Gmail Messages Can Now Self-Destruct

New submitter Amarjeet Singh writes: Dmail is a Chrome extension developed by the people behind Delicious, the social bookmarking app/extension. This extension allows you to set a self-destruct timer on your emails. You can use Dmail to send emails from Gmail as usual, but you will now have a button which can set an self destruct timer of an hour, a day or a week. Dmail claims it will also unlock a feature that won't allow forwarding, meaning only the person you sent your message to will be able to see it.

Pure undulterated bullshit

[cheesybagel]

BS.

"it will also unlock a feature that won’t allow forwarding, meaning only the person you sent your message to will be able to see it"

Then I'll copy and paste the text to another Windows and foward it.

What the article describes is not e-mail. It's an messaging app with a different protocol using e-mail only as a transport mechanism.

Re:Pure undulterated bullshit

[brian.stinar]

DRM is built upon the lack of understanding that playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content. It's always possible to do an analog scrape, if the DRM keeps everything in digital land "safe." As I recently found out with .m4b files, it's just a matter of how annoying the DRM producer wants to try and make that process, and how valuable your time is.

I never understood the desire to try and accomplish anything else. Software/hardware/device manufacturers that try and DRM-proof their products annoy me. I left a startup because of DRM:

"Brian, we need to protect our content. That's why I'm putting you on this DRM-WordPress-enabled-web-protect-our-desktop-application project."
"Actually, hardly anyone wants to buy this software yet. The best thing that could happen would be it would catch on fire on pirate networks. That's called free marketing."
"I spent twenty years of my life developing this software."
"And it's only been the last six months that you've sold ANYTHING. Let's close these sales deals, and then start developing the subscription-only services, that require a valid subscription, and then we can 'protect' the content by having AWESOME subscription based content. If anyone pirates v 1.0, let's make v 2.0 so much better they cannot wait to buy it, and support us!"
"The software isn't ready, we need to protect it."
"DRM in the absolute best case adds NOTHING to the user, and in the worst case is horribly annoying. I'm not going to work on DRM technology that will alienate our miniscule user base."
"I disagree."
"I'm out."

And this is why the second start-up venture I was a part of failed. Everyone left, after 20k in 'sales' never materialized based on the founder wanting to 'protect' his software. I am ready for the third failure though!

Re:Unenforceable

[Grishnakh]

It's only enforceable because it isn't email.

All this stupid thing is, is a system where the recipient gets a link to click on, which lets them go view the "email" (message) on some server somewhere, subject to a bunch of restrictions. I think there's also a browser plugin that basically does the same thing, but making it appear more like you're reading an email instead of just being redirected to some server.

This isn't email in the traditional SMTP sense.

Of course, it still is impossible for them to prevent you copying it somehow, even if you have to resort to screen capture.

Re:Not if you email me

[Grishnakh]

It has nothing to do with Gmail really, it's just a link to let someone view a message on some website. It isn't actually email.

Re: Won't allow forwarding?

Can my computer prevent my smartphone from taking a picture of the monitor?
Trying to prevent screenshots on email is as stupid as those lockdown browsers that some schools make you use when taking a test. Everyone has multiple internet connected and camera equipped deviced now.

Re: Won't allow forwarding?

[phantomfive]

Can my computer prevent my smartphone from taking a picture of the monitor?

It seems strange, but even right now, some software will prevent you from modifying photos of certain things (Photoshop and hundred dollar bills for example).

Computer companies are depending more and more on media companies every day.....consuming media is the primary use of many of these devices. Soon they might say, "Why not implement this? It'll make the media companies happy, and most people won't care."

Re:Won't allow forwarding?

The only part of this that is related to gmail is that it is a chrome extension that adds the feature to the gmail interface. It sends the user an email link to view the message on a webpage, and then deletes the message later. It probably captures select and right click events in order to be "secure" too. In short, it is garbage.

It's a Limited Threat Model Definition, not DRM

[billstewart]

Back in 2000, a company called Disappearing Inc. made a presentation to the Bay Area Cypherpunks meeting about their product, which was pretty similar except that back then most people used real email clients instead of webmail. When the guy walked in, and we were expecting him to be pushing some kind of snake oil, he started out by saying that their threat model was to let cooperating people have some guarantee that their email would go away when they wanted it to, not to keep uncooperative people from doing that because you just can't stop screenshots / cameras / sender saving a copy / etc. and anybody trying to sell you that is selling snake oil. And suddenly he had a friendly audience, instead of one that was going to beat him up, because he'd defined a problem that could be believably solved, which was cool.

So the trick is that the file's in an encrypted format, and Disappearing Inc's server keeps the keys and a delete date for them, and if the sender and recipient are both using their product, the reader program/plugin/etc. fetches the key from DI's server; if not, you drop the file into an SSL-encrypted web form on DI which decrypts it for you. When the delete date hits (or earlier, if the file's set for read-only-once), DI deletes their copy of the key, so the recipient's mail box now has an encrypted binary blob file with no decryption key. Yes, if the server gets compromised, it's all toast. Yes, if the recipient's email client or browser is compromised at the time they read it, it's all toast. But if nobody's trying to subpoena or crack the message until after the key's deleted, then it's too late to recover old messages, though you can always try to attack new ones.

It was a nice system, and they stayed in business a couple of years before getting bought by somebody who got bought by somebody and disappearing into dead-dot-com-space. Similar systems have been sold by various other companies, often under category names like "Data Loss Protection".

If you wanted to do a "no forwarding" version, you'd do it by setting rules on who could access it, whether by IP address or some ID in the reader plugin or delete-after-one-read or whatever.

Re: Won't allow forwarding?

[xaxa]

The trick to "out-witting" the US Mint's genius bill-recognition scheme is to move some of the circles around –the yellow ones. They are 5-circle constellations, which is how Photoshop recognizes them as US currency. This has been known since the 'new' $20's came out about 15 years ago.

The US didn't invent everything ;-)

It's been known about since 2002, when it was found in European banknotes dating back to 1996. It's thought to be a Japanese invention.

http://www.cl.cam.ac.uk/~mgk25...

https://en.wikipedia.org/wiki/...