Schneier on Security
A blog covering security and security technology.
« Did the Chinese PLA Attack the U.S. Power Grid? |
| The War on T-Shirts »
June 2, 2008
E-Mail After the Rapture
It's easy to laugh at the You've Been Left Behind site, which purports to send automatic e-mails to your friends after the Rapture:
The unsaved will be 'left behind' on earth to go through the "tribulation period" after the "Rapture".... We have made it possible for you to send them a letter of love and a plea to receive Christ one last time. You will also be able to give them some help in living out their remaining time. In the encrypted portion of your account you can give them access to your banking, brokerage, hidden valuables, and powers of attorneys' (you won't be needing them any more, and the gift will drive home the message of love). There won't be any bodies, so probate court will take 7 years to clear your assets to your next of Kin. 7 years of course is all the time that will be left. So, basically the Government of the AntiChrist gets your stuff, unless you make it available in another way.
But what if the creator of this site isn't as scrupulous as he implies he is? What if he uses all of that account information, passwords, safe combinations, and whatever before any rapture? And even if he is an honest true believer, this seems like a mighty juicy target for any would-be identity thief.
And -- if you're curious -- this is how the triggering mechanism works:
We have set up a system to send documents by the email, to the addresses you provide, 6 days after the "Rapture" of the Church. This occurs when 3 of our 5 team members scattered around the U.S fail to log in over a 3 day period. Another 3 days are given to fail safe any false triggering of the system.
The site claims that the data can be encrypted, but it looks like the encryption key is stored on the server with the data.
EDITED TO ADD (6/14): Here's a similar site, run by athiests so they can guarantee that they'll be left behind to deliver all the messages.
Posted on June 2, 2008 at 1:09 PM
• 58 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
That site seems to be a perfect storm of scam artist's daydreams.
Who could be dumb enough to sit at a "Dead Man Switch" that releases huge amounts of money when it finally triggers?
When the Rapture comes, I'm taking all their stuff.
Hmmm... say they have a network outage that lasts 6 days, and then comes alive before any of these geographically distributed souls can log in.
You've gotta laugh. This would be the opposite of identity theft. Some might even call it the Revelation.
Unless those you're sending to have a decryption key- then encrypting anything is pointless. For your loved ones to be able to use it, the system is going to have to decrypt it for them, which negates the value of having it encrypted.
"This occurs when 3 of our 5 team members scattered around the U.S fail to log in over a 3 day period."
It's interesting that they're so certain of their own status with respect to the Rapture that they only require 3 out of the 5 not to log in. Apparently there's some possibility that 2 of the 5 aren't saved and won't be raptured with the others. I wonder if they know which 2 that is. The implicit assumption here is that the Rapture is near, that no more than 2 will die before the Rapture finally occurs. That's actually a common belief among these people and has been for generations.
"But what if the creator of this site isn't as scrupulous as he implies he is?"
I don't doubt the intention of the creators of that site, having wandered similar paths myself, but I do question their competence. This is just going to be funny, in that tragic-comedy sort of way, when it finally gets exploited and thousands of the faithful get fleeced.
they also assume that they are Christian enough to be taken up with the rapture. at least, 3/5 of them.
pretty presumptuous if you ask me.
why not have the users have to touch their account every 7 days, since not all of their users will go up with the rapture either?
This business of having to access the site regularly ... who's not heard of ReloadEvery in firefox and epiphany browsers? ;)
There's a sucker born every minute. If "thousands of faithful" want to post their banking details to some untrusted web site, that's fine with me!
www.postrapturepost.com did it first, and they are better for several reasons:
- No crypto snakeoil
- Better web design
- Run by atheists, so no potential for problems with the "dead man's switch" mechanism
- Their FAQ is titled "God hates FAQs"
It was hosted at The Planet in Texas, three days have elapsed, and immediately upon the servers coming online, your relatives will be graced with your power of attorney so they can get back at you for all those years of annoying self-righteousness. Ouch!
