Mission Possible: Self-Destructing Phones Are Now a Reality (yahoo.com) 142
drunkdrone quotes the International Business Times: Self-destructing gadgets favored by the likes of James Bond and Mission: Impossible's Ethan Hunt have taken one step closer to reality. Researchers in Saudi Arabia have developed a mechanism that, when triggered, can destroy a smartphone or other electronic device in as little as 10 seconds. The self-destruct mechanism has been created by electrical engineers at the King Abdulla University of Science and Technology and consists of a polymer layer that rapidly expands when subjected to temperatures above 80 degrees Celsius, effectively bursting the phone open from the inside. The mechanism can be adapted to be triggered in various ways, including remotely through a smartphone app or when it's subjected to pressure.
Once triggered, power from the device's battery is directed to electrodes that rapidly heat, causing the polymer layer to expand to around seven times its original size within 10-15 seconds. This crushes the vital components inside the device, destroying any information stored on board.
One engineer believes the phone will see adoption in the intelligence and financial communities, though it can also be retrofitted to existing phones for just $15. This raises an interesting question -- would you want a self-destructing phone?
Once triggered, power from the device's battery is directed to electrodes that rapidly heat, causing the polymer layer to expand to around seven times its original size within 10-15 seconds. This crushes the vital components inside the device, destroying any information stored on board.
One engineer believes the phone will see adoption in the intelligence and financial communities, though it can also be retrofitted to existing phones for just $15. This raises an interesting question -- would you want a self-destructing phone?
Can't patent this (Score:5, Funny)
Prior art: Samsung.
Re: (Score:2)
But what about controlled self-destruction?
Re:Can't patent this (Score:5, Interesting)
I think causing the phone to explode is more reliable. I have doubts that simply crushing the phone can reliability destroy the flash memory.
Re: (Score:2)
I think causing the phone to explode is more reliable. I have doubts that simply crushing the phone can reliability destroy the flash memory.
If they've got 10-15 seconds for the phone to self-destruct, that ought to be enough time to overwrite the memory a jillion times before it finally destructs.In fact, would they even need to destruct it if they overwrote the memory for 15 seconds?
Re: (Score:2)
Commodore 64 Killer Poke [wikipedia.org].
Re: (Score:2)
Commodore 64 Killer Poke [wikipedia.org].
or, the old HCF instruction [wikipedia.org]
Re: (Score:2)
But what about controlled self-destruction?
I think the Saudi's neighbours famously perfected that twenty years ago.
https://en.wikipedia.org/wiki/... [wikipedia.org]
http://www.nytimes.com/1996/01... [nytimes.com]
Re: (Score:2)
Re: (Score:2)
Prior art: Samsung.
Yup. I called it, earlier this week. [slashdot.org]
Re: (Score:2)
I hate your guts, especially your liver. (Popular comeback when I was 8 years old.)
Why the hell didn't I think of that?
Well played.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I could easily see folks setting a timer if they don't log in every day or week and given any bureaucracy (unavoidable when tracking items) and given on-going current investigations, the phone isn't going to be examined withn 72 hours.
Re: (Score:2)
And good luck getting it through TSA.
Re: Can't patent this (Score:1)
Their patent is being challenged by Israeli intelligence who assassinated someone with an exploding mobile in the '90s
Inspector Gadget (Score:2)
This message will self destruct in 10 seconds!
The Real Question (Score:3)
The real question isn't if you want one but if it would be legal. If the cops pull you over and you destroy your phone will that be considered destroying evidence? Will the government outlaw it? If they were unhappy with unhackable iPhones they're gonna go ape over this.
Re: (Score:2)
Legally defensible encryption is the only real option. A password you can't possibly remember so they can't force you to divulge it.
Not an easy problem to solve. The best anyone has come up with so far is to get the police to destroy the password for you. Stack of bills with digits from the serial numbers, something like that.
Re: (Score:2)
Password B also have to erase the program that does the password A/password B scheme.
Re: (Score:2)
You're making things way too complicated.
Simply trigger a FET to short out the battery from a remote signal. Viola! Incendiary phone.
Re: (Score:2)
... Viola! Incendiary phone.
Voila! An incendiary phone named Viola! I think you should trademark that right away!
Re: (Score:2)
That would be destruction of evidence in many places.
Re: (Score:2)
You might be able to do it with a dead-man's switch, or canary, without getting charged with destruction of evidence. Especially if you're arrested and can't reset the timer in time.
Of course, forgetting it will be one hell of an expensive one-use alarm clock.
And good luck getting on a plane with this.
Re: (Score:2)
Anyone Want to Take Bets... (Score:1)
Re: (Score:2)
Never. This quite obviously does not work. So wannabes will put a lot of secret data on it and then the FBI can read that at their leisure with minimal problems.
