The digital entropy of death: what happens to your online accounts when you die

The digital entropy of death: what happens to your online accounts when you die

Unless you’re planning on having your mind jammed inside some sort of computer chip, eventually mortality will catch up and you’re going to have to work out what you’ll do with all of your online accounts. When it’s time to shuffle off this mortal coil, you might, theoretically, be slightly annoyed if someone is using your dormant accounts to spam viagra or fake Twitter apps. The sad reality is, when we go, we leave behind a potentially terrifying amount of accounts lying around in the digital ether, and not all of them may be as secure as one would like.

Even if they’re locked down with multiple security steps, someone could break into a database and pilfer insecure information from the back end. We have the very odd situation of there being a digital zombie sleeper army, ready and willing to come back and cause all sorts of security/spam issues worldwide.

Is there anything we can do about it? Can relatives ensure we don’t come back as some sort of bizarre cyber-horror? Do websites and services have any process in place for this strange new world of accounts that are, to coin a phrase, just taking a nap?

Surprisingly, help is at hand more often than not. First, though, we need to have a think about some sort of tally.

There’s (not) security in numbers

Passwords are a great way to gauge how many accounts we have personally. Check out any number of “How many accounts do we have” articles going back several years. Very handy! An unintended side effect of said articles and their number crunching is that we can also use that data to try and map out the kind of problem we may be facing with orphaned accounts. The average UK consumer alone has something like 188 online accounts, and that figure is from 2015—no doubt the number continues to rise as every aspect of our lives winds its way online.

Speaking of number crunching: 151,000 people die every day. Something like 55 million people die every year. Even if just 10 percent of the 500,000 people who die in the UK annually had 188 accounts each, that’d still be 94 million accounts suddenly abandoned—more than enough to cause a spot of bother. Then throw in the accounts of the recently deceased from around the world, and the numbers are suddenly a bit panic-inducing.

I’d be surprised if scammers don’t set aside a little time for targeting obviously abandoned profiles. Aside from regular postings asking for help on Facebook due to compromise of dead people’s logins [1], [2], there’s also the problem of “cloning.” Once you start poking around this subject, problems are everywhere.

Setting the tripwires

Of course, there are a fair few security-centric things we can do now to ensure we make it as hard as possible for those going on a spot of dormant hunting. Multi-factor authentication, password managers, good browsing practices, blockers, security tools…in short, everything you’re hopefully doing by default anyway. It’ll all help to keep your accounts in lockdown when the time comes that you no longer require them.

Additionally, not all services will be around forever—the endless churn of the web will see to that. Today’s social network is tomorrow’s “bought out and turned into something for delivering pizzas by taxi.” One can assume a large portion of all but the biggest accounts you have will, eventually, crash and burn. Not good for them, not good for people using the service, but definitely good for anyone no longer fussed about the paradigm shift in pizzas and taxis.

As time has passed, digital providers have realised they need to start offering some options for relatives of the recently deceased—one can’t assume everyone knows their security stuff, and many relatives would be hugely distressed to see accounts of a dead relative tweeting about healthcare plans or posting movie promos to Instagram.

Many sites now offer a way for relatives and executors to memorialise, or just delete, an account. In other circumstances, services would rather you ” self-manage” and plan ahead for your own demise (cheerful!) by setting a ticking timer. If the account is inactive for the specified length of time, then into the great digital ether it goes. These are useful options to have available.

While a lot of services don’t openly advertise what to do in the event of a death on their website, they will give advice should you contact them, whether social network, email service, or web host. When there’s no option available, though, people will forge their own path and take care of their so-called “digital estate planning” themselves.

The D.I.Y. approach

What do you do if the visible services your loved ones used don’t do the whole “death resolution” thing? Worse, how do you even know about the potentially hundreds of logins they have sitting around elsewhere? Sure, you might know about the really obvious ones but people don’t typically draw up a list of the weird, wonderful (and possibly not wonderful) services they used and hand it to their next of kin.