You're only looking at one part of the scenario. What if the _Rapture_ part was the scam? Perhaps The Devil took them, or Dick Cheney sent them all to extraordinary rendition.
And, to paraphrase Jerry Seinfeld, people who believe in the rapture deserve to be lied to.
@Leo "It's interesting that they're so certain of their own status with respect to the Rapture that they only require 3 out of the 5 not to log in."
Shouldn't be a problem, as long as those left behind recognize the rapture, and have the ethics to just not log in, as opposed to saying "Hey, Rapture, and I wasn't taken! Better get rich now!"
Damn. Why didn't I think of this back in the early days of the internet. It's perfect!
Their website isn't even 508 compliant. I guess they expect all blind people to get a free pass on the Rapture Bus.
The thing the site creator has neglected to mention is that no one will have time to care about their raptured loved one's assets -- what with the asteroids falling from the sky and the hell locusts devouring people's brains and whatever else is supposed to happen.
Bruce is right -- it is easy to laugh at this. Even Christians should find this whole thing comical, assuming they've actually read to the end of the book.
"What if the _Rapture_ part was the scam? Perhaps The Devil took them,"
No, no, the time when all the true believers are taken down into Hell for double-extra punishment is the _Rupture_.
I really hope the system does false-trigger. Like the African tribesmen who believed the shamans who told them that incoming bullets would turn into water (this was during one of the continent's countless civil wars), the victims of the Rapture cult will get what they deserve. Robert Heinlein's timing was a little off, but he got the basic prediction right: these are the Crazy Years.
What a cruel joke one could play on an annoyingly self-righteous participant: dummy up a few fake messages ("farewell dear friend, here are my passwords..."), send them to him early on Saturday morning, and leave a few little heaps of clothing on the sidewalk outside his window. Be creative.
Yes, I know, the waiting period won't add up, but it takes logic to see that.
(Come to think of it, I wonder where he'd race to first: the church to ask for a second chance, or the bank to close his accounts...)
I just had some email correspondence with one of the proprietors. On the encryption problem:
" I suppose that the programmer, if he had access to the servers could, peak. Only he would know what he was looking for. I have access to the system but no knowledge of hacking or encryption. All of my other managers only are able to log on. They must do this every day to reset the "dead man's switch" clock. They do not have access to any accounts. Our guns and ammo are in different houses."
And he told me this goes out to everyone who subscribes:
"We have put into our system as much security as is reasonably possible. If you are at all concerned with the safety of your stored documents, don't lose sleep, try this instead. You can make the greatest difference of all. Instead of actually sending the passwords etc. You can send information to the recipient as to where they can find these for themselves. . . . You could use an YBLB email to direct a loved one to a hidden document instead of uploading the information to your account."
It really seems these guys are more worried about the "send a message" function than the "reveal secret info" function. As you can see, they tell everyone that they do not even have to use it.
LOL is three words, no?
a. Customer Log On is not secure
b. Contact Us points you to a PO box
c. domain lookup points to a private regitration at Domains by Proxy, Inc.
I'd recommend staying away.
Yes, the triggering mechanism seems dodgy; why not rather employ Jews, Muslems, atheists or just plain bad christian employees, known not to be candidates for Teh Rapture, to monitor the status of a few Good Christian test subjects, raptured/not raptured ?
Besides, their unrapturable employees should also check the rapture status of each customer before releasing the email; how embarassing to send a letter "By the time you read this, I'm with the Angels, and you're not", when, because of your many sins, you're amongst the Left Behind ?
Oh, the shame of it all !
Hang on, all the "indicator" members are in the USA. This seems a bit vulnerable to me... it would seem to be more prudent to have a set of members spread across multiple continents (nations?), perhaps using some sort of "primary" set and a "secondary" (observer?) set, with submissions to the central authority decided by consensus, perhaps with fast track procedures, BRM, ballot, appeals... oh forget it.
The amount of stupidity in some people never ceases to amaze me. Throw in religion/ideology/[other arbitrary belief system] and it gets truely pathetic.
