On Sun, 24 Sep 2000 anonymous@openpgp.net wrote:
AbsoluteFuture.com of Bellvue, Wash., has dubbed its service "SafeMessage," describing it as a "direct messaging" service that transmits messages from party to party without the use of a central server.
This distinction is significant because email, which always passes through mail servers, leaves a trace copy of itself that can be subpoenaed, read or otherwise accessed by unauthorized readers.
Besides bypassing a central server, the messages are heavily encrypted and are programmed to be automatically erased after a period of time designated by the sender. The encryption not only prevents outsiders from reading the message, but also limits the message recipient's ability to forward, cut and paste, or print the message.
WRONG! If data can be displayed by the recipient's computer, then it can be captured. Wanna bet somebody can't hang a screen-copying utility on their keystroke interrupt and capture the information that way? While this kind of stunt (actually just leaving those functions out of the GUI) may give people "warm fuzzies", it does not materially add to security, because fundamentally, the user has physical access to his/her own machine and can do whatever he/she wants to on it. And while it's probably good to notice that servers can get compromised and bypass them, does anyone here think routers can't be compromised? Let's face it, if the bits go from you to the other person over the Internet, there are always going to be lots of places where someone with fingers in the network can get a copy of them. Keeping a copy is not normal behavior for routers, but if someone wants to log traffic at a router they own, they certainly can.
Rival products include HushMail, ZixMail, Disappearing Inc. and Authentica.
As the owner of Disappearing Inc. I can tell you right now that we do not yet have a product in this space and do not have one under development at the current time. We have completed a feasibility study, in the context of a larger product encompassing a lot of different protocols, and that is all. A product, *IF* we decide to go ahead with one, is still over two years out.
Unlike AbsoluteFuture, however, these services use ordinary email delivery systems that are prone to online eavesdropping and may leave trace copies behind in the computers used to carry them. AbsoluteFuture believes it has found a solution to this problem by harnessing technology known as peer-to-peer networking, which connects personal computers directly, without the need for a central server to route file transfers.
It seems odd to see Disappearing Inc's product described in this way since we don't have one.
To use SafeMessage, a person signs on to the program with an ID and password, similarly to an email client. When typing the recipient, the person sends the contact to AbsoluteFuture's server, which locates the recipient online and allows the sender to send the message directly to the recipient.
And also provides a central monitoring point that allows SafeMessage to maintain logs of who mailed who and when, and to do a complete traffic analysis of all messages sent with this system. Isn't that special?
The message is encrypted before it leaves the sender's computer, and the decoder key is destroyed. If the recipient is not online, the sender must send the message to AbsoluteFuture's server, which will hold the message until the recipient logs on or the message times out.
And we know, of course, that when the message times out or is delivered, it's erased from the AbsoluteFuture server. We know it because ... well, actually, we don't. Unless we extend greater fundamental trust to the AbsoluteFuture server than to the servers we bypass by using it. There is no protocol for making sure that something is erased. Now, they are probably erasing. But we can't verify it, any more than we can verify erasing in any cypherpunk remailer. And they have their heads up far enough to attract attention, and they have investors to answer to so they can't just shut down if compromised the way cypherpunk remailers do. So there could be a carnivore already in place on their system for all we know, and they wouldn't be allowed to talk about it.
"In one sense this is slightly less secure because we're looking after it," Graham said. "But we don't have the key to get at it. Even if there was a court order for the message, it is highly encrypted. We'd say, 'OK, go ahead try to open it.'"
Right. While this system provides a route outside the normally monitored routes for traffic, it is not a route that can't be monitored. While it provides a server other than those normally subpeona'd, it is not a server that can't be subpeona'd. The only hard security this system can offer, therefore, is the encryption. So, if the product can be exported or downloaded from a website, I would have to suspect since it's made in the US that somewhere in the headers or trailers, the message bears a block that contains most of the key (all but the last 40 bits) encrypted in a form the NSA (and whomever else has their key) can read. -- This is the same thing that happened to Netscape after v4.07 for example, and Internet Explorer after v4. If it can't be exported, that would be a good sign. Aside from that, I don't know the particulars of the encryption they use - they claim to use a product cipher, but so far I haven't seen what the components of the product cipher are, what the key lengths are, how they do key management, etc etc etc. Ray Dillinger Disappearing Inc