Encrypts messages with a secret key and then distributes pieces of it across random nodes so that as peers leave the swarm it gradually degrades over time, allowing users to regain control over data stored on the web like Facebook PMs, e-mails to others, and even simple posts.
Researchers at the University of Washington have a created a way to automate encryption key expiration, which means data can become inaccessible over a given period of time.
It’s called Vanish and it creates a secret key to encrypt a user’s data, breaks the key into many pieces and then sprinkles the pieces across random nodes in the Distributed Hash Table (DHT) provided by the popular Vuze BitTorrent client. As machines constantly join and leave the swarm, the pieces of the key gradually disappear. By default it supports data timeouts of 8-9 hrs, though they say longer timeouts are possible.
“Data persists for much longer than users expect or want,” they note in emphasizing importance of Vanish. “This is especially true as more and more data gets stored on the web and in the cloud, archived by third parties, or just stored on random backup tapes.”
The researchers say Vanish is important in today’s Web-centered world because a “users’ sensitive data can persist “in the cloud” indefinitely (sometimes even after the user’s account termination.” By using Vanish you can regain control over the lifetime of things like Facebook PMs, Google Docs, e-mails, etc..
It can also complicate efforts by authorities or other parties to subpoena sensitive data.
“Computing and communicating through the Web makes it virtually impossible to leave the past behind,” they add. “College Facebook posts or pictures can resurface during a job interview; a lost or stolen laptop can expose personal photos or messages; or a legal investigation can subpoena the entire contents of a home or work computer, uncovering incriminating or just embarrassing details from the past.”
The overarching benefit of using Vanish is that it lessens the risks of sensitive data being exposed. A PM or e-mail from years past doesn’t have to resurface to the embarrassment of yourself or others.
Overall it’s pretty useful to have. The only downside is that the people you communicate with have to also have Vanish installed so that they can decrypt your messages.
It’s available HERE as a Firefox plugin.
Stay tuned.
jared@zeropaid.com
| Vanish + Hotmail | Vanish + Gmail |
 |
 |
| Vanish + Google Docs | Vanish + Facebook |
 |
 |
Watch the screencast for more info…..
Related Posts
- Microsoft Finally Embraces BitTorrent
- AOL Proudly Releases Massive Amounts of Private Data
- Azureus Releases Data from BitTorrent Throttling Plugin
- Microsoft P2P: Better Than BitTorrent?
- EU States Propose Massive Data Retention Plan
Loading ...
im curious, is it possible to retrieve the data again after it has been dispersed? what would be the applications of this?
According to the whitepaper the answer is no….
“To be more precise, by default, the data will be available with high probability for 8 hours after its encapsulation and will become unavailable with high probability after 9 hours. During the one hour between 8 and 9 hours, the data’s state is undetermined: it could be available or unavailable, although it typically remains available for close to 9 hours. ”
Application? Using it to encapsulate all or some of the posts PMs, e-mails, etc you put out on the web so that its stay time is finite.
Think about it. From youth to adulthood your constantly putting data out there that can be retrieved and used for or against you. A stupid e-mail or Facebbok post from college could impact a job interview, etc..
We are sending you on a secret message Gadget ……………………………
…………………………………
This message will self destruct in 30 seconds.
is this going to mean we can download stuff without the aa’s sending out c&d notices and threats of lawsuits?
It might help with downloads, you could send a link to a file privately, or post it on your blog. This looks like something for short text messages, no way can I see sharing files directly through it.
The reason is, it’s riding on the DHT service in Bit Torrent and that’s a really low bandwidth system that is there to help the torrent program get information about your downloads. Note the example messages on the site, they are only a few lines long!
I don’t know much about how DHT really works woof, but I have to wonder about the impact of Vanish injecting its messages in it. Also, if DHT was to vanish, then Vanish would vanish too, right?
So, what you are saying is, between 8 & 9 hours, this system closely parallels Schrodinger’s Cat? It is fascinating to see this in the real world. Both simultaneously alive, and dead.
Question is, if we lift the lid, and look in the box, does that vent the poison and kill us with a ’sploit buried in the message? OR does the poison vent and the cat live (new lease on life due to interest in the data causing a wider dispersion amonst peers)?
This could backfire though…
We learn a lot about government corruption from leaked emails…
It seems that the most useful application for this is on social networking (SN) sites (e.g. personal status updates on FB or Twitter which may prove embarassing at some future date).
It is in the interest of SN services to retain the personal data for mining purposes, so I would expect them to view Vanish as a fringe threat to their business model.
SN services can implement code which detects a posted Vanish message and
– reject it
– resolve it as soon as it is posted, and save a plaintext copy for internal use.
I’d say Vanish is an interesting academic exercise with no real-world use for people seriously concerned with their online privacy.
Safest option for users: consider data you publish to be available forever to everyone.
My Vanishing Message program is not the same as Vanish. I made Vanishing Message in 2001 and have just now released it to the public free on my website.
Vanishing Message will also be introduced on CNET around September 1st 2009.
Vanishing Message is a file message that can be sent by email attachment or file transfer. The message can be read by the recipient then vanishes without a trace. As we all know there are times when we need to send a message to someone that we want no trace of later. Vanishing Message uses a random encryption on all words, no word is ever encrypted the same. The message vanishes if exited, cannot be copied, if viewed longer than 1 minute it vanishes and you can use the same file to forward or email another person a new message. So prove it!!! Did it ever exist?