Interesting People mailing list archives
IP: some comments on : sel-destruct email
From: David Farber <farber () cis upenn edu>
Date: Sat, 9 Oct 1999 06:45:45 -0400
From: Fusion624 () aol com Date: Fri, 8 Oct 1999 22:08:07 EDT Subject: Re: IP: sel-destruct email To: farber () cis upenn edu Dave: There are several major flaws with this system. First, both parties have to agree on deletion, which means prior contact over the contents, otherwise, they can just copy and paste the plain text and print it out or save it. Also, it deletes the key, but the plain text that was decrypted could be contained in numerous places, such as a cache of some sort. Also, I have heard rumors of people being able to fool the built in timer to thinking it was an early time, allowing agencies to read this information long after the key expires. Just thought I should let you guys know. More extensive information is housed at /. (www.slashdot.org) P. Bennett IT Consultant
X-Sender: phoffman () mail imc org Date: Fri, 08 Oct 1999 19:02:15 -0700 To: farber () cis upenn edu From: Paul Hoffman / IMC <phoffman () imc org> Subject: Re: IP: sel-destruct email Although self-destructing email sounds cute, it has so many inherent problems that I can't imagine that it will be deployed very far. Here are just some of problems with the yet-to-be-released product: - You have to run a proprietary viewer to see the mail that is sent to you. Subproblems include: - Are you as a recipient *really* going to trust a program from a startup you've never heard of to run on your system just to read a piece of email? - Will the viewer run on all operating systems on which people get mail (including character-based Unix)? If not, how will a sender know whether or not a potential recipient will be able to read a message at all? - What if you want to read the first instance of this mail you get when you are not online? If you haven't already downloaded the viewer, you're left frustrated. - Needing recipients to have the viewer will have the same chicken- and-egg problem that has hampered all of the electronic wallets to date. - Many recipients rely on old email for a variety of purposes. They search through it for key words. They use it to figure out who someone who just sent you some mail is. This model assumes that the sender knows how long the recipient wants to keep the message, which is clearly wrong. - Because it is in a proprietary storage format, mail clients won't be able to search through the not-yet-deleted messages at all, which greatly reduces the value of those messages. - The recipient might want to use the text of the message in a different medium, like a word processor. If the viewer allows copy and paste, it defeats the ability of the sender to get rid of the information from the recipient's computer. If the viewer doesn't allow copy and paste, it greatly reduces the value of the message to the recipient. It's a lose-lose situation. - PCs and Macs allow users to capture screen shots fairly easily. Thus, the recipient really does get to keep a copy of the message, albeit as a screen shot. Other programs can easily extract the text from screen shots. Expect one or more programs that automate this process. This, of course, defeats the whole purpose of the original program and reduces it to an annoyance for recipients. - The basis for the product is based on a fallacy. "You don't want to end up like Microsoft if the { Justice Department | police | opposing counsel } comes after you." If the police ask for your old email you and you say "we can't give it to you, all the mail you're looking for autodestructed", do you really think they're going to walk away and say "wow, that's too bad"? It's much more likely that they will confiscate all the computers on your premises looking for traces that they can try to put together. Deciding which of these two scenarios is a greater threat to your company is left as an exercise for the reader. Finally, let's be honest: it's just plain rude. "Read this message now because I'm going to destroy it in the future against your will." Gee, that's a great way to do business-to-business or person-to-person communication. "Read this under my terms or else" doesn't match how people use today's postal mail, faxes, web sites, or email, which means that you have to convince your recipients to change the way they do business in order to read what you sent them. In other words, this is a technology that, even if it worked, could only be appreciated by senders. Ignoring your recipient is not a good way to communicate. --Paul Hoffman, Director --Internet Mail Consortium
Current thread:
- IP: some comments on : sel-destruct email David Farber (Oct 09)