Self destructing data
An interesting article over at the New York Times (original site here) on 'self destructing' messages (self encrypting and throw away the key really).
The researchers at the University of Washington have developed a system to help control how long user data is available 'in the cloud'. Recognising that end users have little control over where their data in the cloud is stored, or even who has access to it, the Vanish system is designed to help the users control how long anyone (themselves included) can access the data.
The system works by encrypting the data with a key distributed in bits throughout a peer-to-peer network.
Now encryption is nothing new, but the difference with Vanish is that neither the sender nor the recipient hold the key in the long term.
While an interesting piece of research with some long term potential, this certainly doesn't eliminate the dangers of storing your data in the cloud.
Just ask twitter who learned the hard way a couple of weeks ago that someone determined (or bored!) enough will find the weakest link and exploit it.
Information Security is often described as 'asymmetrical warfare', a battle in which the good guys have to find and plug all the holes and the bad guys only have to find one poorly defended point.....
0 Response to "Self destructing data"
Post a Comment