Once someone sends me an email, barring any prior agreement, it's mine. I may not own the ideas therein, but I certainly can claim enough ownership that the sender destroying the email irrevocably, without my consent, should raise some flags.
I'm seeing parallels with those useless "this email is confidential, private property, etc." footers that people stick on their emails.
It's called a screenshot. Even my mother knows how to make one – it's built into OS X, Windows, iOS, and Android. So really this is a step backwards from the "light the paper on fire" level of security 007 had back in the '60s.
Bit more than just ‘not loading’ — certainly any email I receive that attempts to load remote resources is presumed to be malicious. (In this case, that presumption is correct.)
I see some criticisms (that I agree with) of the "security" model here.
Implementing the self destruction protection on the client is problematic (even in the case of SnapChat) because the end user is in control of the client. So if users are motivated enough they'll be able to circumvent any protections you implement.
The nice thing is that most users are not motivated enough to do what's necessary to retrieve the self-destructing messages. It's a lot easier to save the message when sent to a web client but it's still beyond the ability of most users.
So no these applications aren't providing real security but it's close enough for the types of messages that I assume people are sending.
It's an interesting concept, and I will always give a lot of credit for the sheer act of building something. But talk to us about the need and the use case here. Snapchat I understand -- but is there really a big need for self-destructing emails? If anything, the real problem in the email space is long-term storage and management.
I see the email space and the SMS/text space diverging into very separate use cases: email for long form communications that, if anything, are to be saved and filed; SMS for short-form communications that are disposable (literally, in the case of Snapchat, or figuratively). I get that there are long-form communications that are sensitive, and that we sometimes wish wouldn't stick around forever. But what proportion of all email conversations do we think this use case represents?
You bring up a valid concern - I'd say that this isn't something that you'd use all the time with your email, but it has its time and place (just like off-the-record gchat), and when it is needed, it really comes in handy.
This has been done before, in many variations. There's always a way for the recipient to save a copy. At least this scheme doesn't require special client software.
Note that this depends on the recipient's email client making a request for the image, which, thankfully, most clients provide a way to turn off.
Nah, they changed their name to Omniva and used their technology for corporate email/document management (read: delete those emails before they are subpoenaed). Then they were bought out by Liquid Machines, and the product lives on as Liquid Machines Email Control.
I think the money just wasn't there for public use.
Use case: when you don't want your email hanging around on the other guys server. Ex. sending credit card information to a hotel. You want them to get it, ie. you trust them enough, but you can't trust their email security for the next 4 years.
Think how someone like General Patreaus could have benefited! He trusted Broadwell (perhaps his main mistake), but unfortunately for him the email hung around long enough for the FBI. :))
Also, docs say email is destroyed as soon at is read. No 7 days (couldn't find that).
How does the wording suggest that? All it implies is that an image identifier is maintained, and once viewed, it's marked as stale and never served again.
Exactly. If the whole point of the app is that the email is deleted as far as the recipient is concerned why not delete it from the server too? If you're never going to serve it again, delete it. Then you definitely can't accidentally serve it (or nobody can compel you to provide access to it).
The only use case I could think of was those ATM Pins that you receive which always say "destroy this letter after you memorize your pin". So you could email a pin/some sort of sensitive info and have some level of safety.
Obviously the person can choose to save the image but you could also not destroy your ATM Pin Letter and/or even photocopy it.
Wouldn't that fall under the "seriously sensitive information" that is recommended not to be sent? From the FAQ:
"That being said, you should always be careful. We recommend you do not send any seriously sensitive information through Ghostmail and refrain from corresponding with people you do not trust."
That being said, congrats on building something. I still haven't gotten that far.
Agreed, I seriously wouldn't recommend sending that information online at all, but the unfortunate thing is that some people send it through email anyway. A more appropriate use case would be to send a secret that isn't damning, but that you'd just prefer wouldn't stick around in someone's inbox.
You could also record all of your phone conversations and copy all of your off-the-record gchats into text documents, couldn't you? The point isn't for this to be absolutely foolproof, but rather that when you have a somewhat sensitive conversation with someone you trust, you can have some peace of mind that there won't be a hard record of what you are saying.
This service converts your email into an image. You can save a copy of the image, and keep it forever, even though the mail will disappear. It's novel, but I'm not sure I see use-case for it.
Think about gchat's off-the-record feature. Anyone can copy and paste an entire conversation, but the thing is, most people aren't motivated enough to copy every single one, so you have an added element of safety. Further, everyone I use ghcat off-the-record with is someone I trust - I just don't want a copy of the chat sitting in their email.
If, as a public corporation, you were to do that you'd end up being sued anyway. Sarbanes-Oxley not only requires e-mail retention, but the SEC can impose significant fines if e-mails end up 'disappearing'.
To put it another way: if you turned around during discovery and told the other party you'd deliberately used a system that caused all your e-mails to self-destruct you could expect to be destroyed in court.
EDS had a 20 Megabyte Email quota in 2002/2003 in order to "conserve resources" - basically meant there was a 30-45 day window before you had to start deleting email.
This is such a cool idea. I would email my number to random girls I met on a Friday night haha... "hurry up and save my number orrrrrrrr I will disappear" lol
Once someone sends me an email, barring any prior agreement, it's mine. I may not own the ideas therein, but I certainly can claim enough ownership that the sender destroying the email irrevocably, without my consent, should raise some flags.
I'm seeing parallels with those useless "this email is confidential, private property, etc." footers that people stick on their emails.