Obviously no scheme can possible be 100% secure.One of the things you have missed here is that this must be applied to EVERY project participant at the same instant!
Certainly you can defeat the scheme for any one individual, but to track down ALL of the friends/relatives of EVERY individual even remotely associated with the project is an enormous task. Even with this project as small as it is now must involve several thousand friends/relatives who have nothing whatever to do with this project.
To intimidate (legally or otherwise) EVERY one of them RIGHT NOW is as close to impossible as I can imagine, especially since (in my case at least) they would be spread over 20+ countries!
That being said, it would take some really HUGE resources to track down every friend/contact that even I alone have made for the past 30+ years. As a Ham Radio operator for 50+ years my friends include people from literally every corner of the Earth!
Many years ago I actually explored this with the NSA as a way to provide password security and they admitted that there was no way that they could keep track of my Ham Radio contacts! I doubt if the situation is much different today - unless you postulate and "evil Bogon Empire".
The essence of the scheme is to verify identity and I cannot think of any better way that through those who have known you for much of your life.
The rest is subject to revision, but I do insist that ANY scheme be a "no brainier"/"no effort" for the very long time that "nothing happens"!
Too many false alarms are deadly! Mike On 06/22/2014 02:19 AM, Niklas Lemcke - 林樂寬 wrote:
On Sun, 22 Jun 2014 02:06:52 -0700 Karen Palen <karenpalensl@xxxxxxxxx> wrote:I would suggest that the only truly reliable way to validate identities is through long time friends/relatives who can ask about memorable but otherwise unremarkable life events. e.g. Who barfed on Uncle Joe's shirt at his wedding? Anyone who was actually present at the wedding would remember this, but the odds of it being recorded in some database are minimal. Let me propose a scheme: 1) Provided you log on to some unrelated account once per week/month/whatever then nothing happens. 2) If someone FAILS to log on to that account (many possible explanations at this point) then emails are sent to several friends/relatives with a message saying something to the effect that "something has appears to have happened to Bill please contact him ASAP and ask him about XXX AND SOME OTHER QUESTION THAT ONLY HE COULD ANSWER!" 3) If the phone call/contact shows that Bill is still alive and freely answering questions (including ones that no one could anticipate!) Then everything resets. However if "Bill gives a WRONG answer then the friend/relative is asked to send an email to XXX@xxxxxxx with a specific message. Obviously several friends/relatives NOT associated in any way to this program are required!If any entity actually is able and willing to spend enough effort, money, resources to dig me up at my home, force me to hand over my keys, to shut up and to keep posting my warrant canary at the bottom of my emails, then why should they not be capable of doing any one of the following: - Also present warrants to my family & friends, forbiding them to ring the alarm (remember that they can certainly forbid people to speak out. the canary works on the assumption that they can not force us--at least not legally--to lie). - intercept said email - send a second email stating "sorry, false alarm, in fact she / he's all good!" (no signatures of any kind either) - also force me to tell my family all is good - since they got my keys and passwords, just log on to said account on my behalf every week In fact I felt that this was barely more secure, but certainly more complex than the simple email-signature canary. I will elaborate on my view on the topic in a later email--possibly tonight. Niklas4) IF (and ONLY IF) the specific message is received then the alarm is sounded - as loud and widespread as possible! I think this satisfies several requirements for such a "warrant canary: 1) If all is well no one need do anything (i.e. there is nothing to forget). Remember this will be the case for many years. Automation is essential. 2) Anonymity (to whatever level is desired) is preserved - ONLY the relative/friends need know the person's identity, and even they do not need to know that "Bill" is associated with some "subversive" project! 3) After several weeks of "mulling" this I rally can't see any "fall through" holes which would defeat it. Only the "evil Bogon Empire" who have complete records of everything the Human Race has said and done for the past 100 years could defeat this. NO NONE knows me like my sister or 20+ year friends! For example I have used an alias on many "comment boards", my sister spotted the reference the moment she saw it! No one else could possibly have done so! Comments? Paranoia? Mike On 06/21/2014 02:52 PM, Kyle Marek wrote:On 06/21/2014 04:54 PM, Pier-Luc Caron St-Pierre wrote:Since PGP is a decentralized model, we need to find a way to validate our identities.We could read our fingerprints to each other over TeamSpeak ------------------------------------------------------------------------ At the time of sending this message, I have not been contacted by any government official or worker regarding my participation in CipherShed or any related project. I have not been asked to supply any information to them that may be used to impersonate me nor have I been asked to aid the government or it's officials or workers in modifying part of CipherShed or any related project. I am not aware of any of my property or anything regarding me being bugged, searched, or compromised in any way. Anything that accepts PGP encryption or signing should have been cryptographically secured with my PGP key.
-- *"Ayn Rand - Philosopher in Chief to the intellectually bankrupt" Sherlock Holmes* This work is licensed under a Creative Commons Attribution 3.0 Unported License.