
Planning for My Kidnapping - polote
https://blog.luap.info/planning-for-my-kidnapping.html
======
sandworm101
>>For my credentials, I use keepassXC with a keyfile + a master password, the
keyfile and the password db is synced using syncthingd with a server that I
rent. My legal documents are all tied in one folder on my laptop which is also
synced on the same server. So basically we have all the needed documents which
are synced in real time on the same server.

Sooo many eggs in one basket. Unless you are the son of an oil or shipping
magnate, I suggest that your risk of being kidnapped pales in comparison to
your risk of being hacked.

>> Currently after 24h without changing activity a first notification is sent
to my own email so that if this is a mistake I can stop the system before it
is too late. And if 6 hours later I've still haven't changed of activity then
a mail is sent to my parents.

30 hours? I take it that the author has not done much international traveling,
or traveling generally. And they haven't worked a job involving long hours, or
a back-to-back shift after someone calls in sick. For any adult, 30 hours
without connectivity is not enough to trigger a kidnapping alarm.

~~~
ghaff
>For any adult, 30 hours without connectivity is not enough to trigger a
kidnapping alarm.

I guess the question is what the OP considers the cost of a false alarm to be.

Because you're right of course. Lots of things can happen that put you out of
communication for an extended period. Communications is more and more
ubiquitous but phones and laptops break. The US still has rather large areas
with no cell phone coverage. And so forth. In the past 10 years, I'm sure
there have been _multiple_ times when I've gone more than 30 hours with
cellular service or WiFi.

I think it's mostly an age-related thing but a lot of people just can't
imagine not being in touch almost constantly. There was a discussion just the
other day where someone was worried about being tracked at protests. But "Just
leave your phone at home?" basically did not compute.

In general, for a rare event, it can be a difficult problem to activate on the
absence of a signal fast enough and reliably enough to be useful, without
having false positives.

~~~
dividedbyzero
> "Just leave your phone at home?" basically did not compute.

I wouldn't leave my phone at home either; a smartphone is the single most
useful thing to have on your person when facing unexpected problems of almost
any kind. And no idea about those particular protests, but protesters over
here have started heavily coordinating and sharing information via phones, so
you might have an actual information deficit without one.

That said, switching off cellular (or the device itself), disabling biometric
auth, that might be a good idea.

~~~
ghaff
If I were seriously worried about tracking but felt I needed a phone on me,
I'd have a burner phone which I kept turned off until/unless I needed it.

~~~
torgian
This. Turn off your cell, wrap it in foil, leave it at home and take the
burner.

------
toast0
If you expect to be kidnapped, quick response would be helpful. But if you're
planning for unexpected death, there's no real need to get that out in less
than 48 hours; it can easily be 15 days of inactivity followed by 15 days of
failing to respond to probes.

Where I live (less than an hour from Seattle), I have had power outages longer
than the proposed death countdown, my DSL goes down immedidately without
utility power, and the cell towers only stay online for 4-6 hours. If it
starts while I'm awake, I'll let people know, but if it starts at midnight, I
might be out of communication until it's over.

------
bonoboTP
Or just keep that stuff on an external hard drive or USB drive in your
apartment, (perhaps with paper printouts if you're not worried about burglars
reading them). You can even encrypt this and give your parents a printout of
the master password. If they notice you are gone, they can presumably enter
your flat and find your stuff if it's neatly organized.

All this software setup with various servers etc is way too fragile and hard
to maintain and the lack of regular real life testing means it will probably
not work the way you imagined in an actual emergency for any sort of edge case
or other reason you haven't considered or you get false alarms and scare your
parents with no reason etc.

~~~
ghaff
Storing stuff online with a strong but memorable password makes a fine backup.
But, for most people at least those with houses, protected (e.g. firebox)
storage in their homes is probably the best primary. (And even if a bunch of
stuff were on a USB I'd also have printouts.)

~~~
boring_twenties
I have my doubts that any human-memorizable password can be strong enough to
withstand a concerted offline attack. If what you're encrypting has to stay
secret for 10, 20, 30 years (probably not the case for a password database),
then it's a complete non-starter.

~~~
wiml
It's fairly easy to memorize a password with >64 bits of true entropy using
techniques like diceware; if you use it regularly and/or have a good memory,
128 bits is completely feasible.

------
fuber2018
If you are missing, then authorities usually like to have a recent photo of
you to aid in the search.

I don't see an explicit reference to "recent image of me" in your "First step"
list of data - photos in legal docs/credentials may not accurately represent
your current physical appearance.

~~~
polote
Hey, this is a very good remark, I'll try to do something about it, thanks

------
ZackJ37
This is great! As a shameless plug, check out Fidelius Vaults
([https://www.fideliusvaults.com](https://www.fideliusvaults.com)): you can
create an 'If I Go Missing' Folder, which can be accessed by people you trust
in emergencies.

