After reading about the “suicide” of yet another whistleblower, it got me thinking.

When working at large enough company, it’s entirely possible that at some point you will get across some information the company does not want to be made public, but your ethics mandate you blow the whistle. So, I was wondering if I were in that position how I would approach creating a dead man’s switch in order to protect myself.

From wikipedia:

A dead man’s switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated, such as through death, loss of consciousness, or being bodily removed from control. Originally applied to switches on a vehicle or machine, it has since come to be used to describe other intangible uses, as in computer software.

In this context, a dead man’s switch would trigger the release of information. Some additional requirements could include:

  1. No single point of failure. (aka a usb can be stolen, your family can be killed, etc)
  2. Make the existence of the switch public. (aka make sure people know of your mutually assured destruction)
  3. Secrets should be safe until you die, disappear, or otherwise choose to make them public.

Anyway, how would you go about it?

  • glans [it/its]@hexbear.netEnglish
    0·
    1 month ago

    Well there are various services that let you disclose info to certain people upon death. examples: https://www.pcmag.com/how-to/how-to-prepare-your-digital-life-accounts-for-your-death

    So you could create those and send them to various journalists or whoever you think would be interested. Then ensure in your will that they are notified of your death. Will them a small object or something.

    Tbh I think the concept of a dead man switch is fantasy. You always hear about them in place but then nothing happens when the person dies.

    Has there EVER been a dead man switch that worked?

        • Belly_Beanis [he/him]@hexbear.netEnglish
          0·
          1 month ago

          That’s what I mean. Maybe I’m misremembering, but didn’t he have one that was supposed to put out a list of names online or some shit? And then he died and nothing happened, likely because feds got to it.

    • souperk@reddthat.comOP
      0·
      1 month ago

      Nothing atm, but you never know what you may find. I would assume that most whistleblowers didn’t know they joined a shady organisation until years down the line…

  • originalfrozenbanana@lemm.ee
    0·
    1 month ago

    The real answer: hire a law firm, entrust them with your documents, write into your will what you want to happen with them, and then go on about your business.

    • acidred@lemmy.ml
      0·
      1 month ago

      The question assumes that you family could be killed. Why the law firm is protected against such violence in that case?

      • Object@sh.itjust.worksEnglish
        0·
        1 month ago

        A dead man’s switch doesn’t quite protect you from garden hose cryptanalysis though. Nothing stops them from asking you to tell them if he got a dead man’s switch.

    • Anonymouse@lemmy.worldEnglish
      0·
      1 month ago

      This is only partially true in the situation the poster named. What if your secrets are from the government or governmental organization? What if you live under a repressive regime where the law firms are either corrupt or that the law is not in your favor?

      That being said, I have a will and a bank safe deposit box. It is filed with the state that I have a will and the will is (also) in the safe deposit box along with stuff that I’d prefer not be released until my death. There’s also a clause in the will that says something to the effect that if somebody sues to invalidate the will, they are automatically excluded from any benefit (or responsibilities). Also, if an individual is found to be somehow responsible or had an intentional involvement in my death, then they are also excluded.

      It’s not air tight, but works for my needs. By the way, I don’t have any company or government secrets, it’s just normal family drama, so please don’t kill me.

    • souperk@reddthat.comOP
      0·
      1 month ago

      Maybe, add a clause what should happen if you disappear for more than x days. For most jurisdictions you are considered dead if you disappear for a few years.

  • ch00f@lemmy.world
    0·
    1 month ago

    Encrypt secret. Post it publicly. Configure a web server to email the private key to any number of addresses if you don’t log in every week.

    • corsicanguppy@lemmy.caEnglish
      0·
      1 month ago

      Ciphers get broken. What you save out there now can be pulled down and then saved until it can be cracked 10 years from now.

    • SkaveRat@discuss.tchncs.de
      0·
      1 month ago

      going to have to be careful with the timing, though. A week can easily be reached if you are ever in an (actual) accident.

      Also, note that having a publicly known dead mans switch can be exploited and cause the opposite of what you want: Imagine a competitor (be it idustrial or nation state) wants the secret to leak. Why not speed it up?

    • Naich@lemmings.world
      0·
      1 month ago

      Host the server on Tor. Have a second secret server on Tor that passively monitors the health of the first and distributes the key if it is taken down. Have a one-time pad of passwords memorised, not written down or taken from a book.

      • ch00f@lemmy.world
        0·
        1 month ago

        depending on the size of the secret, it helps to have people download it ahead of time.

        Also, it acts as a time stamp proving that you knew the secret at a certain time if that’s useful.

  • daniskarma@lemmy.dbzer0.com
    0·
    1 month ago

    It doesn’t make any sense. If you are a whistleblower is because you already published the information. They are not killing you so the information does not get revealed. They are killing because you already did.

