California Bill Proposes Mandatory Kill-Switch On Phones and Tablets 341
alphadogg writes "Politicians and law enforcement officials in California will introduce a bill on Friday that requires all smartphones and tablet PCs sold in the state be equipped with a digital 'kill-switch' that would make the devices useless if stolen. The bill is a response to a rise in thefts of portable electronics devices, often at knife or gunpoint, being seen across the state. Already half of all robberies in San Francisco and 75 percent of those in Oakland involve a mobile device and the number is rising in Los Angeles, according to police figures. The trend is the same in major cities across the U.S. and the California bill, if it passes, could usher in kill-switch technology nationwide if phone makers choose not to produce custom devices for California. California Senate bill 962 says all smartphones and tablet PCs sold from Jan. 1, 2015, should have 'a technological solution that can render the essential features of the device inoperable when the device is not in possession of the rightful owner.'"
in other news (Score:4, Insightful)
It will be used against you (Score:5, Insightful)
It will be used against you. Next "bigger" protest they will kill switch the entire area. Record away ...
What could go wrong? (Score:5, Insightful)
If you start making phones with kill switches, that is going to be a very attractive target for hackers.
Imagine if you could wholesale destroy thousands of phones in one go?
And since legislators only barely understand their intended outcomes, and not the unintended consequences, they won't be mandating any proper security with this -- and it will be badly implemented.
But, really, what black hat isn't going to be giddy with glee at the prospect of wiping out a whole bunch of phones in an area?
Yeah, yeah, offtopic because I didn't say 'fuck beta' ... I'm just tired of the nerd rage, it gets old after a while.
IMEI blocking (Score:3, Insightful)
Isn't this what IMEI blocking is supposed to do?
Re:What could go wrong? (Score:5, Insightful)
Better yet, imagine how useful a phone kill switch would be during widespread citizen protests?
"For public safety, we have to shut off everyone's phone. And because terrorism."
A More Effective Killswitch (Score:5, Insightful)
Re:They've got it wrong (Score:5, Insightful)
Already half of all robberies in San Francisco and 75 percent of those in Oakland involve a mobile device and the number is rising in Los Angeles, according to police figures. Really, what we need, is a kill switch for Oakland, San Francisco and LA.
We also need some insight into whether those robberies were for the mobile device, or whether they were somebody pulling a knife and saying 'gimme your shit', combined with the fact that cellphones are at least as common as wallets at this point.
Missing Stats (Score:5, Insightful)
Already half of all robberies in San Francisco and 75 percent of those in Oakland involve a mobile device and the number is rising in Los Angeles, according to police figures.
Some missing stats here: How many robberies is that, how many were there five years ago, and what percentage of robberies involved a wallet? Is this a sign of increasing crime due to cell phones, or are cell phones just a thing of value that most people carry that is taken along with the victim's wallet and watch? What percentage of these crimes will be prevented if a kill switch is implemented?
Without that information, this is just another case of, "Bad things happen, therefore we need more laws!" Effective laws do an excellent job of reducing crime. Crime stats in the US have been on an impressive and near continual downward trend, and that is an excellent thing to achieve. Ineffectual laws do not solve problems, however, and they weaken the system.
Also: Fuck beta. I am not the audience, I am one of the authors of this site. I am Slashdot. This is a debate community. I will leave if it becomes some bullshit IT News 'zine. And I don't think Dice has the chops to beat the existing competitors in that space.
Re:What could go wrong? (Score:5, Insightful)
I have less of a problem if they make it a kill switch that can be cryptographically turned off by the manufacturer after verifying the purchaser or even with some kind of a special key that you get with the purchase and keep at home. It should also be something that can be turned off by the end user.
If you can ensure that it can be reverted securely when triggered and can be prevented from triggering by the legit user (possibly using the same mechanism as unlocking a locked device) then I don't see a problem with it, but without those two caveats, there are so, so many thing that could go wrong.
I love this..."crypto," the magic "c" word that makes everything secure just by talking about it. In reality, it's not quite that simple. Authentication in Windows, for example, works like what you just described...and yet look at the flaws in NTLM and NTLMv2 authentication that turned up. That covers over a decade of time, before MS adopted Kerberos. Then, to that, add all the vulnerabilities in the software that governs authentication...I've lost track of how many times LSASS [wikipedia.org] has been patched.
And yes, I hear it now...the retort: "But that's Microsoft! They suck at security!" Maybe, maybe not, but the fact that they also dominate the desktop space should be a warning that you have to consider: functionality to be placed in ubiquitous consumer devices may not have the world's best security controlling them. And that is just a simple empirical fact as demonstrated by the recent past and current reality.
Re:They've got it wrong (Score:5, Insightful)
...cellphones are at least as common as wallets at this point.
For comparison, we should see the statistic for how many robberies involved a wallet, and then perhaps some legislation to require mandatory kill switches on our money.
Re:in other news (Score:3, Insightful)
Bees make honey. You can set up bee boxes and have bees live in the boxes and make honey that you can harvest. But the bees are free to leave at any time. The only reason the bees stay is because the boxes are less trouble than building a beehive. Try making the bee box unusable and the bees will just go build a beehive elsewhere. Don't believe it? They've been building beehives for a lot longer (*cough* Usenet *cough*) than bee boxes (*cough* Slashdot *cough*) have been around.
Re:It will be used against you (Score:5, Insightful)
What people fail to consider is what happens when any particular bit of power given to the government is misused, because it _will_ be misused. There are plenty of things I think it would be great for the government to be able to do, but would never support it because it could be abused. That's why we need as little government as we can get away with and still maintain order.
Re:What could go wrong? (Score:5, Insightful)
It seems like every time people try to legislate solutions to these kinds of problems they just create more problems due to their stunning lack of understanding of human nature.
Re:Imagine this + Lucy Koh (Score:5, Insightful)
Yes, not only "impound and destroy" as Oracle and Apple both wanted against Android, but remotely kill.
Of course, for any company that makes a product, that sword can cut both ways. It's only a matter of time before it does.
Re:Kill-switch? (Score:4, Insightful)
According to whose definition of "what is broken" and "is fixed"?
Re:They've got it wrong (Score:5, Insightful)
Trouble is, stolen phones are being exported. Not a whole lot of use being able to forcibly track your phone when it now resides in China (literally, that's where they often go) especially considering that China doesn't extradite their own citizens or particularly even gives a shit when one of them breaks another country's laws.