What we are seeing is people making use of password managers in ways other than having a convenient and secure login to services; they’re also creating back up accounts for their digital departure. In these situations, a fully fleshed out password manager, containing all of a person’s logins, has its access stored in a secure place and given to a close relative. Of course, the relative receiving this digital treasure trove is going to be extremely trusted—they probably don’t want to hand it to that crazy uncle who shouts at family gatherings.

The manner in which they hand over the password manager account is incredibly important, too. Is it a physical thing? A login written on paper? Something digital? Is it secure? Maybe it’s a hard drive. Is it encrypted? How will it be updated with new logins/ changes to passwords? Does the relative live nearby if it’s physical? If they live far away, would something purely online make more sense?

These are all important questions that need to be thrashed out long before handing account information over, and it’s probably a bit much to put the onus on the recipient to start bolting security gates you may have left wide open. Do some pre-handover diligence, and make some time to ensure everything is locked down tight. If there’s anything hugely important you need them to know, tell them in advance—don’t hand over a hard drive and ask them why they didn’t make a backup two months after the thing has fallen into the bathtub.

Digital family heirlooms

That’s the grim stuff out of the way. What happens to accounts you’ve invested a ton of money in? You may have bought a lot of digital purchases tied to certain platforms. Games on Steam, or music on iTunes or Spotify—they’re all tied to specific logins in your name. When you die, what happens to the purchases? In the real world, you end up with a ton of dusty boxes. Online? Those “boxes” will be taken away from you.

In an ideal scenario, you could nominate someone to take over a digital account and they’d inherit the purchases. But legally, when you go, so do your files (in as much as anything you can’t download and keep locally is gone forever.) That’s because you’re buying into a license to use a thing, as opposed to buying the thing itself. I did have a whole pile of text for this bit, but as it turns out, the ground has already been thoroughly covered.

Logan’s (video game) Run

Logan’s Run, the sci-fi movie from 1976 where everyone has a timer ticking down till they hit the age of 30, is weirdly relevant to this discussion because ticking timers are most definitely going to be a thing. See, there’s nothing stopping someone from passing on a login to a family member so they can continue to make use of all the purchased content. The platform owners are never going to know about it. However, as those wheels of time continue to crank, at some point somebody is going to wonder why Steve McHuman is still playing games at the ripe old age of 123.

This is why I predict that at some point, all of our digital accounts tied to financial purchases will have some sort of average human lifespan timer attached to them. The moment it wanders past 100 or so years? Poof, gone. I mean, this is better than being chased down by a Sandman once you hit 30, but it does mean your digital purchases will almost certainly expire at a later date—and that’s assuming the services of today are even around in 100 years time.

Many are the grim ways that lead to his cybercave: all dismal

Well, not quite so dismal. Sorry, Milton. We’re in a bit of an odd situation at the moment, as we’re now well into the point in history where we have the last generation to know life before 24/7 Internet. For many, being online is an absolutely crucial resource of existence. Meanwhile, Internet of Things technology ensures it continues to leap from behind a screen to the real world. We can’t escape it, no more than we can somehow skip around Milton’s cave, and the younger generations absolutely will demand reforms to the way we think about digital content, ownership, and inheritance.

I just hope I’m around to see it. And if I’m not? Please, don’t touch my stuff.

This is a Security Bloggers Network syndicated blog post authored by Christopher Boyd. Read the original post at: Malwarebytes Labs

The taming of the virtual freedoms

The taming of the virtual freedoms

How and why the government will regulate the Internet.

We feel uncomfortable when someone treats bookmarks and history browser, and the very idea that someone, a stranger can read our correspondence in social networks, causing an uproar. The Internet, especially at this stage of its development with inclusive Wi-Fi and total dominance of social networking is perceived as an intimate space, something akin to a diary or paper letters, not a place where officials and the government with their directives.

However, this perception is stereotypical: for business the Internet is a place to make money for corporations — habitat, and for the state. And only in the last instance, the network — platform for communication, entertainment and education.

There is therefore nothing surprising in the fact that the state is trying to regulate the order of Internet access, and restrict access to resources that pose a threat to state security or violate intellectual property rights.

