular OSes with some video playback.

Re: Won't allow forwarding?

Can my computer prevent my smartphone from taking a picture of the monitor?
Trying to prevent screenshots on email is as stupid as those lockdown browsers that some schools make you use when taking a test. Everyone has multiple internet connected and camera equipped deviced now.

Re:Won't allow forwarding?

There's always digital cameras or failing that, good old pen and paper.

Re:Won't allow forwarding?

[just+another+AC]

If the end content needs to be presented to a human at any point, it can be copied. It is just a case of time, effort and quality. No matter how much they lock down the operating system, we can take a photo of the monitor. MS knows this, I don't expect them to push that hard for it.

Until they start connecting directly into our brains (with channel only being unencrypted "in-brain"), DRM is nothing but an inconvenience.

Re:Won't allow forwarding?

Pen and paper won't be verifiable. It breaks the chain of authenticity (admittedly a really weak chain). On the other hand, something like the ghost in the shell scene with the uncopyable text would be cool, if for no other reason than the clever way to implement such a concept. What comes to mind now is DRM type schemes, and that's just untenable. Although some sort of DRM scheme for gov't docs would at least be tenable for most ethical frameworks, excepting some sort of anarchy I suppose.

captcha: clerical

Clever phrase in a post mentioning anarchy.

Re: Won't allow forwarding?

[phantomfive]

Can my computer prevent my smartphone from taking a picture of the monitor?

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).

Computer companies are depending more and more on media companies every day.....consuming media is the primary use of many of these devices. Soon they might say, "Why not implement this? It'll make the media companies happy, and most people won't care."

Re:Won't allow forwarding?

The only part of this that is related to gmail is that it is a chrome extension that adds the feature to the gmail interface. It sends the user an email link to view the message on a webpage, and then deletes the message later. It probably captures select and right click events in order to be "secure" too. In short, it is garbage.

Re:Won't allow forwarding?

Right. This was all over the news a few days ago as a 'revolutionary new product', but it's not anything new, and it's not anything worth a damn. It puts in the email a link to the content on the company's servers, so it's as 'secure' as anything else that shows up on a webpage.
 

Re: Won't allow forwarding?

CS and newer. Just in case you were wondering. Photoshop 7 is still pretty much the pinnacle.

Re:Won't allow forwarding?

You could just set a filter for that.

Re:Won't allow forwarding?

[techno-vampire]

It wouldn't be surprising if in a near version of Windows, we see a way to have 'uncopyable' or 'unscreenshotable' sections.

Which will only be a problem for those of you who still insist on using Windows. The rest of us will go on about our business with no problems at all.

Re: Won't allow forwarding?

[Sir+Holo]

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).

Nah, you can get around it. Just do it in sections. Assemble resultant TIFF (or whatever) in IRFAN-View, or some of the numerous open-source image-editing programs.

The trick to "out-witting" the US Mint's genius bill-recognition scheme is to move some of the circles around –the yellow ones. They are 5-circle constellations, which is how Photoshop recognizes them as US currency. This has been known since the 'new' $20's came out about 15 years ago.

Re:Won't allow forwarding?

[HiThere]

The filter would send the automated request of a clean version of the email.

Re:Won't allow forwarding?

[mysidia]

No.... it's a 3rd party messaging service using HTML E-mail and a custom browser extension. To enforce the "self-destruct" rule, the e-mail is hosted on the Dmail provider's mail servers instead of the content being sent in the e-mail message.

Nothing to see here..... I'm not going to be accepting any e-mail sent using such a service. I will tell the sender "No, send me a normal e-mail message; I can't read that one."

Re:Won't allow forwarding?

[93+Escort+Wagon]

So basically this is like those silly e-cards my mom insists on sending for birthdays and holidays. It's got nothing to do with email, except that the link is sent inside an email message.

Re:Won't allow forwarding?

[93+Escort+Wagon]

I can't imagine this will ever get used enough for it to make any sense for you to spend your time automating the task...

Re: Won't allow forwarding?

[paul_metcalfe]

Software, and copying machines too, detect something like this and refuse to continue: https://en.wikipedia.org/wiki/...

Of course, this is not fool-proof at all and can be circumvented by simply using older versions, or self-compiled versions lacking this "feature".

Re: Won't allow forwarding?

Currency is easy because it doesn't change for long periods.

Email is much harder. There's always the analogue hole. Take a picture of your phone with another phone or camera. Good luck with blocking that.

Re: Won't allow forwarding?

[Jack+Griffin]

Computer companies are depending more and more on media companies every day.

Which is why we need to continue support for independent and start up developers.

Re:Won't allow forwarding?

I'd like to see how they think they will be able to destruct or preventing forwarding from my mail client.

Re:Won't allow forwarding?

I'm not going to be accepting any e-mail sent using such a service. I will tell the sender "No, send me a normal e-mail message; I can't read that one."

Just make a copy of the message and post it publicly. Eventually they will get the picture.

Re:Won't allow forwarding?

[mwvdlee]

I can only imagine they render the text to an image hosted on dmail's servers, which is deleted after a set time.
But that won't work with Gmail, since Gmail caches all images on their own servers (including HTTPS and never-ending images).

Re: Won't allow forwarding?

As long as we still can. Mandatory registering for programmers and auditing is just one legal step away. What are you going to do when general purpose computers are all but extinct and prohibitely expensive, and you need a license to code? We'll come to this, eventually.

Re: Won't allow forwarding?

which is how Photoshop recognizes them as currency.

Fixed that, that scheme is used by all current currencies afaik.

Re: Won't allow forwarding?

^v Works on any version.

Re:Won't allow forwarding?

I will simply delete it

Then the product works.

You seem to be labouring under a pretty severe misapprehension about email though, like you're doing someone a favour reading their emails. If you asked someone a question, or if a client emails you, you probably won't delete the email just because it isn't in some preferred format you've pre-ordained. In other words, sometimes emails are for you, not for the person sending them, and sometimes therefore their convenience is more important than yours. I mean, what are you, 13?

Re: Won't allow forwarding?

[houghi]

It is not possible to take copies with a copy machine of money, because of restrictions in the machine, not because some magic in the money.

Take away that restriction and you will be able to copy money.

So if the program does not have this restriction, it will be able to do it. Gimp?

Re:Won't allow forwarding?

[FlyHelicopters]

Which will only be a problem for those of you who still insist on using Windows. The rest of us will go on about our business with no problems at all.

While you might be right, "the rest of us" is not a very large number...

Until Windows is less than about 95% of the desktop OS market, then "the rest of us" is pretty meaningless.

Re: Won't allow forwarding?

In the 2015 MR2 version of Kaspersky Internet Security for Windows 7/8 suite , there is "hypervisor based protection against unauthorized screenshot taking" in the Safe Money ebanking defence module. Has been known to cause some compatibility problems, but probably worthy of a Rube Goldberg award.

Re: Won't allow forwarding?

It is getting that way now. GB motherboards can wake the OS from sleep and execute commands. Intel has built in backdoors to the BIOS. BIOS able to control hard drives, wifi, ethernet without an OS running. Seriously freaky stuff. Google Computrace Backdoor for a start.

Re:Won't allow forwarding?

[Dan541]

The only part of this that is related to gmail is that it is a chrome extension that adds the feature to the gmail interface. It sends the user an email link to view the message on a webpage, and then deletes the message later. It probably captures select and right click events in order to be "secure" too. In short, it is garbage.

So, it's not email then. "Go to this website, we have a message for you." No.

Re: Won't allow forwarding?

[xaxa]

The trick to "out-witting" the US Mint's genius bill-recognition scheme is to move some of the circles around –the yellow ones. They are 5-circle constellations, which is how Photoshop recognizes them as US currency. This has been known since the 'new' $20's came out about 15 years ago.

The US didn't invent everything ;-)

It's been known about since 2002, when it was found in European banknotes dating back to 1996. It's thought to be a Japanese invention.

http://www.cl.cam.ac.uk/~mgk25...

https://en.wikipedia.org/wiki/...

Re: Won't allow forwarding?

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).
 

Strange. why would it prevent me MODIFYING the $100 image - making it even clearer that my printout is NOT real money?

Well, another reason for using gimp then.

Re: Won't allow forwarding?

[invictusvoyd]

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).

That's kinda lame . What about photos of Catherine Zeta Jones ?

_______
I use gimp

Re: Won't allow forwarding?

Can I forward the screenshot? System defeated.

Re: Won't allow forwarding?

