Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Cellphones Crime Iphone

Prosecutors Push For Anti-Phone-Theft Kill Switches 257

New submitter EdPbllips writes "Law enforcement officials nationwide are demanding the creation of a 'kill switch' that would render smartphones inoperable after they are stolen, New York's top prosecutor said Thursday in a clear warning to the world's smartphone manufacturers. Citing statistics showing that 1 in 3 robberies nationwide involve the theft of a mobile phone, New York Attorney General Eric Schneiderman announced the formation of a coalition of law enforcement agencies devoted to stamping out what he called an 'epidemic' of smartphone robberies. 'All too often, these robberies turn violent,' said Schneiderman, who was joined at a news conference by San Francisco District Attorney George Gascon. 'There are assaults. There are murders.'" Apple described a system like this in their presentation about iOS 7 at WWDC.
This discussion has been archived. No new comments can be posted.

Prosecutors Push For Anti-Phone-Theft Kill Switches

Comments Filter:
  • What a great idea! (Score:5, Insightful)

    by Aerokii ( 1001189 ) on Friday June 14, 2013 @01:29PM (#44009583)
    I'm sure that with everything we've learned recently regarding the Government and phones, there's no way this could -possibly- be abused!
    • Re: (Score:3, Interesting)

      by biy55 ( 2951825 )
      Microsoft has always supported the effort. They were the ones who called law enforcement to work about stolen phones. They really cared for customers, imo.
      • by gewalker ( 57809 ) <Gary@Walker.AstraDigital@com> on Friday June 14, 2013 @02:43PM (#44010405)

        I thought Windows 8 was a kill switch.

        • by sjames ( 1099 )

          No, it's just a clever way to make sure nobody will want to steal it in the first place.

      • by icebike ( 68054 ) on Friday June 14, 2013 @03:02PM (#44010625)

        Microsoft has always supported the effort. They were the ones who called law enforcement to work about stolen phones. They really cared for customers, imo.

        They may have always supported the effort, but they were far from the first in calling for fixes to stolen phones.

        The universal IMEI/MEID blocking, long in effect in most of the world has been fought tooth and nail by the carriers.

        Because they they earn additional revenue when you come in and buy a new phone after you get mugged, they had no
        interest in setting up and maintaining such a database. It was less than a year ago [engadget.com] that they finally agreed to build such a blacklist. This plan could work for existing phones, even dumb phones.

        Rather than give that time to work, they now contrive to call it a failure, and they now want to launch a whole new requirement, and get everyone to buy a new phone in order to be included in the "protected group".

        There are those that insist that you can simply and easily flash a new IMEI on a phone, but it is not as simple as some would have you believe, that the guy in the hoodie who knocks you down and grabs your phone doesn't have the skill set to do so.

        With a blocked IMEI you can unblock it if it is recovered if you can prove to the carrier that you are the rightful owner. With a kill switch, you are screwed. There is little incentive to report a lost or stolen phone, since it ruins any chance of recovery. It will still require replacement once you report it, even if you find it at your friends house where you left it after the party.

    • the govt is looking for kill switches - you mean like the kill switch that apple just introduced? another slam dunk.
      • I don't get it. Why would the government want a kill switch? Your phone company can already block your phone from the network at any time. The government could just tell them to do it.

        You should be worried about the government listening in, not killing your phone.

        • by alen ( 225700 ) on Friday June 14, 2013 @02:35PM (#44010325)

          A lot of stolen phones are shipped outside the USA. A kill switch would render them useless

          • by cusco ( 717999 )
            You mean like all of the movies and programs with DRM make them utterly impossible to copy and resell in other countries for a few cents? It won't work. You're assuming that people in other countries aren't bright enough to figure out how to fix a broken phone, whether deliberately or accidentally broken. Unless the kill switch somehow fries the phone's entire electronics it will be bypassed in no time.
        • I don't think the government themselves want a kill switch, but they want ways for a user to flip a kill switch. so if you steal my iphone, i can flip a switch and brick it. there's not govt interference here, aside from PRISM which is operating in the background anyway.
        • by cusco ( 717999 )
          My phone conversations really aren't that interesting . . .
        • by rtb61 ( 674572 )