The idea is that you choose people who act as proxies in an emergency event;
if something happens, a configured number of them have to approve access to
your vault of documents/information before it can be viewed

~~~
boarnoah
Interesting company, do you happen to know of any others in that area as well
(for comparisons sake).

I've been thinking it would be neat to have something like a very long term
will execution/time capsule, for example to release biographies or other such
information a long time in the future (say the 100+ year range).

Something like that would require a lot of things to go right, one of which is
the a good expectation that the company would be around by then, for example
the old banks such as Lloyds (I doubt they offer this kind of service to
individuals if at all however).

Curious to know if you had any thoughts for how a service similar to that
would work (or if they exist already), if its even feasible.

~~~
ZackJ37
While there are other document storage services, I'm not aware of any that
make commitments for storing data 100+ years. For Fidelius I'm offering a 10
year notice / storage if the service ever sunsets, and I've seen similar from
other companies.

The obvious concerns here are the storage media used, the DR plans for the
service, and more importantly, trusting that the company will do right by you
after you're gone – even if it goes under new management or bankrupts. While I
always struggle to find applications for blockchain, perhaps this is a
scenario where it could be useful... perhaps you could upload the encrypted
data to the chain, and form a contract where the key to decrypt it is released
after X years?

------
Sodman
I would absolutely not trust _my life_ in an emergency situation based on my
parents seeing an e-mail within 6 hours of receiving it, let alone filling out
a rate-limited survey correctly and then figuring out how to SSH into a remote
server and download some documents.

~~~
ravenstine
Yeah, that seems nuts. I'm a guy in my 30s and I regularly go longer than that
without checking my email. In fact everybody does, when they sleep! If the
email is sent even a few hours into your parents sleeping, the whole exercise
will be entirely pointless even when everyone does the right thing.

------
JD557
>The link is random generated link available only 6 hours, this is important
to be safe as you don't want anyone to be able to access all your passwords
...

This seems like too short of a duration. What happens if the email is sent
between 23:00-01:00 (your parents timezone? They are probably asleep and the
email will expire at 5-7AM. Will they see the email in time?

------
noja
If the kidnapper rubber hoses you* then keeps your activities active and
gradually corrupts your syncthing backup, you have a problem. Time for version
2!

* [https://xkcd.com/538/](https://xkcd.com/538/) (or a health emergency quarantines you without a data connection)

------
war1025
So hijacking this a bit:

What do people have set up in case of more an "unexpected death" situation?

I have basically all information someone would need to access any of my
accounts in a password repository, but I don't have the key or password shared
with anyone.

Obviously that would be an issue if I was incapacitated.

What is the recommended way to handle these things?

~~~
AnIdiotOnTheNet
Out of curiosity, what kinds of accounts do you have that are so important
that they are worth preserving in the event of your death? I can only think of
financial stuff and those already have beneficiaries and whatnot specified
when I set them up.

~~~
war1025
> I can only think of financial stuff and those already have beneficiaries and
> whatnot specified when I set them up.

My financial accounts are probably the main things. I don't know that I have
any beneficiary stuff set up on them.

I was maybe overly specific in my asking.

Basically the thing I am wondering is:

What do I need to have in place to make sure my wife / kids have access to my
assets, etc. in the event that I die unexpectedly?

~~~
ghaff
At a minimum, all your important information--including how to access any
important online accounts--should probably be stored in a somewhat concealed
fireproof box. This would also protect in the event of most fires and other
natural disasters.

------
bohz
If the server is kept at home - with the laptop and the phone... a fire
(lethal or not) would be a huge problem.

EDIT: I saw now that it is "rented" so it is remote I guess.

------
kanobo
I was afraid to click based on the title, but glad I did. Those were
surprisingly useful tips, I can imagine someone making this a saas service...

~~~
oefrha
haveibeenkilled.com. Domain still available.

~~~
kanobo
Would be a great tool for those pesky ghosts who aren't aware that they are
dead.

------
A4ET8a8uTh0
It is an interesting plan.

I will admit that I am way more interested as to why someone is planning that
( I had a boss who had a reputation for being a major pain in the ass and once
gave me a speech how she is prepared for being kidnapped and few other
uncommon eventualities ).

