Trusted Third Party Time Stamps
Here is an interesting service. Surety provides a software solution tied to a trusted service to time and date stamp documents and records. Why would you need to do that? It all revolves around “litigation readiness”. My familiarity with the need for “discoverable records” comes from forensics where, during the course of an investigation you capture a lot of files and logs and have to demonstrate that these have not been tampered with by the investigators. You have to do that or opposing counsel attacks the authenticity of your evidence. Everyone probably knows you can change the system time on your computer and generate emails with fake times in them. (Want someone to reply to your email? Forward-date it by a year and it will sit on the top of their inbox queue until they delete it or respond.) You can use Surety’s solution to provide date and time validity.
I interviewed Tom Klaff, CEO of Surety, for this week’s Threatcast. Hear him describe first the need for trusted third party time stamps and second how they do it. One interesting thing to watch for in the classified ad section of the New York Times: Surety periodically posts the hexadecimals of their hashes to offer a final level of validation. Even Surety can’t tamper with data they have sealed without corrupting this hash.Theme music for IT-Harvest ThreatCasts used with the permission of Hyperion Records