Software Dead Man's Switch

Anonymous Coward writes "DaisyMan over on ArsWare has come up with a software based Dead Man's Switch that will, if you don't 'check in' every so often, post a message (presumably about your demise, but whatever you wish) to various message boards, send email (maybe that incriminating evidence?) to your friends, and encrypt specified files on your computer so that 'they' can't have them. Paranoia? Yeah, but they really _are_ watching you ..." Update: 06/22 12:57 GMT by T : The idea isn't new, but recently sparked a New York Times article.

CRON?

[vbrtrmn]

If you are really paranoid, couldn't you just run a cron job every few days, that if you don't stop would do this? You could probably just have it wipe your drive. Of course if you forgot, you'd be SOL.

Re:CRON?

[DEBEDb]

If you don't want your Mom to see it than perhaps you'd be better off without it?

Do you want your Mom to see you
having sex? If the answer is no, perhaps
you'd be better off without it.

Re:CRON?

[Manitcor]

This tool provides one better, though some of your data you may wish to just disappear. With this tool you can encrypt files, I can think of many cases where you might wish some points of data to outlive you.

With the encryption routine then you can include a copy of the decryption program and the password sealed in your Will and then you can Will that stuff to whomever may need the data (business partners, spouses, children, channel 9 News, etc.)

Some of us have data that is not just porn.

Flaw?

[Deanasc]

OK wouldn't this be a moot point if my enemies get my computer offline before the switch is thrown. A better way would be for the software to run off something like FIDOnet with no single weakpoint. Just my 2 cents.

Re:Flaw?

[Ami+Ganguli]

It depends on how you set it up and whether or not 'they' know you've got such a system.

Under Linux you'd presumably use Anacron to schedule the task, so if the computer is powered on intact the task will trigger.

If 'they' are anticipating a self destruct mechanism then, yeah, 'they' can get around it. But I think even the wariest NSA spook will probably at least try to turn the machine on before deciding to disassemble it. As soon as that happens you're safe.

If you are not here, please raise your hand.

[march]

What if you forget to check in? Does the "countdown" start? Will the world end?

This is similar to the argument about usenet (message boards) vs. mailing lists. With mailing lists, if you forget about a low traffic list, you are reminded when mail comes in. With a message board, you have to remember to check in.

I find the "check in" model flawed because we (humans) are flawed.

BBS Days

[totallygeek]

I had something similar for my BBS. It was a DOS TSR that had a countdown and unless I typed in two phrases before it ran out it would zero-out the drive. Well, software sucks, and software on DOS doubly so -- can you say boom!?!?!

Re:BBS Days

[brejc8]

Thats weird! I just wrote thesame story below.

Safe House

[smackdotcom]

This sounds markedly similar to the idea employed in the underrated TV-movie Safe House, where Patrick Stewart's character, a retired spook, employs a software failsafe based on his ability to recreate a Japanese alphabet character. If he is unable to complete this task every day by a certain time, incriminating information about his black ops "friends" would automatically be sent to every major news organization on the planet. It could be very handy if you think someone is out to get you...

Re:Safe House

[SuiteSisterMary]

It's not that difficult to configure a network to be one-way only.

Question...

[rant-mode-on]

The question is, can I set up a cron job to save me being pestered by it all the time?

Re:Question...

[clary]

Hehe.

Actually, maybe the poster was serious??? I could imagine putting the cron job on one of your main servers or workstations, easily found by "THEM." The dead-man's switch would be on some less obvious machine, in another location. When "THEY" rush in, unplug, and cart off all your machines, "THEY" unknowingly turn off the cron job.

For the most delicious irony, the most wily of you might find some way to host the dead-man's switch on one of "THEIR" machines!

login script

[xpurple]

I've got my laptop set to format the drive (yes | rm -r /) if I don't login every so often. Currently it's set at two weeks (I don't reboot much). I don't see this causing any issues, and it makes me feel better.

So far so good :)

Note that this gets around the annoying having to do something special to make it work. I'd login anyway :)

Re:login script

[swillden]

I've got my laptop set to format the drive (yes | rm -r /) if I don't login every so often.

For the truly paranoid, that's not good enough. You really ought to make sure that random data gets written all over the drive at least, and you also risk the chance that someone may get to your data before it's wiped.

I recommend encrypting everything. The easiest way is to use an encrypting file system (I use Cryptfs) . Then, you just have to arrange for your machine to forget the password and all of your data is inaccessible, even to forensics (well, unless they can guess your passphrase, so use a good, long, complex one, or unless they can break the cipher, which is unlikely at best if you use a good implementation of a respected, modern algorithm).