According to the poll, in the period from 2011 to 2017, the proportion of Internet users in Russia has increased from 51 to 75%, and in the age group 18-24 years in the Internet daily by 90%. Daily Internet audience in Russia in the summer of 2017, according to the Fund “Public opinion”, made up of 70.4 million people.

More than half of Russian citizens use the world wide web to communicate with friends and family (64%), as a source of information (60%) and entertainment (54%). Not imagine daily life without the ability to access the Internet 5% of Russians (among 18-24 year olds such answers were given by 37% and 10%, among Muscovites and Petersburgers — 25% and 11%, respectively).

It is not surprising that the attempts of the Russian authorities to regulate Internet space, prohibiting access to sites or users requiring the messengers to reveal their data, cause a natural resentment and resistance.

Why regulate the Internet

The network goes through the same stages of development, as mail, Telegraph or transportation. First, nobody was interested in who, how, when and where to fly. This was the case in Russia in 1910. But in 1932 there was the first Air code.

Since the Internet has ceased to be the virtual world and broke through into physical reality, then is it any wonder that officials are trying to write rules for its use.

The regulatory activity of the state in the Internet aimed to achieve two goals:

– security in the broadest sense of the word — from the prevention of physical harm to the infrastructure and to the preservation of state secrets and reduce the number of extremists;

– filling of the budget that is collection of taxes from businesses that moved to the Internet.

The attempts of the Hungarian government led by Viktor Orban to introduce in the country a tax on the Internet ended mass protests after which the government abandoned the idea of introducing this tax, than showed that it was not the best idea.

Business just interested in network with a single purpose — to increase their profits. In this place, in contradiction to the interests of the state and private capital.

Citizens in confrontation with the state include when officials are trying to ensure security, to restrict access to information or communication or lobbying for the interests of business, for example, blocking torrents and Internet library.

Large and small Internet brothers

The network was erroneously perceived as independent and fenced from the state space. Just until recently the Internet was regulated only to the United States: the first commercial ISP emerged in the USA in 1990, and from 1998 to 2016 the global network was regulated by two bodies — IANA and ICAN.

Internet until recently was a monopoly of the United States, and the fact that the contract between the Federal government of the US and IANA are not extended, does not mean that the United States ceased to regulate the network. Just the Federal government handed over the reins in the hands of IT giants. And they cope with these tasks much easier and more efficient officials, and most importantly, without noise, scandals and disturbances.

Periodically, the managers of the “orphan” of the Internet have to interact with national governments, but a global fact does not change: IT-giants are the Champions of their commercial interests and U.S. policy.

The local segment of the Internet within the U.S. is also the patrimony of corporations, but the telecommunications giants. Peculiarities of living of Americans in the suburbs often make it impossible to change ISP. Unlike the average Russian apartment building, where it may be 5 providers, many Americans Internet provider and one uncontested.

The oligopolistic nature of the market for Internet service providers and disengagement of Washington from regulating the Internet eliminated in the United States the principle of “network neutrality.” Now, service providers can decide what traffic they block and slow down, and how to encourage and accelerate. In fact, corporations can become not only censors, but also to increase the value of traffic for a number of popular services and sites like Netflix. By the way, in Russia the government refused to meet the providers, who wished the abolition of the principle of “network neutrality.”

In addition to the global Internet restrictions from corporations in those countries where there is no alternative to the global social service network, regulate, and national governments, which impose restrictions for a national IT companies, and forced American IT giants to the fulfillment of national requirements.

Russia to block sites on the Internet began in mid-2012, when entered into force the Federal law № 139-FZ. In the US, first to block content on the Internet began in 1996, with the entry into force of the Federal law “On the observance of decency.”

Russia went down the same path of Internet regulation, and the U.S., where block content is started under the pretext of protecting children from inappropriate information. In the UK in 2014 providers under the pretext of protecting children blocked every fifth website, including resources and ultimately harmless.

The Russian Internet blocking, despite 275 thousand blocked sites (in 5 years of action of the law about “black lists”), against the background of many foreign legal requirements do not seem quite so cruel.

