I’m doing some end-of-life planning. It’s never too early! (But it can be too late.)

One problem is that I’ve lived my life in infosec space. I spent my high school years (1970’s) hacking into computers, then dropped out of college to do jobs defending systems. Even after I returned to college, then medical school, then a career as a physician, I continued to develop software with a focus on security. As psychiatrists, we (should) pay particular attention to the integrity and confidentiality of patients’ information, so I did my best to make the electronic practice management and medical recordkeeping software secure. I also ran hosting services for marginalized groups that drew undue attention from law enforcement and political factions; those, too, demanded a higher level of security.

Now that I’m well and truly retired, I’m deleting data as it becomes eligible, but my personal business is still under extreme lock-and-key. When I die — and that day is drawing ever nearer — I would like my family to be able to be able to recover my assets and tend to my affairs without the expense and hassle of having to figure out and defeat my security systems. Furthermore, I don’t feel comfortable burdening them with having access to my private files while I’m still alive. Burdened? I was a psychiatrist and IT security specialist in an intensely political environment and some patient and hosting records could be weaponized by unscrupulous politicians (is that redundant?). So giving them the keys now would put them at risk in any number of ways.

I’m thinking about creating a dead man’s switch for my key data. Instead of giving my wife and children the keys to the kingdom, I would give them each a part of a multi-part key. I would put another part on a server somewhere. No doubt, there will be tragic nuance that will make this complicated, but the basic notion is that part of the key would be stored on an anonymous server (a cloud VPS purchased with bitcoin, for example). The other part of the key would be held by multiple family members and my attorney. The server would remain hidden and anonymous as long as I post a specially-crafted message to some public forum every few weeks. Should I fail to do so for over a month, the server will then send the hidden part of the key to the holders of the rest of they key. They would then, if they had physical access to my devices or their backups, be able to access all my deep, dark secrets. Until then, they would be less likely to be subject to attempts to corrupt, intimidate, or mislead them into betraying my security.

It seems that there might be a market for such a service, assuming none currently exists.

—2p

← previous