I hacked the screen lock (which can be engaged automatically when the screensaver comes on) to execute "echo wrongpassword | fist_setkey /mnt/cryptfs", which changes the key being used to access my encrypted data, making it all inaccessible (and invisible to the casual attacker).

When I unlock the screen, I have to enter both my login password and my cryptfs passphrase.

So, after 30 minutes of inactivity, or after a reboot, all of my data is inaccessible. The most significant weakness is the possibility that my passphrase might get written to the swapfile. I've been meaning to look into that but haven't gotten around to it.

Re:login script

[Bishop]

There is a chance that your passphrase could end up in the swap file. Use an encrypted swap to be safe.

Re:login script

[swillden]

Yes, I mentioned that issue. Do you have any pointers to information on how to set up encrypted swap?

How do you test it?

[falser]

Like, do I have to do a "trial death", spewing out messages all over the internet like "Hey I'm dead, blah, blah, oh by the way I'm just testing my death switch, you may disregard this message". I think after testing it out a couple of times nobody's really going care when you really do die to take notice.

Certainly the chances of an accidental death mode going off are high. So I think there should be different "death alert levels". If you don't sign in after a month, it starts sending out alert messages like "Hey I haven't been around for a while and I might be dead, please check whether or not I'm dead for me, Thanks bud!".

There should also be instructions given in an email to your friends/family so that they too can stop the death switch for you in dire or unusual situations (coma, kidnapping, laziness). And only then if another couple days pass it goes into full blown death mode.

Re:How do you test it?

[BarefootClown]

laziness

I thought you said unusual situations...

Re:NY Times registration

[ZaneMcAuley]

http://www.majcher.com/nytview.html

Just use this NYTimes user generator :D

Old DOS days

[brejc8]

I had a system just like this to protect the computer if it was stolen or I died.
If someone steals it and doesn't run a BBS program at least once a day then he system would encrypt most files and ring me.
Once I have the number of the person who stole my computer I would be able to get them.
The cool thing is that it run from boot block just like a virus so you would need to fully format the disk to get rid of it.

Re:Old DOS days

[liquidsin]

it actually just called Haley Joel Osment. He sees dead people.

supposedly dead

[Dan+Aloni]

I really don't like the idea that by mistake, my relatives, friends, or colleagues on the Internet will get this kind of E-Mail by mistake:

"This is an automated message. If you read this, I am probably dead. My will is to be burried along with my hard drive, and send the rest of my computer hardware as donation to Linus Torvalds."

On the first time they get it, they may get paniced, and set up a funeral for me while I am away.

On the second time, I'd really drop dead and they'll laugh and ignore while I rot on my keyboard for months.

The more the better

[muffen]

I already saw a few posts saying things like: "it's useless, it easy to get around etc etc".
We all know you can get around this program. I didn't try installing it, but I'm sure it isn't even hard to prevent it from launching.
However, the idea isn't bad. I'm sure this program will get other people to write similar things, and maybe someone will create a program that is really hard to get around.

In any case, I think that if you really have data you want to protect, you should probably have a lot of protection. This one should only be one amongst many. If used like this, I think this program is great.

The good news and the bad news

[unformed]

The good news: You aren't suffering from paranoia
The bad news: They really are out to get you.

necessary services

[dboyles]

This reminds me of something that was on The Man Show a few years ago. In the event of an untimely death, a (made-up) company could be enlisted to "correct" some things for you. The team came in and replaced items such as Playboy centerfolds, a bong, porn videos, and a - let's just call it a "sexual device" - with pictures of your family, Bibles, and other such things.

They showed a "with and without" sequence, where one's parents came to their dead son's apartment to discover the two different scenarios. It was pretty funny, and encouraged me to say to my roommate, "You know that bottom drawer of my dresser? If I die, burn everything in it."

Re:necessary services

[twoshortplanks]

Reminds me of the concept of "Porn Buddies" mentioned in the BBC series "Coupling." Basically you and a best mate exchange keys so that they can rush round and hide your porn in the case of your sudden death.

Good series. Oooh, look, you can buy it on DVD.

Safe Deposit Box

[SparkyTWP]

I think I'd rather just get a safe deposit box and make instructions to have it opened after my death. Inside would be instructions for emails, postings, etc...

Then you know you wouldn't have to worry about accidentally tripping the program if you went on vacation.

You'd still need an encryption program for files though if you don't trust anyone with that, but that's not a big deal.

Accidentally encrypting data is no big deal, accidentally sending off final emails with very personal messages is a whole other story.