Nothing can prevent your smartphone taking a picture of your monitor. But suppose Hilary Clinton, or Enron executives, or whoever else, had been using this. They are exchanging messages with collaborators, none of whom want the message to be seen by the general public. Presumably they won't be taking photos of the message on the screen, as they all want it to be secure. But some years later when someone discovers Hilary's private email server, or when Enron's email records got subpoenaed, if they'd been using this system it wouldn't matter because all the keys would have been deleted from the server and there would no longer be any way to view the messages.

It's not a panacea to all problems with security of email, but it does solve a subset of them (temporary communication between trusted collaborators) quite well.

Re: Won't allow forwarding?

[Sir+Holo]

It's thought to be a Japanese invention.

http://www.cl.cam.ac.uk/~mgk25...

Nice info.

Being a scientist, the first day the new $20's came out, I withdrew $300 and examined the bills under a microscope. The pattern quickly became obvious.

As did two other features. One is public. The other — while chatting with the head of R&D at the US Mint during a conference, I brought it up. He would only deny it, but a fresh sample of 15 is statistically significant. I checked again recently and they've quit using it, as it wears off.

Re: Won't allow forwarding?

Technically no, but it is entirely possible for this technology to be implemented. It would require video driver/OS support and likely a specialized monitor.

You can, however, have the OS block screen captures for certain content. Go ahead and load up a blueray disc on your PC and try to take a screen shot without specialized software. Ok, that might be a lie, it's been a long time since I've tried to do that, but I have fond memories of folders full of blackness when trying to grab a screen shot from a legally purchased disc.

The no forwarding could work with some caveats:

both users must be using Gmail. Gmail simply ads a new header to the message marking it as do not forward, or what not. This tag is honoured by gmail so the end user can not click forward.

Short of sending the email as a png, I'm not sure how they can stop you from cutting and pasting to forward, but you wouldn't be able to click "forward" like you are used to.

It's completely pointless, makes no sense, and would be a pain to implement
 

Re:Won't allow forwarding?

[Big+Hairy+Ian]

Just run MS Expression whilst you're reading your email and record the who session including the dmail deleting itself

Re: Won't allow forwarding?

Computer companies are depending more and more on media companies every day

Holy crap. Is this the big controversy of our time, which you finally just put into words so that we can finally talk about whether or not it's true?

Because I would have said "media companies are depending more and more on computer companies every day." We have them by the balls, and the only computer companies that are making concessions to the media companies, are the ones who have already failed who make computer products that nobody wants to buy. For every DRM-compatible player out there, there are three "pirates" who don't bother to pay extra for a defective player because VLC or Kodi or Plex works better and is easier to use.

You say Photoshop won't work on currency images, and I think, "What are the chances that the counterfeiter will remember they were supposed to use Photoshop?" Some will, but some won't. It's just like how you don't know that someone is using gmail to read their mail, therefore all these silly DRM-for-email features are a priori guaranteed to not work, so your emails are still going to be read later and forwarded whenever anyone wants to.

Re: Won't allow forwarding?

[Cajun+Hell]

Of course, this is not fool-proof at all and can be circumvented by simply using older versions, or self-compiled versions lacking this "feature".

"Circumvent" is really an inappropriate word here. By default, all image processing software will "fail to fail" unless the programmer goes to extra trouble to add the defect. I wouldn't even know that I "should"(?) make my projects not work correctly if I hadn't stumbled onto this thread. And I wouldn't know off the top of my head how I would make it fail, though I suppose I could Google it, not that any customer has ever asked for the bug. And then even if I Google it, the chances that I might find as sufficiently easy-to-call library to help my code fail (or a sufficient description so that I can implement the bug myself), aren't that good. And who is going to pay for my time, working on it? Nobody, that's who.

Please don't call it "circumvent!" Not-having this "feature" is the normal, default, assumed, cheapest, fastest, easiest case.

Re:Won't allow forwarding?

It will probably be automatically considered spam or phishing by email services like GMail.
Garbage.
Worse: it advertises security while it provides none!

Re:Won't allow forwarding?

Yeah, I sure am glad my video driver doesn't have any binary blobs that happen to be shared between Linux and Win-- d'oh!

Yes, I know I should have bought AMD, but aren't they moving toward some blobs too? Even Intel? There are still some ways to know what code your own computer is running, but it's not nearly as straight-forward as "don't bother with Windows." It's tricky out there, and even if you run a reasonably sane OS it takes a little bit of work to keep everything clean and safe.

Re: Won't allow forwarding?

[nanoflower]

What happens for people that never log in to Gmail through a browser but only download their email? Are they supposed to be prevented from downloading the DRMed messages? They must be if this 'security' method is going to do what it claims because otherwise anyone can download the message and then use an alternate mail client to do as they wish.

Also how is this DRM supposed to work? I doubt Google is getting involved since there's been no huge demand for such a feature so the company has to be taking advantage of how Gmail works. Perhaps they are inserting a bit of code into the email that prevents you from selecting certain options. Nothing unsafe in having email that changes how the email client behaves, is there? ;)

Re:Won't allow forwarding?

[StikyPad]

Ah, too bad. I sent you my bank account #, SSN, mother's maiden name, the street I grew up on, and my favorite 4 digit number, and can't be arsed to type all that out again.

Re:Won't allow forwarding?

[StikyPad]

If only people had easy access to some sort of device that didn't rely on the Operating System in order to capture visual data. Like some sort of tiny camera that they always kept with them. Maybe it could be built-in to some other object that they already keep on them out of habit. We're probably decades away from anything like that, but who knows what the mysterious future holds!

Re: Won't allow forwarding?

[phantomfive]

To clarify, when I said 'computer companies,' I meant manufacturers like Apple, and Microsoft.

If you've bought a computer recently, it probably already has the UEFI drm in it. So we are getting closer, step by step, to that sort of reality. Whether we take the next step is unknown, but until now we haven't stopped moving in that direction.

Re: Won't allow forwarding?

[phantomfive]

Yours is a completely true post that also misses the point of the post you were replying to.

Re:Won't allow forwarding?

[Archangel+Michael]

And nobody has figured out how to use Snipping Tool or Screen Capture or any of a number of ways to defeat said restrictions.

If the text is sent, it can be captured. False security is worse than no security.

Re:Won't allow forwarding?

[techno-vampire]

The point of my comment was to suggest that things like that will drive more and more people away from Windows so that eventually, only those users who can't or won't think for themselves will be left with it.

Re: Won't allow forwarding?

Cocaine?

Re:Won't allow forwarding?

[FlyHelicopters]

The point of my comment was to suggest that things like that will drive more and more people away from Windows so that eventually, only those users who can't or won't think for themselves will be left with it.

I get that, and it is a reasonable point to make. However that assumes that the majority care.

I don't think they do.

The number of people using iPads and iPhones would indicate such, and while Android has a large market share, a lot of that is on locked down phones such as the Galaxy S series that you can't do much with without hacking anyway.

How many people who own Android phones actually do anything more than basic stuff with them? I'd be shocked if the number was above 10%.

Re:Won't allow forwarding?

[techno-vampire]

However that assumes that the majority care.

It also assumes, I'll admit, that the majority are aware that there's a choice, and that the other choices work as well as, or better than what they're used to. As long as people make fun of "The Year of the Linux Desktop," people are going to be afraid to try it because they think it's hard to learn. I have a friend who's a computer columnist among other things, and he still thinks that you need access to a Unix guru to run Linux because that was true twenty five years ago when he first looked at it. I've tried to get him to understand that for most people, they need no more tech support with Linux than with Windows, but he's in his eighties now, and a bit set in his ways.

Re:Won't allow forwarding?

[techno-vampire]

And who's fault is that? It's not the Linux devs because they've wanted to write OSS drivers for those cards ever since they came out, but alas, the OEMs won't release the specs. I'd suggest that you check the facts before you post such drivel, but I know that people like you are only interested in spreading anonymous FUD.

Re: Won't allow forwarding?

My only guesses are planchettes or embossing for the second feature. I haven't been around US currency long enough to be certain. One 'hidden' feature for Canadian money is one set of serial numbers is not transparent to IR.

Re: Won't allow forwarding?

[cstacy]

[...] two other features. One is public. The other — while chatting with the head of R&D at the US Mint during a conference, I brought it up. He would only deny it, but a fresh sample of 15 is statistically significant. I checked again recently and they've quit using it, as it wears off.

Cocaine?

No, he said they quit using it.

Cocaine is one hell of a feature.

Re: Won't allow forwarding?

[cstacy]

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).

Strange. why would it prevent me MODIFYING the $100 image - making it even clearer that my printout is NOT real money?

Well, another reason for using gimp then.

