Software Dead Man's Switch 231
Anonymous Coward writes "DaisyMan over on ArsWare has come up with a software based Dead Man's Switch that will, if you don't 'check in' every so often, post a message (presumably about your demise, but whatever you wish) to various message boards, send email (maybe that incriminating evidence?) to your friends, and encrypt specified files on your computer so that 'they' can't have them.
Paranoia? Yeah, but they really _are_ watching you ..." Update: 06/22 12:57 GMT by T : The idea isn't new, but recently sparked a New York Times article.
CRON? (Score:2, Interesting)
Re:CRON? (Score:1)
Ahh but thats what backups are f.........hmmmmm.
Re:CRON? (Score:1)
Sure, a short shell script + cron would do the trick, but from the link, the sw seems to be pointed at M$ users...
Re:CRON? (Score:2)
With the encryption routine then you can include a copy of the decryption program and the password sealed in your Will and then you can Will that stuff to whomever may need the data (business partners, spouses, children, channel 9 News, etc.)
Some of us have data that is not just porn.
Re:CRON? (Score:2, Funny)
Do you want your Mom to see you
having sex? If the answer is no, perhaps
you'd be better off without it.
What if (Score:1)
I'm on KPNQwest BTW
(not really)
Flaw? (Score:3, Insightful)
Re:Flaw? (Score:2)
It depends on how you set it up and whether or not 'they' know you've got such a system.
Under Linux you'd presumably use Anacron to schedule the task, so if the computer is powered on intact the task will trigger.
If 'they' are anticipating a self destruct mechanism then, yeah, 'they' can get around it. But I think even the wariest NSA spook will probably at least try to turn the machine on before deciding to disassemble it. As soon as that happens you're safe.
Spooks turning machines on/off... (Score:2, Insightful)
If you turn a machine on (or off.) you change the state of a machine, and thusly, destroy potential evidence.
If they're dropping into your place secretly to install a 'bug' program or hardware piece, then they might turn it on or off..
But, if they just want your data they won't even use any of your hardware to get it, but will just remove your drive and then clone your drive.
Even the local police know that one, I doubt the NSA would be so stupid.
Re:Flaw? (Score:1)
hmm, well on my machines the'll probably simply attach a SCSI cable from their SpookPad(TM) laptops to the back of my SCSI adapter, and power on the just the disks.
You can't hide that much data in the CMOS, you know.
Wrong. Dreadfully wrong. (Score:2)
A slightly BIGGER flaw... (Score:1)
And when you'r DEAD you'r not capable of giving a shit anymore.
Re:A slightly BIGGER flaw... (Score:1)
No, no, that's the beauty of it! It works if they've captured you, too!
Just imagining situations where this feature would be useful is kinda fun, in a stupid sort of way...
If you are not here, please raise your hand. (Score:2, Interesting)
This is similar to the argument about usenet (message boards) vs. mailing lists. With mailing lists, if you forget about a low traffic list, you are reminded when mail comes in. With a message board, you have to remember to check in.
I find the "check in" model flawed because we (humans) are flawed.
Re:If you are not here, please raise your hand. (Score:1)
Hmmm... (Score:1)
Just imagine your "existence" depending on the date of your last Slashdot posting...
Re:Hmmm... (Score:2)
You mean it doesn't? Crap, I didn't have to check
BBS Days (Score:2)
Re:BBS Days (Score:2)
Safe House (Score:3, Interesting)
Re:Safe House (Score:1)
Re:Safe House (Score:2)
Security violation in itself (Score:1)
Your car breaks down stranding you for a week while you're on your Belize holiday, and the first thing you do when you get to an internet cafe is to post a content free message to alt.cypherpunks. Which one of your associates reads alt.cypherpunks religiously, or what servers have you had access to? As long as you never screw up, you should be safe, but you could be defeated by simple traffic analysis.
I hope you didn't entrust that blackmail evidence to someone you love.
Re:Security violation in itself (Score:2)
Question... (Score:5, Funny)
Re:Question... (Score:5, Insightful)
Actually, maybe the poster was serious??? I could imagine putting the cron job on one of your main servers or workstations, easily found by "THEM." The dead-man's switch would be on some less obvious machine, in another location. When "THEY" rush in, unplug, and cart off all your machines, "THEY" unknowingly turn off the cron job.
