this post was submitted on 11 Jan 2025
182 points (97.9% liked)

Asklemmy

44331 readers
1032 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
182
How would you implement a dead man's switch? (reddthat.com)
submitted 4 days ago by [email protected] to c/[email protected]
97 comments fedilink hide all child comments
 

After reading about the "suicide" of yet another whistleblower, it got me thinking.

When working at large enough company, it's entirely possible that at some point you will get across some information the company does not want to be made public, but your ethics mandate you blow the whistle. So, I was wondering if I were in that position how I would approach creating a dead man's switch in order to protect myself.

From wikipedia:

A dead man's switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated, such as through death, loss of consciousness, or being bodily removed from control. Originally applied to switches on a vehicle or machine, it has since come to be used to describe other intangible uses, as in computer software.

In this context, a dead man's switch would trigger the release of information. Some additional requirements could include:

  1. No single point of failure. (aka a usb can be stolen, your family can be killed, etc)
  2. Make the existence of the switch public. (aka make sure people know of your mutually assured destruction)
  3. Secrets should be safe until you die, disappear, or otherwise choose to make them public.

Anyway, how would you go about it?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 3 days ago (2 children)

Making the existence of the switch public is often something you don't want. It allows others to do troubleshooting in advance. It also destroys your reputation with many people who might otherwise work with you.

If you are content to keep things secret, share the documents with several different friends or law firms in several different countries along with conditions for release. Don't tell them or everyone who all has the documents. That sounds relatively simple.

[–] [email protected] 3 points 3 days ago

Making the existence of something public means you'd need to give away at least some details of who or what it concerned, at which point you're in the situation of either being a target or a blackmailer.

[–] [email protected] 1 points 3 days ago

I agree with all of the above, except I’d add encryption to the data.

That way you are not putting your life in their hands, at least until it doesn’t matter / you want the data released. Encryption keys are super lightweight vs data; taken to an unreasonable extreme, a KB could unlock TBs.

Though you’d probably want something more like a passphrase. Anyway, that basic idea is sound but I dunno about the exact delivery/delay mechanism. Gun to my head and I have seconds to decide… scheduled send from a major cloud email provider, pay way in advance, and an increasing flood of calendar events/reminders up to the day it sends. The message would include enough information about the encryption used and formats within that any tier 1 helpdesk level IT person could access the data.

Not perfect, but a good enough balance of simple and robust to start with.