[guardian-dev] Silent Text for Android - interesting feature

Fri Jul 26 14:32:33 EDT 2013

>
> Even on an entirely trusted platform with no security flaws (I wish!) you
> could
> always take a picture of the screen before the message destructs (the
> "analog
> hole").

Agreed—while I like the idea of self-destructing secrets, they are a little
more Danger Mouse than James Bond in the first place, in the real word, so
to speak. There isn't really an analog in the digital world, and I think to
try and use that abstraction as metaphor for functionality is ... I'm not
sure how to put this. Mendacious isn't the right word. Perhaps what I mean
to say is that once you send a message to somebody, you just can't stop
them from keeping a copy of it, and people ought to be disabused of that
notion in the first place.

Someone once said to me early on in my Internets learning: don't post
anything anywhere, email or otherwise, that you wouldn't want seen later by
anybody, your boss, your mom, etc. Obviously I don't stick to that, I never
want my Moms to go through my text messages, which is why I'm upset the
spooks are vacuuming them all up, but it's still a good kind of Golden Rule
of Internets.

On Fri, Jul 26, 2013 at 2:02 PM, Daniel McCarney
<daniel at binaryparadox.net>wrote:

> I'd advocate being very careful in how the functionality is described. I'm
> always nervous when talk of burner messages comes up. It's sufficiently
> simple
> that average users think they understand the security properties, but
> impossible
> to guarantee much from an implementation perspective. The devil is in the
> details :-)
>
> Even on an entirely trusted platform with no security flaws (I wish!) you
> could
> always take a picture of the screen before the message destructs (the
> "analog
> hole").
>
> - Dan
>
> On 26/07, Hans-Christoph Steiner wrote:
> >
> >
> > On 07/26/2013 11:46 AM, Nathan of Guardian wrote:
> > > On 07/26/2013 11:38 AM, Matej Kovacic wrote:
> > >> this is proprietary software (I think it is not opensourced yet), but
> > >> has one interesting feature - burning notices (deleting messages after
> > >> the other party received it).
> > >
> > > I do understand why a "this message will self destruct" feature is
> > > desirable, but I just can't bring myself to try and implement one.
> > >
> > > In short, do you want a remote mobile phone to be able to send a
> message
> > > to your mobile phone that it should delete an entry in your secure and
> > > encrypted local database?
> > >
> > > I suppose if you have a verified OTR connection, it does mean you trust
> > > the person you are communicating with, but otherwise, this sounds like
> > > DRM and/or a backdoor to me.
> >
> > It as long as the delete function its strictly limited to the single
> message,
> > I think that the functionality could outweigh the little bit of loss of
> control.
> >
> > .hc
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/wgray%40zetetic.net
>
> You are subscribed as: wgray at zetetic.net
>
>

-- 
Team Zetetic
http://zetetic.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130726/a052c9b9/attachment.html>