Forgot your password?
typodupeerror
Microsoft Cellphones Handhelds Windows Technology

Microsoft Outlines Windows Phone 7 Kill Switch 258

Posted by samzenpus
from the stopped-in-its-tracks dept.
nk497 writes "Microsoft has outlined how it might use the little publicized 'kill switch' in Windows Phone 7 handsets. 'We don't really talk about it publicly because the focus is on testing of apps to make sure they're okay, but in the rare event that we need to, we have the tools to take action,' said Todd Biggs, director of product management for Windows Phone Marketplace. According to Biggs, Microsoft's strict testing of apps when they are submitted for inclusion in Marketplace should minimize kill switch use, but he explained how the company could remove apps from the marketplace or phones, when devices check-in to the system. 'We could unpublish it from the catalog so that it was no longer available, but if it was very rogue then we could remove applications from handsets — we don't want things to go that far, but we could.'"
This discussion has been archived. No new comments can be posted.

Microsoft Outlines Windows Phone 7 Kill Switch

Comments Filter:
  • 2.0?

  • by rwven (663186) on Wednesday November 03, 2010 @01:16PM (#34114874)

    http://www.readwriteweb.com/archives/google_activates_android_kill_switch_zaps_useless_apps.php [readwriteweb.com]

    http://news.cnet.com/8301-13579_3-10010070-37.html [cnet.com]

    Both Android and the iPhone have kill switches as well.

    Google has actually used theirs.

  • by Yvan256 (722131) on Wednesday November 03, 2010 @01:16PM (#34114876) Homepage Journal

    Brought to you by Apple.

  • by QuantumBeep (748940) on Wednesday November 03, 2010 @01:17PM (#34114890)

    Buying a mobile phone is already such an exercise in trust, I have a hard time worrying about a remote app kill switch.

    • Re: (Score:3, Insightful)

      I don't understand why worrying is what this makes people do. There's nothing stopping someone from writing an app that appears useful, waits until June 2nd, 2011, then does the most malicious thing the phone's sandbox will allow it to do. At that point, if the phone becomes unusable for 20,000 people, or if it becomes a plague spreader, or if it starts making calls to Pakistani phone sex lines while you're asleep, but on the outside it still appears to be a friendly purple gorilla so people don't delete

      • by gtall (79522)

        Look it, no one is going to care about Pakistani phone sex revolving around a woman's bare naked ankles. Hmmm...upon further reflection, maybe those kind of apps should be killed if they can find no better phone sex than that.

      • by Sloppy (14984) on Wednesday November 03, 2010 @04:17PM (#34117108) Homepage Journal

        I don't understand why worrying is what this makes people do. .. [if software does a bad thing] someone has the power to kill it.

        The reason people dislike it, is that the normal way for personal computers to operate is that the owner of the device (who is also typically the user), is the "someone" that you mention. And a lot of us are still used to the normal way (I guess that's why I call it "normal" ;-). The evil here is not the killswitch; it's whose hand is on the switch.

        If the phone were larger and had a full size keyboard and monitor, a lot of people would say that worrying is the right thing to do. But since we call it a "phone" (or a "game console" or an "ebook reader") the rules are magically different even though there's nothing about how the device is used, which should change who its master is.

        That said, while "a lot" of people would object to a desktop PC working this way, maybe some wouldn't. There does seem to be a level of frustration with users (typically Windows PC owners) installing malware, and this isn't the first time someone has proposed giving up and taking the power and authority out of their hands. What's interesting, though, is when you cross the line going down to a certain size (Apple's tablet being the new threshold) it's no longer just an idea, but is actually happening.

        Imagine if desktop PCs had evolved like the handheld ones are. Pretty sad. And pretty scary to think that the phone/gameconsole mindset still might infect the desktop. Why can't the next Mac come with IOS or the next Dell come with Windows Phone 7 or the next whitebox x86 come with Android -- and "brick" if the user tries to install something that doesn't suck? Throw in lock-in subsidies from ISPs, and people might actually buy 'em, and then desktop developers who want access to the widest market, might find themselves having to kiss the ass of the repository maintainers (a.k.a. "app store"), not be allowed to write competing apps, etc. This kind of shit would have totally prevented a lot of tech that we all take for granted today. Lame.

  • by mr_mischief (456295) on Wednesday November 03, 2010 @01:17PM (#34114902) Journal

    I always thought selling me something then taking it back was theft.

  • Remember, kids... (Score:5, Insightful)

    by kurokame (1764228) on Wednesday November 03, 2010 @01:19PM (#34114936)

    If someone else can come in remotely and change what you've got installed, it's not your system and it's not your software.

