California Passes Law Mandating Smartphone Kill Switch 233
alphadogg (971356) writes "Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen. The demand is the result of a new law, put into effect on Monday, that applies to phones manufactured after July 1, 2015, and sold in the state. While its legal reach does not extend beyond the state's borders, the inefficiency of producing phones solely for California means the kill switch is expected to be adopted by phone makers on handsets sold across the U.S. and around the world."
The worrisome part (Score:5, Interesting)
From the article:
Police can also use the tool, but only under the conditions of the existing section 7908 of the California Public Utilities Code. That gives police the ability to cut off phone service in certain situations and typically requires a court order, except in an emergency that poses “immediate danger of death or great bodily injury.”
Re: (Score:3)
Oh no, they might killswitch a phone thought to be a bomb trigger.
I get the worry you've got: that "they" will use this language as a fiat tool to shut down whatever "they" want. Of course if "they" are really that arbitrary, what does the language in the law matter?
Re:The worrisome part (Score:5, Insightful)
The language in the law matters because it mandates that carriers must make it technically possible for law enforcement to use the killswitch. Otherwise, it could have been implemented in such a way that only the owner could do it (e.g. by requiring a user-set access code).
Re: (Score:2)
Did you actually read the bill, because I see absolutely nothing in there to support your claim?
The bill mandates that the user be given the ability to activate the kill switch. While the bill does not PREVENT the carriers from implementing a solution that may allow someone else (such as the carriers or the government) from activating the switch, it does not MANDATE it either. It only mandates that the user be able to activate it and leaves it up to the manufacturers and carriers how it will be effected.
C
Re: (Score:2)
No, I assumed that the line the OP quoted from the article was accurate. If the article's claim that "Police can also use the tool" isn't actually true, that's good.
Re: (Score:3)
The bill itself mandates only that the user be able to deactivate the device. It does not specify how it should be implemented technologically nor does it specify whether carriers and manufacturers should allow anyone else to deactivate the device but the user. It also mandates that the user be able to disable the deactivation function.
Re: (Score:2)
It's nice to know the article was wrong, then.
Well now, that part is unfortunate! I ought to be allowed to disable the function out of paranoia (and then be hoisted by my own petard when the phone gets stolen and I can't deactivate it).
Re: (Score:2)
Too expensive? Because otherwise it's the perfect, self contained sensor and communication platform for a wide variety of initiation options.
Unintended Consequences (Score:3)
The thief will unfairly target older phone model owners.
The thief will have limited time to make a call on a stolen phone, so he'll need to steal another one to make another call. "Just in time theft."
Tracking of stolen phones will be disabled, so stolen phones will be harder to locate.
Re: (Score:3)
The probability of thefts increasing due to this feature is incredibly low. Since anti-theft features were introduced to cars in the early 1990's, the rate of car thefts has decreased.
Cell phone robberies are usually crimes of opportunity. Robbers rely on the victim's inattention and the fact that most phones can be easily wiped and resold. Rather than keep banging their head against the wall by stealing useless phone after useless phone, robbers will probably try some other way to get easy money.
The ris
Re: (Score:2)
Re: (Score:2)
Phone locks are likely to do the exact same thing once they become ubiquitous. People will stop robbing smart-phone users because the devices are likely to have locks which disable the phone, just like newer cars are likely to have devices which disable the engine.
That is "thwarting the theft itself."
Re: (Score:2)
That is a non sequitur.
Re: (Score:3)
Car alarms could have induced people to steal more unalarmed cars or to commit robberies instead of thefts, but we did not see that. Rather, the rate of car thefts decreased and there was no corresponding rise in robberies.
There is no evidence that bricking phones will increase robberies. More likely, they will decrease, as current robberies rely on the easy reselling and reactivation of phones. The bricking software will significantly decrease the value of the phone and make it difficult to resell to th
Re: (Score:3)
Actually, it would make perfect sense.
Make it a dead mans switch.
Doesn't go off until police turn off phone service, which doesn't send 'don't blow up' message.
Make sure you're in good cell coverage first though...
Re: (Score:2)
Actually, it would make perfect sense.
Make it a dead mans switch.
