Cell Phone Kill Switches Are A Slippery Slope For Abusive Governments
from the you're-not-helping dept
Last Spring, wireless carriers and the government jointly announced that they’d be collaborating on building a new nationwide database to track stolen phones (specifically the IMEI number). The goal was to reduce the time that stolen phones remain useful, thereby drying up the market for stolen phones and reducing the ability of criminals to use the devices to dodge surveillance. The move came after AT&T was sued for not doing enough to thwart cellphone theft, the lawsuit alleging AT&T was intentionally lax on anti-theft practices because stolen phone re-activations were too profitable. After regulator pressure, AT&T launched new stolen device blocking tools and re-vamped their website with security tips.
Law enforcement has complained that none of these efforts have done much to stop cell theft and resale, in large part because phones stolen here are simply taken overseas and used there. This in turn prompted a push for new “kill switch” legislation in both New York and most recently San Francisco, in addition to a new bill proposed by Senator Amy Klobuchar we discussed last month. While perhaps well-intentioned, all of the bills have one thing in common: they forget that if you can kill your phone remotely, so then can governments, hackers, and anybody else.
Those concerns are part of the reason cell carriers oppose kill switch legislation (again, that and they profit off of re-activations and new plans), and the worries shouldn’t be taken lightly. There’s a long, long list of examples where remote or artificial termination technology (Monsanto’s wonderful scientific advancements are the first to come to mind) isn’t a particularly great idea. Information Week tries to hash through some of these to illustrate the dangers of the concept and its contribution to a broader surveillance state, where the control over your personal devices could become an illusion and institutionalized control becomes a threat:
“Mandatory phone kill switches will hasten the arrival of the Surveillance of Everything, an unavoidable consequence of the so-called Internet of Things. Using technology to extend the reach of property rights make as much sense for other objects as it does for phones. But in so doing, individual property rights mingle with social mores and government prerogatives. Nothing is truly yours on someone else’s network….Consider a recent Google patent application, “System and Method for Controlling Mobile Device Operation,” which describes research to help in “correcting occasional human error,” such as when phones have not been silenced in a movie theater.
The thing about kill switches is that they’re a manifestation of digital rights management. In the hands of individuals, perhaps they’re a good idea. But they won’t remain in the hands of individuals. They will be used by companies, organizations, and governments, too. And even when people believe they have control of their kill switches, authorities and hackers can be expected to prove otherwise.”
Granted governments could still shut down the BART network on protesters (one of the first examples the author gives) or kill Internet access in Egypt without necessarily needing a kill switch. A gifted hacker might also be able to remotely brick your current phone. But why would you want to make it any easier? There’s countless other ways to combat cell phone theft that doesn’t involve making an entire industry considerably less secure.
Filed Under: bart, egypt, kill switch, wireless
Companies: at&t
Comments on “Cell Phone Kill Switches Are A Slippery Slope For Abusive Governments”
ya ok
and when they cause us all to revolt those momy cams are gonna come in handy
imagine them trying to put a kill switch into a baby cam/headphone set….
Global problem global database
The idea of tracking cell phone serial numbers (IMEI) is the correct tool for this job. The scale of the database just needs to be global.
It’s not like replicating that data would be difficult; nor is searching a well structured database computationally intensive. These same numbers are already used to associate the customer to account information (and if not this is a very small extra thing to track).
It’s hard enough to get off the Do Not Fly list. Now imagine trying to get off the Do Not Call list.
Saying cell phone kill switches are a “slippery slope” for the government, is like saying government executions in the public square are a “slippery slope” for a democratic government.
Smartphone kill switches are already way past the slippery slope. You’ve already arrived at the bottom of the slope.
Re: Re:
Fair point. I should have just called it all “mud.”
Re:
I had the exact same thought. In any case there are all kinds of apps out there to remotely kill your phone if stolen or lost. Other than an opportunity for mischief why do we need government or industry to have this capability?
Re: Re: Re:
The problem is that most of those apps can’t survive a wipe of the phone. Hard reset and it’s yours. As much as dislike apple, something similar to what they do with the iphones/ipads where it ties it to your account and requires your password to unlock it seems reasonable to me.
heh, who bets against, that if they actually introduce such a killswitch, hackers will shutdown communications on a large scale repeatedly way before any government will have a chance to abuse it?
I mean, that is not even inviting it anymore, that is a huge neon sign visible from the moon saying “shut down my infrastructure, I beg you”.
and to anyone saying this is unlikely to happen, I only refer you to the general handling of security issues by government and telcos…
Re: Kill switch for phones..
As anybody in the communications field can tell you, it is simple to knock any carrier off the air. If you want to use brute force, you cut the RF cables to the antenna system, or you destroy the equipment in the building. either way, the carrier is off the air until they can send a crew to repair the damage, or replace the destroyed equipment.
