Federal Smartphone Kill-Switch Legislation Proposed 173
alphadogg writes "Pressure on the cellphone industry to introduce technology that could disable stolen smartphones has intensified with the introduction of proposed federal legislation that would mandate such a system. Senate bill 2032, 'The Smartphone Prevention Act,' was introduced to the U.S. Senate this week by Amy Klobuchar, a Minnesota Democrat. The bill promises technology that allows consumers to remotely wipe personal data from their smartphones and render them inoperable. But how that will be accomplished is currently unclear. The full text of the bill was not immediately available and the offices of Klobuchar and the bill's co-sponsors were all shut down Thursday due to snow in Washington, D.C."
The Safe Bet Here (Score:5, Insightful)
Re: (Score:2)
If I were working for one of those agencies I'd save myself the stress and just keep the personal phone numbers of the CEO's at the phone companies on my speed dial.
When I wanted a phone "killed" I'd just call up the CEO of that phone company and have him have his people disable the phone plan for "non-payment" or whatever.
Plausible deniability and the hardware still works.
Re: (Score:3)
"When I wanted a phone "killed" I'd just call up the CEO of that phone company and have him have his people disable the phone plan for "non-payment" or whatever."
You've missed the point.
It's not about having "a phone" killed. It's about the ability to have phoneS killed. Plural.
Re: (Score:3)
No. I intentionally decided against the paranoid option.
What purpose would it serve for the NSA to brick a bunch of phoneS at one time?
Other than making a very big, very public story? Which would get a LOT of airplay in the media.
If the NSA needs service cut in a specific area they can already do that.
Re: (Score:2, Insightful)
Re: (Score:3)
The NSA could use it to kill communications when the uprising begins.
Why would they need to target individual handsets?
If an uprising gets to the point where you need to censor communications en mass they'll just switch off the towers.
Identifying all the people in an uprising is extremely difficult and getting disposable burn phones is extremely easy... and when the govt can simply take over the underlying infrastructure both are entirely pointless.
Re: (Score:2)
Because there is still wifi and satalite phones that they cant as simply lock down by flipping a breaker at the nearest cell tower.
Re: (Score:2)
Because there is still wifi and satalite phones that they cant as simply lock down by flipping a breaker at the nearest cell tower.
Erm, WiFi isn't a WAN technology and satellite, just control the downlink station.
Again, why try to find out who's using their phone (which takes time and money, then depends on people that have trouble finding their own arse to wipe it) and just control the source.
Re: The Safe Bet Here (Score:2)
Not to mention... isn't there a good chance they might be using much of the same infrastructure?
Re: (Score:2)
Re: (Score:3)
This is already circumvented by the fact you can live-stream to the internet.
Tablets and Laptops will be included.
Your desktop is sure to follow.
Also... I believe when they say "wiped" they really mean "Locked", so that only law enforcement such as the NSA folks can get the secret keys from the phone company, required to decrypt the data
Re: (Score:2)
(cheesy 80s movie refs aside, we thank you for your future service - you're right of course!)
Why would they want to. (Score:2)
Could be anything from insurrection, a terrorist attack, a plague, to a Christoph Dornier type manhunt. A hacker would certainly find it entertaining to disable their targets cell phones. remember the movie the Net, Enemy of the State, Swordfish, or a dozen others. The only person who should be able to disable a phone should be the owner of the phone, and law enforcement with the owners permission; or a court order identifying the specific phone to be disabled.
Re: (Score:2)
With streaming your recording cannot be smashed, deleted, lost at the local physical level in a given time frame. You video exists on servers later to be uploaded by the individual, friends, supporters.
The main issue law enforcement faces is the written report of an event has to be submitted and be ready for legal use, lawyers
24 hours or 48h
Re: (Score:2)
What purpose would it serve for the NSA to brick a bunch of phoneS at one time?
To stop a revolution?
When asking yourself if any new power the government gains is good or bad, you need to think of more than just the immediate future. Instead think "If in 50 years or so, we elect the next Hitler to office, what's the worst he could do with this new power?"