    But we encourage you to think of it as your own - it makes the fees hurt less, and we can always straighten you out on the details of ownership later.

    • by rwven (663186) on Wednesday November 03, 2010 @01:23PM (#34114994)

      If people don't like the platform, they don't have to use it (yet).

    • Re: (Score:2, Insightful)

      by melikamp (631205)

      This is a general purpose computer we are talking about, so it's not even your hardware in any meaningful sense of the word. What you own is a plastic-silicon brick which can function as a computer whenever Microsoft is feeling generous. You are basically renting a computer without an administrative account. Run afoul of the contract terms, and you are back to owning a brick.

      Fuck you Microsoft, and fuck you Apple: if you are marginally better now, it won't last long. The only big players poised to create

  • Too grainular (Score:3, Insightful)

    by Nethead (1563) <joe@nethead.com> on Wednesday November 03, 2010 @01:22PM (#34114976) Homepage Journal

    If the handset is causing issues with the network because of a rouge application just shut down the handset. (Well, allow 911 or your local PSAP number.) This, hopefully, would be just an AUP issue. Sometimes a hammer is the right tool.

    • Re:Too grainular (Score:4, Insightful)

      by amicusNYCL (1538833) on Wednesday November 03, 2010 @01:31PM (#34115102)

      You're saying that it's better to disable the entire device instead of remove the one offending application? I'm not sure how you made that conclusion, but how would the owner recover their device if Microsoft shut the entire thing down? Should Microsoft or any handset vendor be allowed to simply disable the entire device?

      • Re:Too grainular (Score:5, Insightful)

        by IndustrialComplex (975015) on Wednesday November 03, 2010 @01:40PM (#34115226)

        You're saying that it's better to disable the entire device instead of remove the one offending application?

        It can actually be less intrusive. I have no 'right' to use a network, so if I am screwing up the network because of an app I have, kicking me off the network doesn't do anything to MY equipment.

        It means I can install whatever I want on my phone and no backdoors are needed.

        Think of it like renting a car to someone. You can do whatever the hell you like to your body, but I don't want you smoking in my car. I refuse you the car, but I don't confiscate your cigarettes.

      • by Nethead (1563)

        I meant to say, shut off the radio.

      • You're saying that it's better to disable the entire device instead of remove the one offending application?

        No. Think more like "Towers refusing regular connections from aggressive phones".

        - You get to install what you want.
        - If some service provider can't take the load (US towers are bad at connection build/tear-down) they'll just refuse to speak to that phone (except for 911 / 112 calling). Or otherwise limit the affected service (Refuse data connections, degrade 3G to 2G) and send an alert message ("Too much data connection per minute, please uninstall application XYZ").
        - At no point in time is any remote cont

    • Re: (Score:3, Funny)

      by sempir (1916194)

      If I were to put rouge on my handset my neighbours son would be SO...SO jealous.

  • Anybody know if they have such a switch?

    Given how much their phones (going forward) are pretty much open, I wonder where they'd put a killswitch.

    • Re: (Score:3, Interesting)

      by angiasaa (758006)

      No, Nokia does not have a Kill Switch. However, in the event of a rogue app infestation on their smart-phones, Nokia is capable of pushing an app to excavate the offending app before initiating a self-distruct. This is done with the users permission and discretion via the pre-installed Software Update app.

  • Imagery (Score:2, Interesting)

    by rakuen (1230808)
    Am I the only person who envisions some mad scientist in a far off laboratory cackling with glee as he throws the switch to remove a program from your phone, all while lightning flashes and thunder crashes in the background?
    • by DarthVain (724186)

      I think my imagination was more literal.

      I see Bill Gates/Ballmer laughing maniacally at a big red button with my name under it ready to detonate the 3oz of C4 I have next to my ear...

    • What about smoke filled dimly lit rooms where a man in a highbacked leather chair muses for several pregnant moments before uttering:

      I want it dead.

  • by SuperKendall (25149) on Wednesday November 03, 2010 @01:38PM (#34115202)

    Microsoft has made a lot of poor security choices in the past, so we should praise them when they do something that will improve the general level of mobile application security. All mobile platforms to-date have kill mechanisms, for the average user it's a great thing to be able to shut down a rogue app en-masse and not have to wait for even an update cycle.

    Experienced technical users will ALWAYS have the equivalent of Jailbreaking to prevent applications from being removed or modified externally if they so wish. But that is a choice that should be made by a technically informed person after consideration, not a default configuration that the general public has to live with the repercussions from for the next decade.