One technical comment: What if their trigger-members stay behind? How do they ensure they have people that qualify at all? Right, they cannot!
Sounds to me like everything in your bank account and any other financial assets will experience a "rapture", and that you'll be "left behind".
People attacking others based on closely held personal beliefs are the worst. This guy is scum beyond scum.
On the other hand, if he's someone with his heart in the right place, he's dumb as a post for encouraging others to give up such personal information and creating such a tempting target.
This reminds me that I still have to make my "what if I get hit by a bus" cd for the safe deposit box. Has anyone made one of these before?
I find this blog entry offensive. Can I deny you boarding a plane until you fix it?
This, too, can be an experience to learn from.
Take this to a serious note for a second, does your company disaster recovery plan include provisions for the rapture? The rapture itself may not be the source to plan for, but have you dealt with similar issues where wide geographic unavailability of personnel, like a plague or a flood of biblical proportions, would hinder your business?
No significant personnel outages among those who keep the Internet running are anticipated, I see.
They've got the triggering part all wrong. Why rely on checking for the absence of a signal here on Earth, when it would be better in all ways to trigger the system on the _presence_ of a signal from _Heaven_?
Here's how it works. Write a program that generates a key-pair using the strongest crypto you have available, and then deletes the private key. Keep the public key and encrypt all of the messages with it. (In fact, you can put the public key on the website, and let the less trusting users encrypt their data themselves and send only the encrypted data to the server.)
Now have the server listen on a socket and receive cryptographic keys over it. It tests each incoming key against the public key to see if it works for decrypting its messages. If it succeeds, it immediately uses this key to decrypt all the stored messages and email them out.
It is now evident that:
(a) All the data is encrypted, and users have the option to encrypt it themselves if they don't trust the server to do it.
(b) No Earthly power can read the data.
(c) It is, however, trivial for the LORD to determine the private key, and for Him to miraculously manifest an HTTP request to the server that transmits the key, releasing the messages.
You have my permission to add this protocol to the next edition of "Advanced Cryptography", Bruce ;-)
If these people are serious, why aren't they warning against, e.g., all three members of an airliner's flight crew being devout christians? Maybe we should be _encouraging_ muslims to take pilot training.
...Oh, wait, except for Abou Ben Adhem. Definitely not him...
The explanation is simple. If they are left behind, clearly the good good people who weren't don't need their money - and obviously, being left behind, they are hopeless sinners predestined to hell, so there's no reason not to steal it.
Thank you very much. I am addressing all of your concerns. I hope to comment on specific steps as soon as they have been completed.
A solution for internet outages has been in place from the beggining.
I laughed at some of your comments too :-)
The triggering mechanism is quite odd. If they seriously want this thing to work, it'd be much more robust to set up an escrow account with a large-ish escrow agent.
For "Dead-man" applications, I have always thought that a M of N scheme like http://www.erikyyy.de/multikey/ would be the best way. Technically, you could still use this service, as the trigger to release the keys. By keeping some of the keys in some other public (probably real-world) place, you could eliminate the risk of evil employees at the "youvebeenleftbehind" site stealing your secrets.
I've thought before that it would be fun to develop a password recovery service based on some sort of M of N algorithm, rather than the typical "what is your mother's maiden name" systems, where you had to get your wife, your boss, and a friend to help with the recovery if you had forgotten your credentials.
Obviously, this would be a pain in the posterior, but would probably also result in less risk than with the typical questions.
I am giggling like mad at the many replies here that attempt to debug the Left Behind site and design a secure, reliable Rapture notification system. Somebody put together an RFC, wouldja?
"all three members of an airliner's flight crew being devout christians"
even being devout christian does not mean all three would believe in a theory of rapture. not to mention that the risk of all three disappearing, even if they did believe, is still low. they are pilots, after all. ;)
seems to me a typical risk management practice would put the threat of rapture somewhere below risk of shark attack in nebraska.
