Got something to hide? Try "Vanish" to protect your privacy

Not that I have anything to hide, but I decided to give the University of Washington's new e-mail disappearing tool, dubbed Vanish, a whirl anyway.

I couldn't quite get the downloaded version to work without timing out, but was able to get the gist with an alternate "modest scale" service version. Hey, I figured, maybe I could employ this technology the next time I write a story I might not want to last forever. 

But first, some background on Vanish:

The prototype system is designed to give people control over how long their e-mail messages and other online content lives out in the wild. Today it's pretty hard to keep track of your digital footprint (and this is only expected to get harder with the rise of cloud computing, as the recent Twitter/ Google Apps hack incident highlighted).

"If you care about privacy, the Internet today is a very scary place," said UW computer scientist Tadayoshi Kohno, in a statement.  "If people understood the implications of where and how their e-mail is stored, they might be more careful or not use it as often."

Encryption doesn't cut it, as legal actions could force the holder of a message to turn over the key down the road, the research team says.

25 leading-edge research projects you should know about 

Vanish, funded via the National Science Foundation, Intel and the Alfred P. Sloan Foundation, is detailed in a paper released by the researchers this week and to be presented next month at the Usenix Security Symposium in Montreal. Co-authors are doctoral student Roxana Geambasu, assistant professor Kohno, professor Hank Levy and undergraduate student Amit Levy, all with UW's department of computer science and engineering.

Vanish is not the first such effort by researchers to help e-mail users protect their privacy or even pull back regrettable electronic messages. We wrote about a company called Disappearing, Inc., 10 years ago and followed Novell's GroupWise's ability to unsend e-mail as well. Google's Gmail Labs also offers an Undo Send option. 

As for Vanish, it exploits the churn on peer-to-peer networks by creating a key whenever a Vanish user puts the system to use and then divvying up that key and spreading across the P2P net. Such networks, the same kinds used to share music and other files, change over time as computers jump on or off. As such, portions of the key disappear forever and the original message can't be unencrypted.

Vanish enables users to specify how long they want their content to last, in chunks of eight hours.

Of course there are fairly non-technical ways that Vanish-ed e-mail could live on, such as if a receiving party printed it out or took a picture of it. But the system is designed for communication between trusted parties.

I initially downloaded the program and Firefox plug-in, was warned to wait 5-10 minutes before using and of course didn't. So it kept timing out on me, even a half hour later. I reinstalled and did wait this time around, and still couldn't shake the error messages. Maybe it had something to do with a Java incompatibility issue or my work computer not letting me link up with Vuze DHT, the underlying storage system used to support Vanish. Anyway, on to Plan B, the service offering from the University of Washington that didn't require a download.