    • Re: (Score:3, Interesting)

      by rakuen (1230808)
      Why not just make it an option? Not an option you'd just randomly stumble across and disable, mind you. I mean it's in a very specific place in the configuration, and when you toggle it, it pops up a disclaimer explaining what you are going to do and asking you if you are sure you want to accept the risk. Once you agree, anything that happens to your phone is on you.

      Note, I'm not talking about a "Jailbreak" option, because that'll never happen. I'm talking about a "Disable Killswitch" option.
      • Why not just make it an option? Not an option you'd just randomly stumble across and disable, mind you. I mean it's in a very specific place in the configuration, and when you toggle it, it pops up a disclaimer explaining what you are going to do and asking you if you are sure you want to accept the risk.

        If you are going to all that trouble to prevent someone from doing it, why even include the ability to do so?

        What you described actually sounds more annoying than jailbreaking, and has less utility in the e

      • Even if the rogue app itself can't disable the kill switch, the user is still susceptible to the dancing bunnies problem.

        When the app instructs them to disable the kill switch so that they can see the dancing bunnies, by god, the users _will_ disable any and all security mechanisms they can, just to see the dancing bunnies. Because, goddamned, they HAVE to see the dancing bunnies. You do know that dancing bunnies are awesome, right?

        Also, I have to say, the notion that people in a community like slashdot sho

    • by Anonymous Coward on Wednesday November 03, 2010 @02:01PM (#34115470)

      Which is why the right way to do it is with a configuration setting that you help the user select at purchase/installation time and through user training. Yes, people don't want training, but that's the price of using a complicated feature rich application. Give people the option to

          1) enable automatic remote kill
          2) enable automatic remote kill prompting
          3) disable it
          4) enable it on sync
          5) subscribe to push notifications of kill requests

      There's lots of ways to handle this--but automatic remote kill is only one of them, and the last tech friendly. Not just because geeks don't like DRM, but because it exposes all applications to a very real Denial of Service risk. What happens when somebody spoofs a remote kill to my VPN adapter or its corporate nameserver? What about remote killing my asset management application that scans barcodes (even if poorly) from the camera?

      Hell, doctors have PHI on phones these days--you *need* remote kill on that app, but the consequences of deletion could be medically deadly.

      Point us--remote kill isn't wrong because it's remote kill. It's wrong because there's no choice or control without jailbreaking it.

      • Re: (Score:3, Insightful)

        by SuperKendall (25149)

        What happens when somebody spoofs a remote kill to my VPN adapter or its corporate nameserver?

        Much less than what happens than when the 1% of users that change the configuration just because they can, get hit by a keylogger that cannot be removed.

        Even though all modern smartphone platforms have this ability we have yet to see such a denial of service attack, and at worst it would be a minor inconvenience compared to damage a more lax security policy can cause, even one where you can simply configure it to b

      • Re: (Score:3, Interesting)

        by Dhalka226 (559740)

        On the other hand, if you acknowledge that remote kill is sometimes necessary then 2, 3 and potentially 5 are counterproductive.

        Presumably, the users installed and want the application in question because it is installed on their phone, and the negative effects are not noticable, or they would have uninstalled the application themselves. Think of reasons Microsoft might (legitimately) want to remote kill an application: Something that is stealing identities, violating privacy, etc; something that is caus

    • by mlts (1038732) *

      Never say never, and never say always. Look how long it took to JB the iPhone 4, and iOS 4.1's baseband has yet to be cracked. It won't be that long before devices take so long to root or jailbreak that they are obsolete and new models are on the market. All it takes is Microsoft, Apple, and Motorola to delay the rooters/modders/jailbreakers 1-2 years, and they have completely won the game because most people would have moved on by then.

      The best answer to keeping Joe Sixpack in the walled garden so he do

  • We don't really talk about it publicly because the focus is on testing of apps to make sure they're okay

    How does information about this topic relate to (or even prevent) people from testing apps?
    • by Code Master (164951) <codemaster@mac.com> on Wednesday November 03, 2010 @01:45PM (#34115274) Homepage
      What he's saying is that if MS tests the apps well enough to prevent bad apps from making it into the marketplace, then they won't need to use the kill switch.

      So they are focusing on their primary line of defense being the acceptance testing.

    • by rakuen (1230808)
      It's also because when you start talking about a "kill-switch" or similar function, the average consumer gets antsy. People want to have control over goods they purchase and what is done with them. They don't like to think of other people making the decision for them, whether or not the decision is made out of benevolence.
  • but in the rare event that we need to, we have the tools to take action

    And, but in the non-rare event where we don't intend to, we have the tools to take action, by mistake.