Doesn't go off until police turn off phone service
If you just want it to go off at a random time, then you don't need a cellphone trigger at all. The whole point of using a cellphone trigger is to detonate the bomb when a specific event happens, such as the passing of the presidential motorcade. A dead man switch is not going to accomplish that.
Re: (Score:2)
as soon as it's cut off of the cell network, it's an irreversible time bomb.
Which means it is effectively neutralized, since it is now unlikely to detonate when the motorcade/convoy/patrol is in range. If you just want an "irreversible time bomb" then you don't need a cellphone. You can just use a $1 uC, or even a melting ice cube to trigger the bomb.
Re: (Score:2)
Re: (Score:3)
Re: The worrisome part (Score:4, Interesting)
Re: (Score:2)
I did some tests a while ago (it was around Occupy XXX) and ustream did just that, if you set it up to stream+save (I don't know exactly the option but anyway there aren't many possible) nothing would stop it. Take out battery, no problem, the video (whatever was on transmitted already) would appear in your online account after a short timeout.
Re: (Score:2)
I guess if you stick it in your pocket Bambuser [google.com] becomes audio-only. ;)
Re: (Score:2)
Re: (Score:2, Insightful)
NSA apologist and shill above. The NSA broke the law, with a watchdog, and a citizenry that knows they broke the law, and they are still continuing to break the law.
Your statements do not match up with recent history. The cynic above you is actually provable correct.
Re: (Score:2)
I knew it.
"A well publicized bad thing happened, therefor all government is evil." Magical thinking at its best.
Re:The worrisome part (Score:5, Insightful)
Re: (Score:2)
SQUIRREL!
Nice distraction from the actual point. Yes, you are correct, but it's not relevant to what he was saying.
Re: (Score:2)
What? It's exactly on point. 97% of people charged can't afford the risk and cost of actually going to trail.
Re:The worrisome part (Score:5, Insightful)
Choosing not to go to trial is very different than never being offered one.
Except that the "offer" is accept a plea bargain and go to prison for five years, or go to trial and risk going to prison for twenty years. A trial by jury should be a right of every citizen. You should not have to spend your life in prison just for asserting that right.
Many of the people exonerated and freed by the Innocence Project [wikipedia.org] had plead guilty, to avoid a harsher sentence, despite being innocent of the crime.
Re: (Score:2)
it should also be a jury of peers. Not a jury of idiots which is what you normally get.
Re: (Score:2)
"The blade itself incites to acts of violence"
If you give someone a powerful tool, they will use it.
Re: (Score:2)
"they".
Those bad people out to get you. You know.
Re: (Score:2)
Yeah, see, you have no idea who "they" are. You still haven't identified anyone other than nebulous outsiders with your worst interests in mind.
You don't even know who you're afraid of.
Re: (Score:2)
And that attitude is exactly why we can safely take your opinion, and ignore it.
You seem to think cynicism is inherently reasonable and sane, and thus end up believe absurd bullshit in the name of pragmatism. You don't recognize that this isn't informed from any sort of careful study, but instead kind of boring extrapolation of the media notable times that the rule-of-law doesn't hold up.
You don't (mentally) live in a world where almost every single person accused of a crime in the US gets a trial. With a jury of their peers. And a chance to appeal if due process isn't followed. Your brain lives in an alternate reality, where all power is abused at all times, because that makes you smarter than everyone else. More clever, seeing the things that "those dullards" or whatever don't.
It is true that every power that's granted to government in a liberal democracy needs watchdogs, and alert citizenry. You seem to mistake that duty with an obligation to condemn socially useful features of government out of paranoid fear. What you're actually doing is creating a lot of white noise to distract from those who are doing their proper duty, looking out for real abuses. You aren't helping.
Wow. So, in your pretend alternate reality world, the police never EVER abuse the laws we have today?
It takes very little effort to realize that the most useful and needed excuse to shut down cell phones by the police will be to prevent citizens from recording their behavior in the absence of police body cams.
who are these "proper" people looking out for "real" abuses?
Re: (Score:2)
Wow. So, in your pretend alternate reality world, the police never EVER abuse the laws we have today?
