How To Foil NSA Sabotage: Use a Dead Man's Switch

mspohr writes "Cory Doctorow has an interesting idea published in today's Guardian on how to approach the problem of NSA 'gag orders' which prevent web sites, etc. from telling anyone that they have been compromised. His idea is to set up a 'dead man' switch where a site would publish a statement that 'We have not been contacted by the government' ... until, of course, they were contacted and compromised. The statement would then disappear since it would no longer be true. He points out a few problems... Not making the statement could be considered a violation of disclosure... but, can the government force you to lie and state that you haven't been contacted when you actually have?" Rsync.net has been doing this for years; rather than the statement disappearing in case of an NSL being issued, it simply would stop updating. Indeed, their canary text also points out the same possible flaws: "This scheme is not infallible. Although signing the declaration makes it impossible for a third party to produce arbitrary declarations, it does not prevent them from using force to coerce rsync.net to produce false declarations. The news clip in the signed message serves to demonstrate that that update could not have been created prior to that date. It shows that a series of these updates were not created in advance and posted on this page."

What do you mean by "can"?

[kju]

can the government force you to lie and state that you haven't been contacted when you actually have

As we should have learned, the government by large does not care if they "can" (in a legally sense), they just do it. But if necessary: Those rubber stamp courts will surely find a way to make it happen in a way which is legal on paper.

Re:What do you mean by "can"?

[Joce640k]

All these tricks are just wishful thinking.

If other people learn you've been contacted then you're guilty no matter how you did it - by telling them or by stopping updates to a web site. It's all communication.

Re:What do you mean by "can"?

[FriendlyLurker]

Speaking of foiling NSA and other of the worlds shadowy sky organizations shenanigans, there are some great ideas floating about like this one posted a few NSA stories back by Anachragnome: "The NSA has made it clear that making connections--following the metadata--is often enough to get an investigation started. So why not do the same thing? Turn the whole thing around? Start focusing on their networks."

A sort of They Rule type network connection analysis on lists of people involved, start tallying connections and contacts build dossiers and trust-worthiness - combined with dead man switches for websites and professionally shunning anyone/organizations that have worked to subvert the security of the internet in favor of spying and undermining the social contract of the internet.

In related news Reddit co-founder was exposed as wanting to sign up and use Reddit/his reputation as a mouthpiece/research partner for Stratfor. Stratfor turned him down they already had people from the social networking world working for them apparently. Given Slashdot appears to give regular airtime to well known warmongering trolls, will anyone be surprised if most sites like Slashdot are already on the payroll...

The truth, it's just a leak away, it's just a leak awaaay....

Re:What do you mean by "can"?

[TWiTfan]

Agreed. In an America of secret courts, indefinite detention without trial or habeas corpus, secret police who prohibit you from even telling anyone they've contacted you, etc.--the concept of "proving yourself innocent" is laughable. "Because we said so" is the only charge the feds need anymore. Everything else is just dressing.

Re:What do you mean by "can"?

[Defenestrar]

In the case of a signed (and dated) statement, you still hold the controlling factor and would necessitate coercion on the behalf of the other party. If the other party (government or individual) is willing and able to bear sufficient coercion upon you to acquiesce to perjury, than the system fails. So, one should only implement such a model if one believes that the level of coercion is within the limits of one's conviction to resist - otherwise you're setting yourself and your "trusted" parties up for compromise.

A "dead man switch" system like this certainly lends itself to a civil disobedience of passive resistance in the tradition of Gandhi, and MLK Jr. But what level do you go for? If I recall right (and strongly paraphrasing), Gandhi's solution to the atomic threat was to allow yourself to be nuked so that the children of the "victor" would express enough horror at the methods that they would reject the philosophy used for the strike and therefore giving the "victim" the final moral victory. Personally, I suspect that I am vulnerable to coercion threatening the annihilation of my entire nation - and probably even a lesser version closer to home.