Re: (Score:2)
On how long for this technology to be declared illegal for civilian ownership in the United States
It should be illegal because this thing is effectively a remotely activated road flare that people keep in their pocket. Also, it's retarded because it's the least effective way to destroy information! Honestly, it doesn't take much to release the "magic blue smoke" from ICs (hobbyists do it all the time) which really destroys information so this is just needlessly dangerous.
Re: (Score:1)
Re: (Score:2)
And if/when it becomes illegal you'll be in possession of contraband. But maybe you don't care.
Suicidal phone, really? (Score:1)
Re: (Score:2)
Better than "software only" suicide, yes, it removes the value in the device.
But blowing a difficult-to-replace electronic fuse after zapping the memory would be simply and easier for such a purpose, and also be a device that would be allowed on the plane.
We're trying to STOP phones being dangerous, not make them more so.
And properly controlled and encrypted devices have an automatic protection against theft of data - it's called the encryption. Remove the encryption key or store it on a TPM chip if you ha
Re: (Score:2)
A fuse is useless.
It's already known that phone thieves are desoldering, rewriting, reballing, and resoldering memory chips on iPhones to defeat Find My iPhone. Replacing a SMD fuse is trivial in comparison.
I seriously doubt this works... (Score:5, Insightful)
"This crushes the vital components inside the device, destroying any information stored on board."
Excuse me? You're trying to crush a chunk of silicon wrapped in epoxy (a flash chip) using reaction force generated by a case designed to be as thin and light as possible and not designed to withstand internal pressure?
I think the case is far easier to pop than the chip is to crush.
Somehow I doubt this actually makes things unrecoverable.
Re:I seriously doubt this works... (Score:5, Insightful)
Every security measure has to be compared to the particular threat you're worried about. A system that renders a phone non-functional would thwart local or even provincial police, but not an entiity which possesses "national means". Or an engineering school with EE labs.
So the self-destructing phone is not entirely ridiculous when looked at this way. However, you also have to compare a security measure against other means of accomplishing the same thing, and that's where the self-destructing phone looks ridiculous. Apple's approach is much more effective, but less dramatic.
Re:I seriously doubt this works... (Score:5, Insightful)
Exactly. It doesn't make sense to try and crush the components... that likely won't destroy the flash storage, anyway.
The only thing that needs to be destroyed is the storage. So design the storage so it can be zapped. When triggered, have the batteries zap it with a a stepped up voltage. No explosion. No crush. No fire. No noise. Not even visible to others. Just zapped storage. Problem solved- phone is permanently bricked.
Re: (Score:3)
Think of the whole one-drop-of-blood exam. It played perfectly into the whole. "Why do you need to take so much?" question by non medical types.
Re: (Score:2)
I thought that was a good idea, but one thing that goes wrong is that you need an, at least, semi-charged battery to pull this off. I reckon the common use cases for something like this actually see a lot of value in being able to burn a dead phone without having to find a battery for it first. Makes me wonder if an analog solution would be preferred.
Re: (Score:1)
No, the only thing that needs to be destroyed is the data. So use full-disk encryption and your kill switch is simply to overwrite the key, which can be done in milliseconds and doesn't need any new hardware. Or, if you are really paranoid about being able to recover the key, store the key separately (e.g. Apple's secure enclave), and just destroy that. No need to try to destroy the whole storage system physically.
Re: (Score:2)
You need to zero the DRAM too, since DRAM cells can sometimes hold their contents for a long time after losing power. Or you could use encrypted DRAM.
Re: (Score:1)
I was thinking thermite.
Re:I seriously doubt this works... (Score:5, Interesting)
I have destroyed flash chips with a hammer as additional security-measure for critical data from a customer. Turns out you need a _lot_ of force and you need to hit just right. Think anvil on one side and hammer on the other. This thing will not work.
Re: (Score:2)
I could think of a number of mechanical means to destroy a chip; a Poseidon vise, cables that you wind until they tighten, perhaps creating the substrate on a chip that has a layered meta-material that expands at different rates when a current is applied, forcing the chip to shatter as it curved.
This is Slashdot, nothing is impossible.
Re: (Score:2)
The problem is with the word "crush". The silicon is stuck to the polymer, so when it expands it gets pulled apart, not crushed:
The expandable polymer expands much more and causes sufficient tension in the thin silicon — which is sitting on top of the polymer — so it simply crumples and then breaks.
This is pretty much what happens when IC's undergo thermal failure. The silicon, epoxy, copper, etc. expand at different rates, and since they are bonded together, the chip eventually rips itself apart.
