Slashdot Mirror
Software Dead Man's Switch
Anonymous Coward writes "DaisyMan over on ArsWare has come up with a software based Dead Man's Switch that will, if you don't 'check in' every so often, post a message (presumably about your demise, but whatever you wish) to various message boards, send email (maybe that incriminating evidence?) to your friends, and encrypt specified files on your computer so that 'they' can't have them.
Paranoia? Yeah, but they really _are_ watching you ..." Update: 06/22 12:57 GMT by T : The idea isn't new, but recently sparked a New York Times article.
If you are really paranoid, couldn't you just run a cron job every few days, that if you don't stop would do this? You could probably just have it wipe your drive. Of course if you forgot, you'd be SOL.
it's a sig, wtf?
I'm on KPNQwest BTW
(not really)
OK wouldn't this be a moot point if my enemies get my computer offline before the switch is thrown. A better way would be for the software to run off something like FIDOnet with no single weakpoint. Just my 2 cents.
I've hit Karma 50 and gotten a Score:5, Troll... I win!
What if you forget to check in? Does the "countdown" start? Will the world end?
This is similar to the argument about usenet (message boards) vs. mailing lists. With mailing lists, if you forget about a low traffic list, you are reminded when mail comes in. With a message board, you have to remember to check in.
I find the "check in" model flawed because we (humans) are flawed.
Click here or here.
This sounds markedly similar to the idea employed in the underrated TV-movie Safe House, where Patrick Stewart's character, a retired spook, employs a software failsafe based on his ability to recreate a Japanese alphabet character. If he is unable to complete this task every day by a certain time, incriminating information about his black ops "friends" would automatically be sent to every major news organization on the planet. It could be very handy if you think someone is out to get you...
In a world without walls, there is no need for Windows.
The question is, can I set up a cron job to save me being pestered by it all the time?
Kids, this ain't new.
In corporate IT circles, this trick has been used for -years- by disgruntled employees.
The theory goes that you have a bomb set to go off once a day (the bomb does something nefarious -- wipes the disks clean, alters some code to ensure incorrect results, etc..)
The disgruntled employee must check in to defuse the bomb once a week.
If he doesn't (ie, if he got canned....) A week later, the business is going to grapple with an unfortunate surprise.
Totally underhanded, but not at all uncommon.
I've always wanted a program which sends email to my friends that I'm missing and they should call the police when I just went on holidays.
Ha, but it encrypts all my pr0n.
Owner of a Mensa membership card.
Add some form of wireless heartbeat sensor, and you'd be set. Plus some of these villian toys, and the superheros/goodguys can't win!
I've got my laptop set to format the drive (yes | rm -r /) if I don't login every so often. Currently it's set at two weeks (I don't reboot much). I don't see this causing any issues, and it makes me feel better.
:)
:)
So far so good
Note that this gets around the annoying having to do something special to make it work. I'd login anyway
http://www.xpurple.com
Stephen King already has a copy!
Aw, fuck it. Let's go bowling. - The Big Lebowski
Aaaah, yes...the one thing VillainSupply.com didn't have. It is time. MUAHAHA!. MUAHAHAHAHA!! MUAHAHAHAHAHAHAHA!!!
Like, do I have to do a "trial death", spewing out messages all over the internet like "Hey I'm dead, blah, blah, oh by the way I'm just testing my death switch, you may disregard this message". I think after testing it out a couple of times nobody's really going care when you really do die to take notice.
Certainly the chances of an accidental death mode going off are high. So I think there should be different "death alert levels". If you don't sign in after a month, it starts sending out alert messages like "Hey I haven't been around for a while and I might be dead, please check whether or not I'm dead for me, Thanks bud!".
There should also be instructions given in an email to your friends/family so that they too can stop the death switch for you in dire or unusual situations (coma, kidnapping, laziness). And only then if another couple days pass it goes into full blown death mode.
http://www.majcher.com/nytview.html
Just use this NYTimes user generator
----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
Reminds me of my last job when we fired someone from finance. I had to go confescate his PC, and every "storage medium" I could find from his office while he was in HR. Not quite the same, but he went on the "death march" and his machine just "vanished" from his office.
