1

My friend wants to email a certain file to another person, and allow that person to use the file for 30 days, after which it will automatically delete itself. Is this even possible?

Colin MacIntyre
  • 11

3 Answers3

7

In short, no.

A file cannot be actionable in itself. It opens into an app, which does all the work, so to delete it you would need complicity from that remote operating system or a specific app, which is not going to happen.

Secondly, it is trivial to make copies of any file, so even if you could circumvent the first hurdle, the second will stop you.

Tetsujin
  • 50,917
3

This really is impossible:

  • If the file is not an executable of some kind, it doesn't have the means to delete anything.

  • If the file is an executable, it still can not come with its own time reference (a time reference being hardware, such as a RTC or GPS reciever or similar). So to even know that the 30 days are over, it has to rely on the OS (which is out of the control of the person supplying the file). So by just resetting the clock, those 30 days will appear to never expire.

Eugen Rieck
  • 20,637
0

The only way to accomplish this is by storing the file onto a container that can self-destruct.

But keep in mind, even the best people are unsuccessful in achieving this. Everything can be bypassed, which turns this into a security by obscurity. You don't tell the end-user the file will not work after 30 days so they don't look for a way to break it, and then break it after 30 days. This is of course really not-done and will not make you friends. This also means it will work once, but once the word is out, it won't work a second time.

Once people know there is something in place to prevent usage after 30 days, it becomes a matter of the chicken and the egg. Are you better at providing security or are they better at cracking? In any case, you will move to an encryption of some sort by this stage, which already invalidates the answer to this question.

You would need to have something that the user executes that is otherwise encrypted, and have the time-limit build in. After the time expires it would stop it from using. Given that local clocks can be defeated, you would need to rely on an online time source. This means your protection requires always-online, and if you go this far, it is most likely the better solution to create something online that views whatever it is you want to share, and control everything server-side. They have a link to your goods, and that link will simply expire.

Keep in mind, that browsers have cache, and anyone can "copy" anything they see on the screen, so if you need to copy/protect as well, you will need to include watermarks.

So basically, you are talking about DRM.

LPChip
  • 66,193