This week I read a post about the death of the Boeing whistleblower, and how Boeing might have suicided him.
I don’t care about if the rumors are true or not, however someone mentioned in the comments that in such situations one should always have a Dead Man Switch.
For those who don’t know a Dead Man Switch is basically an action TBD in case you die, like leaking documents, send messages/emails, kill a server etc . . .
The concept tickled me a bit, and I decided I want to build a similar system for myself. No, I am not in danger but I would like to send last goodbyes to friends and family. I think it would be cool concept.
How would you go and build such service?
I thinking of using a VPS to do the actions because it would be running for a while before my debit card gets cancelled.
The thing that is bugging me out is the trigger, I will not put that responsibility onto someone that’s cheating, so it would have to be something which can reliably tell I am dead and has to run regularly.
Where is what I come up with :
-
Ask a country association through email if am I am dead.
-
Check if I haven’t logged out on my password manager in a week. If it’s even possible.
TLDR; Give me ideas on how to build a DEAD MAN SWITCH and what triggers should I use.
Tech people are overthinking this. You pay a lawyer to do something when certain conditions are met.
Deviant has a talk about setting up a similar protocol for their group of friends to access passwords - https://m.youtube.com/watch?v=6ihrGNGesfI
In that case the protocol involved the lawyer contacting certain people to ensure consensus that the person is really in need of help, but the protocol can be whatever you want.
The human in this protocol fixes the “false-positive” problem:
Consider the case where the technical system has just sent an alarm that “ransomwarelettuce hasn’t been following their usual internet routine for the last week, and therefore they must be dead”
ransomwarelettuce meanwhile is unconscious in a hospital after an accident that destroyed their phone and all of its 2FA methods, but will eventually wake up and be super-embarassed if their documents were published!
If the technical system is primary, it immediately publishes your “don’t publish this while I’m alive” documents.
If the technical system is filtered through some human system such as the remote lawyer, they try to phone you, contact your family, contact the hospitals, search for news stories about you, before publishing the “don’t publish this while I’m alive” documents.
Also not a fan of that “pay a lawyer” part.
Is it the word “lawyer” or spending some small amount of money?
Lawyers are bound by law and an ethical code to conduct business in a particular way. They also tend to have support infrastructure and continuity plans that private individuals do not.
If making sure something actually happens is important to you, this is the best option.
It’s the word lawyer. Please forgive me for having a tarnished view of the practice after a lifetime of reading about all the silly, frivolous litigation that constantly occurs in the US.
I get what you’re saying though. I know there are good lawyers and a need for them.
Many of the “frivolous” lawsuits you’ve actually heard about are effectively smear campaigns against the plaintiffs.
The lawsuit against MacDonald’s for the hot coffee one is a great example.
Yes, people do dumb stuff, or fantasize that a situation could be their golden ticket, but that is the cost of having a civil judicial system. You either have to allow some crazy in, or prejudge and filter out what you’d consider legitimate cases. I just don’t have the energy, or care enough to be annoyed by inefficiency in the a system that I rarely interact with.
The criminal system is a different story, because the way we currently prosecute different kinds of crimes offends my basic sense of fairness.
Every method has vulnerabilities. If you are concerned enough, you can take the legal route and the technical route to make attacking the system require different areas of expertise.