-Pete
Soccer Goal Plans
I had a system just like this to protect the computer if it was stolen or I died.
If someone steals it and doesn't run a BBS program at least once a day then he system would encrypt most files and ring me.
Once I have the number of the person who stole my computer I would be able to get them.
The cool thing is that it run from boot block just like a virus so you would need to fully format the disk to get rid of it.
Mouse powered Chips, Open source Processors and Lego
"This is an automated message. If you read this, I am probably dead. My will is to be burried along with my hard drive, and send the rest of my computer hardware as donation to Linus Torvalds."
On the first time they get it, they may get paniced, and set up a funeral for me while I am away.
On the second time, I'd really drop dead and they'll laugh and ignore while I rot on my keyboard for months.
0x2b or not 0x2b, the answer is -1
I already saw a few posts saying things like: "it's useless, it easy to get around etc etc".
We all know you can get around this program. I didn't try installing it, but I'm sure it isn't even hard to prevent it from launching.
However, the idea isn't bad. I'm sure this program will get other people to write similar things, and maybe someone will create a program that is really hard to get around.
In any case, I think that if you really have data you want to protect, you should probably have a lot of protection. This one should only be one amongst many. If used like this, I think this program is great.
This is a repost.
It was on a few weeks ago.
loply.com
The good news: You aren't suffering from paranoia
The bad news: They really are out to get you.
This reminds me of something that was on The Man Show a few years ago. In the event of an untimely death, a (made-up) company could be enlisted to "correct" some things for you. The team came in and replaced items such as Playboy centerfolds, a bong, porn videos, and a - let's just call it a "sexual device" - with pictures of your family, Bibles, and other such things.
They showed a "with and without" sequence, where one's parents came to their dead son's apartment to discover the two different scenarios. It was pretty funny, and encouraged me to say to my roommate, "You know that bottom drawer of my dresser? If I die, burn everything in it."
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
your Laptop? You said you don't reboot often.. do you also not take it out of your house? a good security measure to keep retention or not lose your laptop to theft is... should it get stolen... and someone does something stupid like use it to log onto the net.. that the features you normally use (instant messaging, etc.) would make a tracable record for you to find it's location of use...
:P Geesh, why don't you just encrypt it?
:P
Are you really that concerned about someone getting their hands on your 'sensitive data' without your password or even most likely, a knowledge of unix-like systems?
If you format the drive... you make it nice and easy for any thief/fence to simply put a new OS back on it and pass it along clean... I mean you REALLY don't want someone putting MS Windows on your laptop, now DO YOU? Gotta prevent THAT!
Oopsie. I forgot to send my lost password of the Norwegian database to my boss.
Privacy is terrorism.
I think I'd rather just get a safe deposit box and make instructions to have it opened after my death. Inside would be instructions for emails, postings, etc...
Then you know you wouldn't have to worry about accidentally tripping the program if you went on vacation.
You'd still need an encryption program for files though if you don't trust anyone with that, but that's not a big deal.
Accidentally encrypting data is no big deal, accidentally sending off final emails with very personal messages is a whole other story.
I've had this idea before, because I live alone, and if I died at home it could be weeks before anyone noticed.
The problem is that I'm also absent-minded.
Uhm... NO.
If you turn a machine on (or off.) you change the state of a machine, and thusly, destroy potential evidence.
If they're dropping into your place secretly to install a 'bug' program or hardware piece, then they might turn it on or off..
But, if they just want your data they won't even use any of your hardware to get it, but will just remove your drive and then clone your drive.
Even the local police know that one, I doubt the NSA would be so stupid.
You have to be DEAD before it does anything for you. :)
And when you'r DEAD you'r not capable of giving a shit anymore.
FRA: STFU GTFO
It's not parnoia if they are -realy- out to get you.My "dead man's switch" would have a lot of rm ~.porn commands to run. And how can that thing erase my bookmarks to barnwyardsex.com? :)
A program like this could be used to help find stolen computers. If you dont execute the program and type in the pasword every week or so the prog tries to dial-up and send an email with the current ip. (well that would only work with machines not setup to start with a login prompt anyway.)
