Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Google Chrome The Internet

Gmail Messages Can Now Self-Destruct 204

New submitter Amarjeet Singh writes: Dmail is a Chrome extension developed by the people behind Delicious, the social bookmarking app/extension. This extension allows you to set a self-destruct timer on your emails. You can use Dmail to send emails from Gmail as usual, but you will now have a button which can set an self destruct timer of an hour, a day or a week. Dmail claims it will also unlock a feature that won't allow forwarding, meaning only the person you sent your message to will be able to see it.
This discussion has been archived. No new comments can be posted.

Gmail Messages Can Now Self-Destruct

Comments Filter:
  • by elgholm ( 2746939 ) on Sunday July 26, 2015 @06:14PM (#50186675)
    Please explain.
    • Re: (Score:3, Insightful)

      Really. Is there some hidden API into gmail? And receiver can do whatever it wants with the email, includ8ng forward, via cut and paste if necessary, assuming bizarre behavior from gmail.

      And what of gmail's safety backups? How long before gmail clobbers those?

      • by Anonymous Coward on Sunday July 26, 2015 @07:34PM (#50186953)

        The only part of this that is related to gmail is that it is a chrome extension that adds the feature to the gmail interface. It sends the user an email link to view the message on a webpage, and then deletes the message later. It probably captures select and right click events in order to be "secure" too. In short, it is garbage.

        • So basically this is like those silly e-cards my mom insists on sending for birthdays and holidays. It's got nothing to do with email, except that the link is sent inside an email message.

        • by Dan541 ( 1032000 )

          The only part of this that is related to gmail is that it is a chrome extension that adds the feature to the gmail interface. It sends the user an email link to view the message on a webpage, and then deletes the message later. It probably captures select and right click events in order to be "secure" too. In short, it is garbage.

          So, it's not email then. "Go to this website, we have a message for you." No.

        • And nobody has figured out how to use Snipping Tool or Screen Capture or any of a number of ways to defeat said restrictions.

          If the text is sent, it can be captured. False security is worse than no security.

      • by mysidia ( 191772 )

        No.... it's a 3rd party messaging service using HTML E-mail and a custom browser extension. To enforce the "self-destruct" rule, the e-mail is hosted on the Dmail provider's mail servers instead of the content being sent in the e-mail message.

        Nothing to see here..... I'm not going to be accepting any e-mail sent using such a service. I will tell the sender "No, send me a normal e-mail message; I can't read that one."

        • Ah, too bad. I sent you my bank account #, SSN, mother's maiden name, the street I grew up on, and my favorite 4 digit number, and can't be arsed to type all that out again.

    • by John Allsup ( 987 ) <slashdot@chal i s q u e.net> on Sunday July 26, 2015 @06:20PM (#50186705) Homepage Journal
      (GUESS) If you don't have their app installed in Chrome and view within Chrome, you get emailed a link, which opens in a browser. Most likely it will be a rendered image (or something like that), though of course you could still attach that. (/GUESS)

      If I receive a 'click on this to see your message', like many, I will probably email back whoever sent it, ask them to resend as a conventional email (that is, disable Dmail) or else I will simply delete it. Quite possibly I might consider writing an app which goes through my gmail via IMAP and automates this process (that is, scan inbox, detect dmail messages, auto-reply requesting conventional email, and move to dmail-spam).
      • I can't imagine this will ever get used enough for it to make any sense for you to spend your time automating the task...

      • This approach to special-handling-required email is pretty common - if the recipient has the right software (client / app / browser extension / whatever), their email client can read it directly, otherwise they have to use a web link to the provider's server. The more secure and scalable versions store only keys of some kind on the server, and include the encoded or encrypted message in the email, the simpler but less scalable and less secure ones keep it on the server and just include a link in the email.

    • by mwvdlee ( 775178 )

      I can only imagine they render the text to an image hosted on dmail's servers, which is deleted after a set time.
      But that won't work with Gmail, since Gmail caches all images on their own servers (including HTTPS and never-ending images).

  • I know this is ancient technology by today's newfangled social media buzzword bingo, but have those devs ever heard of copy/paste?
  • by cheesybagel ( 670288 ) on Sunday July 26, 2015 @06:17PM (#50186683)

    BS.

    "it will also unlock a feature that won’t allow forwarding, meaning only the person you sent your message to will be able to see it"

    Then I'll copy and paste the text to another Windows and foward it.

    What the article describes is not e-mail. It's an messaging app with a different protocol using e-mail only as a transport mechanism.

    • by brian.stinar ( 1104135 ) on Sunday July 26, 2015 @06:37PM (#50186765) Homepage

      DRM is built upon the lack of understanding that playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content. It's always possible to do an analog scrape, if the DRM keeps everything in digital land "safe." As I recently found out with .m4b files, it's just a matter of how annoying the DRM producer wants to try and make that process, and how valuable your time is.