In 50 years that's entirely possible that we'd swing to some extreme that we'd make such a mistake... over 100 years it's twice as likely. 500? Countries are around for a very long time, and government NEVER gives up power. So when we
Re: (Score:2)
Given the 50 years ago, the height of technology was the just introduced "Touch Tone Phone", I am not expecting the mode of communication to resemble the current "Smart Phone"
But yes, they can shut down the grid now, what this gives them is the ability to shut down specific groups... like say a political party on election day.
Re: (Score:2)
Re: (Score:2)
"What purpose would it serve for the NSA to brick a bunch of phoneS at one time?"
Why do you assume it would have to be the NSA?
Re: (Score:2)
No. I intentionally decided against the paranoid option.
What purpose would it serve for the NSA to brick a bunch of phoneS at one time?
Other than making a very big, very public story? Which would get a LOT of airplay in the media.
If the NSA needs service cut in a specific area they can already do that.
You mean like how the installation of clothes-penetrating image scanners wouldn't need to be implemented when dangerous objects can already be better detected by more conventional screens and selected pat-downs? It's for the same reason the U.S. has toyed with the idea of an Internet kill switch and a way to disable cars remotely: when one becomes addicted to power, the ends of power obtained justify the means of obtaining it.
The federal government does not particularly care what temporary effect such meas
Re: (Score:2)
"When I wanted a phone "killed" I'd just call up the CEO of that phone company and have him have his people disable the phone plan for "non-payment" or whatever."
You've missed the point. It's not about having "a phone" killed. It's about the ability to have phoneS killed. Plural.
You think the government couldn't do that already? All they need to do is send a list of phone numbers (or account holder SSNs, or IMEIs, etc) and a scary national security letter and tell them to kill the accounts?. Boom. Done.
Re: (Score:2)
The question here is whether or not a coorporation would cooperate.
Is it really? Not in the US and I imagine not in the UK, Canada, or even Australia. At least judging from recent revelations of the close ties between telcoms and the governments.
Re: (Score:2)
Thank goodness our people in government employ are often less crafty than that.
If they were more competent, mass surveillance might still be a tin-hatter conspiracy theory.
Re: (Score:2)
Re: (Score:2)
And what are the odds that it will only be a "kill" switch?
I'm pretty sure it will end up being multipurpose for the purpose of enhancing surveillance and data collection.
The most worrisome part of this is how the security and intelligence-gathering agencies are feeling bold enough to drop all pretense.
Also, I am struck by how differently we react to these stories since the Edward Snowden revelations. Some of
Re: (Score:3)
Unfortunately, you are wrong: Violent muggings IS the way they are stolen. Many cities have seen a downturn in most violent crime, BUT a sharp rise in cell phone muggings. There is a wide demand from police stations all over the country to find some way to reduce the value of stolen cell phones and thus prevent those cell phone muggings. Bricking stolen phones would accomplish that very quickly, stop thefts, and even save lives.
Re:The Safe Bet Here (Score:5, Informative)
Just so you don't think I'm pulling it out of my ass:
http://www.sfgate.com/bayarea/... [sfgate.com]
Official police statistics show that there were more than 40 cell phone muggings in November. The number may not seem high, but it is unsettling with just a portion of the crimes reported, and virtually all of them involve a gun, knife or physical assault.
http://mashable.com/2012/12/20... [mashable.com]
Officer Gordon Shyy, media relations unit of the San Francisco Police Department, tells Mashable they don't have any data about whether cellphones deterred crime in the 90s, but said today cellphone muggings are "an epidemic nationwide."
From January 2012 through Nov. 30, 2012, there were approximately 1,732 cellphone related thefts reported in San Francisco out of a total of 3,487 robberies — making 50% of all robberies cellphone related.
Re: (Score:2)
Did the thief explicitly set out to steal a phone, or did the thief just set out to rob somebody and they happened to have a phone? That data really doesn't distinguish the two.
Re: (Score:2)
Simple (Score:2)
Wait until this legislation is approved, and measure again in 5 years whether gun point mugging has been reduced. Problem is, hackers and criminals will find overnight a way to circumvent this protection. So in the end, we won't be able to measure anything.
Re: (Score:2)
How would you even measure something like that?
Witness statements. If "Give me your phone!" is the first thing the mugger says, he probably was after the phone. If the conversation instead goes:
Mugger: Give me your wallet
(Victim hands it over)
Mugger: Hey there isn't any cash! Give me your shoes/jacket/watch/whatever else you have
They were probably mugging in general, and the phone was just part of the haul.
