Dead Man's Seed?
February 28, 2011 5:48 PM Subscribe
Are there anonymous torrent seeding services suitable as dead man's switches for dissidents and reporters in dangerous locations?
I just noticed a site called deadmansswitch.net that sends emails, presumably pgp encrypted, if the recipient fails to respond. It's a nice idea for revealing small secrets lie family stuff, foreign bank account numbers, illegitimate children, etc., but not large documents.
I'm curious if anyone provides some form of torrent seeding service suitable as a dead man's switch for large files, like the raw materials used by journalists.
I just noticed a site called deadmansswitch.net that sends emails, presumably pgp encrypted, if the recipient fails to respond. It's a nice idea for revealing small secrets lie family stuff, foreign bank account numbers, illegitimate children, etc., but not large documents.
I'm curious if anyone provides some form of torrent seeding service suitable as a dead man's switch for large files, like the raw materials used by journalists.
I'm probably not following you fully, but how would this be better than doing what people (i.e. WikiLeaks) are now doing, which is encrypt the data, seed it, announce the existence of said torrent, then have the deadman send out the decryption password?
posted by BeerFilter at 7:58 PM on February 28, 2011 [1 favorite]
posted by BeerFilter at 7:58 PM on February 28, 2011 [1 favorite]
Real journalists don't generally have blackmail files, which is essentially what you're describing. Its considered unethical and the threat or even the implied threat in many jurisdictions is considered illegal. Any journalist with his or her name attached to a distributed public blackmailing system would be commiting professional suicide.
Fringe characters like Assange or conspiracy theory types who could arguable benefit from this can just roll their own. Setup a torrent, tell your audience, and enjoy. The followers of these types of characters don't seem able to understand or care about the issue of "If this is so important then why aren't you just telling us?" Nor do they care about the ethical argument as long as they are "sticking it to the man!"
Why doesn't this exist? Because the market for it is tiny and those interested can do it on their own.
posted by damn dirty ape at 8:04 PM on February 28, 2011
Fringe characters like Assange or conspiracy theory types who could arguable benefit from this can just roll their own. Setup a torrent, tell your audience, and enjoy. The followers of these types of characters don't seem able to understand or care about the issue of "If this is so important then why aren't you just telling us?" Nor do they care about the ethical argument as long as they are "sticking it to the man!"
Why doesn't this exist? Because the market for it is tiny and those interested can do it on their own.
posted by damn dirty ape at 8:04 PM on February 28, 2011
Response by poster: There are many nations where being a journalist is extremely dangerous. I'd imagine they'd hope that someone carries on their work if they're murdered, imprisoned, etc. Yet, that doesn't mean those journalists are itching to hand over their hard won data wholesale to wikileaks.
It's obviously not blackmail if your merely obstructing your own would be murderers and/or helping others continue your work. It's also not blackmail if you never tell the anyone you've setup a dead man's switch, that's another reason not to role your own. It might however worry people who'd kill journalists if there were a few hundred anonymous encrypted dead man's switch torrents floating around.
posted by jeffburdges at 8:27 PM on February 28, 2011
It's obviously not blackmail if your merely obstructing your own would be murderers and/or helping others continue your work. It's also not blackmail if you never tell the anyone you've setup a dead man's switch, that's another reason not to role your own. It might however worry people who'd kill journalists if there were a few hundred anonymous encrypted dead man's switch torrents floating around.
posted by jeffburdges at 8:27 PM on February 28, 2011
Best answer: I don't know of any pre-made ones, but I did run across this slashdot thread on the subject.
It seems like it would be easy enough to roll your own by simply putting the encrypted file on some generally-neutral server with no obvious connection to you, and the URL and password into a small dead-man's-switch email. The data wouldn't be immediately and automatically torrented, but hopefully if you're in the position of setting up a dead man's switch you can think of a handful people you can trust to look at the file and torrent it if it seems appropriate. Plus, if the switch actually fired because you're in a country that's shut down its internet, then those people might reasonably decide not to release the files until they have better evidence of foul play. Etc., etc.
