This File Will Self-Destruct In 24 Hours

[menkveldj] built a service that encrypts files which self destruct in 24 hours. The download link can only be used once. If the wrong people were to get the link and download the file, they’d need many years on a pretty powerful computer to crack the 256AES encryption.

The sender shares a file that is encrypted client side using a password generated Pbkdf2 key to encrypt the data before uploading it to the s3 storage service. The sender is then provided the one-time-use link to share with the recipient. After the first download, or 24 hours, the link and the encrypted file are both deleted. The receiver must enter the same password to decrypt and recover the file. No one but the sharer and receiver know what the actual file is.

It’s still work in progress, so chime in with your comments and suggestions. To dig into the code, check out his repository on Github, which also has instructions to build and run it if you’d like to do your own version.

Oh, and you’ll like this. If want to thumb your nose at the powers that be, the site has a redirect for the whimsical domain: NSAfu.com.

75 thoughts on “This File Will Self-Destruct In 24 Hours

    1. If the recipient is already under surveillance, the requirement to provide the key before downloading could give the attacker the key. Keeping the attack surface smaller is better.

      1. he said “a” password, not “the” password. You can choose the download-password comletely unrelated to the actual encryption.
        Anyways, this “deletes itself after 24Hr or first download” requires trust.
        Trust in a company.
        in an American Company! A company, that could receive a NSL anytime.

        1. And if you want to disrupt communications done this way, you can listen in and simply beat the actual recepient to the punch every time, and nothing gets through because the file is always deleted before they get to know about it.

        2. From what little I know about these things, providing a magic key in order to download the file, would link the recipient to the file and the sender – as well as possibly provide an opportunity to do a ‘man in the middle’ attack. This way, nobody knows nothing. You can’t prove the sender and recipient know each other, just from looking at the file or it’s transmission. You can’t even prove the recipient knows what the file is, although it is implied.

          The fact that it uses a client-side script – that you have to download from them, and run – is stupid as hell, though.

          1. “The fact that it uses a client-side script – that you have to download from them, and run – is stupid as hell, though.”

            Love to hear any suggestions on how to make this better. The original reason for doing it clientside via js was to prevent the need for “trust”. The idea was that because the js is downloaded by you before use anyone security minded person could technically verify that it is legit before using it.

    2. Taken literally that’s extremely stupid, since it would give everyone the ability to permanently DoS the system.
      Just enter the wrong possword on purpose to disrupt communication. It goes against the availability principle of security.
      I assume you meant something else, since this would be the equivalent of hardening a webserver by disconnecting it from the network.

    1. It’s up to the original owner’s discretion if they want to keep another copy locally. The thing here is that you trust the cloud service to delete your file from their servers afterwards.

      1. your correct. However, even if you don’t “trust” the service you can trust the encryption as it was done clientside. Even if someone gets the file it’s frankly useless unless you find a way to break an AES encryption.

  1. 1 – I always thought about a password that counts also the timing between keys.
    3 – Would be extra safe if the files were physically saved in SD cards on server side, that when ‘deleted’, it would be actually burned/fried/vaporized, like in the picture.
    2 – Best-ish way to save files, is converting them to cash, send to your bank. They will keep it safe. To download, please, don’t go to ATM machines!

    1. SD ? really ? When you delete something from any solid state storage the data is still there, even if you overwrite data. Block wear levelling basically will hand you a new set of blocks. It is very hard to delete data on a SD, it would be my last choice for secure temporary storage, without using encryption.

          1. At approximately over 150 C the electrical difference between the n and p regions in a regular silicon transistor disappears, and it effectively becomes a three terminal resistor. In a flash cell, the same effect also turns the insulated gate into a conductor and causes any stored charge to leak out, which basically empties the whole device of any data.

            Even under normal conditions, flash chips don’t retain their data for more than about a decade. High temperatures simply accelerate the leakage.

          2. @Dax All I’m saying is that the electronic devices that were destroyed (July 2013), under the supervision of GCHQ ordered by the UK government, in the basement of the Guardian newspaper London, none of the removed chips with internal storage were destroyed with heat.

        1. The most recent (leaked) five eyes procedure for disposing of data stored on solid state devices is to grind up the chips until all the particles can pass through a 0.5mm sieve.

