My latest Guardian column, "How to foil NSA sabotage: use a dead man's switch," conducts a thought-experiment for a "dead-man's switch" to undermine the system of secret surveillance orders used by American government agencies. If you're worried about getting a secret order to sabotage your users' security, you could send a dead-man's switch service a cryptographically secured regular message saying, "No secret orders yet." When the secret order comes, you stop sending the messages. The service publishes a master list of everyone who has missed a scheduled update, and the world uses that to infer the spread of secret orders.
This gave me an idea for a more general service: a dead man's switch to help fight back in the war on security. This service would allow you to register a URL by requesting a message from it, appending your own public key to it and posting it to that URL.
Once you're registered, you tell the dead man's switch how often you plan on notifying it that you have not received a secret order, expressed in hours. Thereafter, the service sits there, quietly sending a random number to you at your specified interval, which you sign and send back as a "No secret orders yet" message. If you miss an update, it publishes that fact to an RSS feed.
Such a service would lend itself to lots of interesting applications. Muck-raking journalists could subscribe to the raw feed, looking for the names of prominent services that had missed their nothing-to-see-here deadlines. Security-minded toolsmiths could provide programmes that looked through your browser history and compared it with the URLs registered with the service and alert you if any of the sites you visit ever show up in the list of possibly-compromised sites.
How to foil NSA sabotage: use a dead man's switch
(Image: Console, West Reservoir centre, Stoke Newington, a Creative Commons Attribution Share-Alike (2.0) image from albedo's photostream)
Coming after improvements to Firefox and continued unease at Google’s life-pervading insight, this image is outperforming the ███████ ████ Virality Control Group today (via). It got me thinking about all the promises that were made. Here’s the earliest article in Google News to contain “Big browser” in its headline, published by Time Magazine on Nov. […]
The WiFi232 is a traditional old-timey old-schooley Hayes-compatible 300-115200 baud modem, no wider than its own parallel DB25 port. Automatically responds with a customizable busy message when already in a call. The killer app seems to be using it to get internet onto ancient retro portables like the TRS-80 Model 102, but it’s been put […]
Most tech-media takes on the iPhone’s 10th anniversary are bland and self-congratulatory, but I like Tom Warren’s at The Verge. He laments how Apple’s pocket computer killed his inner nerd. As a youngster, he’d be constantly tearing down and building computers, even in the sweltering heat of summer. But now… …All of that tinkering and […]
Web content creators who don’t have a solid SEO strategy should take note of Webtexttool. It’s a service that pulls in anonymous data from their entire user base to offer crowdsourced guidance that increases your search page ranks. By analyzing prior user successes, it helps you better gauge how your posts will perform at a […]
Just because English has become the common global tongue doesn’t mean it’s the easiest language to write—even for native speakers. If you’re looking to improve your written communication skills, especially on your smartphone, take a look at Ginger Page.Ginger is a cross-platform app that offers corrections for phrasing as well as grammar. It’s powered by […]
The current web development landscape is rife with buzzwords and technology that gets abandoned almost as soon as it’s made. If you’ve never written a line of code before, it can be hard to figure out what’s coming, what’s here to stay, or how to get ahead.This Beginner Web Development Bundle is a great place […]