One thing I've learned about the country with the Bill of Rights is that there are times when the government does exceed its authority, and sometimes even the courts rubber stamp it (although not always - look at Jackson and the Supreme Court), but ultimately a correction factor is applied. Sometimes this is a groundswell of public ire, a brave confrontation like Ed Murrow, and often a combination of the two (i.e. civil rights in the '60s). Although occasionally, due to lack of notoriety or some such, the lesson isn't completely learned until the next generation reads it in their history books (i.e. syphilis study).

Finally, one also need to make sure that anyone else with the authentication to substitute for you holds the same convictions. For example, Thoreau only spent the one night in jail because someone else paid his poll taxes.

Re:What do you mean by "can"?

[Lumpy]

Secret? They do that openly. It is common knowledge they can jail you forever without trial or even telling you of what crime you may have violated. And the American public love it because it's "fighting terrorisim".

Secret means it's hidden, All of this is out in the open and publicly accepted.

Re:What do you mean by "can"?

[Defenestrar]

... The truth, it's just a leak away, it's just a leak awaaay....

And if you have potatoes, then the truth can bring some awesome soup with it

Re:What do you mean by "can"?

[BrokenHalo]

If I recall right (and strongly paraphrasing), Gandhi's solution to the atomic threat was to allow yourself to be nuked so that the children of the "victor" would express enough horror at the methods that they would reject the philosophy used for the strike

Trouble is, the history books tend to be written by the victors.

...Although occasionally, due to lack of notoriety or some such, the lesson isn't completely learned until the next generation reads it in their history books...

And given that so many people increasingly do not read at all (except in gobbets of 140 characters), I don't hold out much hope that their attention span will accommodate a book of any length.

Re: What do you mean by "can"?

[dave3548]

No, we don't "love it", we're appalled, angry, embarrassed and saddened. Trust in government is at an all-time low.

Re: What do you mean by "can"?

A somewhat vocal minority think the government has gone too far in its war on terrorists. Perhaps you remember the TSA's short-lived attempt to relax restrictions. My local news never has any trouble finding a member of the public willing to say how much safer they feel each time a government agency proposes a new search method or new restriction.

Slashdot is a libertarian-leaning echo chamber and not representative of America.

Re: What do you mean by "can"?

[wvmarle]

No, we don't "love it", we're appalled, angry, embarrassed and saddened.

No doubt there are also in the US many people who are appalled, angry, embarrassed and saddened about these indefinite detentions. However there are obviously not enough of them. Not enough people in the US that really want it to be changed, not enough people there that go to the streets and protest against those human rights violations, not enough people there voting for politicians who make fixing it their primary item.

Most of the rest of the world wants it to be changed. I really hope you guys can fix this issue, instead of trying to make such behaviour the norm and pull more and more other countries (most notably in Europe) into this.

Trust in government is at an all-time low.

Do you have anything to back up that claim? Or is it just your personal opinion?

Re: What do you mean by "can"?

[Lumpy]

Yes you do. I was born and raised in the USA and most everyone I meet approves of everything that they do to fight the boogymen.
It is RARE to find someone that actually wants the govt to follow the constitution.

Re:What do you mean by "can"?

[Somebody+Is+Using+My]

Sadly, this is the state of the country that I was once taught was supposed to stand for freedom in the world.

Fortunately, it actually isn't.

That is not to say that there are not some decidedly concerning excesses being committed by the government and its partners. From overreach by the executive branch, to undisciplined agencies like the NSA running havoc across our Constitutionally-protected (but not granted, important difference!) rights, down to the increasing aggressiveness of our police force, there are undoubtedly serious problems we as a nation need to face up to and rectify. These symptoms are indicative of a very worrying trend and it is right for Americans - and, indeed, citizens across the world - to take note of and speak against.

But even cynical as I am, the despairing belief that the United States of America is currently little more than a well-disguised police-state is so blatantly false to anyone who lives here as to be laughable. I'll not deny that we might one day end in such a place and we must fight against it. But America still remains a bastion of freedom and while it may no longer be a beacon guiding others, it still shines brightly enough. That we can have this conversation without fear of retribution at all is testament to that fact. That (barring a further slide into tyranny) I expect to go through my life without worrying about ending up in a gulag for my particular beliefs is a testament to that fact. That I have an opportunity - however slight it may be - to help change the direction of this country should I chose to do so is testament to this fact.