For the most delicious irony, the most wily of you might find some way to host the dead-man's switch on one of "THEIR" machines!
Re:Question... (Score:1)
Everything old is new again. (Score:1, Interesting)
In corporate IT circles, this trick has been used for -years- by disgruntled employees.
The theory goes that you have a bomb set to go off once a day (the bomb does something nefarious -- wipes the disks clean, alters some code to ensure incorrect results, etc..)
The disgruntled employee must check in to defuse the bomb once a week.
If he doesn't (ie, if he got canned....) A week later, the business is going to grapple with an unfortunate surprise.
Totally underhanded, but not at all uncommon.
Re:Everything old is new again. (Score:1)
That is underhanded, and I would think could get you into a lot of trouble.
I typically put scripts for things like log rotation & email alerts in my home directory and have them spawned by cron jobs. Or re-spawning at jobs.
The idea is a clever admin who is paying attention will migrate my stuff over and all is well. But the typical admin will just nuke my account.. Nothing like turning off nightly log compression on a few hundred websites to make someone feel the heat.
This rulez. (Score:1)
Ha, but it encrypts all my pr0n.
Add wireless.... (Score:1)
login script (Score:3, Insightful)
So far so good
Note that this gets around the annoying having to do something special to make it work. I'd login anyway
Re:login script (Score:1)
fastest way to destruction (Score:4, Informative)
/sbin/mkfs
/sbin/badblocks -fw
The first step ought to take a few seconds. The second will continue to munch away until the deed is complete. Since all data will be gone, no ill will from upset mourners.
Formatting your laptop? (Score:1)
Are you really that concerned about someone getting their hands on your 'sensitive data' without your password or even most likely, a knowledge of unix-like systems?
If you format the drive... you make it nice and easy for any thief/fence to simply put a new OS back on it and pass it along clean... I mean you REALLY don't want someone putting MS Windows on your laptop, now DO YOU? Gotta prevent THAT!
Re:login script (Score:1)
Re:login script (Score:1)
shred -fuz
Re:login script (Score:2)
I've got my laptop set to format the drive (yes | rm -r /) if I don't login every so often.
For the truly paranoid, that's not good enough. You really ought to make sure that random data gets written all over the drive at least, and you also risk the chance that someone may get to your data before it's wiped.
I recommend encrypting everything. The easiest way is to use an encrypting file system (I use Cryptfs [columbia.edu]) . Then, you just have to arrange for your machine to forget the password and all of your data is inaccessible, even to forensics (well, unless they can guess your passphrase, so use a good, long, complex one, or unless they can break the cipher, which is unlikely at best if you use a good implementation of a respected, modern algorithm).
I hacked the screen lock (which can be engaged automatically when the screensaver comes on) to execute "echo wrongpassword | fist_setkey /mnt/cryptfs", which changes the key being used to access my encrypted data, making it all inaccessible (and invisible to the casual attacker).
When I unlock the screen, I have to enter both my login password and my cryptfs passphrase.
So, after 30 minutes of inactivity, or after a reboot, all of my data is inaccessible. The most significant weakness is the possibility that my passphrase might get written to the swapfile. I've been meaning to look into that but haven't gotten around to it.
Re:login script (Score:2)
Re:login script (Score:2)
I bet... (Score:1)
Now is the Time!!! (Score:1)
How do you test it? (Score:5, Interesting)
Certainly the chances of an accidental death mode going off are high. So I think there should be different "death alert levels". If you don't sign in after a month, it starts sending out alert messages like "Hey I haven't been around for a while and I might be dead, please check whether or not I'm dead for me, Thanks bud!".
There should also be instructions given in an email to your friends/family so that they too can stop the death switch for you in dire or unusual situations (coma, kidnapping, laziness). And only then if another couple days pass it goes into full blown death mode.
Re:How do you test it? (Score:5, Funny)
laziness
I thought you said unusual situations...
Re:How do you test it? (Score:1)
Once you know that works, change it to "Hey. What's up? I'm dead."