I imagine it's so that you can't alter the serial numbers; which you would want to do so that your counterfeit money will not be traceable to the person who had the real C-notes you copied. (Seems overly paranoid to me, since people pass real bills of this size all the time. Anyone else have a better theory?)

Re: Won't allow forwarding?

[KGIII]

I, for one, do not welcome these overlords. I have ample hardware to survive an apocalypse. If things should drastically change then I have many computers that will last the rest of my life. As it is, I really do not see any reason to upgrade to new hardware. I upgrade because I like it. The added speed is trivial these days. The new features are seldom used. Now they may be able to keep me off the 'net (sort of) but I would just build an extension to my home network and allow access from others.

I also have radios and nohow. I even have power in a variety of ways. I can even fix my devices. If SHTF I will still be amusing myself for the rest of my life with nary a blink. I do not even have to shop for most food stuffs I suppose. I seldom do as it is. I grow an hunt much of my food. I have firearms and friends and lots of land in the middle of nowhere. I suppose I will by alright.

Re:Won't allow forwarding?

[KGIII]

Where did they place blame on anyone but the OEMs? Your rant makes no sense when I read the post you are replying to.

Re:Won't allow forwarding?

[techno-vampire]

I've seen that complaint many, many times before, and it was always used as an excuse not to use Linux, with the implication that the lack of OSS drivers was caused by the devs not providing them rather than putting the blame on the OEMs as is right and proper. If the OP wasn't doing that, it's the first time I've ever seen it.

Re:Won't allow forwarding?

[KGIII]

I think they were pretty clear and reasonable. I have similar/same complaints and am an avid Linux user.

Re:Won't allow forwarding?

[mysidia]

Ah, sorry, you sent it to the wrong person. You must want the Nigerian prince sitting in the back row of the cafeteria over there.

I don't do ID theft or other crimes, but if you want to e-mail me the private keys for a Bitcoin wallet with a few hundred BTC in it.......

Re:Won't allow forwarding?

[FlyHelicopters]

The problem with Linux is not that people don't know it doesn't exist.

Even my Mother has heard of it, it isn't a secret. The real problem is people don't see a need for it. Windows works "well enough".

Then you have the issue of "do my programs run on it". If your answer is, "no, but similar programs do", then you've lost, you might as well give up.

Re:Won't allow forwarding?

[techno-vampire]

Then you have the issue of "do my programs run on it". If your answer is, "no, but similar programs do", then you've lost, you might as well give up.

Or, you make sure that Wine is installed and for the most part, you can say, "Yes, they will."

Re:Won't allow forwarding?

[FlyHelicopters]

Meh, "for the most part" isn't good enough, and no, they don't really...

TurboTax doesn't run on Wine, not without some effort...

Look, I get the benefits of Linux, I really do... but they don't matter to most people, which is why "The year of the Linux desktop" remains a 20 year old joke at this point, and it is likely to remain so for a very long time.

Something might replace Windows at some point, but I doubt it will be Linux. Frankly OS X has more of a chance of that happening than Linux does.

Re:Won't allow forwarding?

[FlyHelicopters]

Also, consider that asking people to change their OS then brings up another question... "Why?"

Oh sure, YOU understand the benefits, but they don't see any. It is like saying "change the engine in your car for this other engine, it doesn't have DRM or auto-updates".

Um... so? Does the average driver care?

The vast majority of consumer electronic users just don't care, they want something that works, and the reality is that Windows works better than it really ever has.

It isn't perfect, but perfection is the enemy of "good enough", and Windows long ago passed "good enough".

Linux doesn't offer a compelling reason to change, it didn't 20 years ago, it didn't 10 years ago, and it doesn't today. Not to more than about 1.5% of desktop users anyway.

Re:Won't allow forwarding?

[techno-vampire]

Linux doesn't offer a compelling reason to change, it didn't 20 years ago, it didn't 10 years ago, and it doesn't today. Not to more than about 1.5% of desktop users anyway.

There's one that I've found gets people's attention: Linux is free, as in beer. Every time there's a new, expensive version of Windows released, I get more people asking about Linux. Not many change, but at least they consider it.

Re:Won't allow forwarding?

[FlyHelicopters]

Every time there's a new, expensive version of Windows released, I get more people asking about Linux.

I'm sure you do... but your circle of friends and contacts is not representative of the general public.

How do I know that? Because the desktop usage of Linux hasn't budged in a decade.

And for what it is worth, Windows is just as free, from the point of view of the average consumer. Most people get Windows with their computer and few upgrade, which is one of the reasons MS went ahead and started giving Windows away. They want to be paid when the computer is sold, but for most people, it will now be a free upgrade. You just pay again when you buy your next computer.

Linux lacks a single release, it is confusing, there are many versions, there is no one company for support, some things work better on one release or another, etc.

To the average consumer, it is just a big mess. Windows 7 is Windows 7 is Windows 7. Linux doesn't offer that.

---

Look, I don't want to get into a fanboy argument, rest assured MS has done some really dumb things over the years, I'll be the first to point out that Vista was a mess at launch, they overreached and backed off to that. 8 had its own problems, partly fixed with 8.1, completely (more or less) fixed with 10.

Balmer is gone, real change is happening, these are good things. Did Linux cause them? Meh, I suspect Apple is a bigger concern for MS, but they aren't fools, they don't want anything getting in the way of Windows being on the vast majority of computers.

---

To put this another way... Linux can't win by "not being Windows". It has to offer something compelling that Windows does not. To most consumers, it does not offer anything compelling and it in fact has tons of draw backs. You don't mind, you can work past them, but most people don't WANT to do that.

Re:Won't allow forwarding?

[techno-vampire]

You just pay again when you buy your next computer.

But why should you have to buy a new computer just to run the latest version of your OS? Why should the hardware requirements increase that fast? Granted, I don't buy pre-made computers because I have a friend who's a much better hardware tech than I'd ever be even if I were interested in those things (I'm a software geek; he's hardware.) but I've gone through several upgrades of my distro (Fedora) without needing to buy any new hardware, and don't expect to need a better computer for years. Why do people accept so easily that upgrading Windows includes upgrading their hardware?

Re:Won't allow forwarding?

[FlyHelicopters]

But why should you have to buy a new computer just to run the latest version of your OS?

Because that is what people do...

Besides, if you want it to do more, then you need more power. Computers have indeed gotten much faster than they used to be...

Why should the hardware requirements increase that fast?

They really haven't moved much since Vista came out. It is the other stuff that people want out of a computer. Faster storage (SSD), USB 3 support, display port, etc. Those things can be added to an older computer, but people don't tend to modify their computers, they buy new ones, use them for awhile, then give them away or sell them and buy something new.

Why do people accept so easily that upgrading Windows includes upgrading their hardware?

What makes you think that people do that so easily? Lots of people were perfectly happy on XP, but at some point it was time to move on.

My Mother uses Windows 7, she doesn't see a reason to move to Windows 10 any more than she sees a reason to move to Linux. Windows 7 works just fine. Of course, since Windows 10 is now free for her, she asked me if she should make the move, to which I replied, "give it three months, let everyone else work the kinks out first".

---

It is worth noting that Windows 10 actually runs quite well on a 8 year old computer. Stick a SSD in a Core2Quad and it is amazingly responsive to basic computing tasks. I have such a machine running as a test bed and frankly for what most people use their computer for, it is just fine. 4GB of RAM and a 180GB Intel SSD and it is a great machine for Windows 10.

Re:Won't allow forwarding?

Pen and paper won't be verifiable. It breaks the chain of authenticity (admittedly a really weak chain).

Funny how pen and paper was the de facto standard a few decades ago.

Re:Won't allow forwarding?

[q4Fry]

It is like saying "change the engine in your car for this other engine, it doesn't have DRM or auto-updates".

I see what you did there.

Re: Won't allow forwarding?

[paul_metcalfe]

What other verb would you use? English is not my first language.

Feature or not, that's a matter of perspective.

Unenforceable

How are these restrictions enforceable? It would be trivial to copy the email and send it to someone else, defeating the purpose of the forward block. Automatic backups could also defeat the self deleting emails. Many people use gmail as a staging filter, automatically forwarding all non spam to the final destination, so if they do successfully implement forward blocking, they've essentially self flagged as spam.

Re:Unenforceable

[Grishnakh]

It's only enforceable because it isn't email.

All this stupid thing is, is a system where the recipient gets a link to click on, which lets them go view the "email" (message) on some server somewhere, subject to a bunch of restrictions. I think there's also a browser plugin that basically does the same thing, but making it appear more like you're reading an email instead of just being redirected to some server.

This isn't email in the traditional SMTP sense.

Of course, it still is impossible for them to prevent you copying it somehow, even if you have to resort to screen capture.