          Technically in terms or realistic policing, blocking attempts to connect to the phone network is far better than bricking the phone. Each attempt at connecting to the network represents an opportunity to identify and apprehend the thief. In fact the connection could be allowed and monitored with the specific intent of investigating and prosecuting the receiver of stolen property in order to further track it back to the thief. Brick the phone and you purposefully, stupidly create a legal prosecution dead en

    • by Giant Electronic Bra ( 1229876 ) on Friday June 14, 2013 @01:39PM (#44009709)

      No, of course not. Eric Holder and Barak Obama, the FISC, Congress, the CIA, the FBI, the NSA, etc are all COMPLETELY TRUSTWORTHY. All they want is to make us all nice and safe. Promise! Nobody would EVER turn off the phones of people they didn't agree with, just as they were organizing a protest? Nah, that could never happen!

      • by Daetrin ( 576516 )
        This is kind of a silly thing to worry about. If the government wants to shut down your communication they can already do it. They just talk to your carrier and all of the sudden your calls and texts aren't going through. They could probably even disguise it as some kind of a temporary connectivity issue if they wanted, unlike bricking your phone with a kill-switch which would be really obvious.

        Having a kill-switch offers no benefit to the government, nor to the carriers. It only benefits the users, aka t
    • by Jane Q. Public ( 1010737 ) on Friday June 14, 2013 @01:42PM (#44009747)

      "I'm sure that with everything we've learned recently regarding the Government and phones, there's no way this could -possibly- be abused!"

      I agree with the sarcasm. Kill switches are a horrible idea. And completely unnecessary.

      For example, have a look at The Prey Project [preyproject.com]. This is a good example of a secure means by which an OWNER can track, and even get screenshots and camera shots from, a stolen device.

      Why "kill" a device when you stand a good chance of getting it back? Killing it does nobody any good, and has lots of quite horrible abuse potential.

      • by LordLimecat ( 1103839 ) on Friday June 14, 2013 @01:53PM (#44009895)

        Because Prey wont actually help you get your phone back. Eliminating the stolen phone market will prevent your phone from being stolen in the first place.

        Im also not getting the concern over govt abuse. How / why would gov't use a kill switch? If you want to track someone, isnt that the LAST thing they would do? Its not exactly subtle, you would immediately know if it was used.

        • And if you and everyone else in a certain radius say a block or two had their phones killed, what would you think? Possibly that the government wants to hide activity or prevent any collateral damage from being able to get word out who it was that came in the black helicopters? Nah, it would probably just be some hacker.

          • Wouldn't it be easier for the government to just "politely" ask the cell tower operator to turn off the tower?
        • Actually the government has shown it will attack a particular political group. ( IRS scandal) So imagine right before an election and every Republican cell phone gets killed 48 hours before an election. Or the next whistleblower has his entire family's cell phones shut off.
          • Re: (Score:2, Troll)

            by BasilBrush ( 643681 )

            Remind me, which party was it that disenfranchised voters by skin colour in the 2000 election? Oh yet, I remember, it was the Republican party. The same party that had a brother of one of the candidates deliver the key state.

            You have no room to be playing the victim. Your party is evil.

          • Actually the government has shown it will attack a particular political group. ( IRS scandal)

            Yes, but that generally only works when theres plausible deniability and you arent sure you've been targetted.

            What would your general thought process be if the kill switch was hit on your phone? "Gee, I must have done that accidentally, surely nothing suspicious here"?

          • by cusco ( 717999 )
            It still surprises me that organizations that claim to be a political action party, who do no charitable work to speak of, and and who are quite open that the sole reason they want the status is to hide who their donors are, complain because they get denied a status exclusively reserved for charitable agencies that are prohibited from political activity. Yep, that sure sounds like the IRS is being a bad guy, what with them attempting to enforce the rules and laws that Congress entrusted them with. The ab
      • In regards to Prey, the big difference is people CHOOSE to install it, knowing the risks and concerns. Making a kill switch mandatory is just stupid. Prey is even available for smartphones: http://preyproject.com/blog/tag/mobile [preyproject.com] .

      • Why "kill" a device when you stand a good chance of getting it back? Killing it does nobody any good, and has lots of quite horrible abuse potential.

        The companies get new sales and the government gets a stealthed system to quickly kill organized protests and evidence of police brutality with the push of a button. Win-Win!

