Despite the policy difficulties of running a site like this (when is someone dead?, how long until release of secrets?, how to deal with lack of access to emails? etc), This site is completely insecure.
https://www.deathswitch.com/members/myaccount.php is vulnerable to a CSRF hijack through the update email page. This literally took 20 seconds to find...who knows what would happen if I dedicated an entire minute.
In fact, there are no CSRF tokens on the entire site at all. There are big problems in these services and the policies that run them. Technical solutions might not be the best to use here. Perhaps a legal solution is the best route...
edit: I gave it 20 more seconds. Stored XSS. If I paid the money for premium service which allows file upload I'll bet I can RCE too. This is just not the type of person I want protecting my secrets.
Not that there's anything wrong with (what's likely) shared hosting, but it doesn't paint the best picture.
To the author: Your idea is good, but it was executed poor, and it's not a <need> by any means. If it is, the logistics of it are too damn difficult to warrant your service (or any service that does this, for that matter).
XSS I just set JavaScript as something that shows up in a field on a different page. The RCE I mentioned is just uploading a PHP file for the "file upload" feature associated with messages. If he puts the uploaded file within the webroot (and the file is php since his whole site is php) then the file will be executed when you go to its URL
Web app security is something that infosec professors don't talk about at all (in my experience). I had to teach myself but OWASP is very good to get started. It also helps to write a lot of software as well since you'll tend to find pitfalls of doing things wrong
edit: If you would like to see more of the technical how-tos behind CSRF check this link out. It is a blog I wrote about CSRF and how one would actually attack someone with it. http://ejj.io/csrf-password-bruteforce/
After the recurring payments stop coming through?
There's a lot that can go wrong that has to be thought up before-hand and debugging in production for this type of service is completely unacceptable.
What did you do with the people who had signed up for you site?
What company would you trust to launch and maintain this kind of service?
I feel like WordPress.org or Wikipedia Foundation would be two companies with the right moral compass, funding and longevity who would be great backers of something like this.
The answer is it needs to be tied to some infrastructure that's reliable and already has access to this data.
And yes, paying $2/mo for this is nonsensical for someone relatively young. This is a problem without a solution, but this is also not a solution. To be frank, the odds that this domain even resolves this time in 2015 are pretty low.
This alone does not warrant a service. This should be a piece in a bigger puzzle - a small part of a bigger suite of life contingency services.
Surprised me too.
(If a critical password changes - e.g. Dropbox, which actually contains my 1Password file - that password is encrypted, sent via email, I tell him the password via some other means (usually involving some sort of puzzle just to keep life interesting), he decrypts it and writes it on the envelope.)
And yes, suffice to say I trust my friend absolutely.
"Imagine that you die with computer passwords in your head, leaving coworkers without access to critical files."
I enjoy my job, and my coworkers are great people, but when thinking about things as serious as planning for post-mortem, I'll admit that thinking about how it would affect my employer ranks much lower on the list.
I can't really think of much of anything work-related that should be a secret known by only one person and released upon death. I feel like part of my job is ensuring that at least one other person knows how to access our accounts. We actually use an encrypted password manager to which at least two of us have access.
It triggers if you don't sign in to a Google Account for X months, where you choose X from 3, 6, 9, 12, 15, or 18.
You can provide up to 10 contacts (email addresses, phone numbers, and custom messages) for people whom you want to be notified once the timer expires. You can also grant them access to the data from your Google Account; they'll need both the link in the email as well as a code from an SMS sent to the phone number you provided for them.
You can also choose whether you want your account to be deleted if the Inactive Account Manager triggers.
You need to know that when you kick the bucket in 10, 20, 30, 40, 50 years etc that the switch is actually going to work.
You need a company with the right moral compass; funding to pay for hosting, maintenance etc; and the longevity to keep going for the next 100 years.
Companies on the "maybe" list for me include Wikipedia, WordPress and maybe Evernote...
Internet Archive might be the best option if they can sustain their funding / longevity.
A law firm. That is the "correct" answer to this problem and is what people actually use.
Again the problem is who will pay your aws when you are dead. But is supposed that you have been paying the latest invoices with your credit card. To be honest I haven't digg enough in the legal terms of these cloud providers.
For storing, perhaps a torrent or blockchain approach might work, where the encrypted data is stored on the computers of many users who 'buy into' this.
For release, I still feel that the safest way would be to give the 'key' to a trusted person (perhaps along with your will?). Any other approach leaves something so important too uncertain.
"For example, you can design your message to contain privately shared codes (“my password is a combination of the street where we grew up and the first name of your mother-in-law”)"
This would only really add security against a very small threat, if they were properly encrypting data at rest: attackers taking over one of the email addresses on the recipient list. And I'll not even dive into how bad it is to base passwords on this kind of personal info.
Is anyone aware of more details on what they're doing to secure this data?
> from your after you’re gone
from you after you're gone
Create a favicon. It's still showing the BlueHost icon.
The pricing seems really strange to me. Wouldn't only messages be sent when someone is dead or severly disabled? A model similar to life insurance makes more sense to me where the customer pays a small amount of money on a yearly basis. And there wouldn't be a free tier except for maybe a trial.
As I understand it, these are rather tightly regulated in many states for the same reason you're asking this service to be dependable.
Use a law firm.
Your wishes are important after you die (and statistically, we're all likely to die). It's well worth recording them, even if you feel you don't have much in the way of assets to pass on.
Also, as much as I hate to be a pedant, spelling mistakes/missing words on the homepage look sloppy:
"The people in your life will feel better knowing they can expect an email from your after you’re gone."
"you canlog back"
With no reply, the computer deduces you are dead or critically diabled, and your pre-scripted messages are automatically emailed to the individuals you designated.
Change 'diabled' to 'disabled'
I think there is a need for this type of service. Two comments:
* People might be concerned that this website will shut down long before they pass away. On the homepage I suggest you GUARANTEE that emails will be sent.
* I am 34. I don't want to pay $1.67 every month for the rest of my life. Make it an easy purchase decision: one time fee of $40. For example.
"Be a great way to ensure you can tell heaps of ----s to go ---- themselves after you're dead"
maybe you could pivot and focus on that. ;)
you can log back into the site
Does the blockchain support something like this?
The secrets they store should be offline and require manual intervention to retrieve.
Also, what's to stop a false triggering? It should require confirmation from m of n sources you specify. If I had some serious life secrets, I'd want to be very sure they don't get sent out just because I'm in a coma for a month.