"Somebody put together an RFC, wouldja?"
Ha ha. Good one.
Perhaps "Request for an Intelligent Design" would be appropriate?
No child left behind.
(Matthew 19-14. See also Matthew 19-23.)
Who's going to do the post-Rapture admin work on this site, when it actually hits peak load? They'll need good honest, trustworthy admins, who aren't quite good enough to be Saved. Tricky call.
I presume it's not hosted on BSD either...
This definitely needs an RFC writing for it. Probbaly with a reference to Avian Carriers.
I guess there is a seeker born every minute...
Actually, alan, there's one born _again_ every minute.
"Another 3 days are given to fail safe any false triggering of the system."
It might be worth mentioning that this is not a fail-safe system. It is just a system where a delay is included for the active correction of an error. Creating a fail-safe dead hand switch is a contradiction in terms.
Details of the rapture:
Here are examples of these "left behind letters". People can read through them to get the overall idea of what they are trying to tell people (even if it is just for entertainment):
Imagine a world without deranged religious fanatics. No Christian, Muslim, or Jewish extremists, no insistence on crazy scenarios such as the "Rapture," "Sharia Law," or a racist homeland not unlike the old South African Apartheid. No more wars over who's beliefs are the most superstitious or asinine.
Oh well, I can dream, can't I?
Here's another small logical inconsistancy I don't think anyone's mentioned yet: the site presumes with 100% certainty that every single person who signs up will get Raptured away. What if you sign up and then get left behind? 6 days later: bam! Your "loved ones" have made off with your bank balance, leaving you not only damned to eternal torment but bankrupt at the same time.
I think the gummint (the One World global government, that is) should be providing this service to all citizens... Not for the Rapture (or at least not *only* for the rapture) but for other "mass exodus" scenarios, such as abduction by aliens, or, more mundanely, an Ebola epidemic or the vaporization of a city by nuclear terrorists.
Srsly, I set up something like this for myself, once upon a time. I sent all my various account login info to a trusted friend on the other coast, and said "if you don't hear from me at least once every six months, call these people (various associates) and if it turns out I'm deceased, please access my accounts and clean up / shut down." The point was more to let the virtual communities I participated in to know about my fate. Nowadays I just don't care that much about my virtual communities. ;-)
I wonder if my email to Jim Morrison will get to him.
There seem to be many of these services, but they all want money. As soon as I find one of them that's free to use and doesn't ask you for private/financial/personal data, then I'll believe it's not a scam.
Deluded, maybe, but not a scam.
Hey, if the service is run by people who believe in the Rapture, why not provide it for free to send mail, but charge a POST-RAPTURE FEE, only, to the recipients? Then they don't get any money unless the rapture is real! :)
I would just like to clear a HUGE misconception for a lot of you on this site. This site is NOT to hand over your banking info or whatever else personal. It's simply to leave a LETTER yes just a LETTER that explains to thier loved ones what's going on if their reading this letter and to offer up the chance to get right with Christ. If you truly understood you'd know that a true follower of Christ wouldn't be concerned with who gets what when they depart from this earth. It's hardly relevant and is so beyond that. And to answer the how do you know if your going to raptured? Well my friends if you are truly seeking Christ in every area of your life, have excepted Him as your persoal Lord and Saviour and are truly repentant of your sins then you'll just know! There will be some surprised Christians when this does take place. But hey that's all in my dream world none of you should be concered with any of this anyways because it's all just a big scam remember?
I read this post when initially published - but more interesting, we watched an episode of Law & Order last night that used this very scenario for the basis of a show. The guy stole $100k in gold hidden away that he knew about based on the rapture letter the guy wrote to his son!
Bruce, you're a genius - you should write for Hollywood!
see on my e-mail rapture site, I don't store the data, so the data is 100% secure. I just cash your check
Plus, roy, I sell "When the Rapture comes, I'm taking your shit" bumper stickers
There's a site called "raptureletters.com" that says their service is FREE.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.