This sig was cut off by the sla
A book called The Trigger goes into a fairly in depth subplot about a man arranging his own death/arrest program. The book itself is a little bit weak, but kind of a fun read.
--
RumorsDaily
just remember to # touch /yourself before the 15th of every month and you'll be okay...
...of how Timbuktu (a VNC commercial clone) helped some girl and her brother find back her stolen iMac: the thief had not formatted the HD, and was unsing it to surf the net. ;-)
Much AppleScript was involved, to delete everything personal from the HD then connect to a particular site so the IP could be traced. Quite epic
So I think it's just much better to have some remote control mean on your computer (as long as it is secure), as an aside to completely locking your machine with passwords.
Yet another great reason for secure network time.
I have set up a fire kit that runs as an NT service on my laptop and our file server. In the even that my user ID is removed from the Domain my computer and the server will zip and FTP my personal files to me and delete my personal email.
I've considered adding options to wipe out my HD and user directories, but thought I might be liable if project data was lost.
10: PRINT "Everything old is new again."
20: GOTO 10
If nothing else, it's certainly safer in terms of vacations.
fencepost
just a little off
Maybe I'll burn major karma on this post, but I'll ask anyway ....
What the hell is it with Slashdot and New York Times articles? The Slashdot editors are always rejecting submissions in favor of identical ones that link to the NYT. And here's another weird example: a Slashdot editor feels some overwhelming need to add a link to the NYT on an item that clearly doesn't need it.
What gives?
Prior to that civilization-improving point of revelation let's also have a backdoor so we can get the inside scoop on the really nasty revelations. Free the truth!
___
"with their freedom lost all virtue lose" - Milton
Wouldn't an encrypted file system be a tad more convienent? Everything is 'secure' even if They(tm) scan your harddrive w/o booting from it.
As others have stated, the email features can be enabled via a cronjob.
Have someone you trust, like your wife, your sister or, if you're alone on the world, a lawyer flip on the 'switch' when you're dead.
There must be someone you can trust more then your ability to check in every now and then.
And if there isn't, I truly pitty you, but you can hire a lawyer to do it.
And no there is no conspiracy between the lawyers and the government.
Given the difficulty I have in remembering to keep my hotmail accounts alive, I'd probably not have a much better time remembering to tell the dead man switch that I wasn't dead.
I can see the distressed look on my Mom's face already when she recieves a copy of my doomsday manifesto^H^H^H^H^H^H^Hlast will and testiment!
I was drinking last night so don't expect it to be bug-free although it seems to work. It is left as an exercise to the reader to create the "goneforever" script that decides what to do in the event of your sudden demise (or inability to login to your computer for 15 days). Cron as appropriate. There is no special action, just login.
w orry="$HOME/.gonefishing" ./deadman && echo DEAD!
#!/bin/bash
# Dead man script. Warning, do not take this seriously or use for anything important!
deadman="$HOME/bin/goneforever"
dont
ranonce="$deadman.ran"
period='15 days ago'
lastlogin=`last -1 $USER | cut -c40-55`
if [ `date -d "$lastlogin" +%s` -lt `date -d "$period" +%s` \
-a ! -f $dontworry -a ! -f $ranonce ]; then
$deadman
touch $ranonce
exit 0
fi
exit 1
# exits "false" normally, so you can read val, e.g.
Cheers,
Martin
IIRC there were so many false alarms on the ArsTechnica forums from this thing that the moderators will lock any Deadman Switch posts on sight.
It's an interesting idea, but it's way too easy to forget it's running, go on vacation, and then come back and find your hard disk wiped. Not to mention a forum filled with ArsTechnica loungers weeping over your passing, only to be bitter to find out you've tricked them...
I really wish Arthur would realise these collaborations just ruin his storys. His books with Gentry Lee went the same way.
Saly he's not the only author with this problem.
j.
Absit Invidia
And why is this such a big deal? A friend and I did this 10 years ago - if we didn't log into our Linux boxes for 7 days, it would automatically send out email to everyone we knew, asking us to log in. After 14 days, it would automatically email our digital wills out to affected parties.
This, of course, assumes someone doesn't come along and unplug your machine shortly after you die, but if it's on a dedicated or shared box that wouldn't be a problem.