        • by amorsen ( 7485 )

          The companies get new sales and the government gets a stealthed system to quickly kill organized protests and evidence of police brutality with the push of a button. Win-Win!

          If you think that shutting down cell phone communications to a specific area is difficult and requires new software, you are deluded. Sorry.

      • Why "kill" a device when you stand a good chance of getting it back?

        No you haven't. Even if you know where it is, what are you going to do? Really...?

        Besides, you're in charge of whether or not it's killed. You have to report it stolen.

        Killing it does nobody any good, and has lots of quite horrible abuse potential

        Yes it does. Read the summary - people are being mugged and murdered for their phones. A kill switch makes them worthless to thieves.

        • Re: (Score:3, Insightful)

          by Eowaennor ( 527108 )
          You could be trading one kill for another

          Consider this: Mugger demands your phone, but knowing that you may just kill it when he runs away with your phone, kills you instead and takes your phone.

      • > Why "kill" a device when you stand a good chance of getting it back?

        Because you don't actually stand a good change of getting it back. You can already track iPhones to within a meter if it has line-of-sight to the open sky. Or you can track an indoor iPhone or a Macintosh to within half a block or so via wifi triangulation. But if your iPhone, iPad, Macbook, or whatever is stolen; just try calling the police and telling them "My iPhone was stolen and the thief is $here.". Unless your name is Apple

      • Killing it does nobody any good

        Your libertarian paranoia is stopping you from seeing the reality of the situation again. Denying a criminal the benefits of his crime is a good in itself. And if the knock on effect is to reduce the numbers of crimes, which it will be, then there's a universal good too.

      • by trcooper ( 18794 )
        It also won't work. If its software based it will be circumvented, just like bootloaders get unlocked. Theoretically, you could use efuses to cause hardware damage and permanently disable a device. But this would be a mess, there's potential for a major attack which could leave thousands or millions of devices unusable, and then there's the guy who bricks his ex-girlfriend's phone out of spite. Even still, a signal has to be received, and the phone will be able to be flashed with software which will ign
    • I'm sure that with everything we've learned recently regarding the Government and phones, there's no way this could -possibly- be abused!

      1. You mean "what we were told", not "what we learned". Just like the MSR scare a few years ago, when millions of idiot mothers believed one doctor and couldn't be convinced by anything the government said, and it turned out that doctor had actually been paid to produce the results that he did produce. Why do you believe one man and his claims? (I think Apple's reply was "we have never ever heard of Prism, and nobody gets any data without court issued subpoena).

      2. So how could this be abused? The feature

      • Because we are not fools. We KNOW what can be done now. Its safe to assume that the NSA has "10 Facebooks" worth of storage and computing power without having to support hundreds of millions of end-users.
      • I think Apple's reply was "we have never ever heard of Prism, and nobody gets any data without court issued subpoena

        Just wanted to point out...

        Apple wouldn't need to be aware of Prism, Prism goes after the network providers, Verison, AT&T, etc.

        Its a smaller vector of attack, if they had to go after every single phone manufacturer they'd have a much harder time getting everything.

        Google is aware of it because Google is not just involved in Android, they're also the largest internet search provider on the planet. Again, small vectors, they dont go after the ISPs, they go after the search providers.

    • I'm sure that with everything we've learned recently regarding the Government and phones, there's no way this could -possibly- be abused!

      Oh piss off with your libertarian paranoia. It's boring. Law enforcement are urging MANUFACTURERS to disable stolen phones. It's not the government demanding a kill switch that they operate.

      Libertarians are like luddites that would keep the benefits of technological improvement away from people because of their stupid fears.

      If my mobile phone is stolen, I want it disabled. And heck I don't want there to be an incentive to steal it anyway. You're a moron if you don't see this as a positive.

  • Unintended uses (Score:3, Insightful)

    by Loopy ( 41728 ) on Friday June 14, 2013 @01:29PM (#44009591) Journal

    The IRS/etc. would NEVER use this to disable someone's communications ability because they were doing something the government didn't like. No sirree. Not ever. Pure as the driven snow, this design is.

    It's like people can't think past the next episode of their favorite TV show.