Re:Unenforceable

It's only enforceable because it isn't email.

...

It doesn't matter what the protocol is - when you send bits to another computer, you lose control of those bits.

Period. End of story.

ANYONE who says anything else is full of shit or selling something - likely both.

Re:Unenforceable

[PopeRatzo]

The best part is, when you want to send a message to someone that cannot be forwarded and self-destructs, you first have to send it to this Dmail company's server in the cloud where it will exist forever.

And since most of the people using this "non-forwarding self-destructing message system" will be people sending threats and harassment to ex-girlfriends, I wouldn't be a bit surprised if this entire thing is one big honey trap.

Re:Unenforceable

But that's the whole point. You aren't sending those bits. You're sending a link, and if you decide to remove the message before the person follows the link, they never will get those bits.

Re:Unenforceable

[The-Ixian]

I have seen systems that prevent screen capture as well.

We have some standards documents which must be purchased. In order to prevent copyright theft, the distributor of the PDF files requires software on your computer which will actively disable the native clipboard and screenshot capabilities while the PDF is open. In addition, the software will look for common screenshot software like snagit and greenshot and force them to close before you can launch the PDF.

Despite all of that, a user could still abuse the spirit of the rules in this case by using the 1 allowed hard copy to print out the entire standards doc and then scan it back into the system...

So, I guess my point is, you could lock down the screenshot bit... perhaps you could also lock down the picture capability too by interfering with interlacing and/or refresh rates somehow.... but I guess it just depends on how far you are willing to go...

Re:Unenforceable

[Grishnakh]

perhaps you could also lock down the picture capability too by interfering with interlacing and/or refresh rates somehow.

Interlacing? Refresh rates? This is 2015, those things don't apply any more: everyone has LCD now. Software has no real control over the display.

We have some standards documents which must be purchased. In order to prevent copyright theft, the distributor of the PDF files requires software on your computer which will actively disable the native clipboard and screenshot capabilities while the PDF is open. In addition, the software will look for common screenshot software like snagit and greenshot and force them to close before you can launch the PDF.

This sounds like malware to me.

Re:Unenforceable

[LinuxIsGarbage]

a user could still abuse the spirit of the rules in this case by using the 1 allowed hard copy to print out the entire standards doc and then scan it back into the system...

Can you print to a PDF printer, or print to a Postscript file to be turned into a PDF file later?

Um...

[Nemyst]

I know this is ancient technology by today's newfangled social media buzzword bingo, but have those devs ever heard of copy/paste?

Not if you email me

[ciaran2014]

If someone emails me, there's no way they can delete that mail.

I guess this only works with mail sent to Gmail accounts? So using a gmail address now has the disadvantage that senders can delete mails you've got in your inbox?

Re:Not if you email me

[Bovius]

I think the idea is that the e-mail itself just contains HTML that makes a request to the Dmail server, and the server doesn't send back the actual message if it's been too long.

But yeah, that doesn't mean that the person can't copy/paste/screenshot something when they see it. It's self-destruct for the lazy/ill-informed.

Re:Not if you email me

[Grishnakh]

It has nothing to do with Gmail really, it's just a link to let someone view a message on some website. It isn't actually email.

Re:Not if you email me

[LostMonk]

That's spam or phishing in my book -- stuff I delete within after a 0.1 sec scan.

Re:Not if you email me

[Dan541]

I don't remote load anything in email. Spyware and other malware is all too common.

Re:Not if you email me

[Dan541]

The second like in the article is spam.

Re:Not if you email me

[Cley+Faye]

This would not work that well with gmail; images are cached by gmail's servers, and I'm pretty sure any form of "intelligence" in an html mail is sure to fail too on their interface.
The "view your message here" link hypothesis seem more realistic (and sillier but meh).

Re:Not if you email me

[Toad-san]

Not for me then. I'll be damned if I'll click on an executable, a script, follow a link somewhere else, when it's in an email. I learned long ago, you just don't do that.

Pure undulterated bullshit

[cheesybagel]

BS.

"it will also unlock a feature that won’t allow forwarding, meaning only the person you sent your message to will be able to see it"

Then I'll copy and paste the text to another Windows and foward it.

What the article describes is not e-mail. It's an messaging app with a different protocol using e-mail only as a transport mechanism.

Re:Pure undulterated bullshit

[brian.stinar]

DRM is built upon the lack of understanding that playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content. It's always possible to do an analog scrape, if the DRM keeps everything in digital land "safe." As I recently found out with .m4b files, it's just a matter of how annoying the DRM producer wants to try and make that process, and how valuable your time is.

I never understood the desire to try and accomplish anything else. Software/hardware/device manufacturers that try and DRM-proof their products annoy me. I left a startup because of DRM:

"Brian, we need to protect our content. That's why I'm putting you on this DRM-WordPress-enabled-web-protect-our-desktop-application project."
"Actually, hardly anyone wants to buy this software yet. The best thing that could happen would be it would catch on fire on pirate networks. That's called free marketing."
"I spent twenty years of my life developing this software."
"And it's only been the last six months that you've sold ANYTHING. Let's close these sales deals, and then start developing the subscription-only services, that require a valid subscription, and then we can 'protect' the content by having AWESOME subscription based content. If anyone pirates v 1.0, let's make v 2.0 so much better they cannot wait to buy it, and support us!"
"The software isn't ready, we need to protect it."
"DRM in the absolute best case adds NOTHING to the user, and in the worst case is horribly annoying. I'm not going to work on DRM technology that will alienate our miniscule user base."
"I disagree."
"I'm out."

And this is why the second start-up venture I was a part of failed. Everyone left, after 20k in 'sales' never materialized based on the founder wanting to 'protect' his software. I am ready for the third failure though!

Re:Pure undulterated bullshit

[BitterOak]

Then I'll copy and paste the text to another Windows and foward it.

I would assume the copy and paste functions would be disabled, otherwise this would be pointless.

Re:Pure undulterated bullshit

[gnupun]

How will gmail prevent the recipient from snapping a picture with their smartphone or just using the OS screen capture keyboard shortcut? This looks like a "Mission Impossible" gimmick or Snapchat wannabe feature.

OTOH, will this affect the market valuation of Snapchat since it's a very similar feature?

Re:Pure undulterated bullshit

[GoodNewsJimDotCom]

Hey, Snapchat makes no sense at all, since anyone can screenshot/hack their own device. Even though Snapchat doesn't do what it claims, its a phenomena which has made lots of money. I think Google just wants to jump on the money train of making impossible claims to technology.

Re:Pure undulterated bullshit

[quenda]

playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content.

Ridiculous. If that were true, why would all those clever companies spend countless millions on advanced technologies like BD+ and HDCP?
You think they just enjoy flushing money down the toilet?

Re:Pure undulterated bullshit

[GigaplexNZ]

Because those are technologies aimed to protect the path of those necessary digital copies. The photons from the screen still need to travel through the air though, and there's nothing stopping you pointing a camera at it.

Re:Pure undulterated bullshit

[brian.stinar]

How is this ridiculous? I don't understand. Are you being sarcastic with me? I'm sorry if I'm being dense.

Yes, I do think they are flushing money down the toilet. I have been a contractor long enough to determine when a customer wants to build something useful, versus has a political/emotional need to flush money down the toilet. I think there are lots of political needs to flush money down the toilet on DRM, and then clear hackers play the game of cracking their DRM (mostly for fun, since someone with DRM-cracking skills could certainly purchase content using far less profitable time than cracking the DRM on the content they want to get for 'free.')

Companies want to make content difficult to duplicate, but it's always possible to point a ridiculously high resolution camera at your screen. One of my friends built a poker bot like this - he had a keyboard and mouse interface, and pointed a camera at another screen. This entire dance is a game.

If you can play content, the content you are playing can be duplicated.

Re:Pure undulterated bullshit

[GigaplexNZ]

Or you could run the software in a VM and have the host OS capture the screenshot, if they manage to implement invasive DRM.

Re:Pure undulterated bullshit

Embracing SMTP.. Extending it? Having heard THAT one before. What comes next?

Re:Pure undulterated bullshit

This is a fundamental core misunderstanding of how digital technology works in general. There is no way to come back from that. Unfortunately this is exactly how the mass population expects technology to work. They're all morons.

Kind of like how Slashdot only allows invalid HTML5 tags. Morons.

Re:Pure undulterated bullshit

[quenda]

They don't even protect the digital path very well, because the consumer needs the keys to view the content.
The idea is fundamentally broken. (As are the above-mentioned DRM schemes.)