          1. Those procedures are not secret. Google for “Information Security Manual” (the AU and US governments both publish them, and I think UK as well, probably most western governments make theirs public) and it contains all you could possibly want to know about media handling, sanitisation and destruction, plus 1000 other things. It’s a good cure for insomnia.

            PS this project is either incredibly naive or expects its users to be. Don’t use it.

  2. If there is a way to download and make backup copy, it kinds of defeats the self destruct purpose. Unless the file has a way of causing CD-R and DVD-R to spontaneously burst in fire.

    1. Bizarrely, this kind of thing is possible. I worked on a project which involved crafting data which caused CD-Rs to fail early. Much fun. They didn’t catch fire though, just become unreadable.
      There’s patents out there if you want to search.

    1. I’m not going to deny child pornography exists but how prevalent is it? Sound like somethig the government age would say to justify snooping in everyone data, when the war on terror excuse starts loosing ground. years ago I read where the US government has the largest cache of child porn. Yes they caught willful criminals, but evidently what slow going they would mail the stuff to those who didn’t order it. More recently there was an article how charged with child porn where st up by their enemies However gathering the evidence to prove that is so expensive the accused fall on the sword to save their families from financial ruin.

  3. A tsr that boots before the os from the bios flash and keeps tabs on the file. The only way to make it as inaccessible as possible would be to have a on die hardware lock for the allocated memory space. The next best thing could be a rewrite of the hard disk controller.
    Nothing is unhackable. Even if it was left in a ramdrive you could in theory synchronise refreshes and then take over like life support as you disconnect it from the system. If it was on the hard disk it would be even easier to dump.

    1. also, a modern OS, everything since NT, that runs in protected mode, does not use the BIOS for IO anymore. To accomplish the same you would need to infect the OS device drivers. Which would not go unnoticed these days.

    2. @CRJEEA – I am so pissed! I just shelled out $80 bucks (USD) for a really cool tablet with it’s own built-in Chinese TH Virus that is basically irremovable. If you try it is designed to brick your tablet. I just threw it in my junk box. It was a famous one available on Amazon and most people are STILL not aware of it yet (Allwinner A23)! The TH virus is designed to steal passwords, etc. I had to change all my passwords via another Internet device. I think the THV is in the root somewhere. http://www.cmcm.com/blog/en/security/2015-11-09/842.html

        1. @Drone – I did Drone… Look at the post again in the parenthesis. It was the ALLWINER A32 tablet,

          https://upload.wikimedia.org/wikipedia/commons/1/18/Allwinner_logo.png

          In 2012 and 2013, Allwinner was the number one supplier in terms of unit shipments of application processors for Android tablets worldwide. Headquartered in Zhuhai, Guangdong China…

          I should have known it was too good to be true. The damn thing was loaded with cool eatures and was only $79.99 USD. China is trying to aim this at US marketplace. Stealing data, passwords, etc, for God knows what. I know President Xi Jinping sanctioned this. I can just feel it. No wonder the US alphabet soup is all a twitter over recent Chinese aggressive cyber-operations. They are planning something big… but starting small like this.

          1. But the USA is by far the largest consumer of made in China goods Disrupting that could harm Cina’s own economy, doesn’t make sense they would something that could harm themselves Using China to scare me lost traction long ago.. We in the USA should more attune to US citizens actions that are harmful to other US citizens. Not thawe shouldn’t an eye on foreign powers as well. Multi tasking isn’t that hard.

          2. I think the People’s Republic of China cyber-warriors underestimates the cyber-intelligence of Americans. They probably thought we’d never find the Trojan Horse in the root of an Android tablet as most Americans have no idea what a “root” even is. Actually on it’s face it was a pretty slick move. Just did not think it trough very well and factor in that some folks like HaD hackers are “smarter than the average bear Boo boo ” – Yogi Bear cartoon.
            https://pbs.twimg.com/profile_images/635472091081367552/X_zHZEgc.png

  4. How do we know you are not really an NSA stooge promoting an idea that they have already got a compromise for? How do we know you are not promoting this because it helps them to notice people they need to monitor, because only people with something to hide could be bothered using it, meanwhile the rest of humanity are happy to use QWERTY for their password because they just don’t care. Just say’n,,,,,

    1. ha. you don’t! That’s why I published my source code. Course if I was NSA id probably shut down Truecrypt and force Microsoft and Apple to provide hard drive encryption to the masses via the OS with a backdoor no one knows about…

  5. If the same file was written on a keyboard that can be tapped on, stored on a hard drive with closed firmware that has total access to it, on a system using processors with closed firmware as well, displayed through video cards with binary only blobs that can access any subsystem at maximum privilege, then sent trough network cards with binary firmware as above, that file will already have a thousand decrypted copies in some 3 letter agencies database even before it leaves the owner network.

