
Snowden's Dead Man's Switch - qubitsam
https://www.schneier.com/blog/archives/2013/07/snowdens_dead_m.html
======
flyosity
From the Wired article:

"But Snowden’s case is actually a kind of reverse dead man’s switch, says John
Prados, senior research fellow for the National Security Archive and author of
several books on secret wars of the CIA. [...] “In the dead man switch, my
positive control is necessary in order to prevent the eventuality [of an
explosion],” Prados said. “In Snowden’s information strategy, he distributed
sets of the information in such a fashion that if he is taken, then other
people will move to release information. In other words, his positive control
of the system is not required to make the eventuality happen. In fact, it’s
his negative control that applies."

I'm really surprised it was implemented like that, I think using an actual,
digital "dead man's switch" would have made more sense. Why not have 100
servers around the world running jobs to email out documents to 100
journalists at all times if an env variable isn't reset every few weeks? Then
if he disappears or is killed, a few weeks later the jobs complete and email
out the information?

~~~
btilly
The automated version results in strong incentives for enemies of the USA to
kill Snowden.

Therefore the version that he did is safer for him.

~~~
tptacek
I don't understand why those same enemies are now disincentivized from killing
him.

~~~
rtp
As someone commented on Schneier's site, US would have an incentive to keep
Snowden protected because if any enemy of US would kill Snowden, then the
information would become public, and I guess US wouldn't want that.
Personally, I haven't invested a lot of thought into this, just wanted to
point out an interesting angle. :)

~~~
WA
Except that Snowden is not in the States, which presumably makes it harder to
protect him on every step.

------
tokenadult
Schneier's last paragraph sums it up for me:

"I'm not sure he's thought this through, though. I would be more worried that
someone would kill me in order to get the documents released than I would be
that someone would kill me to prevent the documents from being released. Any
real-world situation involves multiple adversaries, and it's important to keep
all of them in mind when designing a security system."

Schneier's topic sentence for that paragraph could serve as my one-sentence
evaluation of Snowden's deeds so far--he hasn't thought things through
sufficiently. A longer commentary on Snowden

[http://www.theaustralian.com.au/news/features/some-
secrets-b...](http://www.theaustralian.com.au/news/features/some-secrets-best-
remain/story-e6frg6z6-1226680991786)

is an Australian's words voicing some of my misgivings about Snowden's plan
for revealing secrets and his aims and his methods.

I wish Snowden a long and healthy life (but I would like him back here in the
United States to stand trial). I hope that the most sensitive secrets that he
is in a position to disclose stay undisclosed, but I wouldn't bet that that
will happen, whether Snowden is alive or dead. There are "multiple
adversaries," for sure, and it's not clear that they all have the same
incentives in this situation.

~~~
deathhand
I don't quite understand why you would want him back in the states for trial.
It has been said that these matters are above the DOJ and therefore held in a
secret court. Is that really fair? Do you honestly believe that the US would
allow for a fair and open trial?(lets say something as televised as Trayvon
Martin case)

~~~
tokenadult
To answer the several questions in this thread by answering this particular
question of yours, yes, I think Edward Snowden will receive a fair trial
according to the law if he stands trial in the United States, which I hope he
does. (Federal trials and the trials in many states are NOT televised, as a
default, but they are public except in very extraordinary circumstances. I
have walked into trials in various places just because I can, as a member of
the general public.)

