After reading about the “suicide” of yet another whistleblower, it got me thinking.
When working at large enough company, it’s entirely possible that at some point you will get across some information the company does not want to be made public, but your ethics mandate you blow the whistle. So, I was wondering if I were in that position how I would approach creating a dead man’s switch in order to protect myself.
From wikipedia:
A dead man’s switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated, such as through death, loss of consciousness, or being bodily removed from control. Originally applied to switches on a vehicle or machine, it has since come to be used to describe other intangible uses, as in computer software.
In this context, a dead man’s switch would trigger the release of information. Some additional requirements could include:
- No single point of failure. (aka a usb can be stolen, your family can be killed, etc)
- Make the existence of the switch public. (aka make sure people know of your mutually assured destruction)
- Secrets should be safe until you die, disappear, or otherwise choose to make them public.
Anyway, how would you go about it?
Set up several solar powered raspberry pies with cheap iot SIM cards, each will check a vm in the cloud or at home for a key. If the key isn’t present or can’t be reached they release the info. Could have several servers to store keys to check. Everyday you enter a code to prevent the key from being removed.
You would need to account for temporary connection issues to make sure it doesn’t send it after a network outage or something.