  6. Any encryption is basically insecure with the resources available to FIVE EYES today. You can basically only depend on a time frame between when you sent your secret message and when it is discovered and decoded. Essentially impacting your mission’s execution time guidelines. IOW assume your sent secret message will be broken but it will take at least some time giving you time to do what you want to do.

    My idea is to use SNEAKERNET (coded secret text messages sent on a 3.5″ diskette commonly known as FD or the misnomer floppy disk and couriered to others by foot couriers or postal mail (today’s PC’s would require a external FDD (FD drive) – sound familiar to somewhat recent events in Pakistan?). Maybe use a client-side JS (JavaScript) program embedded on FD (floppy disk). It would do a simple transposition cipher that uses a external OTP source copy and paste to an adjacent text field in the UI (user interface). The OTP would be used to decode the other text field and create a text file to be downloaded locally on the PC. Since it is never saved on PC it will only be in RAM until you close the Notepad file unsaved.

    The JS scripting would be useless to anyone interdicting it as it does not really reveal anything about the secret message itself. You send the secret encrypted message in the clear via the FD (i.e. the public key). That part is very vulnerable. The OTP is saved on SD cards or some other media for later use. No passwords required.You only need to know which OTP to use today. Even the JavaScript script could be on your PC and not the FD if you like. FD’s are easy to destroy with common household resources.

    The JS below is NOT the actual secret message coding engine. It is only an automated method to take a UI text field and cause it to make a locally downloadable text file to be opened locally on the client-side with no server required. Then you can save it to FD or SD. It can also be used as part of the decoding engine too. The transposition coding engine in JS should be wicked easy to build on your own. The OTP’s can be made from truly randomly (i.e. not pseudo-random) occurring events that can be translated to text/numbers.

    To carry this idea to the next level: One could manipulate the JS script below to ride along on the FD and then using JS time/date commands and a UI password scheme, it could be manipulated to write a series of 1’s over the contents of the FD if all access and time constraints attempts fail. The JS source code on the FD could be written in obscuring code and file attributes of .js file could be hidden too. This part I do not know how to do. I don’t even know if it can be done due to most browser security constraints (i.e. overwriting a FD automatically that is).

    If any of this is pointless please try to be polite about it and not flame me… :-P

    Just HaD idle brainstorming here… not trying to help anyone do something fishy!

    -------------------------------------------------------------
    HTML BELOW
    Type something here Create file Download
    -------------------------------------------------------------
    //JAVASCRIPT BELOW
    (function () {
    var textFile = null,
    makeTextFile = function (text) {
    var data = new Blob([text], {type: 'text/plain'});

    // If we are replacing a previously generated file we need to
    // manually revoke the object URL to avoid memory leaks.
    if (textFile !== null) {
    window.URL.revokeObjectURL(textFile);
    }

    textFile = window.URL.createObjectURL(data);

    return textFile;
    };

    var create = document.getElementById('create'),
    textbox = document.getElementById('textbox');

    create.addEventListener('click', function () {
    var link = document.getElementById('downloadlink');
    link.href = makeTextFile(textbox.value);
    link.style.display = 'block';
    }, false);
    })();

    1. Some how the code tag resolved the HTML code. So I will try again. Replace all brackets [ ] with carets :

      [text area id="textbox"]
      Type something here
      [/textarea]
      [button id="create"]
      Create file
      [/button]
      [a download="info.txt" id="downloadlink" style="display: none"]
      Download
      [/a]

      1. No citation needed… common sense should tell you that with the advent of the NSA’s Bluffdale Utah Data Center, it’s new infamous router BEACON project, the MYA chip exploit of your CPU, and the many other cyber-exploits you may never learn about… it stands to reason that it would info-share with their 5-Eyes partners. Also reciprocal actions are made back to the NSA as well. I would not be far off to say one of the EYES is Israel. They are arguably the best cryptographers in the world. They also allegedly designed the formidable Stuxnet Virus. There’s a very valid reason they have office space at a 3-letter agency in McLean VA (USA). Just say’n…. Source: Mr. Apsconsus Origo

        1. “It stands to reason” doesn’t count for much. There are many well established ciphers that non-government cryptographers believe to be substantially secure, and public key cryptosystems that are provably secure under well known assumptions (prime factoring, discrete logarithm problem). “NSA has lots of computers” doesn’t compensate for that.