Re: (Score:2)
So in 11 months there were 1732 cellphone thefts in San Francisco, or an annual rate of 1889 thefts/year.
In 2012 there were 5339 automobile thefts in San Francisco [mercurynews.com]. So where's the legislation requiring a remote kill switch on all cars to render them inoperable, to discourage theft?
Re:The Safe Bet Here (Score:5, Informative)
Exactly. The Republicans will use it to devastate the used phone market.
I guess you missed the part where the bill's author is a Democratic Senator.
Re:The Safe Bet Here (Score:4, Funny)
Ah yes, I remember also when those evil Republicans devastated the used car market with that "cash for clunkers" programme.
Oh, wait...
I assume it's a typo... (Score:3)
But if it really is called the 'Smartphone Prevention Act', that would pretty much say everything needed about this government, wouldn't it?
Re:I assume it's a typo... (Score:4, Interesting)
Somehow Dice can keep people on staff to do an interface rewrite that nobody wants, and yet they can't find somebody to proofread a dozen paragraphs of text per day.
The mistake is in the original article as well (actual name is of course the "Smartphone Theft Prevention Act"), but that doesn't excuse the /. editors for not engaging their brains.
Re: (Score:2)
It's just stupidity by journalists, so don't be surprised. The official title of the bill is "A bill to require mobile service providers and mobile device manufacturers to give consumers the ability to remotely delete data from mobile devices and render such devices inoperable". [loc.gov]
Re: (Score:2)
It's nonsensical. If the sole purpose of the bill were to flat out outlaw smartphones then it's an apt name, but that's not the spirit of the bill so it's a dumb name altogether.
No Thanks (Score:4, Insightful)
If I can brick my phone over the air, so can THEY, and I don't trust THEM.
Re: (Score:2)
Most reasonably, bricking a device OTA would require using a code which is set by the user of the device when they first get it, and does not get reset simply by changing sim cards. When a person legitimately sells their phone or trades it in for an upgraded phone, they would have to clear that code first,,, and clearing it should in turn require that the current one be entered on the device first.
Now obviously, this isn't going to stop a thief who is so desperate to steal your cell phone that he will t
Re: (Score:3)
Nope. The telecoms will have master keys since grannyw ill forget her code and the government will have backdoors to fuck your shit.
Your error was in thinking that we'd get a reasonable implementation that focused on security.
Re: (Score:2)
Re: (Score:2)
So you cant call 911 to get local cops when your home is being raided by black SUV driving feds that don't tell the local cops when they are about to bust you? So you when turn on the camera and start live streaming to youtube of the raid and set it down somewhere unlikely to be seen they can kill the stream. That would be my guess.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
"They" can already brick your phone over the air. How do you think the phone communicates with outside world?
Uh, however I want it to? My phone isn't a brick without a cellular connection to the PSTN.
My phone has WiFi, Bluetooth, USB, HDMI, local storage, a microSD card, a camera, a microphone, etc.
It's an extremely useful device without phone service, and it's an extremely useful device without WAN access as it will still have LAN access.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
I can also infer from your soberly coherent posting skills that a man of your intellectual prowess is above such base behavior.
Ergo, I read the ass-ass as a double negative, implying reverance and not scorn.
Re: (Score:2)
Nice try, AK Marc.
Re: (Score:2)
Sorry, "They" already can do this. Your US carrier already sells a monthly "protection" package that enables this remote wipe capability for you, so the remote wipe capablity is already loaded onto your phone.
So this legislation "should" [as I haven't read through it, and it does not seem to be publicly available yet] remote the monthly fee the carriers charge.
And just to show I'm an apple-fanboy, the fact that the carriers charge $10 or more per month to enable this for non-Apple smartphones, but don't block and can't charge for it for iPhones/iPads [and Apple doesn't charge extra for it] is another sign of customer demand for iPhones [vs sales of other phones].
Except my carrier does NOT have the ability to remotely wipe my phone.
Re: (Score:2)
How do you propose that a carrier could update the OS on my iPhone?
Just because you can... (Score:5, Insightful)
Just because you can, doesn't mean you should. Just like the remote kill switch that was proposed in cars. This is a solution looking for a problem, and more over it's a solution that's ripe for abuse.