No one said that, you one dimensional moron. I'm tired of being polite about this line of thinking because it's so damned simplistic, that you should know better. The inverse of "All power will be abused at all times" is not "No power will be abused ever"
Did you choose to make that mistake? Why?
Re: (Score:2)
I was more interested in your accusations of white noise defeating teh true champions of teh true freedombs, and who these knights of purity might be holding back the inevitable tide of stupidity and reductionism. As a few have pointed out, giving a clause to allow law enforcement to shut off phones is going to lead to it being abused. Will it happen EVERY SINGLE TIME?!!!!111 Of course not. It will, however, happen too often - and especially at times when it would be most useful to have said phone workin
Re: (Score:3)
There's no requirement for manufacturers to give anyone but the user the ability to lock the phone.
Also, it is not as if the police are going to get some special remote wiping gun they can aim at you. If some corrupt officers wanted to get rid of the data, they would just seize the phone as evidence and then delete the files or "lose" the phone.
It is not clear that there will be any method for anyone but the user to initiate a remote lockdown and even if there were, carriers are not going to do it without
Re: (Score:3)
Re: (Score:2)
They can cut off phone service in this and other countries but the theft is going to china etc that does not care or the be broken down to parts.
Re: (Score:2)
They can cut off phone service in this and other countries but the theft is going to china etc that does not care or the be broken down to parts.
The chinese have iphone parts. They assemble the parts into iphones and sell them to the US. the iphones are then stolen from the US and returned to china. They are broken back into parts and it starts all over again!
What an intricate system! If it's not evidence of intelligent design, i don't know what is.
Re: (Score:2)
Re:The worrisome part (Score:5, Insightful)
Re: (Score:2)
In other news, all the MRAPs are being recalled for installation of an undisclosed new feature.
Re: (Score:2)
Root the phone and roll your eyes.
Re: (Score:2)
Exactly.
"We are disabling all phones filming us beating to death this black child FOR YOUR PROTECTION!"
Re: (Score:2)
Guess what business will be cropping up in Reno soon?
Re: (Score:2)
So fuck you California. It's one thing if you dumb liberals infect your own state. It's another if you have a chilling effect on the entire US (and perhaps even around the world).
Nobody forces cellphone vendors to manufacture phones for the California market. They are free to sell their phones elsewhere. Only the future will tell whether or not vendors will comply with the state law or just choose to sell their phones elsewhere.
One example of this would be California's CARB compliance crap. When I bought a generator a few years ago (are you ready for an earthquake?), I found out that it isn't that simple to just go on Amazon and get one. Noooo, you need one that is specifically ma
Re: (Score:2)
My two stroke mower is now worth more then a thousand dollars. Seriously, I've had offers from landscapers.
Worldwide reach (Score:5, Interesting)
An interesting case of how one US state could change worldwide products.
Re: (Score:2)
They were going to start putting in "killswitches" anyway - too much worldwide governmental pressure not to. Methinks that line in the summary is the result of wishful, "look-how-important-I-feel" thinking.
No different than emission standards (Score:3)
California is basically a nation-state unto itself. It is so large and relatively wealthy that when it sets standards, it often sets them for the entire nation and occasionally the world.
IIRC, auto emissions controls were one of those things California began to mandate. Not selling cars in California wasn't an option, so automakers began basically making cars that met their standards and sold them everywhere because the economies of scale made it make sense to do so.
Re: (Score:3)
That said, I seriously doubt this will have repercussions outside of California other than the capability being there if other legal jurisdictions should choose to require it. This isn't like a new formulation
Re:Worldwide reach (Score:4, Interesting)
Has happened quite a bit in the past... even now, some firearms have "California models" vs. "everywhere else". Example would be the GSG and/or SIG 1911 clones in 22lr that have threaded barrels for "everywhere else" and the thread protector is either silver soldered in place or a different barrel is used for the California model.
