this post was submitted on 11 Jan 2025
183 points (97.9% liked)

Asklemmy

44331 readers
920 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
183
How would you implement a dead man's switch? (reddthat.com)
submitted 4 days ago by [email protected] to c/[email protected]
97 comments fedilink hide all child comments
 

After reading about the "suicide" of yet another whistleblower, it got me thinking.

When working at large enough company, it's entirely possible that at some point you will get across some information the company does not want to be made public, but your ethics mandate you blow the whistle. So, I was wondering if I were in that position how I would approach creating a dead man's switch in order to protect myself.

From wikipedia:

A dead man's switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated, such as through death, loss of consciousness, or being bodily removed from control. Originally applied to switches on a vehicle or machine, it has since come to be used to describe other intangible uses, as in computer software.

In this context, a dead man's switch would trigger the release of information. Some additional requirements could include:

  1. No single point of failure. (aka a usb can be stolen, your family can be killed, etc)
  2. Make the existence of the switch public. (aka make sure people know of your mutually assured destruction)
  3. Secrets should be safe until you die, disappear, or otherwise choose to make them public.

Anyway, how would you go about it?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 3 points 4 days ago* (last edited 4 days ago) (1 children)

Well, you'd need to send a message to some people that you know would care, when you die or are kidnapped.

There are plenty of services for sending any sort of message.

You'll send the data with a private key and hand out the paired public key before you die. That way any tampering with the data will be obvious to the receiver.

I'd just send a link to the data. For example store the data on Proton drive with a share link.

Now you'd need to detect that you're dead or kidnapped. You could have a timer of say a week or a month, and whenever an email or message is received it resets it. You could also send a warning message to yourself before it goes off, so you have a chance to deal with errors such as an email not arriving.

You'd need a 2nd service to check if the main service is running. Or perhaps it just replies once you send it a message once a day or week or month.

You'd also have to make sure that your reset message to the service is secured. Most likely it will be as long as it isn't absolutely obvious, like you japping on about it at work. But one idea would be to use a proton mail address and keep a pin lock on the app. If you want to go the extra mile the email should also contain something only you can know.

Quite frankly I don't think they'd even expect you to have any such system set up and they wouldn't hack you before you're dead. But maybe I'm wrong. If you really suspect that you'd need someone who is specialized in infosec.

I'd say go look for an existing service that can do this entirely via email, I'd bet it exists already. Otherwise you need to be able to code a bit or find a coder.

[โ€“] [email protected] 2 points 4 days ago

Iโ€™d say go look for an existing service that can do this entirely via email, Iโ€™d bet it exists already.

I think any official service that offers this could be immediately captured or bribed to suppress signalling by a larger more powerful entity, since it would be an easy goto that they could trap for.

I reckon implementing it as chaotically and as distributed as possible, might be the only viable solution, albeit with multiple fault entry points.