Re: (Score:2)
This is just another example of the nanny state. If I want a phone with remote kill switch or wipe capability, I will buy one that has it, or one on which I can install an app that has the capability. They do exist. Making this capability mandatory is only going to increase the cost of phones.
There are instances where such an increase in cost to the consumer is arguably warranted (e.g., seatbelts, airbags, etc.). But there is no public safety or public health argument here. It is strictly a matter of co
Re: (Score:3)
But there is no public safety or public health argument here. It is strictly a matter of convenience.
Sure there is. Smartphone robberies are spiking crime rates. If thieves were aware that a stolen phone was useless then the crimes should go down.
Re: (Score:3)
As seems to be the case in Australia where they are already doing this.
http://www.sfgate.com/bayarea/nevius/article/An-easy-way-to-curb-smart-phone-thieves-2344797.php [sfgate.com]
Re: (Score:2)
As seems to be the case in Australia where they are already doing this.
http://www.sfgate.com/bayarea/nevius/article/An-easy-way-to-curb-smart-phone-thieves-2344797.php [sfgate.com]
Australian here, this doesn't work.
Firstly because it's IMEI blocking on participating carriers. So all you need to do is sell the stolen phone overseas where the carriers don't give a fat rats clacker about the IMEI's Australia blocks. Secondly, you end up with unsuspecting people buying stolen phones with blocked IMEI's.
1. Theif sells phone
2. Purchaser doesn't know phone on Ebay (or Gumtree) is stolen
3. Purchaser gets useless phone
There's no shortage of idiots to fill the role in step 2.
Carrier
Re: (Score:2)
The US is pushing for a more permanent bricking that cannot be gotten around by simply replacing the SIM card or sending the phone overseas. This is the only method that will actually discourage robberies and theft.
While the Australian method is good intentioned, it doesn't discourage theft.
Re: (Score:2)
The US is pushing for a more permanent bricking that cannot be gotten around by simply replacing the SIM card or sending the phone overseas. This is the only method that will actually discourage robberies and theft.
While the Australian method is good intentioned, it doesn't discourage theft.
Neither will the US method.
Because if it is implemented, the first thing that a thief will do at this turn off the phone and remove the SIM card. There is no way in hell you can report a stolen phone faster than a thief can do that.
Beyond this, bricking a phone wont stop a thief from selling it. If they're dishonest enough to steal, what makes you think they aren't dishonest enough to sell broken merchandise?
Re: (Score:2)
The system that is being requested would not be reliant on the SIM card for bricking.
From what I've read, the market for stolen phones is an organized black market - thief drops the stolen off at a fence and gets paid. If the phones are able to be bricked by IMEI regardless of the SIM card then value that the fence is going to offer is going to drop to essentially nothing.
Re: (Score:2)
Essentially I lost my phone, called the carrier they bricked it and sent me a new phone as I am on contract and had insurance and they knew the phone would not be used in Australia on the main carriers
Your phone wasn't bricked, it still works fine. What happened is that your phone's IMEI was added to a blacklist and the carriers refused connection.
You can still sell the phone, it still turns on and acts like a normal phone would with no SIM card and if you sold it overseas, it would work the same as it did for you. This is why it does not discourage theft one tiny iota.
Your theif sold your phone, he hasn't been discouraged at all. It took him no extra effort to completely bypass this system.
Off topic: if this system is flawed what other system do you think will lead to a reduction in phone muggings?
People
Re: (Score:2)
While that's certainly possible, the fact is that robbery rates are 40% of what they were 20 years ago.
Which tends to suggest that smartphone robberies are getting a lot of publicity, but aren't really that big a deal.
Re: Just because you can... (Score:2)
It's really quite a bit like herd immunity.
Re: (Score:2)
Consumer protection advocates have asked for the same thing - this is not some sort of big brother initiative. You really think that a better idea is to let victims shoot into a crowd in the hopes that the he hits the thief?
The carriers and manufacturers have drug their feet on implementing a customer activated kill switch because thefts of smartphones don't hurt them and could even help their bottom line.
Re: (Score:2)
Just because you can, doesn't mean you should. Just like the remote kill switch that was proposed in cars. This is a solution looking for a problem, and more over it's a solution that's ripe for abuse.
