The only thing better than encrypting messages, it seems, is also setting them up to self-destruct. Cue the "Mission: Impossible" theme.
That's the premise behind a few newly minted messaging services that are touting the ephemerality of your data as a selling point. Send a message (via an encrypted channel, one hopes), and once it's been received and read, all traces of it on the device are deliberately destroyed.
The number of such apps that have appeared in the last year alone is striking. Wickr can send self-destructing text messages or sound files, and it makes a point of how personal information or metadata is either scrubbed, deliberately destroyed, or never collected. Burn Note (launched in 2012) allows notes sent to others to self-destruct and can even be commanded to blow up a message before it's read if you have second thoughts. Confide offers self-destructing messages and claims to guard against attempts to take a screenshot. And OneShar.es lets you create one-time viewable messages, kept in an encrypted store and accessed through a hyperlink; the message is destroyed after it's read.
It's tempting to describe all this as having been inspired by the wild -- and unexpected -- success of Snapchat, with its "shoot and forget" policy toward data retention. Actually, there's no small amount of irony in that Snapchat data is not really destroyed, just allowed to be overwritten -- itself a cautionary tale about how apps like this need to be constructed.
The concept of self-destructing data isn't new. Cryptographic concepts like the one-time pad made it possible to send messages that could never be decrypted, effectively destroying their readability. What does seem new is the presentation: The apps-and-services culture of smartphones and mobile IT make this technology useful to the end user without requiring heavy lifting. The same goes for why encrypted email didn't take off with end-users, since the applications often proved too complicated to set up and use. Now, however, there's renewed interest in secure email as a transparently hosted service, as long as it proves to be truly useful and doesn't just cover half the bases (as Lavabit was accused of being).
Two things need to be guaranteed with any self-destructing data service. The first is properly implemented cryptography, which is hard enough to get right. The other is some way of verifying whether or not the data in question has actually been erased, which is well beyond the capacity of the average end-user.
To that end, if such services come into wide use, any one of them that has a third-party security audit conducted to ensure that deleted really does mean deleted will have a major leg up on the competition. Wickr has a bug bounty in play, but as InfoWorld's Roger Grimes pointed out, it's hard to say such competitions -- as opposed to a more systematic, disinterested audit -- are the best solution.
This story, "This data will self-destruct: Snapchat meets encrypted messaging," was originally published at InfoWorld.com.
No comments:
Post a Comment