In Germany in 2018 entered into full force of the law NetzDG on combating extremism in social networks. Twitter, Facebook, YouTube, and other sites to remove illegal content within a day after notification or to pay up to 50 million Euro fine. The law came so hard that the ban started and all: corporations have been in a situation when it is easier and safer to pre-remove a message than to understand, extremism is the attempt or public debate.

It is likely that in the future in Germany on the platforms of Internet giants can’t hold any is not approved by the authorities of discussions.

In China reach the same goal different methods for conducting online discussions on forums and in social networks, the citizens of China have to link your accounts to your passport.

Israel the line between offline and online behavior is erased: created by the Ministry of defense of Israel ACMS system monitors network and seek out anti-Semitic entries in 12 languages, including Russian. The Knesset has already filed a bill to ban entry into Israel system-Semitic leaders of neo-Nazi movements and parties.

Such a mechanism of checks entering the country developing American IT company by order of the government of the United States. According to us Senator Mitch McConnell, the American IT company should serve the interests of the government.

The ban on entry on the basis of entries in the social networks may soon become a norm, and criminal cases for abuse in social networks or stealing accounts, and the right to oblivion.

In the U.S., surveillance of foreigners is institutionalized: the security services have the right to read the correspondence and phone conversations of foreign citizens residing in the territory of the United States.

Twitter, Facebook and YouTube are not in vain knocking at the great Chinese firewall — Google recently opened its third office in China.

However, an authentic life under the tutelage of “Big brother” can be considered the introduction of China’s social credit, which will allow to connect together both real and virtual actions of Chinese citizens and, depending on their social utility to promote or punish them.

To implement this system in China is possible not only because of old habits of government agencies to save personal data of each of the Chinese, but because of the special nature of the Chinese Internet it is isolated and “walled” from the world wide web Chinese firewall.

The system of social credit consider a natural step to the digital tyranny of the state over the citizen, and China criticized the construction of totalitarian communism. In fact, the US is building a totalitarian democracy where the system of social credit will introduce Corporation under the guise of big data services.

In August 2017, the US court ruled that the company LinkedIn does not have the right to prevent access to information of public profiles of its users, and ordered her for 24 hours to remove any technology that prevents access of the claimant hiQ Labs to open profiles.

In Russia, neither big data nor social credit until. First, we have a different philosophy, and the Runet is not isolated from the global network. Second, the court has forbidden to collect and analyze data on users of the network “Vkontakte” for commercial purposes, including for assessment of their credit profile.

In General, there is no free and unregulated Internet is simply the global regulators of the network are the American IT-corporations, not national governments. Paradoxically, this “invisible”, but total control of the users of the network is considered “free” in contrast to national regulation of the network, and does not cause any disturbance of the inhabitants.

‘Totalitarianism is unlikely to face: practice has shown that the severity of Russian laws is traditionally kompensiruet by not having their performance.

The act of Spring from its original requirement to keep data of Internet users 36 months broke the resistance of providers and businesses, which resulted in reducing the retention period to 1 month. The desire to de-anonymize the messengers and rewrite all their users “stumbled” on the workload of the Cabinet, who either did not, or did not wish to prescribe the procedure of user registration in the by-law.

Initiative registration all users of online games using passport data probably will not find at all Nike the realization in practice of too many in the world of online games, and in cooperation with Roskomnadzor will go to best individual developers — the Russian market of games is not particularly valuable for game studios.

The little that actually happened with the Russian authorities in the fight against Internet — to block extremist portals and in favor of the business and to the detriment of the wallets of the Russians to engage in with varying degrees of success in the fight against the torrent trackers.

Almost 2/3 of the resources listed in the Russian “blacklist” continue to operate, and the lock of little help in combating the free version locked “forever” the torrent tracker despite the halving of the audience (from 14 to 7-8 million people) claims to reduce filesharing by 5-10%).

18 Oct 2017 the head of the Ministry of communications of Russia Nikolai Nikiforov said about the ineffectiveness of blocking content on the Internet, but a law banning in Russia of anonymizers and VPN services still in force. Consequently, the confrontation between Roskomnadzor and sites with users will continue.