      I never understood the desire to try and accomplish anything else. Software/hardware/device manufacturers that try and DRM-proof their products annoy me. I left a startup because of DRM:

      "Brian, we need to protect our content. That's why I'm putting you on this DRM-WordPress-enabled-web-protect-our-desktop-application project."
      "Actually, hardly anyone wants to buy this software yet. The best thing that could happen would be it would catch on fire on pirate networks. That's called free marketing."
      "I spent twenty years of my life developing this software."
      "And it's only been the last six months that you've sold ANYTHING. Let's close these sales deals, and then start developing the subscription-only services, that require a valid subscription, and then we can 'protect' the content by having AWESOME subscription based content. If anyone pirates v 1.0, let's make v 2.0 so much better they cannot wait to buy it, and support us!"
      "The software isn't ready, we need to protect it."
      "DRM in the absolute best case adds NOTHING to the user, and in the worst case is horribly annoying. I'm not going to work on DRM technology that will alienate our miniscule user base."
      "I disagree."
      "I'm out."

      And this is why the second start-up venture I was a part of failed. Everyone left, after 20k in 'sales' never materialized based on the founder wanting to 'protect' his software. I am ready for the third failure though!

      • by quenda ( 644621 )

        playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content.

        Ridiculous. If that were true, why would all those clever companies spend countless millions on advanced technologies like BD+ and HDCP?
        You think they just enjoy flushing money down the toilet?

        • Because those are technologies aimed to protect the path of those necessary digital copies. The photons from the screen still need to travel through the air though, and there's nothing stopping you pointing a camera at it.
          • by quenda ( 644621 )

            They don't even protect the digital path very well, because the consumer needs the keys to view the content.
            The idea is fundamentally broken. (As are the above-mentioned DRM schemes.)

            • I agree, but that doesn't change the fact that your initial response of "Ridiculous" to the claim that "playing content requires the ability to duplicate that content" was misguided.
              • by quenda ( 644621 )

                No, it was just missing the sarcasm tags. Sorry, I misjudged the tone/audience. But still preaching to the choir here :)

        • How is this ridiculous? I don't understand. Are you being sarcastic with me? I'm sorry if I'm being dense.

          Yes, I do think they are flushing money down the toilet. I have been a contractor long enough to determine when a customer wants to build something useful, versus has a political/emotional need to flush money down the toilet. I think there are lots of political needs to flush money down the toilet on DRM, and then clear hackers play the game of cracking their DRM (mostly for fun, since someone with DRM-

        • playing content (text, image/sound/video) requires, BY NECESSITY, the ability to duplicate that content.

          Ridiculous. If that were true, why would all those clever companies spend countless millions on advanced technologies like BD+ and HDCP?
          You think they just enjoy flushing money down the toilet?

          Q1: Is that a trick question?
          Q2: Is there any movie released on Bluray that isn't available on Torrents in high-def?
          Q3: Does the torrent download include unskippable adverts for anti-piracy that just get in the way of viewing content and softbrick your bluray player because the keys were revoked requiring you to download an update for 10 minutes when all you want to do is watch a movie?
          Q4: If you answered no to question one, were you serious and are you should it wasn't a trick question?

          • by quenda ( 644621 )

            Rhetorical question. Feel free to take it seriously (who does gain what from DRM?), but thats getting off-topic.

            Just saying that a self-destructing email is like uncopyable media. Neither works as claimed, but that doesn't stop it making a lot of money for the people selling it.

      • "Actually, hardly anyone wants to buy this software yet. The best thing that could happen would be it would catch on fire on pirate networks. That's called free marketing."

        The most enjoyable thing about watching Dragon's Den/Shark Tank is how these startups come through the door thinking their great idea is about to take the world by storm. Invariably the first question asked by the Dragons/Sharks is, "how many have you sold"? And the last question is usually, "would you prefer 50% of something, or 100% of nothing"?
        Most people leave empty handed never to be heard of again.

        • I gotta watch this show! I've seen it a few times, and it ALWAYS seemed really interesting (and I learned a few things!), but I never made watching it a habit. Thanks for mentioning this.

    • Then I'll copy and paste the text to another Windows and foward it.

      I would assume the copy and paste functions would be disabled, otherwise this would be pointless.

      • by gnupun ( 752725 )

        How will gmail prevent the recipient from snapping a picture with their smartphone or just using the OS screen capture keyboard shortcut? This looks like a "Mission Impossible" gimmick or Snapchat wannabe feature.

        OTOH, will this affect the market valuation of Snapchat since it's a very similar feature?

        • Or you could run the software in a VM and have the host OS capture the screenshot, if they manage to implement invasive DRM.
          • Or you could run the software in a VM and have the host OS capture the screenshot, if they manage to implement invasive DRM.

            Or you could simply not run the software at all and only lose messages even the sender's drunk ass knew they would be ashamed of in the morning. And possibly the occasional extortion scheme.

    • Hey, Snapchat makes no sense at all, since anyone can screenshot/hack their own device. Even though Snapchat doesn't do what it claims, its a phenomena which has made lots of money. I think Google just wants to jump on the money train of making impossible claims to technology.
    • If they're selling it as "secure" (as in a user *can't possibly* forward the data), then it's bullshit. If they're selling it as "this prevents someone from inadvertently forwarding your message to others or keeping it available longer than intended", then it should work as advertised. Obviously, it doesn't prevent intentional abuse.