    • Re:Unintended uses (Score:5, Interesting)

      by i.r.id10t ( 595143 ) on Friday June 14, 2013 @01:31PM (#44009613)

      On the other hand, you could use it to nuke your own phone if the police had seized it and were using it to find evidence against you...

      • by 0123456 ( 636235 ) on Friday June 14, 2013 @01:40PM (#44009721)

        On the other hand, you could use it to nuke your own phone if the police had seized it and were using it to find evidence against you...

        Yeah, right. You really believe the police won't have a kill-switch kill-switch?

        • Yeah, right. You really believe the police won't have a kill-switch kill-switch?

          If you use two-factor authentication, even Apple won't have a kill-switch kill-switch. Anyway, what the feature does is it first wipes the phone (which takes a tenth of a second because it only needs to wipe the encryption keys which are only ever kept on the phone), _then_ activates this locking feature. If the police has a kill-switch kill-switch, then worst case a happy policeman got a new iPhone without paying.

          • by h4rr4r ( 612664 )

            I think you mean you got a new obstruction of justice charge. That can even be used to suggest that you are guilty, since you made an effort to cover up that guilt.

            • Of course you'd get obstruction charges if used during an active case, same as if you smashed your phone.

              Not getting how thats an argument against the feature.

      • On the other hand, you could use it to nuke your own phone if the police had seized it and were using it to find evidence against you...

        Um, no. Nuking the phone means making it unusable, not actively zeroing out the flash card. Besides, anything that is "nuked" can be replace with new parts, re-flashing the ram, etc. So it would cut down on the casual thief stealing a phone to use, I guess, but not stop theft completely.

  • by Marxist Hacker 42 ( 638312 ) * <seebert42@gmail.com> on Friday June 14, 2013 @01:32PM (#44009619) Homepage Journal

    Something similar has been available for YEARS- all you need do is ask the phone company to invalidate the IMEI number.and/or activate the memory wipe software built into Android, iOS, and Windows phones.

    Has Symbian and Blackberry been left out of this feature? I would have thought consumer demand for it would have produced it on those platforms as well long ago.

    • So, I think this system has potential for abuse, both by governments and by some random hacker/disgruntled employee killing off phones.

      But, the IMEI thing is not really a fix.
      1) The phone can still be used as an ipod or tablet.
      2) IMEI can be changed.
      In addition, IMEI record keeping is rather poor.

    • by MrEricSir ( 398214 ) on Friday June 14, 2013 @01:45PM (#44009769) Homepage

      Something similar has been available for YEARS- all you need do is ask the phone company to invalidate the IMEI number.and/or activate the memory wipe software built into Android, iOS, and Windows phones.

      There's still no nationwide database in the US of all stolen IMEI numbers. Even if you tell your carrier that your phone was stolen and they bother to invalidate the number, AFAIK there's nothing stopping the theif from using the phone on a different carrier (assuming the phone is compatible, obviously.)

      • by tgd ( 2822 )

        Something similar has been available for YEARS- all you need do is ask the phone company to invalidate the IMEI number.and/or activate the memory wipe software built into Android, iOS, and Windows phones.

        There's still no nationwide database in the US of all stolen IMEI numbers. Even if you tell your carrier that your phone was stolen and they bother to invalidate the number, AFAIK there's nothing stopping the theif from using the phone on a different carrier (assuming the phone is compatible, obviously.)

        Well *clearly* this is why networked locked phones are in the public's best interest!

      • There's still no nationwide database in the US of all stolen IMEI numbers

        Actually there is [cnet.com]. The two major GSM carriers, T-Mobile and AT&T, share a database. Sprint and Verizon will be joining that database by the end of the year; though not that stealing a CDMA phone does you much good on a GSM network and vice versa at the moment. In any case the problem is that the IMEI database is not enough;

        1. IMEIs are not unique. We've hit the equivalent of IPv4 space exhaustion. So they're simply reusing IMEIs now.
    • The article I saw yesterday on this pointed out that the demand was for smartphones AND tablets to have this kill feature, and that it must kill the device even if it is not online.

      Now, I don't know how that's going to work, but I can easily forsee a case of Google (for example) seeing a non-Google-approved android device showing up at the Play Store and the kill code being sent out... not saying Google would do that, but can you imagine the fun of a malicious app that lets you do something wonderful, for

    • by amorsen ( 7485 )

      IMEI is almost entirely useless. Few carriers care about IMEI block lists, and it's easy enough to export the phones to a place which doesn't care anyway. In addition you can sometimes change IMEI numbers, but that is unnecessary.