A less inflammatory example would be the Porsche 930 from '84 to '89. The California emissions laws wouldn't allow them to be imported into the US at all (greymarket cars from Canada aside, and now the old age exemption). Porsche solved this by offering the factory Turbo Look option, priced about half way between the normal 911 model and the 930 model. To make them, they took a 930, removed the rear windshield wiper, the turbo script under the whale tail, and the turbo engine, putting in the 3.2l normal engine. These were known as "M491" cars after the option package code, and just over 1000 were produced in the 5 year model span (420 for the '83 model year, dwindling down to 15 or so in '89 and almost all were coupes - very few cabriolets were made, and only a few targa models), almost all of which were for US delivery. Buyers got that great wide back end sexy body look, the better brakes, suspension, etc. of the 930, but the regular 3.2l engine that could pass California's emissions laws.
Re: (Score:2)
Re: (Score:2)
Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones.
There are some psychopathic blackhats who just destroy for the sake of destroying. Fortunately these are few - evidenced by the near total lack of PC malware that destroys the computer.
Then there are hacktivists who would do something like bricking a million phones at once the first month after this bill's required new phones are on the market to prove the point that government mandates come with unintended consequences.
It will be i
Re: (Score:2)
Tornadoes (Score:5, Funny)
They both do. How else do you account for all the rotational energy which spawns tornadoes in the middle of the country?
Re: (Score:3, Funny)
Given that the UN and the largest financial markets are in New York, it does hold significant weight as a meeting place. On the other hand, what is unique to California? The prevalence of almond production and the odd belief that technology development requires a centralized physical place. So clearly New York is full of liars while California is full of nuts.
Re: (Score:2)
The center of the financial world is now in London. Sorry, but Barron Rothschild moved.
The UN is well on it's way to making itself irrelevant. The general assembly already is.
Re: (Score:2)
http://en.wikipedia.org/wiki/S... [wikipedia.org]
Re: (Score:2)
That's great, because 'Western Greater Germany' is the new name for France. He should be happy soon.
Re:Worldwide reach (Score:4, Informative)
That ship has already sailed. The California Air Resources Board (CARB), for example, has had stricter auto emissions standards for years, resulting in cars being sold in either "49-state" and "California emissions" versions, or a "50-state" version that meets CARB standards whether it's sold there or not.
Bets on first use (Score:4, Insightful)
How many want to take up a bet when the next 'troublesome' protest gets targeted with the kill switch... in the name of public safety, of course....
Re: (Score:2)
Exactly! Or maybe someone took some photos or videos that a government doesn't want to get out. Simply kill the phone and you are done with that problem.
The bad scenarios are far more dangerous than not having a kill switch.
Besides, weren't there apps that do this that folks could purchase of their own free will"?
Re: (Score:3)
Besides, weren't there apps that do this that folks could purchase of their own free will?
There are, but the feature doesn't work as a theft deterrent unless almost everybody has it. If only a few people have it, thieves will steal phones anyway, because the likelihood is they can resell most of the phones they steal. If/when we get to the point where almost all phones auto-brick after they are stolen, cell-phone thieves will lose their profit incentive and move on to something else.
Re: (Score:3)
Re: (Score:2)
Um, it is not a "simple" matter.
1) There is no mandate that the phones have a way for anyone but the user to kill them, so law enforcement and the carriers may not even have the ability to initiate a kill switch on many or even all models of phones with the feature equipped.
2) If the police know you have incriminating video and they are corrupt, it is much simpler for them to simply seize your phone as evidence and then delete the files or "lose" the device. Figuring out exactly who had the "incriminating
Re: (Score:2)
How many want to take up a bet when the next 'troublesome' protest gets targeted with the kill switch... in the name of public safety, of course....
No no no... it'll be an "accident". They just wanted to kill the phone of this one guy who was really a threat, and accidentally bricked and wiped the phones of all the protestors totally without meaning to.
Unintended consequences ... (Score:5, Interesting)
I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).
I predict it will be less than a year before hackers figure out how to brick or otherwise damage cell phones.
Because, as usual, when you try to pass a legal solution to a technical problem, you will introduce new technical problems, and if law enforcement can abuse something they will.
This will be misused, it's only a matter of time. And, since manufacturers will decide to make the phone the same for everywhere, we're all fucked because of a decision in California. And I don't trust that the carriers won't brick a phone you own if your bill is late, instead of just cancelling your service they'll kill your phone.
