Wednesday, July 22, 2009

Fascinating self-destruction

Nicely apropos of Amazon/Orwell, this University of Washington press release raises some fascinating perpectives on the future of digital information and things like accountability, the public record, trees, etc. etc. A new system, called Vanish, enables users to schedule the self-destruction of their electronic texts, thereby limiting the damage of those errant emails and deeply regretted least those that did not find their way to the printer! The system can be implemented with a Firefox plugin or, for the timid, by using an online "modest-scale Vanish service, which can be used to create or read Vanish data objects without requiring any installations." 

From the press release:

A team of UW computer scientists have developed a prototype system called Vanish that can place a time limit on text uploaded to any Web service through a Web browser. After a set time text written using Vanish will, in essence, self-destruct. A paper about the project went public today and will be presented at the Usenix Security Symposium Aug. 10-14 in Montreal.


Usage Scenarios

Vanish enables privacy-aware users to ensure the timely self-destruction of their sensitive data stored at uncontrollable locations, such as in cloud services or on laptops that can get stolen. For example, users can use Vanish to control the lifetimes of certain of their data on Facebook, Gmail, Hotmail, or Google Docs. Because of the technical difficulties associated with deleting Web data (e.g., replication, content delivery networks) or sometimes because of uncooperating Web service policies, data on some of these services can persist long after the user requests its deletion. This unbounded data persistance on the Web raises huge concerns in our current litigious society, where old, forgotten copies of your emails or Facebook posts can serve as exhibits during a divorce or insurance dispute. Vanish is a good first tool that allows you to "sanitize your personal Web," by configuring your sensitive data to self-destruct automatically after a period of time.
Example Scenario

To illustrate the utility of Vanish, let's consider a concrete example. Ann and Carla are close friends, who love to use popular Web services, such as Gmail, Hotmail, Google Docs, and Facebook, to communicate between and collaborate with each other. Ann is experiencing problems in her marriage and has started drafting divorce-related documents. She would like to request Carla's advice and help on the documents. Ann trusts her confidante completely, however she fears that the electronic footprint of her sensitive and still tentative communications might later be used by her husband's lawyers as part of a future divorce trial.

To protect their communications, Ann and Carla decide to limit the lifetime of their their sensitive communications and documents using Vanish. The screenshots below show how Ann and Carla upload divorce-related data into Vanishing Data Objects (VDOs) on various Web services. (1) Ann has sent a VDO-encapsulated email from her Gmail address to Carla's Hotmail address, asking for advice on her problems. (2) Carla has responded back to Ann's Gmail address with her advice. (3) Ann and Carla encapsulate draft information in a divorce document inside VDOs, until they finalize the terms. (4) Ann has sent a VDO-encapsulated Facebook message to Carla asking her about a specific term. Eight-hour timeouts for all of these VDOs are reasonable and reassuaring for the two women. Once the VDOs expire, all copies of the encapsulated data disappear. For example, for the first email (1), both Ann's Gmail copy and Carla's Hotmail copy of that email self-destruct at the same time.

No comments:

Post a Comment