In general, as I have said in other recent comments here on Hacker News, I can
be appalled by several of the recent allegations about NSA activity without
applauding Snowden's actions. I took my wife and my two younger children along
with a home-made protest sign ("We support the Bill of Rights") to the lightly
attended Restore the Fourth protest in Minneapolis. I did that openly and in
full view of law enforcement authorities and news cameras because freedom is
precious to me, and I don't think my freedom should be abused on any
rationale, even the rationale of fighting terrorist networks. That said, I
find that whenever I get out of the Hacker News hivemind, and deal with any of
my friends from around the world who have actually lived and worked in
multiple countries, and especially those friends who have children of their
whose futures the friends are working for, there is remarkably little regard
of Snowden as a hero or a freedom-fighter. It's not clear that he really has
the technical chops to make a "dead man's switch" work as he intends against
all possible attack surfaces, and it's not clear that all of his allegations
about United States government activities are factually true, and it's
especially clear already that Snowden's recent statements, with the ghost-
writing help of Wikileaks, represent a badly unbalanced view of which
countries in the world are the greatest enemies of human freedom, which is a
cause I cherish all over the world.

~~~
Riesling
> In general, as I have said in other recent comments here on Hacker News, I
> can be appalled by several of the recent allegations about NSA activity
> without applauding Snowden's actions.

I think this needs some further explanation. Without explanation it seems
hypocritical to me, since you would not know about those NSA activites without
Snowden.

> That said, I find that whenever I get out of the Hacker News hivemind, and
> deal with any of my friends from around the world who have actually lived
> and worked in multiple countries, and especially those friends who have
> children of their whose futures the friends are working for, there is
> remarkably little regard of Snowden as a hero or a freedom-fighter.

It's obvious that you do not have friends from Germany. Having suffered
through multiple surveillance states in the past, Germans are very much aware
of the dangers that are caused by massive surveillance. New technologies
enable surveillance in an amount that has never been seen in history before.
If your friends do not seem to care, they just haven't realised that there is
a sword dangling right above their heads. Why do you think that __every
__single constitution of "free countries" (and also the human rights) have
passages about the confidelity of spoken words, the confidelity of messages
and so on. This is no coincidence. So many people paid with their lives for
it. It is the only way of making sure that a democracy stays a democracy. You
cannot organize an opposition, if the current rulers know all your moves, all
your communications and all your contacts. This has been proven in history
again and again, yet this is vital for a healthy democracy. Yet people seem to
forget, because they "have nothing to hide" or their "life is not affected".
But guess what, once you are affected, it is already too late and nothing can
be done anymore. I would not want my children to live in a fascist
surveillance state and I am very grateful for Snowden actions. Please talk to
your friends and try to raise awareness. It's their children or their
children's children who will have to pay the price. I know it's a little
abstract, that's exactly why people fall for it again and again.

------
TillE
> I would be more worried that someone would kill me in order to get the
> documents released

The unstated assumption is that these documents would be particularly
interesting to foreign governments. That's probably wrong.

What we've seen so far is merely evidence of actions that were long assumed to
be taking place anyway. Other governments likely have their own evidence
already.

These documents are important to the public, but they're of minimal value to
an enemy. His intent was never malicious, so it's extremely unlikely that he's
carrying the names of agents or other sensitive information of that sort.

~~~
jbigelow76

        >These documents are important to the public, but they're of minimal value to an enemy.
    

I think at least some other nations would like to know what the documents
contain, not because of the data itself, but because it could clue them into
what kind of capabilities our intelligence departments have. It's one thing to
know that the NSA is spying on its own citizens, but it's an entirely
different thing to know that they can intercept and decipher X and Y forms of
communications but may not yet be able or feel the need to monitor form Z.

------
ShabbyDoo
Imagine if Snowden had deployed a bunch of redundant crawlers of various news
sites likely to cover him and quote him directly when he speaks. Their
activity would be nearly undetectable in the traffic of the NYTimes, CNN, etc.
He could come up with a bunch of seemingly innocent control phrases which he
would use in soundbite quotes during press conferences, etc. He would say a
phrase, the media would quote him, and the crawlers would identify this
"control transmission" from Snowden and take action. Some phrases would be
dead man's switches in that one of them would have to be observed every couple
of weeks or documents would be released via mechanisms difficult to trace back
to the server (Tor?). Other phrases would trigger incremental leaks to allow
proof that he is still powerful and in control. "Tomorrow, I'm going to
release a _mightily spectacular revelation_!"

Maybe there should be two levels of dead man's switching -- incremental leaks
if a phrase isn't reported in, say, two weeks and a major release if no phrase
reported in three months. This way, he figuratively would have multiple units
of currency with which to bargain. Let's say he was thrown in jail. If he only
could threaten to release a single, big bundle of secrets via a dead man's
switch, all his bargaining power would disappear should a government call his
bluff and keep in jail until after the switch fired. However, if he could
threaten incremental releases and show that, when given full freedom, the
releases stop, he would have power for quite some time.

