Once someone sends me an email, barring any prior agreement, it's mine. I may not own the ideas therein, but I certainly can claim enough ownership that the sender destroying the email irrevocably, without my consent, should raise some flags.
I'm seeing parallels with those useless "this email is confidential, private property, etc." footers that people stick on their emails.
It's called a screenshot. Even my mother knows how to make one – it's built into OS X, Windows, iOS, and Android. So really this is a step backwards from the "light the paper on fire" level of security 007 had back in the '60s.
I see some criticisms (that I agree with) of the "security" model here.
Implementing the self destruction protection on the client is problematic (even in the case of SnapChat) because the end user is in control of the client. So if users are motivated enough they'll be able to circumvent any protections you implement.
The nice thing is that most users are not motivated enough to do what's necessary to retrieve the self-destructing messages. It's a lot easier to save the message when sent to a web client but it's still beyond the ability of most users.
So no these applications aren't providing real security but it's close enough for the types of messages that I assume people are sending.
It's an interesting concept, and I will always give a lot of credit for the sheer act of building something. But talk to us about the need and the use case here. Snapchat I understand -- but is there really a big need for self-destructing emails? If anything, the real problem in the email space is long-term storage and management.
I see the email space and the SMS/text space diverging into very separate use cases: email for long form communications that, if anything, are to be saved and filed; SMS for short-form communications that are disposable (literally, in the case of Snapchat, or figuratively). I get that there are long-form communications that are sensitive, and that we sometimes wish wouldn't stick around forever. But what proportion of all email conversations do we think this use case represents?
You bring up a valid concern - I'd say that this isn't something that you'd use all the time with your email, but it has its time and place (just like off-the-record gchat), and when it is needed, it really comes in handy.
Nah, they changed their name to Omniva and used their technology for corporate email/document management (read: delete those emails before they are subpoenaed). Then they were bought out by Liquid Machines, and the product lives on as Liquid Machines Email Control.
I think the money just wasn't there for public use.
Use case: when you don't want your email hanging around on the other guys server. Ex. sending credit card information to a hotel. You want them to get it, ie. you trust them enough, but you can't trust their email security for the next 4 years.
Think how someone like General Patreaus could have benefited! He trusted Broadwell (perhaps his main mistake), but unfortunately for him the email hung around long enough for the FBI. :))
Also, docs say email is destroyed as soon at is read. No 7 days (couldn't find that).
Exactly. If the whole point of the app is that the email is deleted as far as the recipient is concerned why not delete it from the server too? If you're never going to serve it again, delete it. Then you definitely can't accidentally serve it (or nobody can compel you to provide access to it).
The only use case I could think of was those ATM Pins that you receive which always say "destroy this letter after you memorize your pin". So you could email a pin/some sort of sensitive info and have some level of safety.
Obviously the person can choose to save the image but you could also not destroy your ATM Pin Letter and/or even photocopy it.
Agreed, I seriously wouldn't recommend sending that information online at all, but the unfortunate thing is that some people send it through email anyway. A more appropriate use case would be to send a secret that isn't damning, but that you'd just prefer wouldn't stick around in someone's inbox.
You could also record all of your phone conversations and copy all of your off-the-record gchats into text documents, couldn't you? The point isn't for this to be absolutely foolproof, but rather that when you have a somewhat sensitive conversation with someone you trust, you can have some peace of mind that there won't be a hard record of what you are saying.
Think about gchat's off-the-record feature. Anyone can copy and paste an entire conversation, but the thing is, most people aren't motivated enough to copy every single one, so you have an added element of safety. Further, everyone I use ghcat off-the-record with is someone I trust - I just don't want a copy of the chat sitting in their email.
If, as a public corporation, you were to do that you'd end up being sued anyway. Sarbanes-Oxley not only requires e-mail retention, but the SEC can impose significant fines if e-mails end up 'disappearing'.
To put it another way: if you turned around during discovery and told the other party you'd deliberately used a system that caused all your e-mails to self-destruct you could expect to be destroyed in court.