Simple! (Score:2)
Memories.... (Score:1, Offtopic)
-Pete
Old DOS days (Score:4, Interesting)
If someone steals it and doesn't run a BBS program at least once a day then he system would encrypt most files and ring me.
Once I have the number of the person who stole my computer I would be able to get them.
The cool thing is that it run from boot block just like a virus so you would need to fully format the disk to get rid of it.
Re:Old DOS days (Score:1)
Besides jokes, cool idea. I always thinked of such a system too..
Re:Old DOS days (Score:1)
Re:Old DOS days (Score:2)
supposedly dead (Score:5, Funny)
"This is an automated message. If you read this, I am probably dead. My will is to be burried along with my hard drive, and send the rest of my computer hardware as donation to Linus Torvalds."
On the first time they get it, they may get paniced, and set up a funeral for me while I am away.
On the second time, I'd really drop dead and they'll laugh and ignore while I rot on my keyboard for months.
The more the better (Score:2)
We all know you can get around this program. I didn't try installing it, but I'm sure it isn't even hard to prevent it from launching.
However, the idea isn't bad. I'm sure this program will get other people to write similar things, and maybe someone will create a program that is really hard to get around.
In any case, I think that if you really have data you want to protect, you should probably have a lot of protection. This one should only be one amongst many. If used like this, I think this program is great.
Repost. (Score:1)
It was on a few weeks ago.
The good news and the bad news (Score:2)
The bad news: They really are out to get you.
necessary services (Score:5, Funny)
They showed a "with and without" sequence, where one's parents came to their dead son's apartment to discover the two different scenarios. It was pretty funny, and encouraged me to say to my roommate, "You know that bottom drawer of my dresser? If I die, burn everything in it."
Re:necessary services (Score:2)
Good series. Oooh, look, you can buy it on DVD [amazon.co.uk].
Oh Comedy Central... (Score:2)
Damn, I HATE Region coding and multiple video standards!
NBC just bought it... (Score:1)
I'm ashamed to admit, I was actually watching Entertainment Tonight this week. In any case, they report that NBC actually bought the series you refer to. They say it could be a "replacement" for Friends, even though later in the report they report that the series would air later in the evening than Friends currently airs. They report it would, of course, be filmed with an American cast for US audiences.
Re:necessary services (Score:1)
A fantastic series .. I'm just waiting for the release of season two.
(I particularly liked the Hebrew episode)
Lost passwords maybe? (Score:1)
Re:Lost passwords maybe? (Score:1)
Of course, if you WERE dead, you wouldn't be sweating it anyway...
...unless you went the the bad place, that is.
Safe Deposit Box (Score:3, Insightful)
Then you know you wouldn't have to worry about accidentally tripping the program if you went on vacation.
You'd still need an encryption program for files though if you don't trust anyone with that, but that's not a big deal.
Accidentally encrypting data is no big deal, accidentally sending off final emails with very personal messages is a whole other story.
Re:Safe Deposit Box (Score:2)
This is actually slightly trickier than that. Just a couple of weeks ago, my brother and I met with my parents and their lawyer to discuss their will. The lawyer just explicitly told us not to keep their will in their safe deposit box, since banks automatically lock them when they find out someone died. And banks have people whose job it is to scan obits. I forgot the details, but the lawyer said there is a way to get let into the box, but it will be delayed.
In other words, by the time your trusted people get to your safe deposit box, the untrusted people could have had their way with your computer, etc.
I'm not *quite* dead (Score:1)
The problem is that I'm also absent-minded.
Hey (Score:1)
A program like this could be used to help find stolen computers. If you dont execute the program and type in the pasword every week or so the prog tries to dial-up and send an email with the current ip. (well that would only work with machines not setup to start with a login prompt anyway.)
"The Trigger" by Arthur C. Clark and Kube-McDowell (Score:2)
Re:"The Trigger" by Arthur C. Clark and Kube-McDow (Score:2)
Saly he's not the only author with this problem.
j.
cron solution (Score:1)
just remember to # touch /yourself before the 15th of every month and you'll be okay...