Same goes for police repeaters, both conventional and trunked.
Destroy the controller,and smash the equipment, the site is dead. In times of civil unrest, this will be a necessity.
Deny government the ability to communicate, and you silence them. Take all sites down, not just one, then you can also run interference by jamming point to point comms and car to car communications.
For government to get involved with private parties and personal property and how it’s used, is not going to sit well with the people, and shouldn’t.
Government has no right nor business meddling with the affairs of business and private individuals, and what they do. Far too many ‘laws’ already, dictating what the people can and can not do, which is far beyond the constitutional limits that were placed on government at the onset of our nation’s founding. Keep government OUT of the private transactions of the people, that’s all they need to do….BUTT OUT!
Re: Re:
Indeed. But then unfortunately it will give Dianne Feinstein & Co even more ammunition to say we need to pass more laws like CISPA to ‘protect us against cyberattacks’.
The whole “cyber defense” strategy of US is such a farce, because most of what they do there is offensive stuff, and making our systems LESS secure by hoarding all the exploits and trying to subvert encryption in products, and influencing NIST and RSA to put poor security tools out there.
But they actually have an INCENTIVE to do just that, because the less secure our systems are, the more they can yell about the government giving them more powers and more funds to “fix it” (i.e. make it worse).
Doesn't solve the problem.
As noted by law enforcement, stolen phones are taken and used overseas. So this helps exactly how? This is a case in which the ‘cure’ would be worse than the ‘disease’.
Re: Doesn't solve the problem.
Exactly…OVERKILL…As government loves to provide all of us with, too much of anything, is bad, which is why government has become so despotic with our freedoms!
Re: Doesn't solve the problem.
Actually the assertion that most stolen phones are taken oversea are incorrect. I know no less than 30 shops in chicago who can change the imei of any phone. Fr good money as well. They change the imei to something that was broken but not destroyed and use it on the same series of phones.
Re: Doesn't solve the problem.
The point is that we already have a kill-switch for mobile phones – it’s called the IMEI shutdown. There is no logical reason to demand a broadnet killswitch capacity, other than fascistic reasons.
Willl the government's cell phones have kill switches too?
Or are those only for the serfs and underlings?
Re: Willl the government's cell phones have kill switches too?
Government is above the people, so I doubt their phones will have the ‘switch’ as their safety net. As you said, it is ONLY for the little people that pay for government to offend and murder us.
Re: Willl the government's cell phones have kill switches too?
Hardly, a kill switch on a government phone would get in the way of the spying programs stuffed on it. Hard to intercept communications of a senator or congresscritter when the phone’s been bricked after all.
Dystopian future already here?
I’ve already witnessed some egregious electronic harassment of activists, and I’m still waiting for the problem to get more exposure. I think I have seen an example of similar remote censorship with a friend’s phone that was disabled from taking photos or video for a couple of days after she had given some photos to a news station (of questionably legal military activity in her area). On her call to Apple, they used the term “temporarily disabled” to describe the problem, and the features started working again a couple days later.
She has no proof that any action was taken to stop her from taking photos (didn’t record the support call…), so if this was an act of censorship, noone is the wiser. Anyhow, I think this problem may already be among us, along with several other methods of targeting activists.
I personally can’t wait for the full scope of these operations to be thoroughly exposed.
How to defeat a cyber attack on infrastructure
Two ways:
1) don’t put vital infrastructure where an attacker could get at it.
2) ignore that advice and then spend billions of dollars on security systems that are circumvented the day after they’re released, complete with NSA-mandated backdoors…and wonder how the attackers kep getting in.
Kill the kill switch
Hmm. Now – what could possibly go wrong?
With “Honest Abe” Obama in charge the kill switch is not a problem. Just look at how scrupulously honest the Obama Administration has been with Fast and Furious, NSA spying, the IRS scandal, Benghazi, Obamacare . . . but with other less honest presidents, their could be issues with the kill switch idea.
I have a better idea.
Lets put kill switches on the criminals(Not as in killing them although I despise thieves).
Is this a very serious crime(Theft is, in my opinion)?
Does the punishment fit(I know it can be up to $150 000 for infringing copyright on a $20 movie or a $0.99 song, what is it for outright stealing a $500 cell phone?)?
We don’t need more laws or other methods of control, we can just enforce existing laws.
I don’t want to have to go out and find some app to remotely brick my phone if it’s stolen. And I don’t want my phone stolen just because it can be used by someone else. I should just be able to contact the phone company and have it done. They have the power, but they don’t use it, and by that inaction encourage continued theft of small, costly, pilferable devices.