-- Ed Carp, N7EKG erc@pobox.com PGP KeyID: 0x0BD32C9B What I'm up to: http://intuitives.mine.nu
...this sounds like your next BBC-generated hit. Remember AbFab? This sounds like it could be the masculine equivalent. Get cracking, guys!
Damn, I HATE Region coding and multiple video standards!
Knowledge is power. Knowledge shared is power multiplied.
You see, the problem with encryption is that it can be broken. Also, your PC can be taken away, before the program executes. Your HD can be removed, files restored.
There is only one good solution to this: Place a dozen or more of dynamite sticks inside your case (don't stint), and make sure not to be seen by your colleagues from your company. Place battery inside and connect it with a fuse through some digital "count down" timer. Place "ON" switch on the box door, and wire it to the circuit, so nobody can open your PC without "surprise". You are almost done. The last thing is to connect the clock to the reset switch on the box, and disconnect it from the system (By the way, you don't need reset button on the Linux machine. It newer hangs). You will be required to press the reset button minimum once a week, and few second after every reboot to prevent the box from going OFF. Have fun.
So your sensitive data is either on this machine, or pointed to by this machine. The bad guys watch you for long enough to figure out the likely locations of your dead man switches, and then follow them to your sensitive data.
Your car breaks down stranding you for a week while you're on your Belize holiday, and the first thing you do when you get to an internet cafe is to post a content free message to alt.cypherpunks. Which one of your associates reads alt.cypherpunks religiously, or what servers have you had access to? As long as you never screw up, you should be safe, but you could be defeated by simple traffic analysis.
I hope you didn't entrust that blackmail evidence to someone you love.
Assembly is the reverse of disassembly.
I'm ashamed to admit, I was actually watching Entertainment Tonight this week. In any case, they report that NBC actually bought the series you refer to. They say it could be a "replacement" for Friends, even though later in the report they report that the series would air later in the evening than Friends currently airs. They report it would, of course, be filmed with an American cast for US audiences.
Wrong. IANAWNS, but I would never EVER turn on a machine on with evidence on it. Instead I would yank it's hard drives and put them into a system I know is safe. The only way I know of which could cause a lot of confusion and inconvenience would be to modify the firmware of the hard drive itself to expect an authentication handshake before executing read commands properly, and if it doesn't get a handshake just give out junk and silently start corrupting data on the media. Of course, the self-destruct should not be allowed to be interrupted once its in self-destruct mode and authentication data such as keys should be in part stored on a secure smart card and in part in the users head. Oh and while we're at it modifying that firmware, it would also make sense to encrypt the data on the medium using a key derived from the authentication data. That way, even if they're smart enough to hookup the drive's medium to another "clean" controller, they're still fscked.
Just imagine your "existence" depending on the date of your last Slashdot posting...
All these people can potentially be compromised. THEY have the power. THEY probably got to your wife, sister, and lawyer a long time ago.
stripShow - Where WordPress meets webcomics
rooted. If I didn't check in once in a while, the system would assume my unix box was rooted and take action to lock down the system.
There are people in the world who might actually have a use for this.
Rather than "hello, I am dead", send a message like "would you please call and check on me".
Probably simpler, would be just checking the mailbox, if email hasn't been accessed, then there is a problem, given that most people that are alive, check their mail semi-regularly.
Make sure you format once to quickly start a new filesystem, repeated by a destructive badblock test to finish off the lost data between the inode maps. Just to be safe, scramble the boot sector and randomize the partition tables. That ought to make recovery a bit more difficult.
/dev/hda --ooops, formatted the whole drive as a filesystem, not a partition. Scrambled the partition table and the user's data all in one step. Ooops. Sorry.
/dev/hda --forces write testing on a mounted filesystem with assorted patterns of data. Truely evil.
/sbin/mkfs
/sbin/badblocks -fw
The first step ought to take a few seconds. The second will continue to munch away until the deed is complete. Since all data will be gone, no ill will from upset mourners.
Like you're going to care if "they" get your files when you die.
You don't take any more with you when you leave this world than you brought with you the day you came.
