Hacker News new | past | comments | ask | show | jobs | submit login
Dead Man's Switch (deadmansswitch.net)
185 points by coderdude on Aug 18, 2011 | hide | past | favorite | 99 comments



Interesting, but potentially disastrous, depending on your email contents, if the company messes up.

For this, I'd rather have a lawyer, a safe, a bank box... Anything that would end up dealing with my friends and family if I died.


I concur, with the following additional reasons. First, depending on what you meant by "mess up": there's a chance they're not trustworthy (would read something you don't want read), and there's also a chance they screw up (and lose what you want sent - or send it when it shouldn't be sent).

Perhaps an even bigger thing for me is that an email seems so... off-hand, informal. I think if a friend/relative/etc died and an email was automatically sent to me from them I would feel a lot less... less something, can't quite think of the word, than if I got a properly written letter. Less sentimental I guess, less appreciative of it.


Hey guys, I read the entire frontpage and somehow missed this story: I made Dead Man's Switch, and the beta is the second iteration, hosted on GAE. I certainly didn't expect it to be HNed so early.

These are all valid concerns. This isn't meant to replace wills or lawyers, it's just something to tell your friends to maybe look for you in the mountains if you don't respond in X days.

Some people also had the idea of using it to monitor infirm/elderly people, so I wrote this second version to hopefully have more flexibility to interface with phone/sms/etc.

I'll be glad to answer any questions you may have!


Sorry to spring this on you, but it looked interesting and I figured HN would dig it. Hopefully you're getting some good feedback though.


I am, thanks! Luckily everything is going fine so far, and GAE is a champ.


Have you considered setting up an api? If I used this, I'd worry that if I forget to respond to the emails or something. Letting me hook it into other events that indicate I'm alive, such as logging into my laptop, etc, would prevent this.

It'd really be a one-action api- send a post request to some url to keep me alive, with some level of authentication.


You can load any webpage on the site, and it will keep you alive. It's as simple as doing a POST on the form, but it should be trivial for me to implement a simple API, so I'll write this soon!

It will probably be something like:

    https://www.deadmansswitch.net/api/checkin/?username&password
However, GAE can't do https on that domain yet, and I don't feel very secure passing credentials like that, so I might have to issue API keys. Still, not very hard, thanks for the suggestion!


Easy. Instead of sending a username and password, generate a long key of some kind that would be unique to each user and use that instead.


Yep, that's what I meant by API key above. I could also home my Android skills by making a simple app for it.


How would that be any different, security wise?


It would not contain information used for login.


I'm not sure the elderly would respond very well to your application's (perfectly awesome!) name.


Haha, hmm, you're right there. However, that is the standard name of any device that triggers when the user loses consciousness or is otherwise incapacitated.


Sorry for the morbid curiousity, but can you share any stories of "successes"?


Hmm, I don't have any of those (I get an email whenever someone's switch triggers, but just the username, and the emails have been deleted at that point), I suspect most are just tests, or the friends/relatives aren't too inclined to email me about it.

I do have a "success" story (used very very loosely due to the morbid nature), I'll write it up when the service is out of beta and link it here.


I actually hadn't even considered that they might read my letters without me knowing. I simply meant that a server went bonkers, or some bad code made it live and they accidentally sent my mails early.

As for the informal, bit... I certainly wouldn't let my mother be informed this way. But friends? That's how I mainly communicate with them anyhow.


I have the feeling the idea is to have mails go to stuff like your projects mailing lists or online friends, more than managing your real life heritage.


Oh, I would never trust actual will-type stuff to it, that's for sure. But I certainly don't want a 'I died, sorry!' message going out to my mailing lists prematurely, either.


We're doing a similar service so we've looked into it a bit. We found that as long as it isn't contested, nearly anything counts as a will. If your will is likely to stir things up among the beneficiaries though, you should definitely get a lawyer.


That depends where you are. See, for example:

http://en.wikipedia.org/wiki/Holographic_will


Your right. But holographic wills will simply be carried out by the survivors unless there's a reason to involve a third party like a lawyer. That's why in almost all cases, will do not need to be official.


putting a "i died, sorry!" message on any sort of automated system would be colossally stupid (unless you plan to kill yourself, i guess). just have it send out a message saying something like "this is an automated message: i have been unreachable by email for the last 52 days. maybe something is wrong - give me a call"


The email that gets sent out has a disclaimer above it anyway:

    <user email> has set up a Dead Man's Switch to notify you if
    they were unreachable, and we haven't seen them in a while,
    so we must assume the worst. If you need something, please
    email us at support@deadmansswitch.net.


