I came to a realization a long, long time ago that one day I’m going to die. One day, I won’t be here anymore. What happens then? How will people read my (hidden) blogs from the Army? How will people read my unpublished stories and poetry? How will my wife know how to pay the bills?

Well, I’ll send her a letter of course!

In the event of my inability to turn on my work computer or push a mystical hidden button on this blog within a 24 hour period, an email will go to my wife. It basically asks her to make sure I’m ok and remind me to push the button.

If I still haven’t indicated that I’m alive, after 48 hours, an email goes to my mom, with about the same message. After 72 hours, it goes into “Freak Out Mode.” It sends a slew of what I call “Dead Letters” a play on dead-letter queues.

If I don’t do anything for 3 days, and my mom or my wife can’t get ahold of me, the service assumes I’m incapacitated in some way. Most of these emails are messages to close family and friends that I try to update yearly. I hate goodbyes because in my mind there’s no such thing. It’s just a “see you later!” Well, these are goodbyes.

I hope these letters never get read. I hope they bitrot away and I live forever … but that probably won’t be a future for me. One day it will be my turn and these letters are the last ones anyone will ever read from me.

By the way, it’s very hard to write these letters … there’s lots of crying and emotions that you have to face. To realize that you’ll be gone, to empathize with the reader. To say what it is you want to say, one last time.

There’s really only two that I feel are truly important.

  1. A letter to my son, for when he’s all grown up.
  2. A letter for my wife, with access to my password manager, retirement accounts, and other important things that I may or may not have ever told her about …

She’ll be taken care of, she just needs a map to the treasure.

The Technology

So, how does this work? It’s actually very simple and easy to implement. In my case, it’s built on WordPress for database access and written in PHP. It’s nothing complex.

There are two API entry points. Neither of them requires any authentication since everything is hardcoded (email addresses, letters, etc). The passwords are encrypted using a custom tool.

The first entry point is /ping which tells the service that I’m alive. A simple ajax request or a cron job notifies the service on a regular basis. If my computer is on and connected to the internet, it will call that endpoint regularly.

The second entry point is /freak. It returns a 401 if there’s nothing to do. It will send the warning emails and still return a 401. Once a 418 code is returned, this other service will send a decryption key email, along with instructions on retrieving the encrypted passwords. All Dead Letters are sent immediately.

I’m deliberately being vague on the mystery service.

There’s a miscellaneous status endpoint that explains what state it’s in and when the last ping was.

This “should” provide protection against my server being hacked. If it’s hacked, I don’t want anyone to get beyond that. Since my ssh keys are stored in physical hardware, even if someone gains access to my accounts, they’re unlikely to gain access to the server to be able to read the encrypted portions of the email.