Cell Phone Kill Switches Are A Slippery Slope For Abusive Governments

from the you're-not-helping dept

Last Spring, wireless carriers and the government jointly announced that they’d be collaborating on building a new nationwide database to track stolen phones (specifically the IMEI number). The goal was to reduce the time that stolen phones remain useful, thereby drying up the market for stolen phones and reducing the ability of criminals to use the devices to dodge surveillance. The move came after AT&T was sued for not doing enough to thwart cellphone theft, the lawsuit alleging AT&T was intentionally lax on anti-theft practices because stolen phone re-activations were too profitable. After regulator pressure, AT&T launched new stolen device blocking tools and re-vamped their website with security tips.

Law enforcement has complained that none of these efforts have done much to stop cell theft and resale, in large part because phones stolen here are simply taken overseas and used there. This in turn prompted a push for new “kill switch” legislation in both New York and most recently San Francisco, in addition to a new bill proposed by Senator Amy Klobuchar we discussed last month. While perhaps well-intentioned, all of the bills have one thing in common: they forget that if you can kill your phone remotely, so then can governments, hackers, and anybody else.

Those concerns are part of the reason cell carriers oppose kill switch legislation (again, that and they profit off of re-activations and new plans), and the worries shouldn’t be taken lightly. There’s a long, long list of examples where remote or artificial termination technology (Monsanto’s wonderful scientific advancements are the first to come to mind) isn’t a particularly great idea. Information Week tries to hash through some of these to illustrate the dangers of the concept and its contribution to a broader surveillance state, where the control over your personal devices could become an illusion and institutionalized control becomes a threat:

“Mandatory phone kill switches will hasten the arrival of the Surveillance of Everything, an unavoidable consequence of the so-called Internet of Things. Using technology to extend the reach of property rights make as much sense for other objects as it does for phones. But in so doing, individual property rights mingle with social mores and government prerogatives. Nothing is truly yours on someone else’s network….Consider a recent Google patent application, “System and Method for Controlling Mobile Device Operation,” which describes research to help in “correcting occasional human error,” such as when phones have not been silenced in a movie theater.

The thing about kill switches is that they’re a manifestation of digital rights management. In the hands of individuals, perhaps they’re a good idea. But they won’t remain in the hands of individuals. They will be used by companies, organizations, and governments, too. And even when people believe they have control of their kill switches, authorities and hackers can be expected to prove otherwise.”

Granted governments could still shut down the BART network on protesters (one of the first examples the author gives) or kill Internet access in Egypt without necessarily needing a kill switch. A gifted hacker might also be able to remotely brick your current phone. But why would you want to make it any easier? There’s countless other ways to combat cell phone theft that doesn’t involve making an entire industry considerably less secure.

Filed Under: , , ,
Companies: at&t

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Cell Phone Kill Switches Are A Slippery Slope For Abusive Governments”

Subscribe: RSS Leave a comment
Michael (profile) says:

Global problem global database

The idea of tracking cell phone serial numbers (IMEI) is the correct tool for this job. The scale of the database just needs to be global.

It’s not like replicating that data would be difficult; nor is searching a well structured database computationally intensive. These same numbers are already used to associate the customer to account information (and if not this is a very small extra thing to track).

Anonymous Coward says:

heh, who bets against, that if they actually introduce such a killswitch, hackers will shutdown communications on a large scale repeatedly way before any government will have a chance to abuse it?

I mean, that is not even inviting it anymore, that is a huge neon sign visible from the moon saying “shut down my infrastructure, I beg you”.

and to anyone saying this is unlikely to happen, I only refer you to the general handling of security issues by government and telcos…

American Patriot (profile) says:

Re: Kill switch for phones..

As anybody in the communications field can tell you, it is simple to knock any carrier off the air. If you want to use brute force, you cut the RF cables to the antenna system, or you destroy the equipment in the building. either way, the carrier is off the air until they can send a crew to repair the damage, or replace the destroyed equipment.
Same goes for police repeaters, both conventional and trunked.
Destroy the controller,and smash the equipment, the site is dead. In times of civil unrest, this will be a necessity.
Deny government the ability to communicate, and you silence them. Take all sites down, not just one, then you can also run interference by jamming point to point comms and car to car communications.
For government to get involved with private parties and personal property and how it’s used, is not going to sit well with the people, and shouldn’t.
Government has no right nor business meddling with the affairs of business and private individuals, and what they do. Far too many ‘laws’ already, dictating what the people can and can not do, which is far beyond the constitutional limits that were placed on government at the onset of our nation’s founding. Keep government OUT of the private transactions of the people, that’s all they need to do….BUTT OUT!

Anonymous Coward says:

Re: Re:

Indeed. But then unfortunately it will give Dianne Feinstein & Co even more ammunition to say we need to pass more laws like CISPA to ‘protect us against cyberattacks’.

The whole “cyber defense” strategy of US is such a farce, because most of what they do there is offensive stuff, and making our systems LESS secure by hoarding all the exploits and trying to subvert encryption in products, and influencing NIST and RSA to put poor security tools out there.

But they actually have an INCENTIVE to do just that, because the less secure our systems are, the more they can yell about the government giving them more powers and more funds to “fix it” (i.e. make it worse).

An actual girl says:

Dystopian future already here?

I’ve already witnessed some egregious electronic harassment of activists, and I’m still waiting for the problem to get more exposure. I think I have seen an example of similar remote censorship with a friend’s phone that was disabled from taking photos or video for a couple of days after she had given some photos to a news station (of questionably legal military activity in her area). On her call to Apple, they used the term “temporarily disabled” to describe the problem, and the features started working again a couple days later.

She has no proof that any action was taken to stop her from taking photos (didn’t record the support call…), so if this was an act of censorship, noone is the wiser. Anyhow, I think this problem may already be among us, along with several other methods of targeting activists.

I personally can’t wait for the full scope of these operations to be thoroughly exposed.

btrussell (profile) says:

I have a better idea.

Lets put kill switches on the criminals(Not as in killing them although I despise thieves).

Is this a very serious crime(Theft is, in my opinion)?

Does the punishment fit(I know it can be up to $150 000 for infringing copyright on a $20 movie or a $0.99 song, what is it for outright stealing a $500 cell phone?)?

We don’t need more laws or other methods of control, we can just enforce existing laws.

wireloose says:

I don’t want to have to go out and find some app to remotely brick my phone if it’s stolen. And I don’t want my phone stolen just because it can be used by someone else. I should just be able to contact the phone company and have it done. They have the power, but they don’t use it, and by that inaction encourage continued theft of small, costly, pilferable devices.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...