I already have a Deadman's Switch, it's called Windows '98
'They' told me to tell me there is no conspiracy.
While some countries might consider this to be notification, other legal systems distinguish between enjoining someone from performing an action and requiring someone to perform an action. At the very least, it could muddy the legal waters.
Patrick May
Hi, i havent been around for a while, this means im eiather dead or I went out and got a life. Could someone please check up on me?
Why the hell should I give a damn about what happens to my files, money, information etc.. whan I'm DEAD ???
Have you ever heard of something called a "last will and testament", or "will" for short? The article is about a technological measure designed to enforce a will.
Will I retire or break 10K?
It quite possibly has something to do with the fact that the NYT actually, justifiably *is* the newspaper of record in the US.
Mark Prindle, the most underappreciated genius on the web.
In my previous job for a large corporation, there was a programmer who decided that it would be a good idea to install such a switch. In the event he didn't update a particular file at least once within 30 days, a job would start slowly corrupting an accounts receivable database.
Unfortuantely for him, he was severely injured in a car accident and was incapacitated for several months.
Now that he is out of the hospital, he's in jail.
Was it his fault? You bet. But the company was also severely repremanded for having poor controls on sensitive computing systems.
What you do is this.
Get an old busted hard drive.
Open it up.
Gut it.
Pack it full of thermite.
Rig up an electronic ignition that can ignite the thermite.. you'll probably have to stage it.. thermite has a high ignition temperature.(standard electric match -> some chemical that's easy to light but burns really hot -> thermite).
Rig it up a watchdog timer inside the drive too.
Now have a driver that asks for a password on boot and kicks the dog for you.
If it fails.. the dog ignites the thermite and turns your computer into a pile of molten slag.
Who, really, has secrets that are keeping them alive or incriminating evidence that just might get them arrested, imprisoned, or killed. To most people, this kind of utility is a joke. To a few people, however, this is a godsend...
Like, for instance, RAWA. These are the women who ran an underground women's rights movement in Afghanistan while the Taliban were in control. You may have seen their website with its grotesque pictures. They lived and worked in secrecy, in constant fear of being imprisoned or killed by the Taliban. Wouldn't a dead-man's(or -woman's) switch be just the thing to send off a 'Farewell. This is the evidence of my capture at the hands of the Taliban' message?
It's not just them, either. Dissidents in China could also use a utility like this... especially all those guys who just got their internet cafes shut down. Suppose the 2600 guys got raided by the MPAA^H^H^H^HFBI and were all put in prison. I imagine that Emanuel Goldstien has some juicy information he'd like to share in the event of his capture or death.
The Gotti family has been in the news a lot lately. Suppose that you were a mob informant and had information on them that was all that was standing between you and 'Sleeping with the Sopranos after next season'. A dead-man's switch would go a long way to allowing you to release that last little bit of information, even if the mafia got to you first.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
first time i went skydiving, i set up an 8-hour countdown script to mail out "hi, i just went skydiving and hit the ground awfully hard...call my next of kin" messages to everybody in my address book. keyed it to seti@home screensaver mode, so when it quit the script was aborted. otherwise i know i'd have forgotten.
Facts do not cease to exist because they are ignored. - Aldous Huxley
I wouldn'y say it quite like that, but I pretty much concur that one doesn't care about a lot of that stuff when one has moved on from this world... I should like to have stuff happen when I die... there is some stuff I simply would never want published till after I'm dead.
I want certain people to get my cool information on my computer. Not some random losers who happen to trip on my computer 10 years after I'm dead and my pc has been screwed by people who knew nothing about me.
Other than that, what's new about this?
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
is using this software...
Invoicing, Time Tracking, Reporting
Are you a troll?
Have you died?
If the answer to the above questions is a resounding "w3rd!!", then have we got the program for you! Introducing "L4$t Pr0st!!". Inform a likely relieved populace of your unfortunate demise in style. Written in perl, "L4$t Pr0st" integrates easily with your favorite "F1r$t Pr0st" sniper script. Along with a standardized (but customizable) message, "L4$t Pr0st" can leave a personalized message to your adoring public, readable by them until you are modded down past viewable level. Let them know what you REALLY think...make them pje4r you...transmit URLs to your favorite gaping anus webpage; With "L4$t Pr0st" the possibilities are endless, even if your mortal coil is not!