I do agree that while it might be effective at making the IC non-functional, it's doubtful whether the information within can be destroyed reliably this way.
Why? (Score:4, Insightful)
I don't understand the need for some sort of special polymer layer or whatever... if you wanna make something that's either automated or dependant of some sort of command, just make a needle module to puncture the Li-po battery.
Perhaps they wanted to avoid the Samsung lawsuit? xD
How reliable is the destruction? (Score:4, Insightful)
I doubt that last part rather strongly. A local police department may be stumbled getting the child porn out of a phone so destroyed, but an FBI lab will have no problem.
I thought, they'll release a drop of special acid onto the memory chip. But 80 degrees Celsius is not all that hot... Overclockers, supposedly, go up to 85 [overclock.net] before their computers crash. The memory ought to avoid permanent damage at even higher temperatures.
I used to have one of those years ago... (Score:2)
...To initiate self-destruct you just drop it in a bucket of dirty water and leave if for a few hours. :-(
Solving the wrong problem in the wrong way (Score:2)
The real problem is buying a phone or a SIM that's not registered in your name. Since most governments archive the communications anyway, destroying the device accomplishes nothing except to give you away.
Now to destroy the device in a visible way may have some value, but wouldn't it be more reliable to simply put some thermite around the memory modules so as to destroy the memristors beyond recovery without having the phone expand into an ugly wad of polymer?
Re: (Score:2)
Re: (Score:2)
That's a good point, but the thermite need not apply extreme heat to the entire device -- just the flash memory chip. A strip of magnesium with oxidizer might also do the job -- both could be adjusted so that the user sees just a bit of smoke coming out of the phone, without personal injury. See section 3.1.2 in this document [ti.com] about the relation of temperature to data retention.
Shorting out the battery through a coil around the memory chip is likely to make it hot but not necessarily hot enough to truly
Re: (Score:2)
You're on the phone, and someone blows up your phone to seven times its original size and 80 degrees Celsius when it's right next to your ear... Doesn't seem like the wisest idea.
Oh, it has its uses [wikipedia.org].
On a plane? (Score:5, Insightful)
Would you want to fly on a plane knowing the dipstick next to you had one of these? Or how about in a hazardous or flammable environment?
Look for these to be banned from commercial airline flights and be prohibited in lots of other places.
And of course that's not even getting into the "what if someone hacks it and makes it self-destruct" question. Not that a bad guy would ever do that, nooooo.
Re: (Score:2)
Or how about in a hazardous or flammable environment?
You actually think something like this would get ATEX / IECEx / FM certification?
Re: (Score:2)
You actually think something like this would get ATEX / IECEx / FM certification?
Of course not. I'm thinking some idiot would carry it in, ignoring any safety restrictions, and possibly cause an explosion.
Safety signs are all well and good, but only if people abide by them. And you know how people are...
Re: (Score:2)
I'm thinking some idiot would carry it in, ignoring any safety restrictions, and possibly cause an explosion.
That can be said about any number of devices. Frankly this isn't a worry for me (I work in this field). The number of things which could potentially create an ignition are mind-boggling. It's up to companies to enforce a restriction policy. Admittedly some are bad at this, but then it won't be this device which causes their plant to explode.
Re: (Score:2)
That can be said about any number of devices.
So why add one more to the mix, especially one that can be triggered remotely by a malicious actor?
Re: (Score:2)
Because every day thousands of devices that have a potential to ignite an atmosphere are released, and the entire industry has responded to this through white listing making the addition of this one to the market the biggest non-event in the industry.
Re: (Score:2)
Because every day thousands of devices that have a potential to ignite an atmosphere are released, and the entire industry has responded to this through white listing making the addition of this one to the market the biggest non-event in the industry.
And every day people ignore the whitelist and the safety rules either through ignorance or because they just don't care.
If this thing ever sees the light of day it'll only be a matter of time until something goes wrong, either by accident or through malicious activity.
I'm not against it per se, I'm just calling it as I see it. Everything gets misused.
Re: (Score:2)
And every day people ignore the whitelist and the safety rules either through ignorance or because they just don't care.
If this thing ever sees the light of day it'll only be a matter of time until something goes wrong, either by accident or through malicious activity.
I'm not against it per se, I'm just calling it as I see it. Everything gets misused.
To be clear are you talking about malicious people, or do you actually think that 1000000000 possible pieces of equipment which aren't certified for use in hazardous areas changing to 1000000001 is going to make such a huge difference.
By the way ignoring hazardous area rules on any sites I've worked on is grounds for immediate disciplinary action, and I work on some pretty lax sites, I know some in the USA where it's grounds for immediate dismissal. Claiming that people willfully ignore hazardous area requi
Re: (Score:2)
To be clear are you talking about malicious people
Mostly malicious actors, but also the simple-minded doofus who doesn't give a damn.
