Lately I started including what happens to my data in case I die unexpectedly in my threat model. As of now I’d like for everything to stay private. All my accounts have a strong password that I store on a keepass datbase that I store only on encrypted devices which themselves are protected only by PIN or Password with no biometrics (I use the pin only on my phone which is set up to get wiped after 20 failed unlock attempts to mitigate bruteforce attacks). As for what I post online, I keep it to a minimum and nothing really personal, preferring only viewing content through clients with no account when possible. I know some services allow to set up what happens after a certain period of inactivity but I was wondering if you guys can suggest anything else. Maybe some program that wipes the computer’s drive after a period of inactivity? Some other tools or some tips I didn’t consider?
When Bob is active part of what you don’t want Alice to know, it doesn’t matter whether you “tell” Bob or not, he knows.
You can try and hide it from him, add layers like an onion, but even that isn’t necessarily a failproof guarantee that you left no trace, even onions can be peeled or holes pierced.
It’s no longer your secret then, is it, if someone else is a part of it? That’s part of my point. If anyone other than you knows the secret, you cannot guarantee its secrecy. You can establish some sort of trust relationship and a classification policy. If you’re dead, all bets are off with those things. Some people with intersecting policies, eg doctors or lawyers with professional requirements, will continue to preserve secrets in some cases. Even that’s not a guarantee.
Yes, I got your point. Mine was that many of the things we do (specially online) cannot be protected by trying to keep it “secret” in the way you previously described. Because they often involve a “Bob”, even if it’s one we sometimes don’t even notice.
So it makes sense for someone to try and look for ways to at least get some level of protection from Alices in other ways than just “don’t tell Bob” even if they might not be flawless (you gave some examples of such ways in that last response).