Exactly... if there's a switch, it will be exploited... just look at the encryption on Blu-ray or DVD's... or even some of the RSA encryptions... no matter how good the digital lock, it will be broken eventually...
Re: (Score:2)
This is a solution looking for a problem
Only if you've been living under a rock for the past 10 years and ignore that today, more people are held up and robbed for their mobile phone than for their cash.
Re: (Score:3)
Even if the phone is tracked and located, law enforcement doesn't care unless it involves a hot girl or someone politically connected.
Apple is already compliant (Score:2)
As others have stated, this is exactly how Apple's iCloud lock works. If the owner of the device remotely locks it or it is factory reset through iTunes, it will be useless except for displaying a screen prompting for the owner's Apple ID and password. So far, all it has really accomplished is giving some extra headache to businesses that accept phone trade-ins and slightly lowering the value of lost/stolen iDevices on eBay [ebay.com]. We also already have a national IMEI blacklist, which mostly seems to have succeede
Re: (Score:2)
As others have stated, this is exactly how Apple's iCloud lock works.
Android has this functionality as well. You do ostensibly have to activate it first, though. Or you can get it with an app if you want a different big brother than Google, via Cerberus.
evilly tapping fingers together. (Score:2)
Will this be activated by simply logging into someone else's, oops. I mean, _MY_ Apple/Google account and filling out a form? No reason why. Just wondering.
Don't do a kill switch (Score:2)
Not So Smart Phone Prevention Act (Score:2)
Devil's Advocate (Score:5, Informative)
It's spurred mostly by the fact that AT&T and T-Mobile have been sand-bagging, claiming GSM/SIM's don't allow for black-listing. The utility of Sprint and Verizon's blacklists is predicated on the "SIM" being integral to a CDMA phone; they can limit access to their networks to phones locked to their networks. The proliferation of phones containing GSM, CDMA and LTE hardware regardless of the carrier's network, opens the distinct possibility of a stolen phone being unlocked/jailbroken/rooted and re-used on a different carrier, rendering even Sprint and Verizon's blacklist useless.
This law is looking to have all the carriers actually implement a lost/stolen black-list, and to further have communication between the carriers, so that a black-listed phone can't be re-used on anybody's network. This sounds like something that could (and should) be implemented in response to market forces. The proliferation of passive anti-theft systems in late model cars provides a good model. There's no legal requirement for car-makers to implement RFID-encoded key-fobs, yet they are nearly ubiquitous and have massively reduced theft of vehicles so equipped.
Re: (Score:2)
This law is looking to have all the carriers actually implement a lost/stolen no-fly list..
And with a simple typo your $500 phone is now just an MP3 player.
Re: (Score:2)
It's spurred mostly by the fact that AT&T and T-Mobile have been sand-bagging, claiming GSM/SIM's don't allow for black-listing.
This would naturally come as a great shock to the rest of the world which has a black-listing service and use GSM / SIM's.
Re: (Score:2)
claiming GSM/SIM's don't allow for black-listing.
Which is total bullshit because while they are technically correct about the SIM, every mobile phone has an IEMI number - the mobile phone equivalent to your MAC address, and blacklisting phones (the hardware, not the SIM) is common practice in many countries.
How about we start with banning IMEIs? (Score:2)
We really don't need another mechanism to prevent cell phone theft, we already have it. Each phone has a unique IMEI number associated with it. In most other countries if your phone is stolen, you report it and your carrier, along with all the other carriers, ban the IMEI number so the phone cannot be activated on any cellular network. This basically makes the phone useless.
We could easily implement this in the US, but the cell phone carriers refuse to do it. If I had to guess, the reason they don't want to
Re: (Score:2)
Not to mention but the stolen phone that's not black-listed could find itself re-activated on their network, and that's another customer gained or retained without having to subsidize their phone.
Re: (Score:2)
And they're making out like bandits with the rip-off "lost phone insurance".
http://www.huffingtonpost.com/... [huffingtonpost.com]
Re: (Score:2)
the reason they don't want to do this is because if your phone gets stolen they get to sell you a brand new non-subsidized phone at full price, which makes them a lot of money.