"Make your final First Post your Last Post, with L4$t Pr0st!"
Warning: "L4$t Pr0st Ltd." and it's parent company "Mbogo Plumbing and Software", its affiliates, subsidiaries, and shareholders hereby disavow all liability for any adverse affects in the afterlife caused by loss of Karma due to use of L4$t Pr0st, including but not limited to assignment to a lower than expected circle of Hell, in perpetutity and throughout the Universe.
"These people look deep within my soul and assign me a number based on the order in which I joined" --Homer re:
Comment removed based on user account deletion
Not quite dead, but might be out of commision for a few weeks..
---- Booth was a patriot ----
Forget that! I'll take the top-secret recipe for the immortality elixer with me to my grave!
"These people look deep within my soul and assign me a number based on the order in which I joined" --Homer re:
This is a automated message setup to notify you that I apperently have died.
-THIS SPACE FOR RENT!
Oh, sure, that's exactly what they want us to believe. Admit it, you're one of them--probably a lawyer--aren't you? You're trying to get us to reveal all of our secrets to the Grand Global Lawyer-Government Conspiracy! Admit it!
Comment removed based on user account deletion
What if you do a cron job (or similar) that checks if you login at least twice a month and you actually die and all your friends and parents already know!
I wouldn't want them to get an email message from me a few days after they learned that I am dead that says "Could you please check on me?".
This would be at least a little shock for them to just receive an email from me!
Anyways the idea of erasing/encrypting your personal data is a good idea, but you should give the decryption key to someone so that your "important files" are not lost forever.
Actually, getting caught was just bad luck for him, not a mistake.
{rant}
The mistake was in doing something WRONG -- setting up a system ahead of time to cause DAMAGE to the property of someone else is WRONG. Once you stop working for that company, you have no right to do bad things to their systems. Actually, when you DO work there, you don't have a right to do bad things to their systems. You still don't have a RIGHT to the information that is on their systems. My GOD, the arrogance of programmers/system admins who feel that it is their network to do with as they please. Unless you are the one signing the check each week, that is...
Vandalism is vandalism. I get pissed when the punks down the street spraypaint a fence and mess up what is a beautiful neighborhood. I get pissed when someone with a big ego and a bigger sense of entitlement comes up with a way to vandalize the property of their former boss. It is sophomoric, unethical and just plain wrong.
I can see the case for security on a personal system. A laptop. A privately owned workstation. I am all for freeing information and sharing what we know. Knowledge is power. Open source is good. Preaching to the choir, there. But...
The direction that a subset of our community seems to take... this gleeful boating about destroying the private property of another... the idea that might makes right... well, let's just say it pisses me off and does a disservice to the community.
{/rant}
I would have to say that explosives are the most abused technology in all of history.
This has been a test, of the emergency conspiracy-death system. If this had been an actual conspiracy-death, this post would have been followed by lots of random looking crap that would actually be encrypted porn. BRZRZRZRZRZR. BRZRZRZRZRZR.
Make sure it mails out the encryption key to your
Norwegian history database!
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
If you can't grasp that, grasp that most companies that inspire this sort of feeling are the large impersonal ones that are likely to survive, and that eventually they may figure out what you did at which point you're screwed for the rest of your life and they're minorly inconvenienced. Not worth it.
fencepost
just a little off
You could just have it blast the infernal Celine Dion song from Titanic first, ensuring you are dead. Even if you're in a deep coma you'll leap up awake and turn it off just to save your sanity.
I design user interfaces for a free network management application,
Comment removed based on user account deletion
Just be careful you don't forget to "check in" if your servers go down for some reason!
There's a great bit of dialogue at one point that goes something like "You can't attack him, he's a sovereign nation!" "So, I'll declare war on him first." If anyone has a copy handy maybe they can transcribe it.
Danny.
I have written over 900 book reviews
This will also turn the computer and everything in it into a molten blob of junk. It doesn't matter if the thermite is in a working drive or non-working drive.
Man, God forbid you from ever falling asleep...
free the mallocs!