Self-destroying data for the web

Given how hard it is to save data you want, losing data you don't want - like drunken party pictures - should be easy. It isn't, as the inventors of Vanish found. But there's still hope.

Given how hard it is to save data you want (see The Universe hates your data), losing data you don't want - like drunken party pictures - should be easy. It isn't, as the inventors of Vanish found. But there's still hope.

Problem Youth and foolishness go hand-in-hand. But the power of the web means that silliness can now be stored and found with the speed of a Google search. You don't want sexy love notes - or pictures - to a former flame posted for all to see after infatuation sours.

Or maybe you want to discuss marital, health or work problems with a friend over email - and don't want your musings to be later shared with others. Wouldn't it be nice to know that such messages will become unreadable even if your "friend" is Linda Tripp?

Researchers built a prototype service - Vanish - that seeks to:

. . . ensure that all copies of certain data become unreadable after a user-specified time, without any specific action on the part of a user, without needing to trust any single third party to perform the deletion, and even if an attacker obtains both a cached copy of that data and the user's cryptographic keys and passwords.

That's a tall order. Their 1st proof-of-concept failed. But they are continuing the fight.

Vanish In Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu, Tadayoshi Kohno, Amit A. Levy and Henry M. Levy of the University of Washington computer science department present an architecture and a prototype to do just that.

Ironically, the project utilizes the same P2P infrastructures that preserves and distribute data: BitTorrent's VUZE distributed hash table (DHT) client.

The basic idea is this: Vanish encrypts your data with a random key, destroys the key, and then sprinkles pieces of the key across random nodes of the DHT. You tell the system when to destroy the key and your data goes poof!

They built a Firefox plug-in for Gmail to create self-destructing emails and another - FireVanish - for making any text in a web input box self-destructing. They also built a file app, so you can make any file self-destructing. Handy for those Word backup files that you may not want to keep around.

Unfortunately the first prototype of Vanish turned out to be crackable, as a group of researchers at UT Austin, Princeton, and U of Michigan proved. They showed that an eavesdropper could collect the key shards from the DHT and reassemble the "vanished" content.

Oh, well, back to the drawing board. The Vanish team continues their work.

The Storage Bits take The Internet is removing our privacy even faster than the Roberts court. While young people may think it no great loss, check back in 20 years and we'll see what you think then.

In the 1930's many believed that capitalism may have reached the end of its usefulness and that socialism or even communism might offer a better way. During WWII, America allied itself with communist Russia - which bore the brunt of the fighting - to defeat Hitler.

Yet a few years after WWII - in one of America's periodic attacks of unreasoning fear and paranoia - suspected communist "sympathizers" were subjected to harassment, job loss and even blacklisting if they had been too supportive of our former ally. Robert Oppenheimer, who lead the Manhattan Project that developed the atomic bomb, was only one of the most prominent and loyal Americans to be persecuted.

You don't have to be Tiger Woods to want to keep your private life private. I hope the Vanish team succeeds.

Comments welcome, of course.