This reminds me... (Score:1, Interesting)
Much AppleScript was involved, to delete everything personal from the HD then connect to a particular site so the IP could be traced. Quite epic
So I think it's just much better to have some remote control mean on your computer (as long as it is secure), as an aside to completely locking your machine with passwords.
Time, oh Time (Score:2, Interesting)
On a similar note... Fire Kits (Score:4, Interesting)
I've considered adding options to wipe out my HD and user directories, but thought I might be liable if project data was lost.
A more effective one (Score:3, Informative)
If nothing else, it's certainly safer in terms of vacations.
Revelation Day (Score:3, Funny)
Prior to that civilization-improving point of revelation let's also have a backdoor so we can get the inside scoop on the really nasty revelations. Free the truth!
___
Encrypted file system...? (Score:1)
As others have stated, the email features can be enabled via a cronjob.
A much easier, less risky, more effective solution (Score:4, Insightful)
There must be someone you can trust more then your ability to check in every now and then.
And if there isn't, I truly pitty you, but you can hire a lawyer to do it.
And no there is no conspiracy between the lawyers and the government.
Re:A much easier, less risky, more effective solut (Score:1)
All these people can potentially be compromised. THEY have the power. THEY probably got to your wife, sister, and lawyer a long time ago.
I'd be "dead" in short order (Score:2)
I can see the distressed look on my Mom's face already when she recieves a copy of my doomsday manifesto^H^H^H^H^H^H^Hlast will and testiment!
bash script (Score:2)
#!/bin/bash
# Dead man script. Warning, do not take this seriously or use for anything important!
deadman="$HOME/bin/goneforever"
dont
ranonce="$deadman.ran"
period='15 days ago'
lastlogin=`last -1 $USER | cut -c40-55`
if [ `date -d "$lastlogin" +%s` -lt `date -d "$period" +%s` \
-a ! -f $dontworry -a ! -f $ranonce ]; then
$deadman
touch $ranonce
exit 0
fi
exit 1
# exits "false" normally, so you can read val, e.g.
Cheers,
Martin
Good in theory, Bad in practice (Score:5, Informative)
It's an interesting idea, but it's way too easy to forget it's running, go on vacation, and then come back and find your hard disk wiped. Not to mention a forum filled with ArsTechnica loungers weeping over your passing, only to be bitter to find out you've tricked them...
big deal (Score:1)
This, of course, assumes someone doesn't come along and unplug your machine shortly after you die, but if it's on a dedicated or shared box that wouldn't be a problem.
The Ultimate Solution (Score:1)
You see, the problem with encryption is that it can be broken. Also, your PC can be taken away, before the program executes. Your HD can be removed, files restored.
There is only one good solution to this: Place a dozen or more of dynamite sticks inside your case (don't stint), and make sure not to be seen by your colleagues from your company. Place battery inside and connect it with a fuse through some digital "count down" timer. Place "ON" switch on the box door, and wire it to the circuit, so nobody can open your PC without "surprise". You are almost done. The last thing is to connect the clock to the reset switch on the box, and disconnect it from the system (By the way, you don't need reset button on the Linux machine. It newer hangs). You will be required to press the reset button minimum once a week, and few second after every reboot to prevent the box from going OFF. Have fun.
Re:The Ultimate Solution (Score:2, Funny)
Damn. You live in Montana, don't you? :)
I always wanted something like this for getting .. (Score:2)
Disabled, the elderly and others (Score:2)
Rather than "hello, I am dead", send a message like "would you please call and check on me".
Probably simpler, would be just checking the mailbox, if email hasn't been accessed, then there is a problem, given that most people that are alive, check their mail semi-regularly.
Re:Disabled, the elderly and others (Score:2)
Rather than "hello, I am dead", send a message like "would you please call and check on me".
This is even worse! If the message gets falsely sent, you end up having to talk to old, sickly people!
ObHomer: Old people don't need companionship. They need to be isolated and studied so it can be determined what nutrients they have that might be extracted for our personal use.
Dead? Or just laid off? (Score:5, Interesting)
Unfortuantely for him, he was severely injured in a car accident and was incapacitated for several months.
Now that he is out of the hospital, he's in jail.
