- Company gets acquired, and your private data gets mined.
- Company gets hacked and database dump gets posted.
I think I'd rather stick to the old methods of sealed envelopes and trusted friends or a lawyer. It's more reliable and requires less brain time slices ("Does the comapny still exist? Has it been hacked or acquired?" etc)
That shouldn't be possible, everything is encrypted with the OAuth provider ids that are not stored and available only through the login ... then again SSH was broken ...
People are raising valid concerns about your product, and instead of listening and accepting early feedback from HN, you are all over this discussion, defensively arguing with everyone. Just sit back, hear what people have to say, and then decide for yourself if you want to make changes, or reject the feedback.
Real life already has a service for this. They are called lawyers. They can keep your records on file, you know who they are, they have legal responsibility to keep everything confidential, and when you die... things just work.
I guess this would work for more casual documents, passwords to facebook, whatever. I have a document printed out and kept in our file cabinet for such things, so I would not use this service, but I can see where other people might.
Yeah, no system is perfect. If your will cannot be found, that is a problem. Of course, digital documents won't be notarized, so that is also a problem.
Your service has some use cases... but please do not tell me you seriously expect it to replace lawyers when it comes to managing one's estate.
Good one. Although not available for me using custom domain : getting "Inactive Account Manager is not available for your account.
We are sorry, Inactive Account Manager is not available for your account."
Call me cheap, but $1 a month seems a little steep for this for me. I'm not planning on dying for another 50 years or so. Even if your site is still around at that point (which, let's be honest, isn't likely), I'll have paid $600 for you to send off a couple email for me.
It's a cute idea, and maybe something I'd consider for a small, one-time fee, but I definitely would never pay monthly for it.
You are not cheap (cause I think the same) so there is the email option. If you value your one click a month less than $1 then that should work? Thanks!
I'm constantly losing/breaking my credit/debit cards and forgetting about the services I have subscribed to. Usually I'm reminded by an email from a service telling me that they were unable to charge my credit card. Does it mean that next time it happens and i'm subscribed to your service everyone related will be notified of my death?
Edit:
I read the description one more time and it seems that you send an email three times. But still I don't see how not answering email is a good way to determine that I'm dead.
It really comes down to "we need to know you are around". Month is acceptable cycle, email or card it's up to you. The email assumes you are the only one with access to that email.
Cool idea, but what happens if, for instance, I lose access to my email account? Or if the messages start going into my junk folder? I'd hate to scare my loved ones with an email implying I've disappeared/died.
You will need to lose access to all (3) of your social accounts and your email, highly unlikely. One of the reasons why we don't have our own account management ...
> The system can not generate the key required to decrypt your data unless you are logged in. Our staff have no means of accessing your data at any given time.
If this is true, how can your service work? If I'm dead, I can't log in to generate a decryption key so my message can be sent in the clear.
If your service works, how can this be true? If it can decrypt and send my message in the clear when I'm dead, I very evidently don't need to log in for decryption to occur.
When you add recipient your message is (decrypted using your id) copied and the copy is encrypted with the recipient email. Once the recipient logs in (their OAuth id becomes available) the email (verified by the OAuth) is used to decrypt the message copy and encrypted again this time with his/her id. That temporary email encrypted message is decryptable of course although there is no utility or UI for us to do so.
I guess we'd better store the owner Id and don't make copies, since it doesn't change anything security wise ... Yes, rogue admin can do harm ...
It's comfortably running within GAE free quota so even if we disappear it should be up and running ... Gotta pay that domain for max years though ;)
Good question, thanks!
You are in the least safe position possible. You're on a free Google service. In spite of the longevity of a few of these services, those are shut down all the time.
You say:
> To make sure you are well and sound, Cronu will charge your card a dollar a month.
I would insert "and to ensure your message remains available", as written this feels so inauthentic as to be mildly offensive.
And then take that dollar a month from myself and from a few others, and spin up some paid instances. Pick a couple hosts that are likely to be around for a long, long time, and get a box from each, and make your service redundant. Show that you've paid for service from these providers and have paid up for the next 10? 50? 100 years. Register cronu.com for the next 10? 50? 100 years (this expiry date is easily verified with whois) because you obviously can't send email from cronu.com if your domain registration expired. Right now, your expiry is in September of next year.
Paying for these instances is what distinguishes you from a free monthly dead-man-switch email and makes you worthy of receiving that dollar.
We do have budget and will be paying once quota is depleted (can't wait for that moment) but so far (and in case of our disappearance) free should sustain the minimum viable service levels (aka delete account).
How is this secure? You yourself (or somebody who works for you – a rogue employee) could access your database and decrypt all of your customers passwords and sensitive data for their accounts. This adds a single point of failure for everything you store/send with it. You get hacked, and now they have access to everything.
Can't you send an email on a timer? Say a day or two after your birthday or some holiday. Every year on your birthday you reset the timer. It could take some time after you disappear for the info to arrive.
- Company tanks.
- Company gets acquired, and your private data gets mined.
- Company gets hacked and database dump gets posted.
I think I'd rather stick to the old methods of sealed envelopes and trusted friends or a lawyer. It's more reliable and requires less brain time slices ("Does the comapny still exist? Has it been hacked or acquired?" etc)