Lauren Goode

Recent Posts by Lauren Goode

With Burn Note, Self-Destructing Emails Vanish After They’ve Been Read

January 31, 2012 at 10:03 am PT

Last year, New York-based entrepreneur Jacob Robbins was working on a project with someone who lived on the West Coast. He needed to share a password with his collaborator via email, but was suddenly hesitant to send the sensitive information.

“I didn’t want the password to live in an email somewhere. I started thinking, what if there was something that would allow me to destroy the email?” Robbins said in an interview.

The thought stayed with him, and by summer, Robbins had dropped the other project to turn his full attention to building a service for hyper-secure email exchanges. He named the service Burn Note.

Burn Note, which opens up to the public today, allows the sender of an email to set a time frame in which the receiver can read an email before the email disappears.

At that point, the email no longer exists — anywhere.

Burn Note’s Web site says the service uses no binary logging, which means there are no standby servers, or backup copies of emails. The company uses a storage engine that has no journaling capabilities, and an underlying file system that logs metadata but not the content of the notes themselves.

While grabbing an image of the email might seem like a simple workaround, Robbins said he has introduced two methods to the service that make it extremely difficult for recipients to quickly copy the text of an email for posterity. Burn Notes can include Web links, but can’t send attached files, though Robbins has said attachments are in the works.

“I think there are a lot of legitimate uses for why people would want an off-the-record conversation,” Robbins said. “The message goes away, but it’s still been communicated to the recipient, which is the point.”

Robbins most recently served as the head of software development for Facebook-acquired Drop.io; he said the Burn Note service was partly inspired by that cloud-storage service. “There was a feature that we considered, but ultimately didn’t turn on, where a file could have a certain number of views before it self-destructed,” Robbins said.

While there currently aren’t any mobile apps for Burn Note, Robbins said that it’s a mobile-optimized Web site, so it can be accessed from a phone with a Web browser.

Highly encrypted or “vanishing” email services aren’t new. In 1999, Canada-based Hush Communications launched Hushmail, a free Web-based email system for individuals and businesses that sent PGP — Pretty Good Privacy — encrypted emails. As Wired reported, it was originally stated that “uniquely-coded” Hushmails were so encrypted that not even Hush employees with access to servers could read the emails.

But in 2007, Hush turned over a dozen CDs of emails, following a court order obtained through a mutual assistance treaty between the U.S. and Canada. The evidence was requested as part of a U.S. federal prosecution of alleged steroid dealers. The company subsequently acknowledged that Hushmails could, in some instances, be decrypted.

In 2009, the New York Times wrote about a group of scientists at the University of Washington who developed software that would make email messages disappear after a period of time. The software, called Vanish, would rely on a key-based encryption system that differed from the usual key cryptography used in digital communications, by making the “keys” erode over time.

A couple of months after that, “Freedom to Tinker,” which is hosted by Princeton’s Center for Information Technology Policy, released a paper detailing a series of experimental attacks against the Vanish prototype. The paper stated that Vanish should be considered too risky to rely on.

On a Web site for Vanish, the group acknowledged that the implementation on which Vanish was based was not adequately protected against attacks, and says it’s “investigating new directions and architectures for self-destructing data.”

Burn Note’s Robbins says Hushmail’s service and the Vanish project are different from Burn Note because those products rely on encryption keys, while Burn Note is effectively reengineering the default settings of computer systems and server systems so that nothing at all is saved.

When asked what Burn Note’s protocol would be for handling requests from law-enforcement officials for email exchanges, Robbins replied, “Burn Notes aren’t emails.”

He went on to say that the exchange of Burn Notes is more comparable to phone calls in that, unless they’re recorded, the exchange itself can’t be retrieved.

But Burn Note — unlike phone companies — doesn’t keep a log of who is communicating with whom. Robbins said the company plans to compile and study anonymous usage data, but will keep two separate logs — incoming messages and outgoing messages — rather than a log of messages exchanged between users. According to the company’s explanation of its technical procedures, even the time stamp on the message is anonymized: Burn Note rounds the times to the nearest hour so that timing cannot be used as a unique identifier.

“A lot of services launch to acclaim that they’re going make digital communications disappear,” said Paul Ohm, an associate professor of law focused on information privacy at the University of Colorado Law School. “But they sometimes become that place where bad people go to exchange information, or a haven for criminals. In order for this work, you have to stay on the side of legitimacy.”

“It’s never a complete dead end,” Ohm added. “There has to be data living somewhere, and there’s always a way to engineer around these systems.”

While Burn Note will at first be marketed to the average email user, Robbins said he hopes to attract attention from the enterprise market. “I think there’s a really interesting set of use cases around banks, especially if it can be made to plug in to existing systems,” he said.

When asked how Burn Note might comply with the record-keeping obligations of U.S. financial institutions have, Robbins said it would require a case-by-case evaluation.

“I don’t have a good answer for that, because it will require review by a legal professional before we can fully work through that type of situation,” Robbins said. He pointed to the company’s privacy policy, which plainly states:

“If you have a legal obligation to preserve data, do not use Burn Note.”

Tagged with: Burn Note, communications, court, data, digital, Drop.io, email, encryption, FBI, Hushmail, Jacob Robbins, law enforcement, legal, secure, system, Vanish

What You Need to Know About Online Gift-Card Exchanges

December 30, 2013 at 6:00 am PT

Kids Get New Tablets Over the Holidays? Here’s How to Lock ’Em Down.

December 27, 2013 at 5:00 am PT

Motorola’s Moto G Might Stand for “Great” Budget Phone

December 23, 2013 at 6:00 am PT

Sony Updates Lens-Style Camera to Include Photo Gallery, Better Connectivity

December 19, 2013 at 9:30 am PT

The NeatConnect Scanner Is a Cloud-Connected Guilty Pleasure

December 16, 2013 at 6:00 am PT

Latest Video

View all videos »

Search »

You Say Goodbye and We Say Hello

Walt Mossberg and Kara Swisher in Media

The NSA and the Corrosion of Silicon Valley

Michael Dearing in Voices

You Won’t Believe All the Crazy Hardware the NSA Uses for Spying

Arik Hesseldahl in News

View all today’s news »

Uncovering a More Useful Android Lock Screen

Bonnie Cha in Product Reviews

Lenovo’s Bendy Yoga 2 Laptop Makes All the Right Moves

Lauren Goode in Product Reviews

Space Monkey Peer-to-Peer Digital Storage System Offers Better Backup

Katherine Boehret in The Digital Solution

Diabetes Data Beamed to Your Phone

Walt Mossberg in Personal Technology

Nokia Lumia 2520: A Solid Windows Tablet in Need of Apps

Bonnie Cha in Product Reviews

View all reviews »

First the NSA came for, well, jeez pretty much everybody’s data at this point, and I said nothing because wait how does this joke work

— Parker Higgins via Twitter