Re:Pure undulterated bullshit

[GigaplexNZ]

I agree, but that doesn't change the fact that your initial response of "Ridiculous" to the claim that "playing content requires the ability to duplicate that content" was misguided.

Re:Pure undulterated bullshit

[quenda]

No, it was just missing the sarcasm tags. Sorry, I misjudged the tone/audience. But still preaching to the choir here :)

Re:Pure undulterated bullshit

[ultranova]

Or you could run the software in a VM and have the host OS capture the screenshot, if they manage to implement invasive DRM.

Or you could simply not run the software at all and only lose messages even the sender's drunk ass knew they would be ashamed of in the morning. And possibly the occasional extortion scheme.

Re:Pure undulterated bullshit

[thegarbz]

playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content.

Ridiculous. If that were true, why would all those clever companies spend countless millions on advanced technologies like BD+ and HDCP?
You think they just enjoy flushing money down the toilet?

Q1: Is that a trick question?
Q2: Is there any movie released on Bluray that isn't available on Torrents in high-def?
Q3: Does the torrent download include unskippable adverts for anti-piracy that just get in the way of viewing content and softbrick your bluray player because the keys were revoked requiring you to download an update for 10 minutes when all you want to do is watch a movie?
Q4: If you answered no to question one, were you serious and are you should it wasn't a trick question?

Re:Pure undulterated bullshit

[Jack+Griffin]

"Actually, hardly anyone wants to buy this software yet. The best thing that could happen would be it would catch on fire on pirate networks. That's called free marketing."

The most enjoyable thing about watching Dragon's Den/Shark Tank is how these startups come through the door thinking their great idea is about to take the world by storm. Invariably the first question asked by the Dragons/Sharks is, "how many have you sold"? And the last question is usually, "would you prefer 50% of something, or 100% of nothing"?
Most people leave empty handed never to be heard of again.

Re:Pure undulterated bullshit

[brian.stinar]

I gotta watch this show! I've seen it a few times, and it ALWAYS seemed really interesting (and I learned a few things!), but I never made watching it a habit. Thanks for mentioning this.

Re:Pure undulterated bullshit

[quenda]

Rhetorical question. Feel free to take it seriously (who does gain what from DRM?), but thats getting off-topic.

Just saying that a self-destructing email is like uncopyable media. Neither works as claimed, but that doesn't stop it making a lot of money for the people selling it.

Re:Pure undulterated bullshit

[Dutch+Gun]

If they're selling it as "secure" (as in a user *can't possibly* forward the data), then it's bullshit. If they're selling it as "this prevents someone from inadvertently forwarding your message to others or keeping it available longer than intended", then it should work as advertised. Obviously, it doesn't prevent intentional abuse.

Keep in mind that the vast majority of people simply use programs with the defaults enabled. Google's g-mail, by default, keeps ALL messages (by encouraging you to "archive" instead of "delete" messages). A lot of mail clients work in the same way now. This means that, by default, if you send someone a message with some sensitive data, you have no easy way of encouraging the recipient to delete the message after being read. This provides that mechanism. Unless someone goes deliberately out of their way to copy that data, it will not be forwarded or copied to their local client or mail storage.

Honestly, I'm not sure how useful this is anyhow. Unless e-mail is encrypted or internal-only, you basically have to treat it like a postcard. That is, anyone interested enough to glance at it while in-transit can see what you're writing.

Re:Pure undulterated bullshit

[AmiMoJo]

The only possible way it could work is by putting the text of the email into an inline image, or making the recipient click a link to view a web page with the text. Then they can "delete" it by removing the image/web page from their server.

Both of these methods won't work very well in practice. Emails that are mostly one large image tend to be marked as spam. and most clients (including gmail) don't display images by default. When gmail does display an image, it caches it on Google's servers so that the server hosting the image can't see when the user loads it (tracking protection).

Many clients also block links to external sites by default, making the user take an extra step to open them due to the risk of malware.

Also, this would seem to break replies. If you can't quote the sent text, you can't reply properly and it breaks threading.

Re:Pure undulterated bullshit

[Dutch+Gun]

This isn't DRM. There's no need to turn text into an image here. I think people are confusing this for some sort of document protection scheme which is trying to do something that's impossible.

You're mistakenly treating the recipient as a hostile entity. If you can't trust them to view and *not attempt to copy* confidential information, then they shouldn't be allowed to see it anyhow.

Instead, you need to consider the recipient as an imbecile who will, for example, accidentally forward a confidential note to their entire address book, or forget to delete the message as requested.

Good security is often about simply making the default behavior secure. In this case, you're simply ensuring that the recipient has to do nothing at all for that information to remain secure, which is about as good as it's going to get once you release information to another party.

Love the screenshot...

The article clearly articulates the biggest problem with the technology... you can just take a screen shot or copy the message.

While, this plug-in might stop someone who can't forge mail headers from making an email look legit after forwarding, it isn't the panacea the article makes it out to be...

Total fucking bullshit

Dmail claims it will also unlock a feature that won’t allow forwarding, meaning only the person you sent your message to will be able to see it.

This claim reads like some bullshit Indigogo or Gofundme project/scam.

hmm. from TFA:

TFA says:

All messages are encrypted and whenever the sender restricts the right to access, the recipient will no longer be able to see the original message. ... Although you can receive Dmail messages from any email account or client, you can only send them through Gmail on Chrome. The world of ephemeral online communications is growing beyond fun photos and videos.

Even if something is decrypting the message each time it is viewed (so presumably can stop doing so after the time is up), it must be decrypted to be viewed on "any email account or client". Once that happens, it is unclear why the decrypted version cannot be saved or otherwise copied in some manner.

True to form, CNN provides absolutely no useful information about this. Yay for mass media reporting on technology!

LOL! Is the email content just stored elsewhere?!

OH LOL!

Look at the screenshot in the second article!

Look at it!

OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL!

If this works like I think it works, then the email the recipient gets only has this "View Message" link in it? And then the recipient must maybe view the actual content of the email, which I presume is stored on some other server somewhere? And that's how access to it is limited?

OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL!

Can anyone confirm this? Does this just send an email to the recipient, linking to the actual content which is stored somewhere else, on a web server somewhere I would presume? Maybe even somewhere in THE CLOUD?

Can anyone confirm this is what is happening in this case? Anyone?

OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL! OH LOL!

Great New TOOLs

These new tools sound like very good tools to help with online harassment. The preventing of forwarding the email will help because even if you print out the offending email you will not be able to prove that the email was what the printed copy indicates that it was. The bad ideas just keep coming.

What a fucking awful submission!

Holy shit. This is one of the worst submissions I have seen here in a long time. I mean, it is totally shit in every way.

Let's completely ignore that the last link is now slashdotted, after only a few minutes. I mean, it's 2015. I don't think I've seen a slashdotting in 5 years, yet here we have one. Pathetic!

Did any of the editors even bother to look at that second article? They must not have! Look at the submitter's name. It is "Amarjeet Singh". When the article was still available, before it so pathetically got slashdotted, it showed the article's author's name as "Amarjeet".

Way to fucking go, Slashdot! You apparently just gave the submitter free advertising for his own low quality blog, which is now slashdotted after receiving minimal traffic.

Absolutely sickening. I'd expect this kind of stupidity from a shithole like SoylentNews. Slashdot doesn't have the highest standards, but this is so pathetically dumb that it should even be below Slashdot.

Re: What a fucking awful submission!

Soylents stories have been pretty good: more hard science/engineering and less advertising, SJW-baiting trolls, and fluff. It's just the comments that suck balls there: there are some scumsucking psychopaths lurking in those parts. See todays's story about kuro5hin for an example.

Re: What a fucking awful submission!

I prefer being called "high functioning psychopath" thank you.

Print Screen

[ronaldbeal]

Um... "Print Screen" or "Screen Capture" kinda makes the whole premise of this pointless.

Self destruct...

So can spam messages now be set to explode after they have been sent back to whoever sent them?

Disappear without warning?

[Tablizer]

I already have this feature, it's called "Comcast"

Sure....

Sounds like a lot of pure BS to me... As if your email can suddenly delete itself from the inbox of someone else, someone else who doesn't use that terrible extension... Or prevent them from forwarding.. yeah.. sure... No.

Re:Sure....

[tom229]

It has to only work gmail to gmail, in which case it's entirely dependent on how the receiver is accessing their gmail account. If they are accessing their account through an application like outlook using imap or the native extension then it's probably not going to work. Also there's the obvious problems of screenshot and copy paste. All in all this is probably a terrible idea as it will do nothing more than offer a false sense of security to people who don't know any better.

Re:Sure....

