How it works

  1. Tripwire

    A USB device is removed or inserted, Bluetooth goes out of range, or AC power is lost. The wards are breached.

  2. Conjure

    A composite threat score materializes in under 5 ms. The spell is already cast before the attacker knows.

  3. Vanish

    Graduated hex: screen lock, vault sealed, or keys destroyed and power cut. The secrets were never there.

The grimoire

DeadWitch doesn't erase pages. It burns the only key that can read them.

LUKS volume

Your grimoire is a LUKS-encrypted volume. Data stays on disk, sealed — unreadable without the encryption key held in kernel memory.

luksSuspend

The key vanishes from kernel memory via memzero_explicit(). A kernel-level incantation — no userspace spell can replicate.

luksErase

Obliterates LUKS keyslots using AF-stripes (4000x inflation). The key is not hidden — it ceases to exist. Recovery is mathematically impossible.

Host survives

The machine lives on after KILL. Only the grimoire burns — the OS and host data are untouched. A clean disappearing act.

File shredding is slow and unreliable on SSDs due to wear leveling. Key destruction is instant, silent, and mathematically final.

Response levels

Lock Low threat

Screen lock. Session preserved. A warning ward — nothing lost.

Seal Medium threat

Grimoire sealed. luksSuspend makes the keys vanish from kernel memory.

Kill High threat

Grimoire destroyed. RAM wiped. Power cut. The keys never existed.

Familiars

Physical sentinels that watch for disturbances.

  • USB familiar

    Removal or insertion of any device breaks the circle. Under 5 ms to detect.

  • Bluetooth familiar

    Your phone moves out of range. The bond is severed, the spell triggers.

  • AC Power

    Power loss breaks the ritual. Unplug the machine, the witch acts.

Features

deadwitch init

The summoning ritual. Guided setup with human-readable prompts. Armed in minutes.

Duress Password

A decoy grimoire opens. Behind the curtain, the real LUKS header is silently destroyed.

Scrying Mode

24-hour divination. The witch studies your hardware before binding the wards.

Travel Mode

Reduced grace periods. Heightened sensitivity. The witch's finger rests on the trigger.

5-Level Failsafe

Five nested wards: daemon → watchdog → OnFailure → udev → raw syscall. Kill the process, the spell still fires.

Host Preservation

The machine survives the ritual. Only the grimoire is sacrificed.

Quick Spells

I. The Summoning
sudo deadwitch init
II. Read the Omens
deadwitchctl status
III. Raise the Wards
deadwitchctl profile alert
IV. Suspend the Ritual
deadwitchctl pause 5m
V. Diagnose the Circle
deadwitchctl doctor

Architecture

Privilege separation. Four binaries, two trust zones.

root
deadwitchd Daemon. Events, crypto, LUKS ops
user
deadwitchctl CLI. Status, profiles, whitelist
deadwitch-gui System tray. PIN, status, emergency
deadwitch Setup wizard. Guided init

Who is this for

Journalists, lawyers, activists, researchers, and developers who work with sensitive data in physically exposed environments — at border crossings, in conflict zones, or in public spaces where device theft or seizure is a realistic threat.

Ethics

Arguing that you don't care about privacy because you have nothing to hide is like arguing you don't care about free speech because you have nothing to say.

— Edward Snowden

Privacy is necessary for an open society in the electronic age.

— Eric Hughes, A Cypherpunk's Manifesto, 1993

Those who would give up essential liberty, to purchase a little temporary safety, deserve neither liberty nor safety.

— Benjamin Franklin, 1755

Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

— Bruce Schneier, The Eternal Value of Privacy, 2006

The moment we no longer have a free press, anything can happen. What makes it possible for a totalitarian or any other dictatorship to rule is that people are not informed.

— Hannah Arendt, interview with Roger Errera, 1973

If you want to keep a secret, you must also hide it from yourself.

— George Orwell, 1984

Just as the Enclosures expropriated the peasantry from communal land, so the witch-hunt expropriated women from their bodies.

— Silvia Federici, Caliban and the Witch, 2004

Is the accuser always holy now? Were they born this morning as clean as God's fingers?

— Arthur Miller, The Crucible, 1953

The witch was an empiricist: she relied on her senses rather than on faith or doctrine, she believed in trial and error, cause and effect.

— Barbara Ehrenreich & Deirdre English, Witches, Midwives & Nurses, 1973

So great was the witches' knowledge that in 1527, Paracelsus, considered the “father of modern medicine,” burned his text on pharmaceuticals, confessing that he had learned from the Sorceress all he knew.

— Barbara Ehrenreich & Deirdre English, Witches, Midwives & Nurses, 1973

Privacy is the power to selectively reveal oneself to the world.

— Eric Hughes, A Cypherpunk's Manifesto, 1993

The universe, our physical universe, has that property that makes it possible for an individual to reliably encipher something, so that all the resources and all the political will of the strongest superpower on earth may not decipher it.

— Julian Assange, Cypherpunks, 2012

Where they have burned books, they will end in burning human beings.

— Heinrich Heine, Almansor, 1823

There is more than one way to burn a book. And the world is full of people running about with lit matches.

— Ray Bradbury, Fahrenheit 451, 1979 Coda

When the powerful demand to see your thoughts, the only safe thought is the one that cannot be found.

They burned those who knew too much. Today, they seize their devices. The witch learned to destroy her grimoire before they could read it.

We apply the doctrine of double effect: the intent is protection, the positive effect doesn't require a negative one, and the proportionality is clear.