The "we haven't seen them in a while, so we must assume the worst" almost sounds a bit too cavalier or insensitive to me. If someone does set this up and really does die, the email could be hitting grieving relatives / friends, etc. In addition, an email sent by that person is likely to be very disorienting.

I think I'd rather receive a more direct message about what exactly is happening. "So and so set up a Dead Man's Switch to notify you if they do not respond to us for a certain period of time. That period of time has now elapsed. If you need something..."


Good idea, when I made this I didn't think anyone would actually die, so the wording is a bit flippant. I'll change it to be more sensitive, thanks.


the "beta" in the url doesn't make this feeling any better


This is the beta rewrite that only launched two days ago or so. The main site (http://www.deadmansswitch.net) has been running since 2006, I think, with no issues.

I took care to write loads of tests for the email sending bit specifically, too, but I wouldn't want people to add their sensitive emails before it's a bit better tested in actual use, hence "beta".


We've been working on a product very similar to this for a long time. Traction is difficult, and few people respond well to fear mongering and/or premeditative thoughts that their life may be in danger. In addition, top of mind is also a challenge because the nature of an emergency creates an overload of emotion and therefore often confusion.

The social venture fund I work for provides this product for free because we service underserved and often low-income people in high crime areas around the world. Unfortunately we haven't made the product itself more accessible but we are working on an Android app that will function on some of the cheapest Android phones.

http://www.buddyguard.org


I've actually been looking for this for a long time. I like to travel around and often wonder what will happen to my digital legacy (code, internet bank accounts, subscriptions to all kinds of things, scanned documents). My previous solution was to e-mail an encrypted file to my parents and give them the password to it on a note, which was then put in the safe. I'll try the site but I'm a bit wary of whether or not it actually works. After all, if you disappear off the face of the planet then you won't be able to check that it actually works.

Edit: it also seems like a perfect target for hacking, as people may write information there that evil people could profit from greatly.


> Edit: it also seems like a perfect target for hacking, as people may write information there that evil people could profit from greatly.

Also, law enforcement.


I would recommend that everyone encrypts the emails that go on the service, as obviously we can't do it ourselves (we have to actually be able to read them to send them out!).


I guess you create an email, encrypt it with a 2048 bit AES key. And set it up to mail to your 'back up'.

Then you go and create 32 throw away email accounts and have each of them running their own aliveness test on a TOR proxy which is mailing you their queries.

When you go 'off line' the 32 mail their part of the key to the recipient, DMS mails them the main letter. :-)

Not a serious suggestion but it would be fun as a plot device in some cyber fiction.


Something similar could be constructed using Shamir's Secret Sharing (for example) [1], where the involved parties would have to communicate (and thus know each other) to retrieve the secret from their parts. The linked service surely is easier to handle but such a scheme would not depend on any trusted host (except yourself as you know the secret and share the parts). Possibly a combination of both would be great, to ease the communication issue and still keep security high.

[1] http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing


I'm a little unclear on what problem you're trying to solve. Are you saying you should wait for a second place to set up such a service, sign up for both, and use a simple secret sharing scheme[1] to ensure that only once both go out does anyone know the original message? Or does that not solve the problem you were talking about?

[1]Which in this case would probably just be -- since in this case you don't want it to be reconstructible without all the pieces, and there's not much need for there to be more than 2 -- picking a random string of bits, sending that to one and the XOR with the original to the other.


Here's how it would work: You decide how many different friends and family you are going to send your secret message to, and how many of them will need to agree to unlock the message together. Let's say you pick 15 recipients and 8 need to agree. Then ANY 8 of the 15 messages can be combined to decrypt the secret.

No 3rd party service needed at all.

Couldn't you encrypt the results again with different numbers? So you could do interesting things like 'my wife AND (any 3 of 50 others)'


'my wife AND (3 of 50)'

You could take k=54 and give your wife 51 keys.