Everyone around the world will now have a phone which has a loop-hole allowing law enforcement, government, and private industry to brick it. Add to that the likely back doors for law enforcement to look into your phone, and suddenly your phone is controlled by entities which aren't you.
Already (mostly) exists (Score:2)
You do realize that both Android and iOS have this feature baked in, right? You can remotely wipe your phone, and with a court order the police can coerce you to do it as well (if you worry about such things). All that's required is the device lock, which is fairly trivial given the propensity for modders to brick phones accidentally.
Why hasn't it happened already? (Score:5, Insightful)
iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones. Dirty hipsters and their iPhones have been at the center of a lot of protests yet we haven't heard of mass iPhone shutdowns by the police in response to demonstrations.
I think government/law enforcement already have the powers they physically need to fuck with cell phones. Between Stingray devices and the ability to present national security letters to carriers or service providers, if they wanted to they could get IMEIs blacklisted or get someone like Apple to brick a specific phone.
I think this just finally cuts off the ability of the cell carriers to encourage and profit from theft by activating stolen phones. Maybe if we treated AT&T stores like pawn shops and told them it was loss of their licenses and jail time for trafficking in stolen property if they activated stolen phones the kill switches wouldn't be necessary, but because corporate profits and lobbying we don't.
Re: (Score:2)
Maybe if we treated AT&T stores like pawn shops
Best point. Why are the phone companies accepting phones that are already linked to other service? Well, I suppose all it needs is changing a SIM in GSM phones, but CDMA phones are stable, and it would be so easy to check the IMEI being registered on a system. Especially iPhones because people tend to keep in touch with Apple.
Re: (Score:2)
iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones. Dirty hipsters and their iPhones have been at the center of a lot of protests yet we haven't heard of mass iPhone shutdowns by the police in response to demonstrations.
I think government/law enforcement already have the powers they physically need to fuck with cell phones. Between Stingray devices and the ability to present national security letters to carriers or service providers, if they wanted to they could get IMEIs blacklisted or get someone like Apple to brick a specific phone.
It is much more useful to have the phone active and record all conversations. Why would you cut off your "bug?" Also, hacking a phone to brick it is pretty boring. The person is inconvenienced so much that they waste an hour getting a new phone. Also also, anyone with any common sense in a protest is going to use a burner phone, which is much harder to back track to the buyer.
Re: (Score:2)
Re: (Score:3)
iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones.
http://www.cnn.com/2014/05/27/... [cnn.com]
Now you have.
According to the Ministry the criminals used two “well-established schemes.” [threatpost.com] One of them was hacking users’ email accounts and elaborate phishing pages to glean victims’ Apple ID credentials. The second scheme – which may or may not related to the Oleg Pliss scam – allegedly bound devices to prearranged accounts and used “various internet resources to create ads.” Those ads promised access to Apple ID accounts that contained “a large amount of media content.” As soon as someone accepted the offer and linked their device to the account, attackers hijacked the devices.
Phishing to obtain email credentials and then presenting yourself as the legitimate user, or offering access to free media to suck in greedy people. Social engineering - not the same thing as hacking the bricking/remote wipe protocol.
Re: (Score:2)
I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).
They'd have to go through all of the trouble of identifying the individuals and gaining cooperation of the carriers/vendors. When they're close enough to identify individuals by name, why go to the trouble of locking phones? They'll just do what they do now and arrest them.
I predict it will be less than a year before hackers figure out how to brick or otherwise damage cell phones.
This depends on how the lock is implemented. iOS and Android already have some remote lock/wipe features that haven't been heavily hit by hackers. Mass phone wipes haven't been a thing yet. I'm sure people will try and I'm sure some will
Re: (Score:2)
One is at a network level, the other is at a device level.
When LEOs can brick your phone, it's more than disrupting your service, it's destroying your property.
And they've demonstrat
Re: (Score:2)
Kill Switch for the CA Cell Phone Market (Score:3)
So, they are mandating that cell phone manufacturers implement a kill switch to be able to sell mobile phones in CA? Is the cell phone market in CA big enough for the manufacturers to really care? Or, will they tell to CA to screw off and simply not sell in CA and the Nevada cell phone business and black market phone market will boom?
This will be interesting to see how it plays out.