  • by intermodal ( 534361 ) on Friday June 14, 2013 @01:33PM (#44009637) Homepage Journal

    you will take their phone regardless of whether it is any good to you. Why? because it can be used to call the police as soon as you leave.

    • A phone that is being used one-handed is a really easy target for someone to grab on the run...much easier than trying to get someone's wallet or purse.

  • by idontgno ( 624372 ) on Friday June 14, 2013 @01:34PM (#44009643) Journal

    The problem is that the lack of a kill-switch gives incentive to steal a nice phone, no matter what it takes.

    The response is to make the stolen phone remote-brickable, even after a factory-clean wipe.

    The counter-response is to make sure the theft of the phone is never reported. And dead men tell no tales.

    Of course, this means that the trackable live phone is in the hands of a murderer or an accessory-after-the-fact, so law enforcement has both incentive and means to pursue justice... so it's self-correcting, except for the whole "original victim is dead" part.

    • by amorsen ( 7485 )

      The pool of people who are willing to steal is dramatically smaller than the pool of people who are willing to (intentionally) commit murder. Usually the robber does not start the robbery with the intention of killing the victim. If we cut robberies down to only intentional murders, the police will have lots of resources to deal with much fewer cases, and that should take those murderers out of circulation fairly rapidly.

      As an extra bonus, if a fenced phone is likely to come from a murder victim, a lot more

  • Okay then (Score:4, Insightful)

    by djdanlib ( 732853 ) on Friday June 14, 2013 @01:39PM (#44009711) Homepage

    Who's going to inform all of the would-be muggers that the world of cell phones suddenly changed? Bad muggers! Stop mugging! That'll show em! They know they can still sell the phones for parts and make more money than they would just selling a phone. It's not going to deter them from stealing the phone. Besides, JTAG and such will continue to render inoperable phones operable, not to mention that it may be possible to bypass the kill function if you get into the phone fast enough.

    Look at Egypt and Turkey and wherever else. This is an excellent way for a government to say "No more smartphone for you, protestor!" Even if they don't use it in the USA, who WILL use it? The hardware will be built to allow it, so the next nation to have unrest will simply broadcast the kill bits en masse, and the protestors will be censored. Sounds quite delicious from a dictatorship's standpoint.

    • Re: (Score:3, Informative)

      by JeffAtl ( 1737988 )

      Who's going to inform all of the would-be muggers that the world of cell phones suddenly changed?

      The fence they use to offload their stolen phones.

    • by tjb ( 226873 )

      Besides, JTAG and such will continue to render inoperable phones operable

      If you put a fuse on the die in the some important place (voltage regulator, memory controller, CPU) or even on package in the bonding with a way to allow the CPU to blow the fuse, you can render the device completely inoperable short of the thief replacing the SoC (which is unlikely to be worthwhile)

    • by amorsen ( 7485 )

      They know they can still sell the phones for parts and make more money than they would just selling a phone.

      I doubt that. Phone parts are relatively cheap because few people buy original parts. The only ones who do buy official parts are the official repair shops, and they are unlikely to buy parts from thieves.

  • The cool part will be the GPS location of the stolen phone... even if the user tries to wipe it... Even if jailbroken, if a call is made with a stolen phone, it should be easy to tell its stolen. This should lead to craigslist postings where it says, iPod Touch for sale, do not attach to iTunes, do not update the firmware, and do not attempt to use the phone.
    • by h4rr4r ( 612664 )

      Short of magic how would that work?

      If I control the OS how exactly do you prevent me from uninstalling/deleting this software? How do you prevent me from patching around this?

      This is just another ruse to get you to beg for trusted computing.

      • If I control the OS how exactly do you prevent me from uninstalling/deleting this software? How do you prevent me from patching around this?

        Apple controls the firmware. That will make it very, very hard to install a different OS, and impossible to boot into it.

        • by h4rr4r ( 612664 )

          Jailbreaking will occur, just as it has in the past.

          Also this is not being proposed just for Apple. I will not buy a device I am not allowed to own.