      Keep in mind that the vast majority of people simply use programs with the defaults enabled. Google's g-mail, by default, keeps ALL messages (by encouraging you to "archive"

      • by AmiMoJo ( 196126 )

        The only possible way it could work is by putting the text of the email into an inline image, or making the recipient click a link to view a web page with the text. Then they can "delete" it by removing the image/web page from their server.

        Both of these methods won't work very well in practice. Emails that are mostly one large image tend to be marked as spam. and most clients (including gmail) don't display images by default. When gmail does display an image, it caches it on Google's servers so that the ser

  • Um... "Print Screen" or "Screen Capture" kinda makes the whole premise of this pointless.
  • I already have this feature, it's called "Comcast"

  • by Whiternoise ( 1408981 ) on Sunday July 26, 2015 @07:40PM (#50186983)
    If only it were actually Dmail, that would make the whole premise a lot more interesting. Do they also build microwaves?
  • Won't/can't work (Score:4, Insightful)

    by Todd Knarr ( 15451 ) on Sunday July 26, 2015 @07:54PM (#50187043) Homepage

    Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anything that blocks remote content or disables Javascript in e-mail. Even if the recipient's using Gmail in Chrome that's going to be an issue considering how that sort of blocking's basic to blocking malware. And of course if the recipient's running a non-browser client using IMAP4, Dmail's completely out of luck.

    As far as being able to restrict viewing to only the recipient, that's easy. Every standard mail client today supports it. The hard bit's getting the recipient to generate a public-key certificate and install it as a personal certificate and key in their e-mail client. Then you just encrypt the e-mail using their public key and send it as an S/MIME message, their mail client will automatically decrypt it for them. I could even make that work in web-mail with a browser extension that recognizes the message text block, grabs it and decrypts it and stuffs the results back in the text block for the user to see. The obvious advantages here are that a) you wouldn't need to use any particular service provider to send the mail and b) not even the service provider or e-mail servers would be able to see the cleartext. The hard part's the PKI, and really all that needs is an extension for the mail client to automate generation of a certificate and installation into the client like we have in browsers. Depending on the browser and OS that might be simplified by taking advantage of shared OS cryptography features.

    I've kicked this idea around as a commercial possibility, but it all comes down to two basic problems:

    • If the messages are truly private it's nigh impossible to generate revenue by any means except annual subscriptions from users. Senders might pay, but recipients won't and that breaks the whole thing.
    • Controlling what happens after the message reaches the recipient's nigh-impossible. The best you can do is if you restrict recipients to a platform like mobile where they have to access messages through your app. There's still ways around the controls, but you can make it so the phone has to be rooted and then access to the secure credential storage obtained and that's not something that can be automated enough to be feasible for the average user to do. In an uncontrolled environment like a browser or a regular e-mail client? Forget it.
    • by tlhIngan ( 30335 )

      Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anythi

  • No. They can't.

    Nothing to see here. Move along. Don't feed the samzentroll.

  • by Mr. Freeman ( 933986 ) on Sunday July 26, 2015 @08:46PM (#50187201)
    Will this work for people sending messages to other random people? Probably not. But imagine a corporation deploying this system to all of their computers. Suddenly, the boss can tell their employees to do unethical things, make illegal threats, and so on without any chance that the FBI is suddenly going to show up and arrest him with evidence of his misdeeds.
    • Will this work for people sending messages to other random people? Probably not. But imagine a corporation deploying this system to all of their computers. Suddenly, the boss can tell their employees to do unethical things, make illegal threats, and so on without any chance that the FBI is suddenly going to show up and arrest him with evidence of his misdeeds.

      It only takes one employee with a smartphone camera to completely destroy this model.

  • Apparently it's only "your email replaced by a link to the content". Somebody really knows how to pimp up a news article so it reaches front page huh.

    I found this from the reviews on the chrome extension site as I didn't bother installing it, WHICH IS STILL MORE THAN THE ARTICLE AUTHOR MANAGED TO DO.

  • If the email is here, it is here, and nobody is going to delete it.

    Oh, it's actually HTML you say? Great, I didn't want to read that crap in the first place.

  • You can keep them by screenshot. You can forward them by screenshot. The security value of this feature is zero. At best it represents a mild annoyance to the receiver that wants to keep or forward them. Snake-oil "security" at its best.

  • And works best on smart watches made from Unobtainium (the bullshit element).

    I could be wrong though, and I invite the creators to email me proof to my mail server, where I'll view their proof via IMAP on Icedove. I'll even ensure I view it in the Rich Text subset of HTML and forward copies in mixed format to other interest testers.

    In other news Ted Turner spent his whole day smoking joints instead of just one before breakfast. Jane must of locked him out of the bedroom again.

  • Once that email is in the wind... its free... you're not calling anything back unless you control the receiver's email server.

  • they can claim whatever they want, but it won't work on any other mailclient (unless the specific mailclients are going to implement the feature, and guess what, don't count on it)....
  • a good use for the HCF instruction

  • ... that's not how any of this works!

  • This is a valid concept so long as both parties agree to uphold the privacy. However, that's a big "if."

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...