Back in July, when I first wrote about Vanish, it had been introduced as a new approach to ensuring that data stored on the Internet (“in the cloud”) could be made to go away after a certain period of time. Then, a little over a week ago, I wrote about some new research that suggested that Vanish might not be as secure as was originally thought. This sort of to-and-fro is to be expected, and is healthy when we are talking about science and technology in general, and security in particular; seeing how the debate unfolds is what gives us whatever confidence we have in the outcome.
I’m pleased to see that Prof. Ed Felten, Director of the Center for Information Technology Policy at Princeton, has an article about [Un]vanish up on the CITP’s Freedom to Tinker blog, for two reasons. First, the Unvanish paper [PDF] is now available, and I am looking forward to reading it. As I’ve probably said before, security work requires a somewhat unusual mind-set: rather than figuring out how to make things work, one needs to figure out how to make things break. It is always instructive to see a worked example.
The second reason I was pleased to see Prof. Felten’s post is that it gives an excellent account of the to-and-fro process that I mentioned earlier:
Our paper is the next chapter in an interesting story about the making, breaking, and possible fixing of security systems.
In response to the work by Prof. Felten and his co-authors, the original Vanish team have produced an updated paper [PDF] with a modified version of their original software, which they claim addresses some of the issues the Unvanish team found. The jury is still out on how this will all play out; as Prof. Felten says:
Vanish is an interesting approach to a real problem. Whether this approach will turn out to work is still an open question. It’s good to explore this question — and I’m glad that the Vanish authors and others are doing so.
Or, as the Vanish team puts it:
Proposing systems, finding attacks, and implementing stronger systems is exactly how research works in the security community.
The real value in this kind of work is not so much in the final result — whatever that turns out to be — but in the exploratory work, discussion, and debate.