    "Yo! Who hit the kill switch?"

  • Oy vey... (Score:4, Funny)

    by jamrock (863246) on Wednesday November 03, 2010 @01:51PM (#34115342)

    'We could unpublish it from the catalog so that it was no longer available, but if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could.'

    "Unpublish it"? As opposed to simply de-listing it, or removing it from the catalog? "Very rogue"? I had no idea there was a spectrum of roguishness. I sincerely hope that English is his second language. I don't feel the need to correct the spelling or grammar of Slashdot commentators, but this guy is speaking on behalf of a giant corporation.

    • Old tricks (Score:3, Funny)

      by HeckRuler (1369601)
      Actually it's a old form of English called weaselese where random words get replaced with euphemisms that don't sound as bad. For example, which sounds better to you:
      "A lack of synergy will commit us to depublishing your works and down-sizing your position. Thanks to competitive agreements with neighbors, we've cornered the market in potential employment with a bonus outreach to family members."
      OR
      "Since you don't share in the corporate culture around here, you're going to be censored and eventually fire
  • We don't really talk about it publicly because the focus is on testing of apps to make sure they're okay, but in the rare event that we need to

    More like, in the event that it would benefit us, regardless of its cost to you. Seriously, when the hell does anyone need to remotely kill some app on your phone? ... Yeah, I thought so.

    • by vux984 (928602)

      Seriously, when the hell does anyone need to remotely kill some app on your phone? ... Yeah, I thought so.

      When a court orders them to do so.

      Up until now, they've been able to say that they can't. Now that they can, its only a matter of time before they are compelled to.

      So why did they implement this? Probably to gain the support of precisely the people who will take them court to get a court order requiring them to use it. You know what, I don't really even blame Microsoft.

  • Define: Very Rogue (Score:4, Interesting)

    by LoyalOpposition (168041) on Wednesday November 03, 2010 @02:33PM (#34115854)

    We could unpublish it from the catalog so that it was no longer available, but if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could

    I wonder whether "very rogue" is anything like when Windows Genuine Advantage was classified as a security update, and pushed out with the rest of the critical patches.

    ~Loyal

  • It's too bad Jon Stewart didn't include "scary #^%@ companies do to us" in his Rally to Restore Sanity. I mean, yes, it'd be very nice if companies that sold us hardware let us use it how we want to, and it would CERTAINLY be nice if FaceBook would get real with their privacy issues, but honestly, I don't think kill switches are anything to get overly concerned about. It's not as if they're going to randomly laugh maniacally and start wiping random people's phones out for fun.

    Is it great that they (ALL of
    • You can use the hardware exactly however you want (barring FCC regulations of course). But that's not what you are whining about now is it? You want to use software on that hardware however you want, and you don't own the software. You are leasing it, so no, you can't do whatever you want to the software, but you are free to wipe all the software off the device and use the hardware any way you want.

      • by jitterman (987991)
        Well, I'm not whining. I have a "rooted" iPhone 3G that I'm fine with. But to counter your point - I would have purchased a Droid X, but after all the stories of how it has the integrated social networking interface stuff - "Motoblur" - that you cannot get rid of, and you can't (from what what I last read - quit reading updates quite a while back) root it without it resetting itself.

        Oh, and chill with the hostility. Not sure where that stuff comes from. I just don't think things are as bad as is often por
  • by Arancaytar (966377) <arancaytar.ilyaran@gmail.com> on Wednesday November 03, 2010 @02:50PM (#34116120) Homepage

    How about we sell phones that the customer actually OWNS and CONTROLS?

    Crazy thought, huh?

  • So... I buy an app that enables "FutureNeatoStuffThatM$FTDoesn'tLike" for $100... then Microsoft says "That hurts out business model! Rogue app!!!" and deletes it. Hrm... That doesn't sound like a feature to me.
  • Don't worry, maybe in 5 years we will have it for the PC as well. With the Cloud and SaaS it's easier.

    Why are people are get along with it? It's not only the marketplace, which now everybody sells as the best thing since sliced bread, not only the kill switches on their e-book readers and smartphones, but the general DRM scheme and the EULAs and licenses. I observe, that if it's software or a digital work, the customers are going to live with every abuse the provider can get away with. I always laugh if I t

  • I hope they actually have a patent on this and decide to enforce it.
  • Its just a phone. Once they start doing this to your computers, THEN you can get upset.

Optimization hinders evolution.

Working...