Recently I've been going to a rock climbing trip with a friend. Although this is a relatively safe sport. It's far from being the safest. So it got me thinking. "What if I make a mistake and fall to my death ?"
I thought about the obvious facts like the sadness from my loved ones etc. But I also thought about more pragmatic things. I'm sure my bank account's content can be transferred to them somehow. But I also hold some cryptocurrency. Which, by design, would be lost forever if I were to die with my private keys. Same goes for the various services that I run like steempress. If I were to die those would shut down and the vast amount of code locked away in private github repos might very well never be recovered (assuming github doesn't help). Or even this blog, I plan on adding a ton of tutorials on it, what if it goes down because I no longer pay the bills ?
I was thinking, "I'm a programmer, I can probably plan for my death with code". But here's the problem. Let's say I give an USB key to my loved ones with basically all of my passwords, private keys etc. It puts a huge risk on me because if that key were to be stolen, if one of my loved ones becomes rogue because of whatever reason. (we are talking about planning for death here so this is measures that should last several decades) I could lose so much.
The obvious answer is "fuck it, it's a problem for the living and I'll be dead" but it's pretty egoistical so I wanted to find a solution. Another obvious solution would be to go to a lawyer and give the usb key to be handed out with my will. But that would be quite costly.
The solution
The idea is relatively simple. Create an encrypted usb drive using truecrypt and/or veracrypt. Ideally nest them. With all of the important information. And give those to your loved ones without the password. Therefore there is no risk if the usb key gets stolen. And if they manage to break the encryption they can go directly to their local intelligence agency and sell that 0day for a few millions, much more than the content of that drive because it's that hard. So I'm not too worried about that happening.
Then write a small server that sends you "are you alive" emails every months. If you miss too many then the server will then send to your loved ones an email which will contain the password for the usb key. (And perhaps a few words like "don't be sad I love you")
This means that if your web server handling the are you alive checks gets compromised. The attacker will just get a random password that is useless without the file.
If you miss a test then you get more mails. This is done to prevent you from missing one email and being declared dead by the code. I setup a "failed test counter" send emails like so :
0-2 : every month 3-5 : every 3 weeks 5-7 : every 2 weeks 8-16 : every week after 16 checks death is declared.
In total you need to be offline for about a little less than 6 months (26 weeks) for it to trigger.
Conclusion
There is still a ton of little things that you can add to that setup, like only sending parts of the key to each of your loved ones. So they have to get together to open the file and it's not like the first one who opens the files can run with everything.
There are a few services that already offer death email counters but I would encourage you to code your own and even self host it. The less people you trust, the more secure this setup becomes.
I am definitely open to suggestions to make this more secure. Right now my biggest concern is an unforeseen bug or something that makes the code trigger the email while I'm still alive. Or something like me getting kidnapped/imprisoned for 6 months. But if I set the timer to longer than that. The info inside of it might no longer be relevant.
Posted from my blog with SteemPress : https://brokencode.io/how-to-plan-for-your-death-with-code/
Sounds a lot like what a character did on the anime Death Note!
Posted using Partiko Android
I was looking at this for awhile now, it's called the dead man switch. And you are right and it's best you build your own as less ppl u rely on this system the better. I was thinking along the line of getting it embedded into the blockchain which is able to host a mini server to act as a countdown to then send you periodic telegram pings or other messenger services to check if you are still alive.
Posted using Partiko Android
It's difficult, I thought about the issue myself and came up with no final solution but some ideas similar to yours.
Maybe add key-splitting and also splitting up the encrypted containers. Distribute them to trusted parties that do not know who has the other parts until instructed by the automated email. With this additional layer you might introduce a failsafe for accidental information release that gives you time to invalidate a container.
For example give trusted friends 3 of 5 parts of an encrypted container. Put the other parts 4 and 5 one on IPFS and the other onto another decentralized cloud storage like SIA. Put the passphrase into the release mail and also the information who has which part WITHOUT the bucket/file names of the cloud files. A reasonable time after this email gets sent a second email gets sents containing locations of the last two parts. If something goes wrong, you could in between pull/destroy the cloud-hosted files, invalidating the container.
