Feeds

Self-destructing email – what Bill wants for Xmas

But it's not quite as simple as that, fortunately

  • alert
  • submit to reddit

Security for virtualized datacentres

The self-destructing email is almost upon us, according to a piece in the morning's New York Times. The breakthrough (if breakthrough it is) comes a little late for Microsoft, but Fort Redmond should look on the bright side - all of those awful trial exhibits add up to an amazing sales pitch to companies who don't want the same thing to happen to them.

But that of course is one of the problems as well. What do you think would be the reaction if Microsoft today started wiping its emails from its systems? Or if Microsoft developed a product that made it easier for itself and its major corporate customers to do so? The Feds wouldn't be happy, and the general conclusion would likely be that industry was giving itself carte blanche to do whatever it wanted, because there'd never be any evidence.

That's not of course how the companies developing email control systems would put it, but it's certainly how a lot of corporations are likely to see it, if the software flies in the first place.

The way the developers put it, what they're actually trying to do is to give customers the ability to control their information, stop it leaking, and stop email that only amounts to casual conversations escaping and being used against them. In its trial defence Microsoft argued that the brutal language used in its internal emails fell into this category, and couldn't be interpreted -- as the DoJ did interpret it -- as being official company policy.

Which up to a point is fair enough. In casual conversation quite a few people in business are prone to promise to do unspeakable things to rival companies, and some of this now gets transferred into email. So how come email gets recorded but the casual conversations don't?

Well, there you have the problem as far as Microsoft is concerned, anyway. Quite a bit of the trial evidence consisted of long documents of strategic significance, with accompanying emails (some of them including the rough stuff) commenting on them. How do you tell the difference between casual conversation and strategic documentation when it's all mixed up together? You don't, and if it's left to the corporations to decide where the line lies, they're going to draw it extremely tightly.

And anyway, self-destructing email looks extremely difficult to do. You have to be able to control the ability to copy the email, to print it out, to take a picture of it on screen -- it does rather look like you have to have all of the PCs in your organisation heavily locked down in order to even stand a chance of total control. Set against that challenge, developing software that makes email messages destroy themselves after a set period of time sounds pretty easy, but unless you can plug all the holes, what's the point?

Probably the best companies can hope for is to increase their ability to reduce information leakage, rather than eliminate it, in which case the documents that are being subpoenaed in current legal actions are still likely to exist, either somewhere with the organisation or with a business partner.

If companies went much further than this and actively destroyed documentation, then you could turn the casual conversation analogy on its head. They would effectively be shredding sensitive information that had been carried by email. And what happens to companies who shred information they think might get them into trouble? ®

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Apple's iPhone 6 first-day sales are MEANINGLESS, mutters analyst
Big weekend queues only represent fruity firm's supply
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Bill Gates, drugs and the internet: Top 10 Larry Ellison quotes
'I certainly never expected to become rich ... this is surreal'
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
EMC, HP blockbuster 'merger' shocker comes a cropper
Stand down, FTC... you can put your feet up for a bit
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.