[gweihir]

In essence, the email can "self-destruct" if the receiver allows it. I think there might be a slight security problem here, such as the "designers" of this thing not having even a basic understanding of IT security.

it's been done

[wendyo]

I recall reading about something like this on Slashdot 15 years ago or so. IIRC, that one was an image on a webserver. It was advertised as deletable email.

Didn't work that time. Sounds like more of the same.

Forbids screenshots!?

What kind of amazing alien technology is this.

Chrome Extension?

[Bing+Tsher+E]

That would mean not being able to use pop.gmail.com anymore. I like Sylpheed. I'll just keep doing what I've always done.

I will admit I never get to see the ads that Google peppers their webmail with. I don't feel cheated, however.

El Psy Congroo

[Whiternoise]

If only it were actually Dmail, that would make the whole premise a lot more interesting. Do they also build microwaves?

Re:El Psy Congroo

weaboo weaboo

Re:El Psy Congroo

Too bad they don't sell bananas to put in it.

Ever heard of the print-screen key?

[dsmatthews9379]

If you can see it on the screen you can print it to an image, or record the entire interaction with your email client using a screen recorder. If you have the required credentials you can record somebody else's remote desktop too. I would not be surprised if Google block the extension on the grounds that it is deceptive.

Security for lazy people

[aNonnyMouseCowered]

If it's long you'll need screencasting software. Or are they using some DRM-like technology that'll prevent folks from even photographing the screen. Not much security by obscurity as security by inconvenience.

Won't/can't work

[Todd+Knarr]

Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anything that blocks remote content or disables Javascript in e-mail. Even if the recipient's using Gmail in Chrome that's going to be an issue considering how that sort of blocking's basic to blocking malware. And of course if the recipient's running a non-browser client using IMAP4, Dmail's completely out of luck.

As far as being able to restrict viewing to only the recipient, that's easy. Every standard mail client today supports it. The hard bit's getting the recipient to generate a public-key certificate and install it as a personal certificate and key in their e-mail client. Then you just encrypt the e-mail using their public key and send it as an S/MIME message, their mail client will automatically decrypt it for them. I could even make that work in web-mail with a browser extension that recognizes the message text block, grabs it and decrypts it and stuffs the results back in the text block for the user to see. The obvious advantages here are that a) you wouldn't need to use any particular service provider to send the mail and b) not even the service provider or e-mail servers would be able to see the cleartext. The hard part's the PKI, and really all that needs is an extension for the mail client to automate generation of a certificate and installation into the client like we have in browsers. Depending on the browser and OS that might be simplified by taking advantage of shared OS cryptography features.

I've kicked this idea around as a commercial possibility, but it all comes down to two basic problems:

• If the messages are truly private it's nigh impossible to generate revenue by any means except annual subscriptions from users. Senders might pay, but recipients won't and that breaks the whole thing.
• Controlling what happens after the message reaches the recipient's nigh-impossible. The best you can do is if you restrict recipients to a platform like mobile where they have to access messages through your app. There's still ways around the controls, but you can make it so the phone has to be rooted and then access to the secure credential storage obtained and that's not something that can be automated enough to be feasible for the average user to do. In an uncontrolled environment like a browser or a regular e-mail client? Forget it.

Re:Won't/can't work

Also, keep in mind that PKI or similar systems only restricts viewing to the first recipient. Nothing stops a properly authenticated and authorized user, or someone possessing those credentials, from screen-capturing the output and passing it along in that format.

For instance, once I get a signed & encrypted email, nothing stops me from opening it, copy-and-pasting it into a new email, and sending it along in an encrypted format. There are ways that you can toss even more money at this (always-encrypt email gateways that have network ACLs to force all SMTP traffic through them, for instance) for partial gains in coverage, but none of them are fool-proof or standardized.

Re:Won't/can't work

Outlook has been somewhat sucessfull in implementing this scheme you mentioned.
You have a central server with certification. If you send the message outside the company, people only receive a blob and cant read it.
Outlook blocks screengrabbing programs and the print screen key, so that you can only manage to take a pic with your cell phone.
Also, the client restricts the sender from forwarding and printing the message.

Re:Won't/can't work

[tlhIngan]

Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anything that blocks remote content or disables Javascript in e-mail. Even if the recipient's using Gmail in Chrome that's going to be an issue considering how that sort of blocking's basic to blocking malware. And of course if the recipient's running a non-browser client using IMAP4, Dmail's completely out of luck.

If you read the article, you'll see it's really just a private messaging service. The plugin just interfaces that service to Gmail.

If you have the plugin, then it'll retrieve the message for you. If you don't, e.g., use Firefox, what happens you get an email with a link that basically says "XXX has sent a message to you. Click here to see it".

Well, probably not so spammy-looking, but there you go.

It's nothing special - the only reason messages can be "erased" is the link expires.

Yes, by Disappearing Inc.

[billstewart]

Yeah, it was a cute name. The folks running it had a clue, knew what they could and couldn't realistically do.

Google Cache

[clockley(571021718)]

http://webcache.googleusercont... or http://cc.bingj.com/cache.aspx...

It's a Limited Threat Model Definition, not DRM

[billstewart]

Back in 2000, a company called Disappearing Inc. made a presentation to the Bay Area Cypherpunks meeting about their product, which was pretty similar except that back then most people used real email clients instead of webmail. When the guy walked in, and we were expecting him to be pushing some kind of snake oil, he started out by saying that their threat model was to let cooperating people have some guarantee that their email would go away when they wanted it to, not to keep uncooperative people from doing that because you just can't stop screenshots / cameras / sender saving a copy / etc. and anybody trying to sell you that is selling snake oil. And suddenly he had a friendly audience, instead of one that was going to beat him up, because he'd defined a problem that could be believably solved, which was cool.

So the trick is that the file's in an encrypted format, and Disappearing Inc's server keeps the keys and a delete date for them, and if the sender and recipient are both using their product, the reader program/plugin/etc. fetches the key from DI's server; if not, you drop the file into an SSL-encrypted web form on DI which decrypts it for you. When the delete date hits (or earlier, if the file's set for read-only-once), DI deletes their copy of the key, so the recipient's mail box now has an encrypted binary blob file with no decryption key. Yes, if the server gets compromised, it's all toast. Yes, if the recipient's email client or browser is compromised at the time they read it, it's all toast. But if nobody's trying to subpoena or crack the message until after the key's deleted, then it's too late to recover old messages, though you can always try to attack new ones.

It was a nice system, and they stayed in business a couple of years before getting bought by somebody who got bought by somebody and disappearing into dead-dot-com-space. Similar systems have been sold by various other companies, often under category names like "Data Loss Protection".

If you wanted to do a "no forwarding" version, you'd do it by setting rules on who could access it, whether by IP address or some ID in the reader plugin or delete-after-one-read or whatever.

Re:It's a Limited Threat Model Definition, not DRM

[michelcolman]

their threat model was to let cooperating people have some guarantee that their email would go away when they wanted it to, not to keep uncooperative people from doing that because you just can't stop screenshots / cameras / sender saving a copy /

(...)

If you wanted to do a "no forwarding" version, you'd do it by setting rules on who could access it, whether by IP address or some ID in the reader plugin or delete-after-one-read or whatever.

The problem with no-forwarding is that people who want to forward the message anyway, by definition turn into non-cooperating people. You might as well just add a text "please don't forward".

Re:It's a Limited Threat Model Definition, not DRM

[ArsenneLupin]

The problem with no-forwarding is that people who want to forward the message anyway, by definition turn into non-cooperating people. You might as well just add a text "please don't forward".

Non-cooperative people are only one category of people who'd forward mails even though told they should not. Another large category are users that are just ignorant, as in what does forward mean?, and what's the difference between this reply button and that "reply" button?. For those, a cooperative "Disappearing" system would indeed help (whereas a friendly plea to not forward would just be ignored as computer person's gobbledygook...)

Re:It's a Limited Threat Model Definition, not DRM

The "just ignorant" people copypastes or screenshots the message into some other webmail/forum/social media thing. You can't be idiot proof - they always bring out a better idiot.

Re:It's a Limited Threat Model Definition, not DRM

And the same thing applies to people who don't want the message to disappear. If the message is important enough to warrant a self-destruct timer, it inevitably turns all recipients into uncooperative people.

People who insist they aren't selling snake oil are usually doing just that. And in this case people who should have known better just ate it all up, that's how good snake oil salesmen can get at lying.

Re:It's a Limited Threat Model Definition, not DRM

This system sounds an awful lot like the 'secure email' that my wife described using at work for HIPPA purposes.

It is secure, in that either your have to be hacked, or the patient needs to leak the info themselves. Either way it is likely safe for the company in terms of HIPPA compliance.