Also separating both dead-man-switch services on different servers might add security.
if you ever manage to work out a solution that is still secure (even against capture/torture in a "no amount of violence can solve a math problem" way) when the procedure is public, you are king. Please post it then :D
The issue with the "not even capture/torture" is that even you can't be trusted with it, so you 'd need several people having bits of the key. Which means that whenever you want to access your funds you need to ask that other guy (multisign basically). Which is very much not usable.
The idea of a double email is great ! This way if the server fails, you can notice it right away and prevent the second mail from going off.
This will heal all the wounds
plus whatever value is on the drive
I have thought about how to handle this and I think that there will eventually be a service that can do it much like this and provide interfaces and the like to help with set up.
Part of the reason why I didn't bother with writing a public thing is that there's already a few services that provide that out there, but I don't trust them
Interesting @howo. This is like writing your digital will through code. Have you looked at https://www.eternitas.io/ before? You can write your will on the blockchain without the need of any third parties like lawyers or friends or family members who could collude with each other. :P
But you have listed down some unique solutions to the problem like sending different parts of the keys to different people. Make it a bit of a treasure hunt. Would be fun to see all that happening from the heaven or probably hell. xD
Oh that's interesting, but tbh this is like blockchain 101 (store hash of legal document on a blockchain) and only handles the "make sure that the document is official" rather than hiding the content of it, you still need to hide your will somewhere where it won't affect you if it's leaked and you're still alive.
Haha yeah I thought of doing kind of a treasure hunt, but I figured that it's kinda useless, Also it would require a lot of planning when alive (can't be too easy right ?) and there's the risk that someone would find the stash by random luck (eg you make a hole in the ground in a random forest and 5 years later that spot is sold and some construction workers find it when digging)
I must admit I have often thought about this. Especially since I was unexpectedly taken seriously ill and realised how little customers care but how only those that really do do.
To be sure it is a thorny problem. How do you share what is private in a way that is also private but while being publicly accessible. To be honest though if I am to figure out a solution I will have to figure it out in such a way that is bullet proof for people who are not technically competent. That is harder to solve.
One thing that has been bothering me though is all the data I have generated the ideas I have had and things I have created. How to ensure that they last long after I do.
At the London Steem meet I recounted my fears of digital desolation as we move more and more of our lives to ephemeral media. It was easy enough for our great grandparents to take a photo, write in diary or sent letters which last hundred of years. But what are we doing to ourselves now? If you took a digital photo 20 years ago are you happy with that 640x480 resolution? Can you even read the images off whatever memory storage devices you used? Was it a memory stick? A compact flash card? Do you have anything in your possession that can read them? And the problem has only become worse. With 1000 upon 1000 of digital images we take now , how many of them can we save for our grandchildren or great grandchildren? How will we do that task of archiving data in a medium that is going to last 100's of years like photos, or books or records can ?
It is already a tragedy that we have lost so much music to things like fire but what happens when digital storage fails ?
To be honest it is a problem society start needing to tackle for if we are not careful vast amounts of our culture will be just lost to the annuls of time with nothing but the ghost of a digital footprint left.
We are on the verge of erasing our own history it could be said.
Interesting!! I agree that, especially with something like this, the less people involved, the more secure the set up becomes. May be a good reason for me to finally learn to code :)
Posted using Partiko Android
Tbh I wouldn't recommend making an app that handles all of your assets as your first programming project haha
Hahah I know.. but I like the challenge :P
Honestly though, it would just be an interesting reason to look into the coding/work needed to get something like this done, even if I can't actually do it ;)
Posted using Partiko Android
Learning coding for a project rather than learning for learning is definitely the way to go though ! :D
I badly needed this kind of service since I traveled around the globe almost every month.
There are a few that exists already search for "dead man switch"
I think I would just give a USB key to the lawyer and pay the fees for the will.
Posted using Partiko Android
Yeah but then you trust a lawyer and pay the bill, it's the opposite of what I want to achieve here.
Your approach is more independent of course.
Posted using Partiko Android
Surely this is something that could be programmed into a blockchain using some sort of smart contract.
Strangley I was just talking about it last night with my wife.
Posted using Partiko Android