How would one acquire the use of, say, 50 servers in various datacenters owned
by various providers without leaving traces or implicit fingerprints (multi-
year prepayment being the big one I am thinking of)?

~~~
MichaelGG
The Daniel Suarez book "Daemon" and it's sequel use this idea as a fundamental
part of the plot. Intelligent distributed systems reacting to public news.
It's a neat book.

Also, getting servers isn't very difficult. Buy prepaid credit cards or
Bitcoin via cash, leave cards/BTC on account for various VM providers.

------
skriticos2
Schneier has an excellent point there. Right now Snowden is in the eyes and
minds of a lot of somewhat concerned and maybe even angry people. If he'd
encounter and unexpected sudden end to his life, he'd become the modern
equivalent to a martyr. From the standpoint of his adversaries this would
probably be much less than desirable as it would turn up the heat even more
than it is already, documents or no documents. In fact, he'd probably have
much less facetime on the news if they'd just let him be in the first place.
Almost makes me wonder what else is going on that's not in the news so much
right now?

~~~
roc
> _" Almost makes me wonder what else is going on that's not in the news so
> much right now?"_

Given that the other big story in the media is somehow a slightly-more-than-
pedestrian summer heatwave in the US and UK, it seems rather unlikely anyone
needs a story as big as Snowden to bury something else.

~~~
btilly
Actually before Snowden, the other big government story was the fact that the
IRS was specifically targeting tea party groups, and there was circumstantial
evidence leading to the possibility that Obama was involved. If true, that
could be big. Impeach the president big. This country doesn't have tolerance
for abuse of executive power to advantage your party in elections.

If anyone needs it, I'll be off in the corner selling tin foil hats. ;-)

~~~
sophacles
Of course, the actual findings of the investigation into that targeting showed
that other watchwords like "progressive" meant that "liberal" groups were as
or more likely to get targeted for extra scrutiny.

~~~
btilly
Are you trying to ruin my tinfoil hat business?

I'm sure there is a conspiracy theory that explains both.

------
sillysaurus
Why would the US want to kill Snowden?

I think this dead man's switch is deterrent against being taken into custody.
If the US tries to incarcerate him, then the switch will trip and more secret
documents will be leaked. Though maybe the US doesn't care.

I wonder how badly the US wants him at this point?

~~~
mtgx
One reason could be to scare future whistleblowers "Leak government
information - you're dead to us. Literally."

Of course doing it _now_ would be incredibly stupid of the US government, as
everyone will point to them, but then again they've already done some
incredibly stupid things, so who knows.

~~~
res0nat0r
If the USA really wanted to go down this scary path, then wouldn't Bradley
Manning have been executed by now? His leak most likely was much more damaging
to the US than Snowden, and he is on trial via a military tribunal which has a
much greater conviction rate than a civilian court. Manning isn't even on
trial for any charges that carry the death penalty.

~~~
danudey
Bradley Manning's treatment to date is essentially torture. The message that
the US is trying to send is 'If you cross us, we'll torture you until the end
of your days.'

Death is an easy out. Become a martyr? Not so bad. Live for the rest of your
life, naked, in solitary confinement? I'd rather be dead than lose my grip on
sanity in those kinds of conditions.

------
marcamillion
I fully agree with the 1st comment on the post itself:

 _vladimir • July 18, 2013 8:57 AM If he has a switch like this. That is not
only protect him from being killed by US authorities but motivate the same
authorities to protect him from all other threats._

This should provide enough incentive for the same spy agencies to make sure
nothing happens to him.

~~~
vacri
Eh, scandals come and go on a weekly basis. People are inured to it at this
point, thanks to the 24-hour news cycle. Personally, I think the circus is
about making other Snowdens scared of following suit, rather than chasing
Snowden himself. Regardless of whether he gets a fair trial and judgement, he
is already being punished - kept on the run and looking over his shoulder.
He's not imprisoned, but he's also free like we are.

------
zwtaylor
I'm very curious as to how this works at a basic level. Perhaps a 'positive-
control' system in which he has to send a signal to some clandestine web
service every 24 hours to prevent the keys from being released? Does he have
an Arduino board strapped to his chest detecting his pulse? Or has he simply
entrusted some mechanism to somebody else, who can determine whether the keys
should be released depending on the nuances of the situation in which he is
harmed/killed?