Re:It's a Limited Threat Model Definition, not DRM

[cstacy]

And the same thing applies to people who don't want the message to disappear. If the message is important enough to warrant a self-destruct timer, it inevitably turns all recipients into uncooperative people.

+1 Insightful

Why do I only get mod points on boring days?
Well, at least here's a +2 for the AC...

Re:It's a Limited Threat Model Definition, not DRM

Not anymore there isn't.

Gmail Messages Can Now Self-Destruct

[pem]

No. They can't.

Nothing to see here. Move along. Don't feed the samzentroll.

Misleading title

How did this make the front page?

Decryption Key stored elsewhere, not content.

[billstewart]

Yes, you could implement it by storing the message contents on a server, but the non-LOL version that Disappearing Inc implemented back in ~2000 sent the encrypted message to the recipient, and only kept the key on the server. If you had a client at the recipient's end, it would fetch the key, otherwise you'd paste it into an SSL form on a web browser that would decrypt it. DI would delete the key after whatever business rules you liked (typically N days, or read-N-times, or "recipient clicks Delete", or sender clicks "Ooops.", etc.)

Does this keep the whole message on the server or just the keys? Hopefully the latter, because it's more secure, but I don't know.

Corporate applications?

[Mr.+Freeman]

Will this work for people sending messages to other random people? Probably not. But imagine a corporation deploying this system to all of their computers. Suddenly, the boss can tell their employees to do unethical things, make illegal threats, and so on without any chance that the FBI is suddenly going to show up and arrest him with evidence of his misdeeds.

Re:Corporate applications?

[93+Escort+Wagon]

Will this work for people sending messages to other random people? Probably not. But imagine a corporation deploying this system to all of their computers. Suddenly, the boss can tell their employees to do unethical things, make illegal threats, and so on without any chance that the FBI is suddenly going to show up and arrest him with evidence of his misdeeds.

It only takes one employee with a smartphone camera to completely destroy this model.

Re:Corporate applications?

Then you're gambling that the FBI will protect you from breaking the NDA.

Re:Corporate applications?

corporate users don't use gmail

Re:Corporate applications?

Even worse than that. Unless the application also completely manages the corporate network, there will most likely be evidence that something was sent by A to B. If your company is in any way regulated, your email probably has to be kept for N years. Unless you can be 100% certain that using this application will leave no traces at all, it looks, to me, like a great way to set yourself up for a world of hurt.

Re:Corporate applications?

[catprog]

And how do you handle an employee who does not follow the deleting emails.

Somewhere the NSA is chuckling at this article.

What a load of shit.

It's just a bit.ly for emails

[cloud.pt]

Apparently it's only "your email replaced by a link to the content". Somebody really knows how to pimp up a news article so it reaches front page huh.

I found this from the reviews on the chrome extension site as I didn't bother installing it, WHICH IS STILL MORE THAN THE ARTICLE AUTHOR MANAGED TO DO.

Re:LOL! Is the email content just stored elsewhere

[innocent_white_lamb]

Can't look at it:

http://www.hostinger.in/cpu_ex...

hostinger.in says that the cpu limit has been exceeded.

Remind me never to host anything there since it apparently becomes unreadable under a slight load.

Two words: analog hole

[davidwr]

Many corporate, "non-Internet" email systems have had "message recall" and "do not forward" features, but these are there just to "keep honest people honest" - they are trivial to defeat.

Even the most sophisticated systems can't easily defeat the "analog hole" of photographing the screen with a film camera (yes, that can be done - movie theaters do it - but it's not really practical in a non-controlled environment).

Re:Two words: analog hole

[gweihir]

Even better: This thing has a digital hole. Incompetent security-wannabes come up with things like these time and again, but they never work because they cannot work.

Self destruct my ass

[fisted]

If the email is here, it is here, and nobody is going to delete it.

Oh, it's actually HTML you say? Great, I didn't want to read that crap in the first place.

Just delete it

Any time someone sends me a link to something that could have been in the email, rather than where ever the link leads, I just delete it. I'm not wasting my time hunting down something that could have just been in the email.

Same would go for this. I would not bother with it.

At least it never gets forwarded if even the recipient doesn't read it.

Re:Just delete it

[AJWM]

This. Links in email are dead to me. I don't follow them, my mail client doesn't follow them, it's just so many wasted bytes. And that includes e-cards from friends/relatives. You want to send me something, send it to me, don't ask a third-party to.

(Sure, I make an exception for links I'm expecting (have asked for) but even then I'll copy them to my browser. HTML in my email is turned off.)

That is of course complete BS

[gweihir]

You can keep them by screenshot. You can forward them by screenshot. The security value of this feature is zero. At best it represents a mild annoyance to the receiver that wants to keep or forward them. Snake-oil "security" at its best.

Re:hmm. from TFA:

[gweihir]

I disagree. It it quite clear that the decrypted email can easily be copied in digital and analog form. This thing is utterly worthless as a security feature.

Secure? ROFL

From TFA:

This can prove a great asset for more secure communications or when discussing personal information.

Yeah, sure, because SMTP is like a totally encrypted mail transport. And users can't copy-paste the contents of an email out to eleventy billion other programs.

Re:hmm. from TFA:

So in other words, you agree, not disagree.

It uses the new BULLSHIT protocol

[Demonoid-Penguin]

And works best on smart watches made from Unobtainium (the bullshit element).

I could be wrong though, and I invite the creators to email me proof to my mail server, where I'll view their proof via IMAP on Icedove. I'll even ensure I view it in the Rich Text subset of HTML and forward copies in mixed format to other interest testers.

In other news Ted Turner spent his whole day smoking joints instead of just one before breakfast. Jane must of locked him out of the bedroom again.

Self-Destructing comments

Slashdot should add this feature to comments. Then the Yippppeee!!! posts'll go away after a few hours.

Many special-mail things use this approach

[billstewart]

This approach to special-handling-required email is pretty common - if the recipient has the right software (client / app / browser extension / whatever), their email client can read it directly, otherwise they have to use a web link to the provider's server. The more secure and scalable versions store only keys of some kind on the server, and include the encoded or encrypted message in the email, the simpler but less scalable and less secure ones keep it on the server and just include a link in the email.

Disappearing Inc did that back in 2000 for a self-destructing email application, and I've seen similar things for encrypted mail (e.g. Voltage Secure Mail) and other applications (often marketed as "Data Loss Prevention" or whatever), mostly for corporate users.

And yeah, if I get email from some random stranger saying "You've received a Whiffly-Mail Message, Click Here to Download", it's going in the spam bucket, but if I get it from somebody I regularly deal with I'm fairly likely to open it. Can't be much worse than opening a Microsoft Word document from a stranger. And of course, if it's from Paypal or SomeBigBank or Microsoft Technical Support, it gets junked as well.

Re:hmm. from TFA:

[gweihir]

No, I disagree with it being "unclear why the decrypted version cannot be saved or otherwise copied in some manner". It is quite clear that it can.

Some reading comprehension required when trying to tell other people what they mean to say....

Good luck.

[Karmashock]

Once that email is in the wind... its free... you're not calling anything back unless you control the receiver's email server.

2 Words: Smartphone Camera

Lameness filter encountered. Post aborted!
Filter error: You can type more than that for your comment.
-> I really didn't need more.

I have the exact opposite view

[andrewbaldwin]

Certainly in work situations a part of me dies whenever I'm sent emails with documents attached - doubly so when it's an Excel 'form' to be completed and sent back (presumably to some poor soul who ends up copy/pasting multiple replies into a 'master').

Consider this exchange between the canonical pair, Alice and Bob:

Alice works for ACME

Bob works for BizCo

They work out a scheme to make trade between the two easier and more efficient.

Alice sends the details in a document attached to an e-mail to Bob.

To cover her back she also sends a copy to her manager Agnes and Alan in commercial and possibly Alberta in procurement. These could also forward it on to Alison, Agatha, Alfred...

When Bob receives it, he also wants to protect himself so sends copies to Bill, Betty and Bertha at his office; similarly Brian, Barbara.... could receive copies.

There are now at least EIGHT copies in existence.

Alice and Bob may want to make minor changes, so may Alan and Betty ....

What odds would you give that in a few weeks that all are working to the same document version ? If you believe that all will be aligned, I have a nice bridge I can sell you at a knock down price. Embedding documents in e-mails can increase data but destroy information

By having just one copy and exchanging links, the confusion can be avoided.

All that said - for personal e-mails, this is less of a worry.

funny...

[SuperDre]

they can claim whatever they want, but it won't work on any other mailclient (unless the specific mailclients are going to implement the feature, and guess what, don't count on it)....