Re: (Score:2)
Re: (Score:2)
Not a bad idea, but there is no guarantee Orwell's books will stay on your phone [nytimes.com]. The US Constitution may fare no better.
California, the Gateway Drug of States (Score:3)
First they tempt you with California legislation.
Next thing you know, you're hooked on NAFTA, ACTA, and God knows what other Profit-Seeking Acronyms (PSA's).
I suppose we should feel lucky that Amazon is not using United Nations Black Drones to deliver tracking devices (such as your new phone) to your door ... or wherever they know you are ....
Can we opt out? (Score:2)
Re: (Score:2)
No, you can't opt out, at least for a phone you're going to sell. By the same token, you can't opt out of FCC regs limiting the frequencies and power levels of your phone, nor can you opt out of regs on the emissions of your car.
Encryption encryption encryption (Score:2)
This is fine so long as the key to do so is held only by the owner of the phone. Ex: It can't be some kind of message like "WIPE PHONE NOW" it needs to be "WIPE " or something like that.
Dangerous and irresponsible (Score:2)
The technological solution shall be reversible, so that if an authorized user obtains possession of the smartphone after the essential features of the smartphone have been rendered inoperable, the operation of those essential features can be restored by an authorized user
...
An authorized user of a smartphone may affirmatively elect to disable or opt-out of enabling the technological solution at any
time.
Apparently in order to combat problem of theft of smartphones this law forces thieves to coerce the VICTIM of theft into disabling technological solution prior to walking off with the device making an already dangerous encounter more perilous and traumatic.
More priceless excerpts (Score:2)
According to the Federal Communications Commission, smartphone thefts now account for 30 to 40 percent of robberies in many major cities across the country. Many of these robberies often turn violent with some resulting in the loss of life.
Consumer Reports projects that 1.6 million Americans were victimized for their smartphones in 2012.
In order to be effective, antitheft technological solutions need to be ubiquitous, as thieves cannot distinguish between those smartphones that have the solutions enabled and those that do not.
Is there something wrong with the water in California? Did zombies, head crabs and giant bugs with straws feast upon brains of lawmakers?
It seems either California is going to single handedly put an end to cell phone theft OR they are going to single handedly further endanger the lives of billions of cell phone users around the world. Which is more likely?
Phone companies (Score:2)
How long until the phone companies start killing phones for late payment or cancellation of service? This does not bode well for freedom to choose your carrier or for unlocking phones.
Not likely to be abused by "above the law" (Score:2)
"except in an emergency that poses “immediate danger of death or great bodily injury.”
Nope, nothing here to be abused...
Start wearing cameras ladies and gents...
Guess what I brought back from Vegas? (Score:2)
Guess what I brought back from Vegas? My next phone.
Perfect timing (Score:2)
Re: (Score:2)
Why not, they make California legal and California illegal versions of firearms. Most of the firearms I've bought in the last decade are illegal to buy in cali.
Re:How long will it be before script kiddies (Score:5, Insightful)
How many iPhones and Android devices are currently being remotely wiped? I ask because both have the feature to do so currently.
Re: (Score:2)
I would assume that reversal requires physical access to the phone, and also the manual entry of the correct password into the device itself, the password being one that is created by the user (initially randomized at manufacture, the default code for it being on a small slip of paper that comes with the phone when you buy it brand new). Since each password attempt would have to be manually entered, there is no viab
Re: (Score:2)
I predict that as soon as a phone with the (undoubtedly standard) kill switch is released, someone will write a software program to reverse the locking. For good measure, that software program will probably also users to kill a phone remotely by spoofing the signal to make the kill switch program believe it's coming from the telecom company or law enforcement.
Unless there's a hardware component (say a physical key you need to insert into a slot on the side of the phone) the security WILL be broken quickly b
Re: (Score:2)
What about having to physically enter a passcode on the device's keypad? The locking itself can be in software, but that locking software can easily be hardcoded onto the silicon, and not something you can bypass with any software technique.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
and everyone else
That's the hard bit. If you block the phone from all networks in your home country the theives will just export it. Theives have also found ways to change the identity of at least some models of phone.
Good luck getting the whole world to block your stolen phones.