I still believe - contrary even to my expectations - that most Americans hold true to the ideals of this nation and would, given the chance, work to correct this nation onto a more favorable path. This even includes many of those we've granted positions of authority over ourselves. But between the vast bureaucracy of the government, the confusing melange of messages we get from the media and the self machinations of corporations, it is easy for these same Americans to feel powerless and so they do nothing. It's less apathy than a lack of a clear direction; they want to keep this country true to its ideals but do not know how - and worse, do not believe they can effect a change.

So rather than despair I encourage people to remember what makes this nation great and fight against those who would destroy it for their own short-term gains. Don't just accept the status quo or through excess cynicism allow justice to slip through our fingers. Speak out against these illegal actions, both to fellow citizens and to your representatives in both the state and federal governments. More to the point, do not through inaction be an accomplice to such un-American activities such as the NSA has been enacting; take a stand against them. You don't have to directly oppose them, just don't be their agent; if there are those who wish to subvert the ideals of this nation, make them do their own dirty work. Even if your tiny resistance barely slows down the behemoth, combined we can force a new and better direction for this country. It's also why people in authority fear the Internet and strive to suborn its intent; it allows a collectivism amongst citizenry that has never before been possible. Use this great tool to encourage others - with words and ideas - to strive towards the great dream of America rather than merely accept an "inevitable boot to the face forever".

This nation is at a critical juncture and our leaders are either unwilling or feel unable to enforce a change. It's time to remind them who truly wields the power in America - its citizenry. Don't mourn the passing of our freedoms before we even lose them; instead, stand up for those freedoms and warn those who would take them away that's not where we want this country to go.

Re: What do you mean by "can"?

[celtic_hackr]

You all seem to miss the important aspects here.

1) Most Americans I talk with, who know about these things happening, hate everything that is going on.
2) But a good number of people aren't paying attention to most of it. My wife, and most of my close family, being among them. And these people don't want to know, because they know they'll get upset and frustrated about it.
3) Among those who know and are disgusted, few complain about it except to friends. Why, because, most of this activity doesn't have an immediate impact on Americans ability to travel "freely", buy food, earn a comfortable living, have spendable money and the ability to spend it mostly how they want, raise a family without major restrictions, go to the church of their own choice, live in any neighborhood they can afford, eat what they what, and have entertainment they want. In other words daily life in the USA is fairly stable and unrestricted. People are comfortable. Until, the activities of the government get so overbearing that life is no longer comfortable, few will be willing to do anything about it.
4) The American Revolution didn't happen because the middle class people weren't comfortable anymore. Life was not really that bad in American Colonies back then. The American Revolution happened because the wealthy were feeling uncomfortable and the Crown was messing with their livlihoods.

Ergo, nothing is going to change, unless:
1) The government actions start having a serious impact on the upper classes, or
2) The government makes life so hard for the average citizen that they have no choice but to revolt. You can complain to your politicians till you're blue in the face and it likely won't change anything, for long. They will relent, for a while, and then try it again when they think you aren't looking. Search your feelings, you know this to be true., or
3) Enough people get fed up and actually start a new political party, that alters the landscape.

Good luck with this

[schwit1]

Don't expect a prosecutor to buy this argument. Anything you do that alerts others to a gag order will be treated as a violation. You may win in court, but you will be thousands of dollars in debt defending yourself.

Declaration

When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.

That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. ...
He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people and eat out their substance.

Re:Watch out what occurs to Lavabit

[plover]

Closing your website as a form of protest simply accomplishes the goals of the administration. If they can prevent your servicing a hundred other bad guys, they may happily choose to sacrifice chasing the one bad guy through your system. (Besides, it's not like there aren't other clues or trails out there.)

Of course, such an act is visible, noble, and it gets people talking; and you're seen as a good person for doing so. But those effects are all transient, and little more than a flap in today's breeze. The administration knows the negativity will fade over time. So over the long term, the closings provide the chilling effect the administration desires.

Re:Either comply, change the law, or emigrate.

