5

A company called Intralinks sells a sharing software that it claims allows you to "unshare":

  • “Favorite” files so you can access them offline
  • UNshare™ gives you the power to instantly revoke access to files you've already shared, even after they’ve been downloaded
  • Set permission levels and prevent printing, forwarding, and screen-grabs
  • Delete synced data on devices that you no longer control

Is this legit?

Intralinks UNshare

On another website they explain how they use DRM.

nic
  • 1,466
  • 2
  • 14
  • 23
  • 3
    Define legit - do you mean 'can they really delete files from people you've shared them with'? If the file is still on the target system, where they think it is, and it hasn't been copied, and the format hasn't changed...then perhaps. Just remember how well DRM has worked and I think you'll get an idea of how much you should rely on this product. – Michael Kohne May 07 '14 at 10:40
  • Thanks for the feedback! By legit, I mean that the claims are true; for instance, synced data on devices I no longer control reliably gets deleted, screen-grabs are actually prevented, etc. – nic May 07 '14 at 10:47
  • 3
    you could ask that on security.SE. The answer will be "no". After a file arrives at your computer and you can execute it / open it with some program, it is yours. – woliveirajr May 07 '14 at 16:30
  • @BrianS hum, that's why I think this one should go to security.SE. It's hard/impossible to find peer-reviewed papers about this. It can be done with ways to circumvent it = it can't be done. I'll try to make an answer about it. – woliveirajr May 07 '14 at 18:03
  • @woliveirajr "After a file arrives at your computer and you can execute it / open it with some program, it is yours." - do you have a reference for that? –  May 08 '14 at 03:51
  • @Articuno it's kind of hard, because it is, hum... combination of basic-to-medium knowledge of how a computer works. take a look at item 3 of the following article: http://www.darkreading.com/attacks-and-breaches/target-breach-8-facts-on-memory-scraping-malware/d/d-id/1113440: "No matter how strong your encryption is, if the system needs to process data or process the code, everything needs to be decrypted in memory," – woliveirajr May 08 '14 at 11:41
  • @woliveirajr And that means "it is yours"? –  May 08 '14 at 14:39
  • @Articuno in your computer = you can boot your computer with any Operating System, i.e., even a Windows with Admin rights. And then you can run any program as an admin, including ones that can dump all the memory. So, you get all those bytes = you get that file = it is yours. – woliveirajr May 08 '14 at 14:47
  • Do you have references for *that*? –  May 08 '14 at 15:08
  • do you really want that? ok.... "boot your computer" -> http://en.wikipedia.org/wiki/Booting#Boot_devices_.28IBM_PC.29 "dump the memory" -> http://forensic.belkasoft.com/en/live-ram-forensics or http://kb.eset.com.br/esetkb/index?page=content&id=SOLN380 . "those bytes = that file" -> use http://www.cgsecurity.org/wiki/PhotoRec like http://www.routards.org/2012/06/defcon-20-quals-forensics-400.html but looking for DOC files (or anything else you want), or http://foremost.sourceforge.net/ – woliveirajr May 08 '14 at 16:42

1 Answers1

14

No, it's not legit (in the sense you used the word). Perhaps the file won't appear inside their application, but doesn't mean that nobody else will be able to open it again.

  • “Favorite” files so you can access them offline

Ok. You install their program in some computer, mark the file as favorite, and it's downloaded to that program. Then you disconnect from internet, and you can still access the file.

  • UNshare™ gives you the power to instantly revoke access to files you've already shared, even after they’ve been downloaded

In the offline? If the computer is never again connected to the internet, this access will never be revoked (since there's no way to know/download that revocation). If it's based on time, simple enough, adjust the computer date/time to the same date/time [1] [2]. It's based on number of accesses? Create a virtual machine (VM), install/download inside that VM, create a snapshot of it, and rollback to the same snapshot when you need it again [3].

In the online mode? After I download the file inside the program, to be useful somehow, I need to execute it or open it with other program (think of some image). After I open it with some other program, just click in the "save as..." and, voilà, I have a copy that cannot be "unshared" [4]. Or create the VM and take a snapshot when the file is opened inside some program, or executed [3]. Or install some program that will capture the stream of bytes right after it leaves the "unShare program" [5].

  • Set permission levels and prevent printing, forwarding, and screen-grabs

While inside their program, perhaps you can prevent printing and forwarding. After it leaves their program, it's up to the program using the file (like PDF reader) that will prevent such thing.

Screen-grab: take your camera and take a picture of the screen. Done. Install some program that will work with the video driver, and that will take screenshots every x seconds. Done. [6] [7]

  • Delete synced data on devices that you no longer control

Yep, if the device is online, send some command to their program that will erase the data. Turn the internet access, and this functionality is gone.

[1] http://www.danrichard.com/2012/11/19/how-to-get-rid-of-cinavia-protection-on-a-ps3-or-at-least-bypass-it/

[2] https://stackoverflow.com/questions/1442698/prevent-time-based-copy-protection-circumvention

[3] https://www.vmware.com/support/ws4/doc/preserve_snapshot_ws.html

[4] http://gd.tuwien.ac.at/graphics/irfantut/save.html

[5] http://www.x-ways.net/capture/index-m.html

[6] http://www.dotscreenshot.com/auto-screenshot-software/

[7] http://www.softpedia.com/get/Multimedia/Video/Video-Recording/VH-Screen-Capture-Driver.shtml

.
. .