~~~
saalweachter
Why not a Google alert on "snowden arrested", "snowden killed", etc etc?

~~~
pohl
A link-bait post with the headline "snowden arrested" and "...in my dreams" as
a subheading would cause a misfire, wouldn't it?

~~~
lifeformed
You could check Wikipedia instead. If it says he's dead on Wikipedia for
longer than a few hours/days, then he's probably dead.

~~~
zwtaylor
The poor man's Vital Signs API.

~~~
jlgreco
The _famous_ man's Vital Signs API. ;)

------
trotsky
This play is straight out of the wikileaks playbook that they used almost
verbatim when the us was making a lot of noise about assange. It appeared to
be effective, in that US intelligence took the threat seriously and were
concerned about the ramifications of what might be included. One element of
that was the belief that those docs included some kind of "kill shot" class
leak that would pretty much sink Bank of America.

There were certainly elements of truth to all of these things - there was a
document cache, it was encrypted, people did have split keys, it probably did
include elements of what was revealed as the robosigning scandal.

But from hearing discussion about it the subject, I think that US Intelligence
now more or less holds the opinion that it was a bluff. Nothing of significant
harm was included in the unreleased documents, though I think that's informed
speculation and not some kind of confirmed fact.

All of a sudden after Snowden was getting helped by wikileaks and he was under
a lot of pressure, the revelation of a similar encrypted cache of documents
distributed widely was given to a lot of news agencies, and has regularly come
up at opportune times in friendly media outlets.

I haven't been told this by anyone, but I'm pretty sure the intelligence
community isn't buying it. Reports by greenwald were somewhat inconsistent
with idea that there is a large cache of even more damning documents left.
He's been travelling internationally, was staying in hong kong where many
services operate openly, and presumably under pressure from a variety of
security services and states as he tries to escape moscow and secure a safe
place to live. It is hard to keep secret keys and documents secure under the
best of conditions, and those are about the worst conditions possible.

The only reasonable thing to assume here is that it's all burned - everything
snowden walked away with is or will be in the hands of foreign states and
anything particularly damning will likely end up in the press sooner or later.

So if you believe that, that there is no way to unring this bell, the last
thing you're going to do is spend any time being concerned about a dead man's
crypto cache.

If you're willing to do enough horse trading to close the entire european
airspace to a single individual, you're pissed and you're gonna do whatever it
is you want to do. That's not going to include killing him, simply because the
cost is high and the benefit is low. But they are clearly going to exert an
inhuman amount of resources into making him regret being born.

And that's absolutely unrelated to Mr. Snowden. That's all for the effect it
will have on anyone having similar thoughts. I think he's awesome and did
Americans and the world a great favor, and that's he's really brave. And yet
after seeing this go down if I was ever in a position to consider doing
something like this there is no fucking way I'd ever think I could handle this
kind of heat. Not a chance, no question.

Problem solved.

~~~
qq66
The fact of the matter is that both Wikileaks and Snowden overestimate just
how much damage their documents can do.

Look at the facts on the ground. The United States government is well-
documented for atrocities ranging from torture to extrajudicial killing to
political assassinations to mass surveillance, not to mention providing
support to private American corporations involved in similarly disgusting
behavior.

Has this impacted the power of the United States? Not really. France,
Portugal, Spain, and Italy -- countries with tremendous "pride of place" and a
sometimes sneering disdain for the US -- denied airspace to a foreign head of
state on the mere suspicion that Edward Snowden was on board. The US is still,
by at least an order of magnitude, the most powerful country in the world.

The only challenge to US hegemony is the declining relevance of the US economy
relative to other world economies like China, India, Russia, Brazil, and
others. In the end, only money and guns talk. There is no "kill shot" leak as
long as Bank of America has the right friends in Washington.

~~~
trotsky
I completely agree with you. I am very appreciative of being able to read
these documents, but it clearly will cause little or no harm to the us or the
intelligence community.

About the only thing that was in the manning cache that probably significantly
bruised US operating power was the diplomatic cables. And that was just
because the publicity and bluntness undoubtedly lead to some personal grudges
that closed some doors for entirely human and entirely undiplomatic reasons.

The only people that didn't know everyone was listening to everyone were
members of the public who didn't want to know. Now that they know they just
don't care.

