Vanish: Self-Destructing Digital Data

Researchers from the University of Washington have developed a new encryption system that allows users to take control over the lifetime of their data. After the user-specified auto-destruct time has gone by, the encrypted data will then become unreadable.

If you wish to use the system online, Vanish is available via an easy to use Firefox extension. How can you use it? Let’s say you want to send some confidential information via Gmail to one of your online contacts. All you need to do it to compose your text, select it with your cursor, right click it, and then select the “Vanish” option. This will garble the information and make it readable only to others who also have the Vanish plugin installed, as long as they read it in the author-established time-frame. If the recipient waits to long, the data will simply become unreadable.

Here’s a quick video presentation of the product:

Would you use Vanish, and if so, how or why would you use it? Do you think the system is flawed? Let us know in the comments section below!



5 Responses to Vanish: Self-Destructing Digital Data

  1. One thing my many years of computer use has taught me is that there is ALWAYS a way to a) copy data and b) Break encryption.

    Granted this will likely thwart casual users. Data never ever has a shelf life however. There's always a "fix" for this sort of thing.

  2. c'mon just use a network sniffer, you can store all the data that is flowing ¬¬

    also what stops me from saving the decrypted content?

  3. This looks to me to be pretty good. I scanned the paper, and the use of DHTs to truly make the keys go away after a period of time seems pretty secure. With conventional encryption, somebody will eventually be able to decrypt the plaintext. If the plaintext is, in turn, a VDO, then the message is still safe.

    The details are hard, especially protecting against the attacks of a sniffer collecting the information sent to the DHTs. But that problem has largely been solved.

    It'll be interesting to see what the crypto community does with this research. I hope we see it popping up everywhere, especially considering that the American public has already paid for it.

  4. Like Josh has said, there are always ways of breaking the encryption and keeping the data. For example, once the message or document has been decrypted, it will not stop the user from copying the message somewhere's else. Also, a trick I've used for keeping time trials of some software longer (up to several years) is to keep turning back the system clock on the computer. The software will never expire any of the documents or licenses you'll be using.

  5. I think I may definitely look into the firefox plugin itself since the plugin seems to control the ability to see the message. If you can recompile the plugin to ignore the expiration date, you can see the message contained regardless. That's completely ignoring the fact that you could just get the decryption routing from the plugin and read any Vanish message.

    I like the idea, but I don't see it being used with too many actual security areas. Besides, who relies on gmail or any other free service to send emails that need need encryption.