Re:Safe Deposit Box

[Mignon]

I think I'd rather just get a safe deposit box and make instructions to have it opened after my death.

This is actually slightly trickier than that. Just a couple of weeks ago, my brother and I met with my parents and their lawyer to discuss their will. The lawyer just explicitly told us not to keep their will in their safe deposit box, since banks automatically lock them when they find out someone died. And banks have people whose job it is to scan obits. I forgot the details, but the lawyer said there is a way to get let into the box, but it will be delayed.

In other words, by the time your trusted people get to your safe deposit box, the untrusted people could have had their way with your computer, etc.

Spooks turning machines on/off...

[ArtEnvironment]

Uhm... NO.

If you turn a machine on (or off.) you change the state of a machine, and thusly, destroy potential evidence.

If they're dropping into your place secretly to install a 'bug' program or hardware piece, then they might turn it on or off..

But, if they just want your data they won't even use any of your hardware to get it, but will just remove your drive and then clone your drive.

Even the local police know that one, I doubt the NSA would be so stupid.

"The Trigger" by Arthur C. Clark and Kube-McDowell

[DoorFrame]

A book called The Trigger goes into a fairly in depth subplot about a man arranging his own death/arrest program. The book itself is a little bit weak, but kind of a fun read.

Time, oh Time

[standards]

Yet another great reason for secure network time.

On a similar note... Fire Kits

[Xiver]

I have set up a fire kit that runs as an NT service on my laptop and our file server. In the even that my user ID is removed from the Domain my computer and the server will zip and FTP my personal files to me and delete my personal email.

I've considered adding options to wipe out my HD and user directories, but thought I might be liable if project data was lost.

A more effective one

[Fencepost]

Though their website is sappier than I would've believed possible, "Loving Pup" has a service along these lines for folks in the US. They aren't looking for notifications, they get the death notifications (by SSN) from the US government; when your SSN is listed they send the email messages that you'd set up in advance. Of course, they also charge an annual fee ranging from $12-24.

If nothing else, it's certainly safer in terms of vacations.

Revelation Day

[wytcld]

How about we offer really slick freeware (or even better, 'shareware' that can easily not be paid for so folks think its of greater value) secretly set to go off on the Day of Reckoning?

Prior to that civilization-improving point of revelation let's also have a backdoor so we can get the inside scoop on the really nasty revelations. Free the truth!
___

A much easier, less risky, more effective solution

Have someone you trust, like your wife, your sister or, if you're alone on the world, a lawyer flip on the 'switch' when you're dead.

There must be someone you can trust more then your ability to check in every now and then.

And if there isn't, I truly pitty you, but you can hire a lawyer to do it.
And no there is no conspiracy between the lawyers and the government.

I'd be "dead" in short order

[buffy]

Given the difficulty I have in remembering to keep my hotmail accounts alive, I'd probably not have a much better time remembering to tell the dead man switch that I wasn't dead.

I can see the distressed look on my Mom's face already when she recieves a copy of my doomsday manifesto^H^H^H^H^H^H^Hlast will and testiment!

bash script

[martinflack]

I was drinking last night so don't expect it to be bug-free although it seems to work. It is left as an exercise to the reader to create the "goneforever" script that decides what to do in the event of your sudden demise (or inability to login to your computer for 15 days). Cron as appropriate. There is no special action, just login.

#!/bin/bash
# Dead man script. Warning, do not take this seriously or use for anything important!
deadman="$HOME/bin/goneforever"
dontw orry="$HOME/.gonefishing"
ranonce="$deadman.ran"
period='15 days ago'
lastlogin=`last -1 $USER | cut -c40-55`
if [ `date -d "$lastlogin" +%s` -lt `date -d "$period" +%s` \
-a ! -f $dontworry -a ! -f $ranonce ]; then
$deadman
touch $ranonce
exit 0
fi
exit 1
# exits "false" normally, so you can read val, e.g. ./deadman && echo DEAD!

Cheers,
Martin

Good in theory, Bad in practice

[1g$man]

IIRC there were so many false alarms on the ArsTechnica forums from this thing that the moderators will lock any Deadman Switch posts on sight.

It's an interesting idea, but it's way too easy to forget it's running, go on vacation, and then come back and find your hard disk wiped. Not to mention a forum filled with ArsTechnica loungers weeping over your passing, only to be bitter to find out you've tricked them...

Re:"The Trigger" by Arthur C. Clark and Kube-McDow

[2sheds]

I really wish Arthur would realise these collaborations just ruin his storys. His books with Gentry Lee went the same way.