Likely future regulation of the Internet and its transformation into the space of the digital wars will lead to the disintegration of the global network on a number of major segments that are linked by narrow bridges controlled by the state, such as those built in China, the heirs of Mao Zedong. Only in this case it then makes sense to talk about any type of Internet BRICS, which in January 2018 was 58% of Russians.

Otherwise, the Internet of the near future is unlikely to be materially different from the Internet of today. It will be more stupid bans and more problematic access of illegal, but free content.

The onlaynizatsiey reality

The line between virtual and reality is erased not only in the interaction of man and the state: more about us know not officials and law enforcement officers, and employees of corporations.

First, corporations decide what you will see in the search queries, and indirectly affect what you buy. In the US, 60% of search queries on Google have (about 50%). In Russia on Google, Facebook, and Yandex today accounts for 70% of the advertising market in the network. In the US the figure is even higher.

Already in 2018 the share of the Internet will reach 43%, and it will become the largest segment of the advertising market, while the share of TV advertising will be slightly reduced — up to 40% by 2020.

If your product or product will not appeal to corporations, about it nobody learns. If the news or information considered undesirable, they were simply excluded from the search engine regardless of whether the premium package is RT on YouTube and marking news headlines RT and Sputnik in the search results of Google or Rutracker in Google or Yandex.

Secondly, the audience of Facebook, Instagram, Twitter and YouTube not only allows you to guarantee the security of the United States, but also to engage in the global digital intelligence, as in 2017 we learned from the WikiLeaks leaks. And top aides of any modern spy — electronic devices.

Scared of Big brother Google? Smart people explain how to lull his vigilance.

Smart TV from LG is spying on you even when you turn off shadowing. The Samsung TV and not listen to your words, write them and send them to servers of the CIA, Facebook analyzes you and probably listening through the phone speaker to offer you relevant ads, Google knows about the movement of your phone when you turn off geolocation and removed the SIM card, and by 2021 98% of American cars will be connected to the Internet and the manufacturers are aware of the drivers more than just location and daily routes.

With the advent of the Internet of things to listen you are smart speakers, and to spy on you — the pants and the jacket. Fitness trackers are already spying not only over mortals but also the us military.

The response to the snooping hardware will probably be software which will disable the functionality of espionage, and the increased popularity of cyber security experts.

Your data on social networks and the hidden pictures are actually not entirely hidden, and your administrators, Twitter and Vkontakte can see your intimate photos and see your search queries.

Thirdly, the dominance of the us social networking allows you to make global censorship: the fight against the Russian “threat” in the network proof.

Twitter found 50 258 (0,016% of the total number of accounts) automated accounts that allegedly were associated with Russia and distributed materials about the US presidential election. 18 January, Twitter began to block links to the Telegram, and began to consider them spam.

Madrid has blocked more than 140 sites, which supported the independence of Catalonia.

Fourth, it is time to speak of corporate digital “justice” without the right to appeal and even a digital “death.” At the end of 2016 in the USA, about 200 people received a ban on the use of Google services because they tricked Google by reselling it smartphones Pixel.

The interaction of the IT giants and Internet service providers allows you to erase the person from the social network and permanently shut him re-access it.

For the Russians to get banned in Facebook or lose access to Twitter not only scary, but also rather honorable: you can always create a new account or leave it in two alternative social networks — Vkontakte and Classmates. But in the US, the loss of access to social media accounts and digital services digital is akin to “death”: there is no alternative to Facebook and Google.


Change anything fundamentally invasion of the Internet into reality? Probably not. All of the above nothing more than a digital reflection of the modernization of old censorship, snitching and espionage. The Internet simply expands the boundaries of potential.

In the Third Reich to keep the country in fear it was enough for tens of thousands of part-time employees of the Abwehr in Rwanda for genocide have enough bits and a machete. Knock on your neighbor and be without Internet.

The real threat from the Internet, for the layman is except in a more personalized advertising is that corporations need our personal data, not to transfer their CIA/KGB/FSB/MGB. These agencies, if necessary, and so they learn everything about us is important.