Taking a step back, I think the reason I don't see anything like this is that it's really two separate services: a dead-man's switch, and an automatable "start torrenting this file" capability. Each of those is useful by itself, and more useful as two parts than if they were bolted together.
posted by hattifattener at 10:22 PM on February 28, 2011 [2 favorites]
It seems like it would be easy enough to roll your own by simply putting the encrypted file on some generally-neutral server with no obvious connection to you, and the URL and password into a small dead-man's-switch email. The data wouldn't be immediately and automatically torrented, but hopefully if you're in the position of setting up a dead man's switch you can think of a handful people you can trust to look at the file and torrent it if it seems appropriate. Plus, if the switch actually fired because you're in a country that's shut down its internet, then those people might reasonably decide not to release the files until they have better evidence of foul play. Etc., etc.
Taking a step back, I think the reason I don't see anything like this is that it's really two separate services: a dead-man's switch, and an automatable "start torrenting this file" capability. Each of those is useful by itself, and more useful as two parts than if they were bolted together.
posted by hattifattener at 10:22 PM on February 28, 2011 [2 favorites]
sends emails [...] if the recipient fails to respond
There's your problem.
What happens when you're on the road and your laptop battery can't be recharged? What happens when the place you're staying at loses power? What happens when the email servers are down? When your ISP is down? When your computer is broken?
There are about a billion-and-one reasons why someone might "fail to respond" that aren't the least bit nefarious. A successful solution will require a way to avoid all the false positives.
posted by Civil_Disobedient at 10:51 PM on February 28, 2011
There's your problem.
What happens when you're on the road and your laptop battery can't be recharged? What happens when the place you're staying at loses power? What happens when the email servers are down? When your ISP is down? When your computer is broken?
There are about a billion-and-one reasons why someone might "fail to respond" that aren't the least bit nefarious. A successful solution will require a way to avoid all the false positives.
posted by Civil_Disobedient at 10:51 PM on February 28, 2011
That's trivial, C_D. The way to avoid all false positives is to never set up the system in the first place. The whole idea behind a dead man's switch, though, is that false negatives are bad enough that you're willing to accept a larger risk of false positives.
posted by hattifattener at 11:11 PM on February 28, 2011
posted by hattifattener at 11:11 PM on February 28, 2011
by simply putting the encrypted file on some generally-neutral server with no obvious connection to you, and the URL and password into a small dead-man's-switch email.
Just take torrent out of the picture altogether. My personal dead-man's-switch email simply includes gmail log-in credentials (username / password) for a dedicated account in which I've saved drafts of all the useful information (passwords, account codes, etc.) that those surviving me would need to sort out my estate in the event of my untimely departure. I guess you're still limited to gmail's attachment file-size restrictions in this case, but then gmail isn't the only email provider you could use for the same purposes.
posted by allkindsoftime at 4:53 PM on March 1, 2011
Just take torrent out of the picture altogether. My personal dead-man's-switch email simply includes gmail log-in credentials (username / password) for a dedicated account in which I've saved drafts of all the useful information (passwords, account codes, etc.) that those surviving me would need to sort out my estate in the event of my untimely departure. I guess you're still limited to gmail's attachment file-size restrictions in this case, but then gmail isn't the only email provider you could use for the same purposes.
posted by allkindsoftime at 4:53 PM on March 1, 2011
This thread is closed to new comments.
You'd need some form of anonymous drop box for large files which assigned each a number and reports this number to the dropper. There would then be automatic checks to verify that the file appeared encrypted and had the .aes256 extension. If these checks were passed, another server would create and publish the torrent and begin super seeding.
All torrents get published deadmansswitch-[number].aes256 for any armchair activists with extra bandwidth to download and seed. Our original submitter could then use any other dead man's switch for their their number and aes256 key.
And you'd prevent the service from being used excessively for piracy by terminating super seeding, and ideally warning other seeds, whenever leeching behavior was detected. You might need your own tracker for sending out such warning messages, but presumably you'd insulate the torrent itself by using multiple trackers.
posted by jeffburdges at 5:58 PM on February 28, 2011