Then again, I may be looking at it this through US lens. It may be a more
common issue in other places ( like Africa maybe )?

~~~
Jommi
I was going to say a simialr thing, but I would definitely not discount US
from the discussions.

If I was veryvery rich and working in an industry that is suspicous at all,
and I was located in USA or a South American or African country, I dont think
preparing for kidnapping would be so out of the question.

------
elwell
1\. Encrypt secrets

2\. Don't save encryption key

3\. Buy life insurance, a few million dollars

4\. ...

5\. Beneficiary uses insurance payout to spin up some u-24tb1.metal AWS
instances

6\. Crack encryption key

7\. Profit

~~~
gruez
Only the problem is the the opportunity cost of the life insurance. What
information can you possibly keep that's worth more than a few million
dollars? For most people it's probably better to keep the insurance payout
than it is to spend it on aws cracking.

~~~
nordsieck
> Only the problem is the the opportunity cost of the life insurance. What
> information can you possibly keep that's worth more than a few million
> dollars? For most people it's probably better to keep the insurance payout
> than it is to spend it on aws cracking.

Also, you have to keep the encrypted treasure a secret, or someone else with
money could snatch it out from under the heirs.

------
nomdep
The simplest time-honored solution to this is to get married and store those
documents in your house

~~~
whoisjuan
What if you both die at the same time?

------
BrandoElFollito
I live in France where you need zillions of documents to go pee. You can
imagine what happens when you want to take over a bank account...

There is very low risk for someone having access to my bank account to
actually do something with it.

So am my important information is on google docs, shared with the people I
trust.

By far (very much far) I want to be sure that the information is available
without the need for physical access and up to date.

------
cafard
Or, you could just drop dead.

A DBA I had worked with years ago disappeared from work. Nobody on the
contract knew where he was. After a week or so, his parents, who lived maybe
100 miles away, called the contract manager. He discovered that the man was in
the county morgue as John Doe, having been found dead on the sidewalk outside
his apartment, without ID on him.

I assume most HN readers are

\- younger than the DBA, who was probably in his mid-fifties \- in better
condition, for he was obese \- in a wider social circle, for he was pretty
anti-social

Still, it isn't bad to have people who will know that you have disappeared.

------
abalaji
I wonder if the time bound can be reduced on something like this with things
we do every day. Open Gmail/Twitter on our phone, move outside of a geo fence.
For people who are actually concerned about this but can not afford a body
guard, there might be an interesting service that couples with travel
insurance that handles this.

------
whoisjuan
Why this doesn't exist a service? I would pay for this. I guess the complexity
is giving a third party all the credentials your digital life + sensitive
documents, but I would definitely pay for something that allows my family to
be notified and handle all my matters in case I'm gone.

~~~
SaintGhurka
It seems like it should be possible to allow a second password for something
like an email account. The first password works always, but the second one
only works if last login was more than n days ago. So you could give the
second password to your partner or family and know they can't use it unless
you're incapacitated.

~~~
whoisjuan
If 1Password had this feature that would be amazing.

------
jeffrallen
The technique this guy wants is Shamir's Secret Sharing. Look it up.

------
moltar
What if you are on vacation with your parents and you get kidnapped.

------
miguelmota
What if the automated email goes to spam and nobody sees it?

------
mercora
i want to point out that the way the addresses in the image of the mail is
hidden appears to be easily recoverable even with plain eyes. Also, if you
really think the likelihood of someone kidnapping you is somewhat high and you
are preparing for that i would imagine posting about how it works is pretty
counterproductive....

~~~
notdang
not sure where the author is but the kidnappers around here don't care about
these details. They are the generic fb/whatsapp users.

~~~
mercora
i am not sure you got that right from me. i probably should have made clear
these are meant to be separate statements.

what i actually meant is the stuff he describes on how he expects this to work
for him. for example a kidnapper would already know the best time to kidnap
him is after he had lunch because that's a recorded activity which resets the
timer. they also know he will send location data so they might take his phone
on a different tour directly after kidnapping and there is probably more
usable information in this post...

however, i assume here this is a kidnapping specifically targeting someone
with proper due diligence. but that might not be very realistic at all and you
actually are telling me about it. referring to them as fb/whatsapp users just
made me think you might talk about technical aspects they would not get but i
think there is more to it that might be easier to comprehend.

~~~
notdang
yes, it's more about the technical aspects.

Around here, when someone is kidnapped, it's usually because a person from the
victim entourage leaked some financial information. The kidnappers would just
remove the phones from the victim and drive the victim around in a car for
hours. After it the victim is moved into a safe house.

It's a pretty low tech business (from what I've heard from surviving victims
or the family members of those that did not survive), no one will bother with
investigating the online aspects of victim's life.

------
robrenaud
Is it possible to embed a GPS on yourself that is periodically reporting your
location?

~~~
wackro
You mean, like a phone?

~~~
Jaruzel
There's a chain of problems here. You'd need an open source GPS tracking app
on your phone that has the rights to record and upload your location to a
server whilst running in the background, then you need a personal server to
store that stuff on, and then you need to find someone who knows what to do
with that lot if and when you disappear.

~~~
tanatocenose
> You'd need an open source GPS tracking app on your phone that has the rights
> to record and upload your location to a server whilst running in the
> background, then you need a personal server to store that stuff on,

Multiple solutions for this currently available on f-droid. simple and easy.

------
koziserek
when I'm dead, I'm not going to worry about it.

------
koziserek
when I'm dead, I'm not going to worry about it

