-
Vanish – Självförstörande meddelanden på webben
http://vanish.cs.washington.edu/
Quote:Computing and communicating through the Web makes it virtually impossible to leave the past behind. College Facebook posts or pictures can resurface during a job interview; a lost or stolen laptop can expose personal photos or messages; or a legal investigation can subpoena the entire contents of a home or work computer, uncovering incriminating or just embarrassing details from the past.Vanish is a research system designed to give users control over the lifetime of personal data stored on the web or in the cloud. Specifically, all copies of Vanish encrypted data — even archived or cached copies — will become permanently unreadable at a specific time, without any action on the part of the user or any third party or centralized service.
For example, using the Firefox Vanish plugin, a user can create an email, a Google Doc document, a Facebook message, or a blog comment — specifying that the document or message should “vanish” in 8 hours. Before that 8-hour timeout expires, anyone who has access to the data can read it; however after that timer expires, nobody can read that web content — not the user, not Google, not Facebook, not a hacker who breaks into the cloud service, and not even someone who obtains a warrant for that data. That data — regardless of where stored or archived prior to the timeout — simply self-destructs and becomes permanently unreadable.
Kolla in videon här för att få en idé om hur man kan använda det:
http://www.youtube.com/watch?v=vQRXPG8T4HsNågra viktiga punkter från Vanish FAQ.
FAQ wrote:Could a Vanish application leak data?Yes. Vanish ensures self-destruction of encapsulated data and all copies of that encapsulated data. It does not protect data that is left in clear-text. So, unless an application wipes the clear-text data securely after having Vanish encapsulate it, then clear-text copies of the data might persist outside the the Vanish sandbox.
Also, in the current implementation, the Vanish Firefox Plugin does not prevent services, such as Gmail, from auto-saving drafts of emails, while they are being typed and are still in clear-text. These drafts constitute data leakage, and we advise users to either install existing plugins for disabling autosaves, or simply compose email messages in a separate window and only paste the encapsulated data in the Gmail Compose text area.
Are there other threats we should know about?
Yes. The Vanish prototype makes novel use of the Vuze DHT. It is possible—albeit we estimate very costly—for someone to attack Vanish via the DHT. We do not view such attacks as realistic today. And, if Vanish becomes popular, it is possible to strengthen Vanish against such attacks. However, we stress that Vanish is a research system. We encourage you to read our academic paper for detailed discussions of the experiments and security analyses that we performed. The source code for Vanish and Vuze are both available, and we also encourage you to look at them and study their security yourself.
How secure is Vanish? How much should I trust it?
Vanish is a research prototype and a first step toward achieving the goal of secure data deletion in the cloud. As a first prototype, it may suffer from bugs and security vulnerabilities. We encourage you to view Vanish with a skeptical eye, as you would view any new security software.
In particular, Vanish relies on DHTs to store and destroy pieces of cryprographic keys. Today’s DHTs are susceptible to a variety of attacks (e.g., the Sybil attack, routing attacks). In our paper, we discuss the impact of some of these attacks on our system and propose additional defenses that one could incorporate into Vanish. Some of these defenses are already implemented in Vanish (e.g., an obfuscated lookup mechanism), while others await adoption by P2P systems.
The bottom line is that you should use Vanish as a data sanitization tool for today’s unforgetful Web. Instead of sending some sensitive data in-clear, you should use Vanish to decrease your exposure to future attacks. We advise you to treat Vanish with caution for now, however, and not rely upon it for perfect security or destruction guarantees.
How does Vanish work?
At a very high level, Vanish encrypts a user’s data locally with a random encryption key not known to the user, destroys the local copy of the key, and then sprinkles bits (Shamir secret shares) of the key across random indices (thus random nodes) in a DHT. A DHT, or Distributed Hash Table, is a decentralized, global-scale peer-to-peer (P2P) infrastructure. Our prototype uses the DHT provided by the popular Vuze Bittorrent client.
Jag hittade precis detta och ska läsa mer om det, men det verkar kunna vara användbart vid vissa tillfällen. Man ska dock komma ihåg att det är en tjänst som inte är färdigutvecklad ännu, så lägg inte era liv i dess händer.
-
1 Reply
-
Tycker de påminner mycket om pgp krypterings systemet.
Detta verkar dock mycket lättare, tack för tipset