Works for this simple case, but I think iterating the procedure is more general. For instance, suppose there are 6 people -- A1, A2, A3, B1, B2, B3, and you want it to be recoverable given any 2 of the A group and any 2 of the B group; I'm pretty sure that can't be handled with a solution like the above.


I think your right. One (k,n)=(2,3) scheme for each group to unlock the (2,2)-scheme for the secret.

And the wife just needs to remember one key this way...


Simplest would just be to have the 3-of-50 decrypt to another encrypted file, and give the wife the passphrase to that. Nobody holds multiple keys, satisfies the 'AND', and is simple.


> I'm a little unclear on what problem you're trying to solve.

So am I, actually, sorry. My initial thought was that a central authority (a host that might go down or bankrupt) could be avoided if I were to split my secret into parts, distribute them among my loved ones (telling them what it is about and that I trust them they'll not meet behind my back while I'm still alive), accompanied by instructions how it works. This way, there's no plain text of my super secret stored anywhere.

This solves the "my secret should be known by my peers when _something happens_"-issue. The "inform the others if something happens to me"-problem actually persists and for _this_ problem, a service like the one posted probably is a solution, sending out "the person has not been reachable for X days, please meet and uncover his secret"-mails to the peers.


What happens if your death coincides with the death of one of your secret holders (I.e. you and your mom die in a car accident)?


You could setup a scheme where just X (but no less) out of all Y (partial) secret holders are enough to recover the secret. There are cryptographic schemes for that.


Simple way might be to just use overrepresented[1] error correction code like Reed-Solomon where it'd only take half the parties to reconstruct the full message. Should be fairly easy to set up using par2 utilities right now actually.

[1] I'm fairly certain there's a real word for this, but I cannot think of it, anyone else know?


Assuming the number of parties is fixed (and it would have to be, wouldn't it? I don't see how the question could make sense otherwise), this is still more complicated than necessary. The general term for this is "secret sharing" and there's a really simple method for it, known as Shamir's Secret Sharing.


Sounds like what Tahoe-Lafs does - uses the ZFEC (another FEC algorithm, like Reed-Solomon, but much faster) library to let you specify how much redundancy to generate; you can have 2-out-of-3 or 3-out-of-9 or other ratios.


I'm fairly sure that using this scheme will leak "encrypted" data like crazy. What is your proposed algorithm, exactly?


A cousin passed away few years back with cancer. It wasn't sudden but wasn't expected either. (He was 37 and responding well to treatment). His wife was completely uninterested with regards to finances and bills.

He was quite meticulous and wrote down every single account he owned, details like account number, login, password in an excel spreadsheet. It was a lot of help for her.

I worry about security of such a system. I also worry about security of online services for using such a system. I also worry if my wife would be able to locate that file.

Are there any schemes that work for you?


Well, the best thing would be to write up all that, print it out, and put it in the same safe-deposit box that holds your will. Of all the storage media we have, paper is still the best proven for long-term retrieval.


Never, never put your will into a safe-deposit box. That cannot be opened after you die until you have an executor. Which happens after the will is found.

Just make a couple copies, leave on in your desk, in your office, in your bedside table, with your lawyer. They are not secret documents, not something you have to lock up.


I would encrypt it, store the passphrase somewhere (or tell it to your wife) and put (a link to) the file up on DMS. This way, you have nothing to lose.


A dead man's switch is interesting to me, because it is one way to (try to) work around the what-if's that can foil the best laid plans of the unimaginative deceased.

Any solution where the sensitive information is physically near me doesn't work well -- what if I die when my house burns down, and my computer and paper documents are destroyed? What if I carefully document everything, store the document encrypted offsite, and make sure my wife knows the password.. and we die together in a car crash?

There needs to be a solution that lives somewhere I don't, and doesn't rely on people I normally accompany on airplanes, in cars, in dark alleyways...

One "what-if" that is super-important to an email-based dead man's switch -- how are your email servers set up for getting email through? I.e, DKIM, RDNS... all of the tricks & protocols that Google uses (and if you don't, you'll end up in the Hotmail junk folder more often than not), processing of auto-replies like Earthlink's whitelist system, etc..


There are a surprising number of services that do this. No one seems to have gotten any traction though. We decided to make it a video service instead of an email service.

We're actually launching our version this friday. If you read this after Aug 19th, it will be at http://senotable.com but right now it's at http://beta.senotable.com. Bugs are basically worked out now if you want to check it out. We'll probably advertise the launch on HN Saturday.