No, they can't

You can send links to a website, and the website can have an expiration date.

That's hardly new or noteworthy.

Why is this crap being called news? I seem to recall identical stories (also crap) from years ago. Neither new, nor accurate. Why is this posted?

Fucking American idiots...

"an self destruct timer"

AN self destruct timer? Oh, I forgot - Americans...

Finally

[hackertourist]

a good use for the HCF instruction

that's not how it works ...

[Gunstick]

... that's not how any of this works!

Ahem. Bullshit.

I don't need to read the article, so I'm not going to.

As one of the developers on an enterprise email system used by tons of Fortune 500s and government organizations with a total of a few hundred million seats, let me just plainly state that this simply isn't possible. There is no such protocol for it. There is *certainly* no protocol for preventing someone from screenshotting it or otherwise keeping the content of your message, either. Most companies also have a retention policy that maintains an archive of all email that goes through it for nearly a decade.

So, what this clearly is is another of many bullshit "solutions" advertised to the ignorant, like that thing that was advertised on talk radio late at night a decade all, that said your email with them was "like a string that you could pull on". I didn't need to learn how that worked, either, because it was obvious.

All of these solutions work by either:

1. Turning your message into an image that has to be loaded from a third party server via the email message.
or
2. The message contains a link to the content their server.

This is just fucking ignorant and stupid.

Re:hmm. from TFA:

I think you just got wooshed... that was the guy's point: the info can be saved.

Nope

I'm afraid it only applies to Gmail, and other systems that support that.

I house my own email server (much like Clinton did) and nothing gets deleted unless I want it deleted.

politician's dream

Sounds like a politician's dream... say something and then unsay it. But they'll also be the first to not realize people will get around it. So I'm all for it, if it results in oncovering more two-faced politicians.

Complete Defeats the Point of Email

One of the main reason Email is used is because it creates a paper trail.

This is explicitely trying to stop that. If there's no guarantee of a paper trail, they might as well be using facebook.

Re:LOL! Is the email content just stored elsewhere

[allo]

cool newssite you linked. "cpulimit exceeded" Muhahahahahaha

Not a total bust

[Chewbacon]

This is a valid concept so long as both parties agree to uphold the privacy. However, that's a big "if."

Re:LOL! Is the email content just stored elsewhere

That's what happens when you use India for your IT infrastructure. I'm surprised the error message doesn't ask readers to do the needful.

Agreed.

[billstewart]

And there are a bunch of similar applications for which you might want to be able to verify that the mail's only going where it should, and that it won't stick around as a legal record longer than you want it to.

Re:hmm. from TFA:

[gweihir]

I know.

This is stupid.

[Arancaytar]

It's either a web-service that emails a hyperlink to the message (which can be easily extracted), or something that only works if the recipient installs the same extension. In either case, why would a recipient voluntarily restrict their own access?

gweihir = "Run, Forrest: RUN!!!" & incompetent

"Run, Forrest: RUN!!!" vs. a fair challenge http://news.slashdot.org/comme...

* I find it UTTERLY HILARIOUS seeing a bullshit artist mere talk TROLLING done zero loser like you has the NERVE to state what you did - especially after you RAN in that link above, gweihir... lol!

You don't HAVE the ability to code & the link above evidences it - you're a bullshit blowhard, nothing more - a MERE TECHIE MENIAL @ best/most!

(FACT: Minus coders like myself, you TECHIE or NETWORK ADMIN MENIALS ARE HELPLESS - just as you've SHOWN yourself to be in that link above!)

APK

P.S.=> Keep on shooting your blowhard done nothing in computing mouth off gweihir - I'll be RIGHT THERE AGAIN to expose your crap yet again (have fun with the shame you'll have to publicly endure here & YOU STARTED IT WITH ME YOU USELESS TROLLING LOSER WITH NO SKILLS BUT LOTS OF MERE "TALK", lmao)... apk

gweihir = incompetent wannabe

"Run, Forrest: RUN!!!" vs. a fair challenge http://news.slashdot.org/comme...

* I find it UTTERLY HILARIOUS seeing a bullshit artist mere talk TROLLING done zero loser like you has the NERVE to state what you did - especially after you RAN in that link above, gweihir... lol!

You don't HAVE the ability to code & the link above evidences it - you're a bullshit blowhard, nothing more - a MERE TECHIE MENIAL @ best/most!

(FACT: Minus coders like myself, you TECHIE or NETWORK ADMIN MENIALS ARE HELPLESS - just as you've SHOWN yourself to be in that link above!)

APK

P.S.=> Keep on shooting your blowhard done nothing in computing mouth off gweihir - I'll be RIGHT THERE AGAIN to expose your crap yet again (have fun with the shame you'll have to publicly endure here & YOU STARTED IT WITH ME YOU USELESS TROLLING LOSER WITH NO SKILLS BUT LOTS OF MERE "TALK", lmao)... apk

gweihir: You're worthless, limited, & WEAK

"Run, Forrest: RUN!!!" vs. a fair challenge http://news.slashdot.org/comme...

* I find it UTTERLY HILARIOUS seeing a bullshit artist mere talk TROLLING done zero loser like you has the NERVE to state what you did - especially after you RAN in that link above, gweihir... lol!

You don't HAVE the ability to code & the link above evidences it - you're a bullshit blowhard, nothing more - a MERE TECHIE MENIAL @ best/most!

(FACT: Minus coders like myself, you TECHIE or NETWORK ADMIN MENIALS ARE HELPLESS - just as you've SHOWN yourself to be in that link above!)

WHAT A NERVE A LOSER LIKE YOU HAS SAYING WHAT YOU JUST DID TOO - I've actually coded a GREAT program for security (+ added speed & reliability online too) - & YOU?

ZERO, you worthless windbag BLOWHARD!

APK

P.S.=> Keep on shooting your blowhard done nothing in computing mouth off gweihir - I'll be RIGHT THERE AGAIN to expose your crap yet again (have fun with the shame you'll have to publicly endure here & YOU STARTED IT WITH ME YOU USELESS TROLLING LOSER WITH NO SKILLS BUT LOTS OF MERE "TALK", lmao)... apk

gweihir, you're incompetent & irrelevant

"Run, Forrest: RUN!!!" vs. a fair challenge http://news.slashdot.org/comme...

* I find it UTTERLY HILARIOUS seeing a bullshit artist mere talk TROLLING done zero loser like you has the NERVE to state what you did - especially after you RAN in that link above, gweihir... lol!

You don't HAVE the ability to code & the link above evidences it - you're a bullshit blowhard, nothing more - a MERE TECHIE MENIAL @ best/most!

(FACT: Minus coders like myself, you TECHIE or NETWORK ADMIN MENIALS ARE HELPLESS - just as you've SHOWN yourself to be in that link above!)

APK

P.S.=> Keep on shooting your blowhard done nothing in computing mouth off gweihir - I'll be RIGHT THERE AGAIN to expose your crap yet again (have fun with the shame you'll have to publicly endure here & YOU STARTED IT WITH ME YOU USELESS TROLLING LOSER WITH NO SKILLS BUT LOTS OF MERE "TALK", lmao)... apk

gweihir, you wannabe, you know shit

"Run, Forrest: RUN!!!" vs. a fair challenge http://news.slashdot.org/comme...

* I find it UTTERLY HILARIOUS seeing a bullshit artist mere talk TROLLING done zero loser like you has the NERVE to state what you did - especially after you RAN in that link above, gweihir... lol!

You don't HAVE the ability to code & the link above evidences it - you're a bullshit blowhard, nothing more - a MERE TECHIE MENIAL @ best/most!

(FACT: Minus coders like myself, you TECHIE or NETWORK ADMIN MENIALS ARE HELPLESS - just as you've SHOWN yourself to be in that link above!)

ABOVE ALL ELSE:

When the likes of MalwareBytes' people host & RECOMMEND YOUR WARE (especially for security as mine is)?

THEN, you can talk as a peer, you fucking pitiful hot-air windbag wannabe!

I see you TRY to effetely & vainly play "coder" here, when I KNOW, for a FACT, you're merely a network tech/admin FUCKING MENIAL that merely uses tools that actual coders like MYSELF create for you, USER WITH A BETTER PASSWORD ONLY IN REALITY, merely use!

APK

P.S.=> Keep on shooting your blowhard done nothing in computing mouth off gweihir - I'll be RIGHT THERE AGAIN to expose your crap yet again (have fun with the shame you'll have to publicly endure here & YOU STARTED IT WITH ME YOU USELESS TROLLING LOSER WITH NO SKILLS BUT LOTS OF MERE "TALK", lmao)... apk