this post was submitted on 22 Mar 2024
101 points (97.2% liked)

Programming

17538 readers
98 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]



founded 2 years ago
MODERATORS
 

This week I read a post about the death of the Boeing whistleblower, and how Boeing might have suicided him.

I don't care about if the rumors are true or not, however someone mentioned in the comments that in such situations one should always have a Dead Man Switch.

For those who don't know a Dead Man Switch is basically an action TBD in case you die, like leaking documents, send messages/emails, kill a server etc . . .

The concept tickled me a bit, and I decided I want to build a similar system for myself. No, I am not in danger but I would like to send last goodbyes to friends and family. I think it would be cool concept.

How would you go and build such service?

I thinking of using a VPS to do the actions because it would be running for a while before my debit card gets cancelled.

The thing that is bugging me out is the trigger, I will not put that responsibility onto someone that's cheating, so it would have to be something which can reliably tell I am dead and has to run regularly.

Where is what I come up with :

  • Ask a country association through email if am I am dead.

  • Check if I haven't logged out on my password manager in a week. If it's even possible.

TLDR; Give me ideas on how to build a DEAD MAN SWITCH and what triggers should I use.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 8 months ago (4 children)

Write a web server with a countdown that sends you regularly a link via email to reset the countdown.

[–] [email protected] 5 points 8 months ago (3 children)

One of the less mentioned aspects is that a dead man switch should be difficult, if not impossible to detect and neutralise. If you are to the level of being unalived, you're likely also a target for significant directed hacking. Such a dead man switch should be as resistant as possible to this. A simple email could let them detect and disable your dead man switch.

[–] [email protected] 2 points 8 months ago (2 children)

Maybe make it look like a spam email? :-)

[–] jeremyparker 3 points 8 months ago (1 children)

This is a good point -- it didn't have to look like spam tho, it could look like anything. Or it could look like many things. Write up a 10-20 line text file of bullshit emails from one person, or even a few people -- or even have Chat Gippity write them, tho that might have a paper trail, depending on your attacker.

All you have to do is put some "flag" word in the first few words so you recognize it. Then, any reply to that inbox (which could have many aliases) resets the timer.

The big problem is, imo, if you're "dangerous" enough to de-alive, then you've already exposed something big. Would you have something left to expose after that?

[–] [email protected] 2 points 8 months ago

Hiding it would work. You just have to make sure you don't miss any.

As for the danger. There are levels of exposure. You could leak something damning, but that could be played off as a 1 off. You might also be sitting on a huge amount of paperwork that proves it's endemic. That paperwork might also expose others who wanted things changed, but don't want to be outed. In this case, an initial leak can test the waters. The additional info can be rolled out, if it's needed, or the results justified.

E.g. Initial leak proves they did something nasty. The additional info massively backs it up, but also implicates a VP in its gathering. You might not want to show that hand until later, either to protect them, or to gather more info on their reaction.