In that case: I suggest we have a law that says: Immediately after any carrier has been presented proper notice, that a phone with a certain IMEI has been stolen, that carrier shall become liable for 100 times the original retail price of that phone, in the event that the phone is used on their network more than 5 days af
Re: (Score:2)
That system doesn't work because there are too many carriers around the world that don't honor the IMEI blacklist.
Re: (Score:2)
well.
you know what? european countries have such banlists on imeis.
dunno why you need legislation for it. perhaps they want to obscure the fact that each cellphone sold in the west already has an unique code that can be tracked.
Why smart phones? (Score:3)
Why not laptops?
Why not cars?
Why not any of a thousand things that are stolen all the time.
I wouldn't mind this as much in cars or laptops. I'm pretty sure I could disable it if I wanted. But in a smartphone? How?
This whole thing gives me the creeps.
Re: (Score:3)
Theft by mugging is People don't carry laptops around at nearly the same rate they do smartphones, so the theft by mugging isn't nearly as big a problem. When laptops get stolen it's typically because the owner was careless and left it unattended. Meanwhile violent muggings, where people's cell phones are stolen, is reaching epidemic proportions in major cities. In the 90's people got jacked for their Air Jordan's, now it's for their iPhones. And unlike many other commonly stolen items, this anti-theft capa
Re: (Score:2)
In regards to cars, should I bother showing you the videos on youtube of people beating those keys? Its old hat at this point.
As to killswitches in the smartphone.... my only concern is that "I" am the only one able to trigger it.
Not Apple.
Not the phone company.
Not the Federal government.
My phone. If you set it up so that only "I" can kill it. I'm happy with it. If you're given that power to some external agency that didn't buy or pay for my phone then what right do they have to have that kind of power over
Re: (Score:2)
Smartphones are a tool of civil protest. The government can selectively "kill" Smartphones and effectively crush any rebellion. Ukraine and Iran have already demonstrated that power.
The same can't be said about cars or laptops.
Re: (Score:2)
Which is not an argument for us to support the move.
Correct bill title (Score:2)
Public Safety vs. Big Brother (Score:2)
So there's a definite public safety problem going on, with people getting mugged for their phones and what-not. For the record, I think this concern is what's driving this legislation. But there's definitely room for the Big Brother Let's Stop the Flash-Mob-esque City Square Filling Demonstrations appeal to the Kill Switch, so the government shouldn't have any access to it. Hell, ideally the carriers shouldn't either. Make it something only the customer can initiate.
Too late to ask, I suppose. (Score:2)
Re: (Score:2)
Won't work. The first thing the thief does is pull the SIM so your security provider can't contact/control the phone anymore. Then they do a hard reset and restore to factory defaults so it's no longer tied to your accounts and they have a blank phone to sell and you can't do a thing about it.
The idea behind the mandatory kill-switch functionality is that it'd be cross-carrier and tied to the phone itself, not the SIM, so that the phone would brick itself as soon as it connected to any carrier's network any
Kill (Score:2)
Pandoraa Box (Score:2)
Phone Company does not want this (Score:2)
Re: (Score:2)
Re: (Score:2)
Does it have the authority to mandate vaccines?
They might seem unrelated, but consider:
- If thieves know that a stolen smartphone is worthless, they will stop stealing them.
- However, they only know a stolen smartphone is worthless if ALL cell phones can be bricked if stolen.
- Much like being one vaccinated person in a country of unvaccinated people is actually pretty weak protection, it doesn't do you any good to have the only phone that bricks when stolen. By the time your mugger finds out it's worthless
Re: (Score:2)
The Constitution grants power to regulate interstate commerce to the federal government. They can totally railroad this through on that basis.
Re: (Score:2)
Both the Interstate Commerce clause and the General Welfare clause could be used.
I don't want to argue about whether it would be the right thing to do, I'm just saying that those are the clauses that could be invoked.
Re: (Score:2)
The government doesn't need this law to do that so there is no conspiracy here.
The only thing that is going on is that cities are seeing a spike in muggings due to smartphones and they're trying to find a way to make a stolen phone worthless.
Re: (Score:2)
Only problem: none of those methods work if the thief's pulled the SIM out and done a factory reset so the phone's no longer associated with your accounts. Pulling the SIM at least will be one of the first things a thief will do if he's looking to fence the phone.