          1. @arachnidster – OK your entitled to your opinion. But the NSA’s supercomputers could use brute-force methods to decoding ciphers and reduce time-to-decode to several days rather than years by hand. But with the advent of all the new methods I mentioned they can catch the desired secret data BEFORE it’s encrypted by capturing it directly from your computer live. That’s like being the fly on the wall while your typing your secret message. They could do that anyway with a TSR Trojan Horse you accidentally launched and your AV just hasn’t spotted it yet..Some AV companies received NSL’s and have built NSA backdoors in their AV software. Microsoft runs them all the time just in case they get one from them. that’s just my opinion and I can’t prove it.

            The only method the NSA (et al) can not break via brute-force is OTP’s. However, some people are careless and use their OTP’s more than once. And there is a division of NSA called CSS that people are not generally aware of. CSS is their Central Security Service. They are the “boots on the ground” group of military-cutouts and controlled-psychopaths who they use to get the “physical stuff” (HUMINT) they need from a target by any means necessary (and they do other stuff too). So you are identified as a hard target who is obviously using OTP’s to send out secret messages they can’t break. But they KNOW where you are because your ISP just ratted on you due to a NSL or FISA warrant. That means your flat or home gets a visit when your not home. You know what they would be looking for. Better hide it good as they will toss the place and make it look like a burglary. Your locks will be picked by electric gun-keys, alarm systems are compromised, and your CCTV’s are spray painted or otherwise electronically defeated. Your OTP cache will be copied not stolen.

            You’ll usually see them ahead of time on your street days before in white unmarked Dodge Sprinters or Ford Econolines parked suspiciously with limo tint windows. Or an AT&T truck or Contractor truck that has overstayed it’s welcome. But the latest vehicle is this one which is quite slick IMO (quite creative and requires no LOGOs for cover story): http://tinyurl.com/j4foe9x

          2. “But the NSA’s supercomputers could use brute-force methods to decoding ciphers and reduce time-to-decode to several days rather than years by hand.”

            I think you fundamentally misunderstand how difficult modern ciphers are to break. AES256, for instance, would take _billions_ of years to brute force on current or forseeable hardware.

          3. @arachnidster – “…Rijndael’s [or AES] selection has been criticized by some because the algorithm does not appear to be as secure as some… Attacks on the algorithm have succeeded only in an extremely limited environment…” – Borys Pawliw / May 2007 / searchsecurity . techtarget . com

            The NSA started attack on AES-256 in 2004 and made some stunning milestones. They predict that when they bring the exaflop machines online in 2018 that maybe within a decade or less AES will be fully broken (note: extra “rounds” ignored). I know that’s a very long time but using CSS (HUMINT) they may get it sooner directly from Vincent Rijmen and Joan Daemen the inventors of AES (aka Rijndael). In the meantime the suspicous AES based ciphers will be stored at Bluffdale (aka Bumblehive) until then. See https://nsa.gov1.info/utah-data-center/ upon arrival pres CTRL-F on your keyboard and type: ultimate target

          1. I hate to admit it but they are very good at what they do… Maybe they are behind this OP article? You know to see how really stupid we are to actually use it and think it is really all that secure. I still believe in “rolling your own”. Even if it’s crappy it will still take awhile to figure out your strategy. I particularly like using the CRC method to check if the message was corrupted in some way. It would be great to know if someone looked at it. But that’s for quantum I guess,

  7. Since this service uses US based certificate authorities you can be sure they can spoof the SSL, then inject any code in any session they choose. Then they could do things like key escrow. As for the file its stored at a cloud provider that could easily make copies of the file. Thus this service is mostly a curiosity,and to anyone needing real security of almost no practical use.

