How To Foil NSA Sabotage: Use a Dead Man's Switch

mspohr writes "Cory Doctorow has an interesting idea published in today's Guardian on how to approach the problem of NSA 'gag orders' which prevent web sites, etc. from telling anyone that they have been compromised. His idea is to set up a 'dead man' switch where a site would publish a statement that 'We have not been contacted by the government' ... until, of course, they were contacted and compromised. The statement would then disappear since it would no longer be true. He points out a few problems... Not making the statement could be considered a violation of disclosure... but, can the government force you to lie and state that you haven't been contacted when you actually have?" Rsync.net has been doing this for years; rather than the statement disappearing in case of an NSL being issued, it simply would stop updating. Indeed, their canary text also points out the same possible flaws: "This scheme is not infallible. Although signing the declaration makes it impossible for a third party to produce arbitrary declarations, it does not prevent them from using force to coerce rsync.net to produce false declarations. The news clip in the signed message serves to demonstrate that that update could not have been created prior to that date. It shows that a series of these updates were not created in advance and posted on this page."

Declaration

[Anonymous Coward]

When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.

That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. ...
He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people and eat out their substance.

Re:Canary, not dead man's switch

[Gibgezr]

If you read TFA, the method suggested by Corey is actually a dead man's switch: when the user fails to respond with a signed version of a random number generated by a website on time, the website notifies all subscribers of the event.

Obligatory Code

[hacker]

...aaaand, here's some code to use to make your own (which I just posted about only yesterday [gnu-designs.com]

#!/usr/bin/perl

use warnings;
use strict;
use LWP::Simple;
use XML::RSS;
use HTML::Strip;
use File::Slurp;

my $url = 'http://feeds.bbci.co.uk/news/world/rss.xml';

binmode(STDOUT, ":utf8");

my $hs = HTML::Strip->new();
my @newscanary = '';

my $rss = XML::RSS->new();
my $data = get( $url );
$rss->parse( $data );

my $channel = $rss->{channel};

foreach my $item ( @{ $rss->{items} } ) {
        my $title = $item->{title};
        my $date = $item->{pubDate};
        my $desc = $hs->parse($item->{description});

        # Word wrap the output at 70 characters
        $desc =~ s/(.{70}[^\s]*)\s+/$1\n/xg;

        push @newscanary, "$title\n$date\n" . "-"x70 . "\n$desc\n\n\n";
}

write_file('canary.txt', @newscanary) ;

my $boilerplate = read_file('boilerplate.txt', {binmode => ':raw'});
my $newscanary = read_file('canary.txt', {binmode => ':raw'});

print $boilerplate, $newscanary;

$hs->eof;

Or a poster for your library

[daffmeister]

The librarian Jessamyn West [wikipedia.org] has had a similar idea [librarian.net] for years.

Re: What do you mean by "can"?

[Anonymous Coward]

A somewhat vocal minority think the government has gone too far in its war on terrorists. Perhaps you remember the TSA's short-lived attempt to relax restrictions [cnn.com]. My local news never has any trouble finding a member of the public willing to say how much safer they feel each time a government agency proposes a new search method or new restriction.

Slashdot is a libertarian-leaning echo chamber and not representative of America.

Re: What do you mean by "can"?

[wvmarle]

No, we don't "love it", we're appalled, angry, embarrassed and saddened.

No doubt there are also in the US many people who are appalled, angry, embarrassed and saddened about these indefinite detentions. However there are obviously not enough of them. Not enough people in the US that really want it to be changed, not enough people there that go to the streets and protest against those human rights violations, not enough people there voting for politicians who make fixing it their primary item.

Most of the rest of the world wants it to be changed. I really hope you guys can fix this issue, instead of trying to make such behaviour the norm and pull more and more other countries (most notably in Europe) into this.

Trust in government is at an all-time low.

Do you have anything to back up that claim? Or is it just your personal opinion?