    • nutsack@lemmy.world
      0·
      1 month ago

      you just need more information and then you need to prove that you have more information so they can kill you anyways

  • orcrist@lemm.ee
    0·
    1 month ago

    Making the existence of the switch public is often something you don’t want. It allows others to do troubleshooting in advance. It also destroys your reputation with many people who might otherwise work with you.

    If you are content to keep things secret, share the documents with several different friends or law firms in several different countries along with conditions for release. Don’t tell them or everyone who all has the documents. That sounds relatively simple.

    • moopet@lemmy.dbzer0.comEnglish
      0·
      1 month ago

      Making the existence of something public means you’d need to give away at least some details of who or what it concerned, at which point you’re in the situation of either being a target or a blackmailer.

  • preludeofme@lemmy.world
    0·
    1 month ago

    I used to build automation tools (shudderVBAshudder) that the “proper” technology wouldn’t be bothered to make. Over 15 years I had over 200 tools built out. I had tied all my code to a single file that I would use to keep everything updated. I had imagined in so many ways of setting up a dead man’s switch to start slowly corrupting and degrading everything or to just implode everything… Would have worked except our company got bought out and everything became useless and I got laid off lol. Got a nice pay check out of it

          • starman2112@sh.itjust.works
            0·
            1 month ago

            But when did they say they wanted to do that? They just said they imagined it. I’ve imagined ways to screw over my workplace as well, it doesn’t mean I want to

              • starman2112@sh.itjust.works
                0·
                1 month ago

                I’m not being pedantic at all. The entire premise of your question was them “wanting” to ruin their company. There’s no other way to interpret that

                If you want to rephrase what you said to clear up the confusion, I’m all ears

      • preludeofme@lemmy.world
        0·
        1 month ago

        Ha well it was more of a “oh crap we need to bring him back ASAP” kinda thing to get my job back. And as others said this was all mainly for fun thinking about it. The intrusive thoughts

  • tetris11@lemmy.ml
    0·
    1 month ago

    The most non-intrusive foolproof method I can think of is spite-induced action:

    1. Get a pacemaker with Zigbee mesh network connectivity
    2. Implant a small device into your wrist that vibrates if your pacemaker is ever disconnected from the network (in which case, run NOW to your nearest safehouse)
    3. Should the vibration continue for longer than 5 minutes, a vial of cyanide from a hollow tooth explodes into your mouth allowing you to spit it at your nearest enemy (should one be around)
    4. The bursting of the hollow tooth sends a signal to a remote server, which triggers the eject command on a server, causing the CD tray to come out.
    5. A confused sysadmin will bitterly get off his chair, and go inspect the server, whereupon he will see the paper instructions embedded in the CD tray, and read them.
    6. Assuming his latvian is good, and that he’s familiar with caesar cyphers, he will decode the message that will lead him to a youtube URL where he will post the following comment “Jose I slept with your mother.”
    7. One of the subscribers to the youtube channel is your friend Jose, who will read the comment, spit out his coffee, and then immediately call you.
    8. After about a week of no response, he uploads the contents of that USB stick you gave him with the instructions to “never upload this ever under any circumstance” out of sheer spite.
  • Aa!@lemmy.world
    0·
    1 month ago

    There are very few situations where a dead man’s switch would have helped these whistleblowers.

    Once they have gone public and are at risk of being “suicided” they should have already released everything they knew. Sitting on it after already going public in any way only helps if the goal is to blackmail or extort the company, rather than to expose the company or protect others.

    A lot of people have latched onto the idea of a dead man’s switch (and I get it, technical solutions are fun to create), but the only part of the scenario it would help is before the whistleblower goes public, while they are still gathering information and haven’t yet been discovered by the company. Even then, it wouldn’t protect them from being killed, it would only ensure that the partial work is released in case they were discovered and prevented from finishing it.

    • qaz@lemmy.worldEnglish
      0·
      1 month ago

      You may not be able to collect more if you publish everything at the start

  • shastaxc@lemm.ee
    0·
    1 month ago

    The whole point in being a whistleblower is to release the documents. Why would you tell everyone what’s happening and not provide the evidence? After you release it, there’s less chance of being harmed, and your job is done besides showing up to court.

    • MisterD@lemmy.ca
      0·
      1 month ago

      Maybe he wants to release a censored version of the documents and have the dead man switch release the uncensored version.

  • Lurker123 [he/him]@hexbear.netEnglish
    0·
    1 month ago

    One issue from a legal/prosecutorial point of view (even assuming there is a willingness for the government to prosecute) is that the rules of evidence require authentication of documents. In the case of a whistleblower, they are themselves a witness and can authenticate (that is, attest to the genuine nature of) any supporting documents they bring in. If a whistleblower is killed, even if the government has the documents the whistleblower intended to authenticate, it becomes a lot trickier to use.

    • OneMeaningManyNames@lemmy.mlEnglish
      0·
      1 month ago

      That more like coalmine canary than dead man switch. Also, if you happen to be arrested on a weekend or get tangled/hooked up then you will have no way of cancelling it. Then all hell breaks loose.