-
As someone who's job it was to approve these devices on two different sites. ... It does not rank even remotely on my list of concerns,
And this is exactly how this kind of thing manages to occur- because the people who are in charge (like you) dismiss the idea as not worth worrying about.
Frankly, though, I doubt this thing will ever be produced except in some super-limited application. If it was being widely produced, then I'd worry.
Re: (Score:2)
And this is exactly how this kind of thing manages to occur- because the people who are in charge (like you) dismiss the idea as not worth worrying about.
Oh no it's worth worrying about which is why we strictly control it.
What's not worth worrying about is this specific case of a single increase in exposure due to a niche product being brought in which if it were brought in by accident would likely only supplement another product with similar damaging potential being brought in by the same person, and which if brought in maliciously would be incredibly ill-conceived and frankly this would lower the risk to the site compared to any number of damaging things s
Re: (Score:2)
which if brought in maliciously would be incredibly ill-conceived
My point exactly.
This seems pretty dubiously useful. (Score:5, Insightful)
Unless you really enjoy buying replacement hardware; the need to have battery power in order to trigger the kill switch is a problem. If you don't configure the device to self-destruct when its battery is on the verge of no longer having enough energy to perform a self destruct; all the attacker has to do is run the battery down. If you do configure it that way, forgetting to put it on the charger could get expensive and tedious rather fast(in addition to the various other issues that can interrupt battery power: overtemp protection kicking in in a hot car; current delivery capability falling under freezing conditions, etc.)
Plus, the battery, and its connection to the logic boards, tend to be among the larger and more obvious parts of a modern electronic widget. That makes them good candidates for controlled disconnection/destruction, even if you can't open the case without tripping some sort of anti-tamper mechanism.
Finding a good self-destruct temperature is also a bit tricky. The lower you go, the closer you get to the high end of normal operating conditions or the 'device won't operate; but should not be permanently damaged' range. 80 degrees is high for flash memory; but most CPUs will be happy enough to run that hot. The higher you go; the more power you need to be able to deliver to kick off the destruction; and the more vulnerable you are to an attacker who is able to apply coolant to slow you down; limit current or voltage delivered to the resistive heater, or both.
Re:This seems pretty dubiously useful. (Score:4, Insightful)
All valid points. But the killer is that the designers of this thing are obviously completely clueless on how to securely erase data from flash. They just went for "spectacular" and completely overlooked "effective".
When you look at it, as soon as you have some power, the simple, clean and effective way is this: Erase a crypto-key from RAM that was used to encrypt anything important. Nothing more is needed. Noting is more secure. And yet, you cannot buy phones with that. Why? Because the whole idea does not work.
Re: (Score:2)
Same idea, bit of a different attacker model. Just as effective against the targeted attacks though. And males it _very_ obvious that this "invention" mostly stems from ignoring the state-of-the-art.
So "crushing" now deletes digital data? (Score:2)
I don't think so. Unless you hammer flash-memory into a fine powder, no deletion is taking place with purely mechanical approaches. And unless you have a very sturdy shell around the phone, a flash-chip may not even suffer any damage at all as it requires a _lot_ of force to crack the casing.
This is just another stupid stunt.
Gets 7 times bigger (Score:2)
With just a little heat, and cell phone destruction is their best application?
I think you are missing the obvious market
Wouldn't a high voltage spike be more effective? (Score:2)
I'd be willing to wait ~.5 - 1 second for a cap to build up to charge and trigger.
I already have a self destructing phone (Score:5, Funny)
So, WOW, Apple gave me a free feature that I did even appreciate.
This is really stupid (Score:2)
Nothing to hide... (Score:2)
This raises an interesting question -- would you want a self-destructing phone?
The surveillance-state boosters will phrase that as "this raises an interesting question -- why would you want a self-destructing phone?
Owning one would make you automatically suspect.
The university of _where_? (Score:1)
Amazing! An actual invention, coming out of the islamic world!
Of course it's a new way to destroy stuff, so in that sense it isn't really a surprise...
No I don't want one (Score:2)
I don't even want a phone at all, I just communicate over IP or IRL
then comes the hard part (Score:2)
Re: (Score:2)
Yep... That'll take care of the phones too. As well as cars, transport, urban sprawl, light pollution, pollution, police abuses, police, and Electoral College. All the evil [dailykos.com] known personally to today's humans, in other words.
Re: (Score:1)
No, fascist countries like Cuba, America prior to 2/2017 (Under Obama, one of the worst fascists of this century. He put millions of people at risk with his mohamadism), Brazil, etc.