Edit after answer accepted:

Even easier to answer: the company says in their EULA:

When an End User accesses data on the Service (e.g., a publication, comment, or attachments to a publication or comment), a copy of that data is copied to that user's local computer (this is called "caching" and is part of how web browsers work). Caching is used to improve the speed of the Service when you repeatedly access graphics or data during a session. Once pages and/or data have been cached on your local computer that data is beyond the control of Intralinks, and may be accessible to anyone with access to your computer. Each End User assumes all risk and liability associated with any data cached to that End User's local computer.

(I added the bold emphasis to parts of it).

So, they say that the data can be leaked by browser cache. Even easier to circumvent their protection.

Community
  • 1
woliveirajr
  • 694
  • 1
  • 6
  • 16
  • 1
    Your answer is speculative. For every argument you pose there is (or might be) a counter-argument. Unless you know the exact way they do it and then show how it can be broken, this doesn't prove anything. Now this is only an assumption. Also, of course everything can be broken with varying amount of effort... – sashkello May 08 '14 at 01:47
  • 2
    "Also, of course everything can be broken with varying amount of effort." - If that is true, please write it as an answer. –  May 08 '14 at 02:12
  • @Articuno I don't see why I would do it. I don't know how their app works and I don't have Windows to try it. I don't want to post yet another speculative answer. – sashkello May 08 '14 at 08:25
  • @sashkello Please note that the answer provides way to cirumvent families of protection methods, rather than any single method to accomplish the result. For some of the claims there might be ways to enforce the claims. But other things are simply impossible, e.g. deleting files from offline clients. – Taemyr May 08 '14 at 09:12
  • @sashkello: surely they cannot prevent the user to photograph or record a video of the screen, or record music on an external device. So the claim is false, at least for certain type of files. – nico May 08 '14 at 11:15
  • @nico That's imperfect copying. That's like saying that storing photos on your PC offline is insecure because someone can take a photo from outside of your window. – sashkello May 08 '14 at 11:53
  • 1
    @Taemyr Sure, but the answer is still speculative. What if you can't access files unless you are online? Then it will work, they will be deleted as soon as you go online. Same with "save as" - who said that the apps with which you open everything aren't sandboxed in their app and there is no "save as"? I don't know, this is a speculation. But so the answer. I don't have Windows, otherwise I'd just download their trial and check. – sashkello May 08 '14 at 11:58
  • 1
    @sashkello: regarding music: http://en.wikipedia.org/wiki/Digital_rights_management#Analog_hole – woliveirajr May 08 '14 at 11:58
  • @woliveirajr I don't want to argue about how it might or might not work theoretically. I.e., in theory, you can decompile exe programs, but that's beyond realistic expectations of security and privacy. Unless there is a reliable info of what exactly they propose and how they implement it, the answer is speculative. – sashkello May 08 '14 at 12:06
  • 1
    @woliveirajr I do agree it is not very suitable for Skeptics, yes. – sashkello May 08 '14 at 12:07
  • 1
    @woliveirajr Well, this is marketing, but also what are the reasonable expectations of the clients. This is like saying that 50 cm iron door is not secure because it is theoretically possible to break it... The claim is vague, it is not really a claim but a marketing speech. I guess they provide a user agreement where there is more info about the matter... – sashkello May 08 '14 at 12:10
  • @sashkello If you can't access your files unless you are offline then they are lying. One of the claim in OP is to be able to acess the "favorite" files while offline. Looking at their page it definitly seems like they are talking about arbitray files acessible through 3rd party software - so your points about custom apps are moot. (The intro video shows excel files, pdf and mp3's) – Taemyr May 08 '14 at 12:49
  • @sashkello: sure, but still gives access to content, which is what matters. People go into movie theaters with cameras and record movies, so the idea is not that far fatched. – nico May 08 '14 at 12:58
  • 1
    @sashkello "I don't want to post yet another speculative answer." Don't use comments to post speculation either. –  May 08 '14 at 14:43
  • 1
    Everyone, if you believe this answer is speculative, say so, but don't go ahead and post more speculation in the comments. If you have a better answer, write one. –  May 08 '14 at 14:43
  • @Articuno Comments are to discuss and propose improvements of the answer. This is exactly what people are doing here. – sashkello May 08 '14 at 23:34
  • See also: http://stackoverflow.com/questions/1790190/is-it-possible-to-protect-from-downloading-a-video-from-a-site for the technical part. – Piskvor left the building May 09 '14 at 15:35
  • This answer is based on a theoretical model, but fails to show that the model is appropriate to the context and/or does not base the model on factual evidence. More in general, answers that contain original research are generally not considered good answers on Skeptics. I am keeping it because of the last paragraph only. Please consider removing the rest, which is poor quality. – Sklivvz May 10 '14 at 12:27