Economic power surely is the only killer. Mass espionage programs are probably
quite beneficial economically, or at least if you're willing to share state
and private intelligence like a large number of countries are. I would be very
surprised if the US doesn't adopt that practice more and more over time. It's
essentially already begun - if you run large networks data sharing is quid pro
quo for heads up on state intrusion activity and reports of data exfiltration.
We just don't steal secrets and give them out for favors yet.

Countries do occasionally commit suicide though. While a popular revolution in
the US feels inconceivable at any point within our lives, the primary factor
behind them is usually way too many pissed off poor people and radical
imbalance in wealth and little room for economic advancement. As US economics
begin to resemble japan's more and more you might have the potential for a
forceful rejection of policy being so captured by wealth and neo-liberal
philosophy. Hard to imagine though. Globalization seems to have ended that
whole concern.

------
marshray
My guess is that Snowden has quite an elaborate contingency system in place
and has not actually revealed how it all works. Schneier seems to be
speculating based on a Wired article, based on nontechnical explanations by
Greenwald, based on (probably limited) information provided by Snowden.

Snowden noted Russia and China have an "open door" policy. Although they might
like the raw data, I don't think that either would want to Snowden expire
under their protection. That would make them look quite unappealing to anyone
considering being a "walk in" informant in the future.

So for the time being, Snowden is the proverbial goose that laid the golden
eggs and for everyone involved is worth much more alive. But once he's in a
small South American country, things might change.

------
digz
This also assumes that this is information that Snowden wouldn't release
anyway and that someone cares about. True or not, the perception by those who
believe that he jeopardized national security is almost certainly that he's
likely to leak whatever he can.

If he really things this is what's going to keep him safe, he's over playing
his hand.

Furthermore, I think he's deluding himself if he thinks he's actually going to
be targeted for assassination by the US. I'm no Obama fan, but it's a little
far fetched. Shoved in jail, maybe. Killed to silence him? Nah.. that's a
strategy ironically more likely to be employed by the countries he's seeking
asylum status from.

~~~
vidarh
The US has a substantially worse history of assassinations over the last
century than any of the countries he's seeking asylum from except Russia
(assuming you count the Soviet period). Even more so if considering
assassinations on foreign soil.

~~~
digz
Of domestic politically driven assassinations???

Must have been on the moon!

------
bigiain
From the comments (yeah, I know, WTF and I doing reading comments on the
internet???):

Also, considering the fact that the NSA appears to broadcast such critical
data to just about anyone with a clearance, it can be assured that they don't
care at all about foreign governments learning about them. They are primarily
concerned about their real enemy, US citizens, and tangentially concerned
about the non-US public (Manning's revelation that the US would no longer be
able to support its oppressive allies lead to the Arab spring).

------
davidrudder
"I'm not sure he's thought this through, though. I would be more worried that
someone would kill me in order to get the documents released than I would be
that someone would kill me to prevent the documents from being released. "

Not that Schneier's _advocating_ anything....

------
chiph
This may not be automated -- he may have simply given copies/keys &
instructions to several trusted friends, who will watch the news for info
about his death.

They would then make the decision to release or not release, either
independently or in concert, depending on how he set it up.

------
nathantotten
Maybe his 'dead man's switch' is just his lawyers. Doesn't solve the problems,
but it sounds a lot more likely than some of the ideas being discussed here.

------
dustingetz
_" The thought of paying someone I was forced to fire because he (or she) is
incompetent burns me up inside."_

It was your decision to hire him, and it was your mistake that you are
remedying by firing him. Incompetence is subjective. If your interview process
makes it clear that your employees must live in constant fear of termination
if they aren't ramping up fast enough _for you_ , on _your product_ with _your
technical debt_ and _your team 's shitty architecture choices_ ("fire fast"
and "with little notice", you wrote), you'll find that your candidate pool
vanishes.

~~~
samstave
heh -- thats exactly the model used at facebook - yet their talent pool keeps
growing. They have the toys R us business model: Indoctrinate interns!

~~~
dustingetz
but everyone knows that facebook "counsels out" for "poor cultural fit" if you
don't meet expectations after six months, which is a far cry from "fire fast"
with "little notice". They also pay well.

------
kepano
Snowden is risking his life no matter what he does.

------
mikevm
This goofy comment made me lol:

> I want a dead man's switch that deletes all my porn.

------
mrcharles
Man, that link really has a misleading URL.

