What you see in the photo is me, 8,000 km away from home, on one of the highest mountains in the world, smiling and happy that this won’t be my last night alive.
10 minutes before capturing this image, I was in tears, desperately on the phone with Anita, the call center assistant from my health insurance.
“Andrea, you won’t die on Annapurna, the diagnosis rules out appendicitis, you have a muscular issue near your abdomen.”
Reading through several NDEs (near-death experiences), people in those moments encounter deceased loved ones, a world without wars, a four-day workweek… basically, like Siddhartha somehow reaching nirvana.
None of this unfolded in the warm posterior cortical area of my brain: “My wallets, my passwords, my encrypted disks, my will written at 13…my entire digital identity lost forever.”
So, I got up from bed with difficulty, sat down, and began to write in my notebook about the architecture of Casper: my digital alter ego who will take care of distributing my entire digital identity to the heirs (who don’t even know they are heirs).
For obvious security reasons, I won’t tell you about implementations and technologies used, but about the challenges that Casper MUST face to ensure it can fulfill its task when I cease to exist.
π Are You Alive? π
Casper periodically checks if I’m alive, and considering that no technology is infallible, it must do so in many ways and with different strategies.
There are no limits on how to do it: robocall, push notifications, SMS, email, various types of sensors (including medical devices), the limit is the imagination of the implementer.
The aspects to consider are essentially two: the redundancy of the signal sent by Casper, and reiteration in case of no delivery or response from me.
So, if I’m absent of any signal for 20 days because I decided to climb Nanga Parbat, it can’t consider me dead but must try again multiple times, in different ways and at different time ranges.
Only after X attempts and various checks does Casper decree my death and releases my digital identity in the established manner.
Choose communication protocols, technologies, programming languages with utmost care: Casper must survive when we can no longer do anything.
Wink at technologies that have been supporting the financial world for decades.
π Redundancy π
Such a critical system cannot reside only in one place, but must necessarily be distributed in the most diverse ways and in the most resilient modes possible.
In my opinion, in addition to having instances distributed around the world, it’s essential to have one or more over which you have full control 100% (including the hardware), to prevent disasters on various clouds.
Obviously, owning the hardware also means having redundancy strategies for everything, from electricity to data lines.
π Security π
It seems obvious, but let’s repeat it: Casper is a courier and must not know what’s in the package, especially because if your data resides on the cloud, it MUST be encrypted.
End-to-end encryption and use hardware for your keys π (YubiKey)
β Test, Test, Test β
Everything that makes up Casper must be strictly open source, stable, and tested all around with every software testing technique you can think of.
If you develop part of the solution in-house, ensure it’s free of security issues at the time of release. (Sonarqube, Kiwan)
π£ Self-destruct in 3…2…1 π£
Casper and all its instances can be compromised forever and irreversibly by the famous red button that only the president in the White House can press.
If there’s suspicion of tampering with even a single instance, Casper must be able to compromise any type of data and all its instances.
π οΈ Maintenance π οΈ
Don’t think you’ve designed something so complex and just put it in the freezer forever?! Everything that makes up your post-mortem Postman is subject to technological evolution.
Periodic check from the lowest level of the kernel, up to the user space π
πΌπΌWas it necessary?πΌπΌ
Absolutely NOT π
There are many ways to leave one’s digital identity in safe hands, and Casper is certainly one of the most dangerous. π
However, the idea of personally saying goodbye in my own way fascinated me and posed technological challenges I thought were insurmountable.
I hope to have ignited in you that little spark of curiosity, which I could not contain π
To this day, Casper continues to ensure that I am alive.