      • by bhlowe ( 1803290 )
        If a crook has to say, "Oh, by the way, don't unjailbreak it", that's as good as saying its stolen. Most people don't want to knowingly buy and walk around with stolen gear that includes a GPS transceiver. It would also be possible for a cell phone company to write a unique serial number into the (non-flashable) ROM.. Which could be passed to the carrier with each phone call. Doesn't seem like magic.
  • If this page can swell up with well thought out objections within the matter of minutes, something tells me preventing thefts is not the real motivation for something like this...
  • Without a clear ESN, nobody can activate a phone anyway. So the owner would just mark the phone as not having a clear ESN manually or simply don't pay their bills and tada, it's useless. At least CDMA works that way. The vastly inferior GSM system is a theft waiting to happen.

    By the way, what's going to stop people from stealing the screen glass, screen, and battery from a smartphone and ebaying it? Do they have a killswitch for that?
  • by hawguy ( 1600213 ) on Friday June 14, 2013 @01:53PM (#44009885)

    If 1 in 3 robberies involve stealing a tracking device that can lead police back to the culprit, shouldn't that be making the job of police much easier?

    Instead of a "kill-switch", shouldn't law enforcement be asking for a tracking beacon that can be turned on to help track down all of these stolen phones? (I know Apple's kill-switch does enable GPS tracking, but that doesn't seem to be what the Attorney General is asking for). It's not like criminals are going to say "Oh geeze, I can't sell a stolen cell phone anymore, guess I should finish up my degree and get a real job" -- They are still going to be committing crimes, but will steal cash and expensive purses instead of cell phones.

  • Is that how now is called an enforced remote backdoor? What ensures you that it won't be used to i.e. track everyone, where they are, what they use, what they write or how licensed is the media they are playing? Will be outlawed (or at least, not offered by the companies) the "non-approved" phones because of this?

    Probably "think on the children" and "or the terrorist will win" were too used this week, and they had to invent something else. But i would had waited a few weeks so the massive awareness on how

  • Comment removed based on user account deletion
  • ...why not just issue a CCW with every smartphone purchased, under the condition that the purchaser passes the required training and background checks?

    If thieves knew that smartphone owners might be armed and dangerous, they just might stop thieving.

  • Why would the phone need special support? Every phone has a burned-in IMEI. So the subscriber registers the IMEI to their subscriber ID (IMSI) when they activate their phone. It can even be automated: when a SIM's issued to a subscriber, the first time it's put in a phone the carrier associates that phone's IMEI with the IMSI. Then, when the subscriber reports his phone stolen, the carrier publishes the IMEI to a database. All carriers check that database, and when an IMEI that appears in the database tries

    • While it's an interesting idea, many phones can be used in multiple countries so you're talking a global database of valid IMEI numbers. Good luck getting that organized.

      Also, a workable kill-switch would make it totally useless. If all we do is block cell connectivity it's still essentially an ipod or equivalent, so not entirely without value.

  • There has been a recent uptick in sales of Faraday Bags [faradaybag.com]...all cash sales, of course.

  • When there is so much work that needs to be done. Short term solutions abound that can be selected by those who do not care but are in a place guiding others to act. Why would someone have so much free time that waiting for another to victumize is considered a best choice? Why is stealing a phone punishable, but robo-filing to forclose a home not?
  • Why not kill the robber?
  • As long as Apple names the killswitch mechanism "Laputan Machine."
  • One: Can we expect petty criminals to be up on this latest news and be aware of this feature BEFORE they have already mugged you and tried to fence the phone?

    Two: If the phone is deactivated accidentally (or intentionally as a prank or malice against the owner), how much would you trust your mobile carrier to be reasonable in their process to reactivate the phone?

    • by amorsen ( 7485 )

      One: Can we expect petty criminals to be up on this latest news and be aware of this feature BEFORE they have already mugged you and tried to fence the phone?

      Yes. Criminal communications are good. I would be surprised if it took as much as a month for robberies targeting a protected model to stop.

      Two: If the phone is deactivated accidentally (or intentionally as a prank or malice against the owner), how much would you trust your mobile carrier to be reasonable in their process to reactivate the phone?

      This is a kill switch. The carrier should not be able to fix the phone afterwards. The phone manufacturer might be able to fix it, but not if the kill switch is properly implemented.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...