This blogpost will Vanish...
Seema Singh -
Wednesday, July 22, 2009 9:47 PM
...if I download this tool and choose to make it disappear from Labrats. For now, I have no such intention, but here's the story of how it could happen:
Researchers at the University of Washington have developed a way to put an expiry date on electronic text. So. if any email, Facebook or chat message, blogpost or any electronic stuff (in future even images) is sent using the new system, called Vanish, then you could choose its lifetime. Literally.
Any text uploaded to any Web service through a browser can do this permanent vanishing act and become irretrievable from mail boxes (in and out), websites, or backup sites. Even the sender cannot retrieve them.
"If you care about privacy, the Internet today is a very scary place," said one of the computer scientists involved in the research, Tadayoshi Kohno. "If people understood the implications of where and how their e-mail is stored, they might be more careful or not use it as often."
The paper and research prototype are available here. The work was funded by the US National Science Foundation, the Alfred P. Sloan Foundation and Intel Corp. It'll be presented at the Usenix Security Symposium Aug. 10-14 in Montreal.
Vanish was released on Tuesday as a free, open-source tool that works with the Firefox browser. However, for it to be functional, both the sender and the recipient must have installed the tool. The sender then highlights any sensitive text entered into the browser and presses the "Vanish" button. The tool encrypts the information with a key unknown even to the sender.
That text can be read, for a limited time only, when the recipient highlights the text and presses the "Vanish" button to unscramble it.
In the present Vanish prototype, the network's computers purge their memories every eight hours. (An option on Vanish lets users keep their data for any multiple of eight hours.)
After eight hours the message will be impossible to unscramble and will remain gibberish forever.
"In today's world, private information is scattered all over the Internet, and we can't control the lifetime of that data," said Hank Levy, a prof at UW. "And as we transition to a future based on cloud computing, where enormous, anonymous datacenters run the vast majority of our applications and store nearly all of our data, we will lose even more control."
So, contrary to the common thinking that pressing the delete button will make the data go away, many web services archive data indefinitely. Moreover, encrypting data can be risky in the long term, the researchers say. The data can be exposed years later, for example, forcibly by legal actions. More details from their website.
While I look for somebody willing to test this prototype (remember, you need two willing partners), you tell us if you could manage to make anything VANISH!