    1. PER EDWARD SNOWDEN: You really need to worry about purchasing your CISCO router directly from Cisco and you are previously on some sort of NSA watch list. Allegedly the NSA can (and does) interdict the shipment via FedEx, UPS, DHL, USPS, etc. and installs a BEACON in the router’s firmware. Once they let the shipment go to your house and you hook it up to your Internet connection, they can backdoor your router, emulate it, and watch all packets coming and going to your house. Like a promiscuous mode sniffer. And who knows maybe it can also allow backdoor your PC via the infamous MYK legacy in your Intel CPU. MYK is now part of SafeNet, Raytheon, and Gemalto. Gemalto is the worse as it’s CEO Alex Mandl and his past involvement with In-Q-Tel. “No More Secrets”?
      https://translate.google.com/translate?hl=en&sl=fr&tl=en&u=http%3A%2F%2Flexpansion.lexpress.fr%2Fhigh-tech%2Fscandale-des-cartes-sim-le-president-de-gemalto-trop-proche-de-la-nsa_1653605.html&sandbox=1

      1. Your right on about the Cisco stuff. Take from someone who did installation for HP and CISCO network gear. Maybe I’m wrong but unless the NSA is listening on your CPU clock cycles nafue doesn’t actually fall prey to this. The javascrip is downloaded clientside and the file is selected and encrypted clientside before uploading only the encrypted content to the cloud. The NSA could listen in but unless they are watching clock cycles on your local machine and can some how interpret which ones are for the encyrption and which one is for things like display, basic os services, etc. there is no way can actually see the file contents. It’s more likely that they already have a reverse proxy bug on your machine and have access to your filessystem.

        1. There’s a division at NSA at Ft Meade MD called “THE VAULT”. In it are top-geniuses that can do magic with cyber technology. I think MSM did a tour on a documentary and they introduced a few of those geniuses. They only hire the best of the best (ala Men in Black I? – LOL) Also did you see TRANSFORMERS where the SecDef needed the best cyber-kids they could find to decode the alien transmissions. Well Ft Meade does that daily. And Bluffdale Data Center will give them the petaflops they need to do almost anything cyber related. That’s why I think it is futile to think the NSA won’t find a way to do whatever they like. I mean they just plugged into a AT&T fiber hub in San Fransisco to pull in the entire Internet. No FISA warrant no nothing. And the new Director (Mike Rogers) is a cyber-heavy weight from US Navy.

          I think the CISCO gambit is just the tip of the iceberg. There’s obviously MORE to the story than is being admitted to. The CISCO CEO (Chuck Robbins) is totally pissed and is coming up with methods of his own to get around the NSA. He is having CISCO routers shipped to vacant addresses – which totally baffles me as how does that work??? The NSA says they are only aiming at foreign targets.

          How does one detect and remove a BEACON? It seems futile to me. “Resistance is futile” – Locutus of Borg (http://youtu.be/ItHcsIHshhs)

  8. Repeat after me: “I will not roll my own cryptosystems”. If you want to play with crypto, work your way through ALL of the Matasano challenge: http://cryptopals.com/ and then we’ll talk. “But I follow @SwiftOnSecurity and @thegrugq on twitter” does not suffice.

    This shit is incredibly bad.

    1. @W – But rolling your own is the best way to avoid interception. It is unique and would need a lot of R&D to defeat. The OP’s idea fails right out the chute due to being CLOUD-BASED. Once the file is on his server then it is available to anybody, per se.

      Cyptopals requires no past expertise in crypto. Not much of a challenge. I’d like to see them work on the CIA’s challenge called KRYPTOS. The last 97 characters remain uncracked (as of Nov-2014).

      Here is the transcript:
      http://elonka.com/kryptos/transcript.html

    1. @Todd Hubers – I agree with you that the OP’s method fails in this accord. But what I proposed is to never send a “file” with a public key out into the wild. My idea posted above would build the encrypted file in memory only on the PC then save it to a FD to be carried by hand to the recipient. Never saved on the PC’s hard-drive. The foot messenger can also carry some acetone to dispatch the FD if is in threat of physical capture. But since the file was made using an OTP random seed it probably would not be a big deal to let it be captured. Only the labelled OTP seeds need to be locked away from discovery. Also writing a megabyte of ones to a FD seems to be irreversible to me too. My method is not novel either. It was used by UBL at Abbotabad Pakistan not too long ago. Was discovered by USN Seals who then dispatched him.

  9. While it’s of no use when they are busting down the door, putting your media in a bag tied to boat ancchor and sinking it in deep water could work well. The SD cards are easy enough to conceal regular access to your secret life is important. The cloud is useful, but not the place for sensitive data. Have a boring life like me you should be OK

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.