[Trepidity]

Most people cannot legally emigrate, so that isn't really an option. If you have dual citizenship, or unique in-demand skills, this may be more feasible, but China is not going to accept random American citizens who want to move there, especially not people who want to move there due to political disgruntlement.

Re:Er, obstruction...?

[Trepidity]

I don't think the intent is to argue that it isn't contravening the intent of the gag order due to a technicality, but rather to set up a constitutional challenge to the gag order. Compelled speech is reviewed at a higher level of scrutiny, so if the gag order actually requires you to affirmatively state things that you neither believe in nor are true, that would be a basis for challenging the gag order. You may still lose, but it would require violating a constitutional rule that thus far has been respected.

Post Employment Ad for "legal expert"

[tlk+nnr]

The rsync canary is a good idea, another standard approach for delicate communications are job advertisements.

In this case:
A large ad in a suitable newspaper that you are searching for a lawyer.

Why lump everything in one category?

[__aaltlg1547]

There are different ways you might be contacted by the government.

For example, maybe somebody who uses your website stole something. Suppose for example the FBI suspects that person of having sold it to someone else who uses your website and is looking for evidence of the same. So they get a warrant and go throught is one person's email, don't find the evidence they were looking for leave.

In another example, maybe one person who uses your website had his car washed by a guy who got an email from a dude who was seen in a cafe with a suspected terrorist. They issue a National Security Letter that threatens you with horrible consequences if you divulge anything, seize a copy of every record on your site going back to 2005, discover another 50 people who got messages from the guy whose car was washed and by the associative property of terrorism, they're terrorists, you're a terrorist and everybody who uses your site is a terrorist.

See the difference? It's not about being contacted by the government. It's about being swept up in a potentially vast and unwarranted (literally) investigation when you didn't do anything wrong.

Re:Canary, not dead man's switch

[Gibgezr]

If you read TFA, the method suggested by Corey is actually a dead man's switch: when the user fails to respond with a signed version of a random number generated by a website on time, the website notifies all subscribers of the event.

Re:exact dupe, and bad idea

[Dins]

Yes, but say there are only 30,000 people in the entire country who AREN'T being tracked, then "we don't search and store data on 10's of 1,000's of Americans" is true.

The converse statement is, "We DO search and store data on 329,970,000 Americans"...

Obligatory Code

[hacker]

...aaaand, here's some code to use to make your own (which I just posted about only yesterday

#!/usr/bin/perl

use warnings;
use strict;
use LWP::Simple;
use XML::RSS;
use HTML::Strip;
use File::Slurp;

my $url = 'http://feeds.bbci.co.uk/news/world/rss.xml';

binmode(STDOUT, ":utf8");

my $hs = HTML::Strip->new();
my @newscanary = '';

my $rss = XML::RSS->new();
my $data = get( $url );
$rss->parse( $data );

my $channel = $rss->{channel};

foreach my $item ( @{ $rss->{items} } ) {
        my $title = $item->{title};
        my $date = $item->{pubDate};
        my $desc = $hs->parse($item->{description});

        # Word wrap the output at 70 characters
        $desc =~ s/(.{70}[^\s]*)\s+/$1\n/xg;

        push @newscanary, "$title\n$date\n" . "-"x70 . "\n$desc\n\n\n";
}

write_file('canary.txt', @newscanary) ;

my $boilerplate = read_file('boilerplate.txt', {binmode => ':raw'});
my $newscanary = read_file('canary.txt', {binmode => ':raw'});

print $boilerplate, $newscanary;

$hs->eof;

Re:Obligatory Code

[DoofusOfDeath]

In Perl??? TERRORIST!!!

Wouldn't it be better ...

Wouldn't it be better to always have a message saying that you are collaborating with the NSA / currently being gaged. If that siuation does ever occur, you then remove the message because otherwise you will be breaking the law...

Exactly right

[Phoenix666]

We all need to ostracize and refuse to have anything to do with any of these people. Looking to hire a subcontractor, and one of the firms in the running has connections to these people? Knock them out of the running and let them and their competitors know why. If we tag and track all of them and make them effectively persona non grata everywhere, and those who do their bidding likewise persona non grata, then we would begin to see change.

Society in general must excise these people or risk imploding catastrophically.