It would be cool if this service could monitor your Twitter/Facebook/etc for signs of life to cut down on the link-clicking required, and to add more resilience in the case of spam filtering.


There is a similar service that does monitor your Twitter/Facebook to check for activity. It's http://www.afteridie.org . I haven't really looked into it, though.

I worked on a similar project called seNotable (mentioned by dgunn) that uses public information to determine if the user has passed a way. Seems like there are quite a few of these services.


That's a very good idea! I'll see if I can have some basic Twitter integration soon.


Might also be nice to have a very simple push notification enabled mobile app for active reminders in addition to passive checks via Twitter. It'll be way less actions from a user's point of view compared to email when on the go.


Ah, very good idea. It'll be simple to make, too, which is good.


I've been thinking about this a bit after the shootings in Norway, and the deadly earthquake in my city a few months ago. I think that I have two requirements in order to be able to die happily: that I have said everything I need to say, and that other people can understand me (think 'speaker for the dead', so that people can understand what was important to me and what I believed in). I have many things I want to do before I die, but if these two needs are provided for, I can honestly die without regret. Everything else is just dependent on me living out my convictions.

Certainly we should regularly tell people that we love them, that they are important to us, etc, but I think being able to say a final goodbye is an entirely different thing. I hope my brother understands how much of a role model he is to me (and I will try to make sure he does know), but even so I would appreciate the chance to say so, one last time. My parents know I love them, but I think they would treasure a post-mortem letter saying exactly that.

However, I agree with everyone who pointed out that emails are a bit impersonal. I would prefer to be able to hand-write letters, and have them automatically posted via regular mail. I think that would be a pleasant surprise.


This seems scary. The risk of the confirmation emails being interpreted as spam or not seen is just way too high.

Due to the sensitivity of the information being sent out, there is zero margin for error. Even an after death personal message is pretty hefty if it's a false positive.

I would much rather prefer a service that requires my family to get to the info from a will or lawyer to gain access to my sensitive info.

I'd be interested to hear about the business model to this.


Whitelist them.


I've often entertained the idea of creating a piece of software to tend to certain things after my passing, beyond just sending out a batch of emails. It could reply to emails with canned responses for certain people, even a little AI to respond to questions. Sounds pretty narcissistic now that I think about it. Who really wants to be pestered with emails from dead people?


check out the Daemon and Freedom books..... along those lines, just 1000x more so. http://thedaemon.com/


Better idea: Live your life in such a way that you have no regrets. Tell people how you feel, when you feel. Don't burn bridges.


Non-sequitur.

To the contrary, it may ensure bridges are there when you aren't, and may tell people how you feel when you're not around to.

Example: there are a lot of people whom I care about, but who - with no ill will involved - we've drifted off in our own directions as life tends to. We have vague contact info, and lacking that have mutual friends who can pass things on if need be. Come my demise, I may want a mass-emailing to thank them, ask for casual assistance for my dependents, and generally give a warm farewell. When I went in for heart surgery, I let one of the group know, in case it didn't turn out well; going in wasn't enough to warrant interrupting everyone and writing paper letters, but if I didn't come out someone needed to spread the word ("Hey, remember Carl? he's gone now, but says 'hi, thanks for the memories'"). Not worth printing up stacks of physical letters and burdening someone with putting then-required postage etc., but makes it easy to let people know how you feel when it's too much overhead all around now (hey, that's a big reason why people hate Facebook: too many updates), but when it is important to do so is exactly when you can't.


I'm thinking the parent comment was still right. Why not say those things now? Its not 'interrupting everyone', its keeping in contact. Its important to do that now, especially if you haven't in a while.


When you're talking about upwards of 1000 people, it becomes an interruption.


I was just thinking this is a lot like a coin flipping trick I heard once. You flip a coin for a decision, notice whatever you're secretly hoping the coin lands on, put the coin back in your pocket without looking at it, and do what you secretly wanted the coin to tell you to do.

With this service, go ahead and fill out what you want the emails to say... and then just send them.


Regrets are not the only reason to have secrets.


That's one hell of an SLA to commit to.


I remember a service like this at least 6 years ago, possibly much longer - would be interesting to see if they are still around and if they ever had to "activate" for anyone.