Saly he's not the only author with this problem.

j.

Oh Comedy Central...

[MsGeek]

...this sounds like your next BBC-generated hit. Remember AbFab? This sounds like it could be the masculine equivalent. Get cracking, guys!

Damn, I HATE Region coding and multiple video standards!

Wrong. Dreadfully wrong.

[gd23ka]

Wrong. IANAWNS, but I would never EVER turn on a machine on with evidence on it. Instead I would yank it's hard drives and put them into a system I know is safe. The only way I know of which could cause a lot of confusion and inconvenience would be to modify the firmware of the hard drive itself to expect an authentication handshake before executing read commands properly, and if it doesn't get a handshake just give out junk and silently start corrupting data on the media. Of course, the self-destruct should not be allowed to be interrupted once its in self-destruct mode and authentication data such as keys should be in part stored on a secure smart card and in part in the users head. Oh and while we're at it modifying that firmware, it would also make sense to encrypt the data on the medium using a key derived from the authentication data. That way, even if they're smart enough to hookup the drive's medium to another "clean" controller, they're still fscked.

I always wanted something like this for getting ..

[neo]

rooted. If I didn't check in once in a while, the system would assume my unix box was rooted and take action to lock down the system.

Re:The Ultimate Solution

[Monkey+Angst]

There is only one good solution to this: Place a dozen or more of dynamite sticks inside your case (don't stint), and make sure not to be seen by your colleagues from your company.... Have fun.

Damn. You live in Montana, don't you? :)

Disabled, the elderly and others

[jhines]

There are people in the world who might actually have a use for this.

Rather than "hello, I am dead", send a message like "would you please call and check on me".

Probably simpler, would be just checking the mailbox, if email hasn't been accessed, then there is a problem, given that most people that are alive, check their mail semi-regularly.

Re:Disabled, the elderly and others

[droleary]

Rather than "hello, I am dead", send a message like "would you please call and check on me".

This is even worse! If the message gets falsely sent, you end up having to talk to old, sickly people!

ObHomer: Old people don't need companionship. They need to be isolated and studied so it can be determined what nutrients they have that might be extracted for our personal use.

fastest way to destruction

[dattaway]

Make sure you format once to quickly start a new filesystem, repeated by a destructive badblock test to finish off the lost data between the inode maps. Just to be safe, scramble the boot sector and randomize the partition tables. That ought to make recovery a bit more difficult.

/sbin/mkfs /dev/hda --ooops, formatted the whole drive as a filesystem, not a partition. Scrambled the partition table and the user's data all in one step. Ooops. Sorry.

/sbin/badblocks -fw /dev/hda --forces write testing on a mounted filesystem with assorted patterns of data. Truely evil.

The first step ought to take a few seconds. The second will continue to munch away until the deed is complete. Since all data will be gone, no ill will from upset mourners.

Re:Security violation in itself

[Emugamer]

Then why have all your eggs in one basket? I personally have 6 machines at home only one contains any sensative data which would be mildly annoying if it fell into hte wrong hands.. However I have around 15 computers spread around the internet (2 different countries 10 different locations) that are still mine by some over spending fluke of .com era. Now I access eac h of these maybe once a month and onlly with https ... I use https to accesss a dozen minor sites a day from exchange web access to secure forums to a lot of other stuff. Its hard to find all of those boxs if I did need to use them myself let alone if someone needed to track them all down. not that I have any sensative data on them any way. + My sensative data is mostly porrly written love notes, drafts of legal documents and papers that I wrote in 6th grade. More embaresssing then anything else

Dead? Or just laid off?

[standards]

In my previous job for a large corporation, there was a programmer who decided that it would be a good idea to install such a switch. In the event he didn't update a particular file at least once within 30 days, a job would start slowly corrupting an accounts receivable database.

Unfortuantely for him, he was severely injured in a car accident and was incapacitated for several months.

Now that he is out of the hospital, he's in jail.

Was it his fault? You bet. But the company was also severely repremanded for having poor controls on sensitive computing systems.

Okay

[mindstrm]

What you do is this.

Get an old busted hard drive.
Open it up.
Gut it.
Pack it full of thermite.
Rig up an electronic ignition that can ignite the thermite.. you'll probably have to stage it.. thermite has a high ignition temperature.(standard electric match -> some chemical that's easy to light but burns really hot -> thermite).
Rig it up a watchdog timer inside the drive too.

Now have a driver that asks for a password on boot and kicks the dog for you.

If it fails.. the dog ignites the thermite and turns your computer into a pile of molten slag.

