Friday, September 26, 2014

I'm still here

Now that we live in a police state, we need a way to inform our loved ones when the secret police have taken us away subject to a preventative detention order to be held incommunicado.

Well, there's an app for that. Or there might be... I don't really know. But there could be, and here's how it would go:

Firstly, there needs to be a trustworthy authority for holding, though not issuing, public keys. A web of trust is suitable for the purpose, though using the blockchain would be more resilient.

Then, there needs to be an actual app.

The app would use your private key to sign a message. The message could contain your whereabouts, but that would be a risk of its own. Instead, the message could contain your whereabouts encrypted with the public key of 1...n trusted people. Actual content of the message, such as state of mind, e.g. "I feel safe" or "I think I'm being followed" could be selected from a list or preprogrammed into buttons.

Then, all that's left is to hit the button, which would encrypt the whole message with your private key, doing whatever digest stuff is necessary to be secure, and post the encrypted message to Facebook, Google+, and, if the message can be split up, to Twitter.

Now, you can't expect to oust the plain text message asking with the encrypted message and expect anyone to verify that the encrypted message is valid and matches the plain text message. That's why only the encrypted message would be posted.

To make the system functional, the app would allow the use to follow other people. Their encrypted messages would be downloaded and decrypted using relevant public keys, and the messages would be logged in the app.

From there, it's a simple matter to alert the user when friends of the user haven't checked in for more than a day or so.

So, if you're reading this and give a crap about civil liberties, and know about infosec-related programming, and want to help me out, or just give me opinions, advice, or let me know that this has already been done, then leave a comment or tweet at me @dcrafti.

/ramble