This service has been around since 2006, probably earlier (I can't remember when I first built it), so this might be the same one.


I all but launched to users one of these in 1999 (deathswitch, I even let the domain lapse in 2003) and decided that I'd have two kinds of customers, those I didn't want to be responsible for , and nutters. Didn't launch. Happy to see this person do so!


I always wondered why aggrieved FBI / CIA agents don't use this type of service to mail out their uncensored memoirs to 100 different newspapers & underground conspiracy nuts.

Obviously this site is a huge target for government organizations who have a lot of secrets - whenever a service like this springs up I bet the first order of business is for someone to install a permanent tap on it, and a way to block the emails if need be.


Perfect, right up to the point Google kills my account for using my nickname (yes, hyperbolic and no longer accurate, but the point holds).


This doesn't use Google Accounts, it's a standard form. You just need to trust DMS, not anyone else.


What if my email provider, let's call it @MySuperAwesomeEmailProvider.com just goes out of business and decided to stop the service. Then I can't answer to the emails you will "life-ping" me with. And I won't even be able to change my email address on your system because I would have lost my account password. And then the next day, I don't think I would be able to go out.


You can just send us an email and prove that you own the account and we'll change your email for you, it's not that big a problem.


Do you have a policy for how users can _prove_ that they are who they're claiming to be ? Can you handle having _too_many_ users under the terms of that policy ?


The only proof we have is the email validation, but the service doesn't claim to actually be a will. It's more about emailing your friends or family one last time.

I don't understand the question about too many users, can you clarify?


if you are worried that your email provider will go out of service without notice, you should get a different email provider.


I'm worried with _all_ email providers


You should get your own domain, then you can move at will.


I like the idea of having a service like this. However, I am worried about having one centralized service for this kind of thing. Interested parties, like certain government agencies will have a high interest in hacking it. I hope no one who really needs a dead man's switch as an insurance will use this service, if it ever get's big.


I think I've seen services like this before, and either way would rather get a physical person/company with some recourse for acting incorrectly to do it.

But, take a look at the favicon. The broken lemniscate is bizarrely poignant/morbid for a 16*16 pixel square. Neat design.


That's the company logo, I didn't get around to changing it yet:

http://www.stochastictechnologies.com/

I hadn't noticed how well it fits until you pointed it out, I think I'll keep it.


I've been working on a similar concept for a while too. I can only hope that mine turns out better (not that this one is bad - rather, if this one is better than mine, then mine is pretty useless!)


A way to deal with the issue of it accidentally triggering, as well as get quicker triggers, is to provide a list of family/friends that can verify your non-existence.


Sounds like an interesting idea. But, like others, I am skeptical relying on a "beta labeled" web service to handle this for me.


The beta is for a "new and improved" version. If you remove beta from the address, you can access the current let's-call-it "stable" version.

I played around with this a while ago. Didn't think the way it's implemented solves the problem as I perceive it. (Plus, the risk of these confirmation emails ending up in spam felt a bit like a downer.)


This is why I decided to make one of these. I wanted to do it, but I was too worried that it could go wrong. We're doing this but without the "keep-alive" emails. You just sign up, and we know when you die. This unfortunately limits us to the US right now. But if it shows promise, we'll expand.


I want to eventually integrate Twilio so it can call you and have you enter a PIN to check in, rather than email, or something to that effect (maybe reply to an SMS?).

That's for a bit further ahead, though.


The twilio thing sounds like a good idea. Given the mechanics, the more means of communication you have, the better you're protected against false positives.

I'm still a bit unsure about the part where "you're responsible for asserting that you're still alive." I'd like break it down to its basic premises and see if they actually make sense. :-)


I would never trust my last words to a web service. Instead I have a 'So Long and Thanks for all the Fish' letter in my safe.


This is the start of an entertaining thriller. Someone should be working on the movie rights.


There was already a book named Daemon that uses similar concepts. I highly recommend it.


I hope they process bouncebacks and disable the service for the bounced user.


We don't, because your account might have been canceled at your death, so disabling your DMS account would be the last thing you wanted.


How do they make money? Targeted ads? Cemetery plots? Tombstones?


The first version didn't, it was just for fun. The second will include a paid account with more features, such as custom sending intervals, phone integration, etc.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: