Slashdot Mirror

← Back to Stories (view on slashdot.org)

This Email Will Self Destruct...

Posted by CmdrTaco on from the read-it-before-its-to-la dept.

Buggernut writes "A startup high-tech firm called Disappearing Inc. has created a system that does just that. It encrypts each e-mail message, lets the sender set the key's life span at anywhere from a few seconds to years, then turns the message back to gibberish once the key self-destructs. "

6 of 112 comments (clear)

  1. Done before by jd · · Score: 4
    There are several companies offering this. The idea seems to be "Don't be like Bill Gates", and leave incriminating e-mails around.

    IMHO, it won't work, as people will either be forced to use a specific e-mail product, or there will be a high risk of the self-destruct system not working.

    Even if the message DOES self-destruct, so what? You can scan a hard-disk and read off the last 10 or so layers of data, which might include the non-encrypted form, or the encrypted form with a valid key. From there, it'd be child's play to get the message.

    Yes, you can use wiping software, which will write over the sectors of a deleted file N times, to ensure no data could possibly be read from them, but even there, there are problems - temporary directories, swap space, etc, which might not be wipable.

    There are far, far better ways to secure e-mail from prying eyes. This is a marketing gimic, for those too paranoid to trust their systems, but not knowledgable enough to know what can be trusted.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  2. How this works? by bjk4 · · Score: 3

    I would be interested in hearing how they intend to get pine(1) to delete the key to these encrypted messages. Here is what I could think of for their (probably proprietary) system:

    1) Use Javascript for people using Outlook. Scripts could encrypt and decrypt messages on the fly, erasing the key from the message after x days.

    2) Use central server (ex: over a webpage) to delete the key from the server after some time.

    3) Use a proprietary email format that requires it to be opened using their executable which manages the keys.

    As someone else suggested, the entire security breaks down if someone saves a plaintext copy. Should their program not give you copy&paste, I would consider it crippleware. Assuming not, I ask what the point is for this scheme.

    I remember when www.terraserver.microsoft.com first came out, Microsoft used Java to prevent saving the images you saw. Of course, I just pulled out my trusty screen capture program and saved a copy of my hometown anyway... I guess this just shows how you can copy&paste things without permission from a program.

    So how do they plan to integrate this with existing environments? I don't think they can.

    -Ben

  3. I don't get it. by sparks · · Score: 3
    It "only works if both sender and recipient want the message to vanish" as it says in the article. Having got the plaintext once, the recipient can obviously copy, print, or save whatever is there.

    So, given that both sender and recipient have to agree, why can't they just agree to delete the damn' thing?

    If there is a demand for this (and frankly I'm not convinced) surely it would make sense just to define a "Delete-After: " email header and work with that. Why involve encryption at all?

    1. Re:I don't get it. by ucblockhead · · Score: 3

      I think that the idea is that it is encrypted on disk, to defeat programs that can resurrect deleted messages.

      Still, I can think of so many ways to defeat this that it isn't even funny. I know it may come as a shock to some of you, but I can actually change the date a computer thinks it is.

      (Please use that super-secret information wisely.)

      This will give newbies a great false sense of security, though.

      --
      The cake is a pie
  4. A little info... by rlm · · Score: 3

    This is from their FAQ, just to answer a few questions:

    ------------------------------------------------ -

    2. How does Disappearing Inc. make email safe?

    Encryption: All email messages are encrypted before they are sent to make sure that they can not be intercepted and read.
    Authentication: To make sure to make sure that the sender and the recipient are really who they say they are, a user identification code and password may be required.

    Tracking: A complete audit trail is maintained for each message, indicating who has received the message and when they first read it.

    Retrieval: Using the email client of their choice and the plug-in from Disappearing Inc., users can decrypt and view any message that they are authorized to access.

    Deletion: Finally, at the end of the message lifecycle, Disappearing Inc. Universally Deletes(TM) the message from the local PC, the mail server, and backup tapes so that nobody can ever read it again.

    ------------------------------------------------ -

    So it looks like you can "use any email client you want" as long as it is one that they have a plugin for. I suppose if you use another, then you just can't read the mail. The last line about deletion sounds especially interesting, I assume that "deleting" means destroying the decryption key.

    --
    -- Ryan
  5. Groupwise does this by dattaway · · Score: 3

    Well, almost... Send an email to someone using Groupwise with the date in the headers set to a distant past. After the receiptient reads it, it will seem to vanish, only to be discovered the mail was sorted by date into the beginning of the cue (rather than when it was received.)

    I found this to be a neat trick and often place "this email will self destruct in 30 seconds" at the footer.