Was it his fault? You bet. But the company was also severely repremanded for having poor controls on sensitive computing systems.
If you feel a need to do this.... (Score:3, Insightful)
If you can't grasp that, grasp that most companies that inspire this sort of feeling are the large impersonal ones that are likely to survive, and that eventually they may figure out what you did at which point you're screwed for the rest of your life and they're minorly inconvenienced. Not worth it.
This whole attitude just pisses me off (Score:2, Insightful)
{rant}
The mistake was in doing something WRONG -- setting up a system ahead of time to cause DAMAGE to the property of someone else is WRONG. Once you stop working for that company, you have no right to do bad things to their systems. Actually, when you DO work there, you don't have a right to do bad things to their systems. You still don't have a RIGHT to the information that is on their systems. My GOD, the arrogance of programmers/system admins who feel that it is their network to do with as they please. Unless you are the one signing the check each week, that is...
Vandalism is vandalism. I get pissed when the punks down the street spraypaint a fence and mess up what is a beautiful neighborhood. I get pissed when someone with a big ego and a bigger sense of entitlement comes up with a way to vandalize the property of their former boss. It is sophomoric, unethical and just plain wrong.
I can see the case for security on a personal system. A laptop. A privately owned workstation. I am all for freeing information and sharing what we know. Knowledge is power. Open source is good. Preaching to the choir, there. But...
The direction that a subset of our community seems to take... this gleeful boating about destroying the private property of another... the idea that might makes right... well, let's just say it pisses me off and does a disservice to the community.
{/rant}
Okay (Score:2)
What you do is this.
Get an old busted hard drive.
Open it up.
Gut it.
Pack it full of thermite.
Rig up an electronic ignition that can ignite the thermite.. you'll probably have to stage it.. thermite has a high ignition temperature.(standard electric match -> some chemical that's easy to light but burns really hot -> thermite).
Rig it up a watchdog timer inside the drive too.
Now have a driver that asks for a password on boot and kicks the dog for you.
If it fails.. the dog ignites the thermite and turns your computer into a pile of molten slag.
Re:Okay (Score:2)
Well (Score:2)
Who could use this in RL? (Score:4, Interesting)
Like, for instance, RAWA. These are the women who ran an underground women's rights movement in Afghanistan while the Taliban were in control. You may have seen their website with its grotesque pictures. They lived and worked in secrecy, in constant fear of being imprisoned or killed by the Taliban. Wouldn't a dead-man's(or -woman's) switch be just the thing to send off a 'Farewell. This is the evidence of my capture at the hands of the Taliban' message?
It's not just them, either. Dissidents in China could also use a utility like this... especially all those guys who just got their internet cafes shut down. Suppose the 2600 guys got raided by the MPAA^H^H^H^HFBI and were all put in prison. I imagine that Emanuel Goldstien has some juicy information he'd like to share in the event of his capture or death.
The Gotti family has been in the news a lot lately. Suppose that you were a mob informant and had information on them that was all that was standing between you and 'Sleeping with the Sopranos after next season'. A dead-man's switch would go a long way to allowing you to release that last little bit of information, even if the mafia got to you first.
I just hope they don't try to patent the idea (Score:2)
Other than that, what's new about this?
Comment removed (Score:3, Funny)
Re:I like mine better (Score:2)
Have it do this... (Score:2)
Norwegian history database [slashdot.org]!
for best effect, go nuclear (Score:3, Funny)
There's a great bit of dialogue at one point that goes something like "You can't attack him, he's a sovereign nation!" "So, I'll declare war on him first." If anyone has a copy handy maybe they can transcribe it.
Danny.
Re:NY Times registration (Score:4, Informative)
http://www.majcher.com/nytview.html
Just use this NYTimes user generator
Re:NY Times registration (Score:1)
Maybe I'll burn major karma on this post, but I'll ask anyway ....
What the hell is it with Slashdot and New York Times articles? The Slashdot editors are always rejecting submissions in favor of identical ones that link to the NYT. And here's another weird example: a Slashdot editor feels some overwhelming need to add a link to the NYT on an item that clearly doesn't need it.
What gives?