Re:Okay

[silentbozo]

Run a bunch of current through a thin strip of magnesium, that should do nicely to ignite the thermite.

Who could use this in RL?

[Bonker]

Who, really, has secrets that are keeping them alive or incriminating evidence that just might get them arrested, imprisoned, or killed. To most people, this kind of utility is a joke. To a few people, however, this is a godsend...

Like, for instance, RAWA. These are the women who ran an underground women's rights movement in Afghanistan while the Taliban were in control. You may have seen their website with its grotesque pictures. They lived and worked in secrecy, in constant fear of being imprisoned or killed by the Taliban. Wouldn't a dead-man's(or -woman's) switch be just the thing to send off a 'Farewell. This is the evidence of my capture at the hands of the Taliban' message?

It's not just them, either. Dissidents in China could also use a utility like this... especially all those guys who just got their internet cafes shut down. Suppose the 2600 guys got raided by the MPAA^H^H^H^HFBI and were all put in prison. I imagine that Emanuel Goldstien has some juicy information he'd like to share in the event of his capture or death.

The Gotti family has been in the news a lot lately. Suppose that you were a mob informant and had information on them that was all that was standing between you and 'Sleeping with the Sopranos after next season'. A dead-man's switch would go a long way to allowing you to release that last little bit of information, even if the mafia got to you first.

I just hope they don't try to patent the idea

[darkonc]

What this is is a software watchdog timer. It's available in the Linux kernel, and I'm sure that it would take minimal work to have it execute arbitrary code instead of resetting the box.

Other than that, what's new about this?

Comment removed

[account_deleted]

Comment removed based on user account deletion

This whole attitude just pisses me off

[uptownguy]

Actually, getting caught was just bad luck for him, not a mistake.

{rant}

The mistake was in doing something WRONG -- setting up a system ahead of time to cause DAMAGE to the property of someone else is WRONG. Once you stop working for that company, you have no right to do bad things to their systems. Actually, when you DO work there, you don't have a right to do bad things to their systems. You still don't have a RIGHT to the information that is on their systems. My GOD, the arrogance of programmers/system admins who feel that it is their network to do with as they please. Unless you are the one signing the check each week, that is...

Vandalism is vandalism. I get pissed when the punks down the street spraypaint a fence and mess up what is a beautiful neighborhood. I get pissed when someone with a big ego and a bigger sense of entitlement comes up with a way to vandalize the property of their former boss. It is sophomoric, unethical and just plain wrong.

I can see the case for security on a personal system. A laptop. A privately owned workstation. I am all for freeing information and sharing what we know. Knowledge is power. Open source is good. Preaching to the choir, there. But...

The direction that a subset of our community seems to take... this gleeful boating about destroying the private property of another... the idea that might makes right... well, let's just say it pisses me off and does a disservice to the community.

{/rant}

Simple!

[zCyl]

This has been a test, of the emergency conspiracy-death system. If this had been an actual conspiracy-death, this post would have been followed by lots of random looking crap that would actually be encrypted porn. BRZRZRZRZRZR. BRZRZRZRZRZR.

Have it do this...

[sconeu]

Make sure it mails out the encryption key to your
Norwegian history database!

If you feel a need to do this....

[Fencepost]

If you feel a need to screw your coworkers like this if you quit/get fired/whatever, you're at the wrong company. Quit now before you do something stupid and vindictive that's likely to mess up your life, because if you feel like that now even if things improve you'll never really be happy there.

If you can't grasp that, grasp that most companies that inspire this sort of feeling are the large impersonal ones that are likely to survive, and that eventually they may figure out what you did at which point you're screwed for the rest of your life and they're minorly inconvenienced. Not worth it.

Re:Hmmm...

[sconeu]

Just imagine your "existence" depending on the date of your last Slashdot posting...

You mean it doesn't? Crap, I didn't have to check /. every day?

for best effect, go nuclear

[danny]

Obtain a surplus Russian nuclear warhead and wire your dead man switch to that... That's what one of the characters in Neil Stephenson's Snow Crash does, anyway - the result is that he gets looked after very carefully by local law enforcement.

There's a great bit of dialogue at one point that goes something like "You can't attack him, he's a sovereign nation!" "So, I'll declare war on him first." If anyone has a copy handy maybe they can transcribe it.

Danny.

Well

[mindstrm]

This will also turn the computer and everything in it into a molten blob of junk. It doesn't matter if the thermite is in a working drive or non-working drive.

Re:I like mine better

[juliao]

Man, God forbid you from ever falling asleep...