Naked Science Forum
Non Life Sciences => Technology => Topic started by: paul.fr on 12/08/2009 12:10:45
-
what do you think of this?
Computing and communicating through the Web makes it virtually impossible to leave the past behind. College Facebook posts or pictures can resurface during a job interview; a lost or stolen laptop can expose personal photos or messages; or a legal investigation can subpoena the entire contents of a home or work computer, uncovering incriminating or just embarrassing details from the past.
Vanish is a research system designed to give users control over the lifetime of personal data stored on the web or in the cloud. Specifically, all copies of Vanish encrypted data — even archived or cached copies — will become permanently unreadable at a specific time, without any action on the part of the user or any third party or centralized service.
For example, using the Firefox Vanish plugin, a user can create an email, a Google Doc document, a Facebook message, or a blog comment — specifying that the document or message should "vanish" in 8 hours. Before that 8-hour timeout expires, anyone who has access to the data can read it; however after that timer expires, nobody can read that web content — not the user, not Google, not Facebook, not a hacker who breaks into the cloud service, and not even someone who obtains a warrant for that data. That data — regardless of where stored or archived prior to the timeout — simply self-destructs and becomes permanently unreadable.
http://vanish.cs.washington.edu/
-
The data can't decay or delete itself purely of its own accord; it's just blocks of binary sitting on a filesystem somewhere. It would require an active process to be run to scramble or delete the data.
Note that the 'ad' specifically refers to data held on the web or in the cloud (which may suggest that the hosting system's clock time is important) but then goes on to imply that the encrypted data held anywhere will be protected. The 'ad' is similarly unclear with regard to what actually happens to the data; does it simply become impossible decrypt because the keys are no longer available, or because the keys incorporate a time hash so that some parts of key are variable but only work within time based limits, or does it mean that the data is physically destroyed?
I can't see how these people could guarantee that one of their encrypted files, sitting on one of my hard-drives, could be deleted or modified unless I'm running a bit of software to do so.
The 'ad' is high on marketing features but low on detail and clarity. How it actually works is obfuscated and as result there is little of technical merit to assess.
-
Gosh, I feel dirty and like I have been scolded!
I heard about this on either NPR or Sci FRi, will try and find the link.
-
Gosh, I feel dirty and like I have been scolded!
Why is that?
-
You bastard. You've dirtied Paul!
[>:(]
-
Gosh, I feel dirty and like I have been scolded!
Why is that?
Ignore it, Lee. I must have been having a bad day or something.
You bastard. You've dirtied Paul!
[>:(]
I think I enjoyed it!!!
-
It is all a bit murky anyway!
I put on gloves and a mask,just in case. [;)]
It seems to be putting in a complicated security system in front when the back door is open and there is no garden fence.
Correct me if from the slightly unjoined up statements on the link I have been misled, but this doesn`t do a mission impossible " this message will self destruct in...".
It relies for its security on trust relationships, If a recipient saves a decrypted copy ( you have to be able to display it to read it, so at crudest, what is to stop a screen grab, and feeding the file into an OCR?) then that will persist for however long they decide, which brings into question what the point of it is?
A whole set of considerations are not really answered very well.
Isn`t a P2P network likely to scrutinised by various authorities to regulate illegal use? Won`t they be able to decrypt and save content? ( within 8 hours)
It appears to use properties of the third party P2P network software, so it is dependent on their infrastructure and reliability.
There is a serious problem as the description appears to say the system does not use the basis of all security encoding, a shared secret ONLY between sender and recipient. ( I don`t trust a P2P setup and I can`t think of any organisation that would condone the use at work of any external network for security and legal reasons).
Don`t send anything outside your PC that you aren`t prepared to weather the storm over. It is like party photos, If you did dance with a lampshade on your head you have to deal with the fall out IMHO (from having done things that seemed a good idea at the time) [;D]
Fire guards from Bournville?
-
Ooh! Ooh! I know!!! Pick me!!!
Sledge hammer+ 10 feet + Motherboard= one crunched chip [;)]
-
Sounds good to me! When I'm done with this computer, I'll chuck a big sledgehammer on it.
-
Sounds good to me! When I'm done with this computer, I'll chuck a big sledgehammer on it.
You only need to sledge the harddrives, not the whole computer =)
I usually "erase" old harddrives with a 5 lb magantized sledge. Great for working out aggression.
-
Whenever I get rid of an old computer I try to overwrite everything on the hard drive. I delete as much as possible and then create a small word document. I copy the document and then copy both the resulting documents and so on, doubling each time. After a while the hard drive is full and I can’t even copy a single document. Then I reformat the drive.
-
OS X will do a many-pass erase of free space, if you want. There must be Windows apps for the same thing, surely.
But your hard drive is just the tip of the iceberg. Cookies used to worry me before I became gung ho about the Web.
-
Listen to "The Goon Show" for a tutorial.