Bad Idea: California Legislature Passes Bill To Mandate Mobile Phone Kill Switches
from the very-bad-idea dept
We’ve explained a few times now why the idea of mandatory kill switches for mobile phones is a really bad idea and a slippery slope to abuse. So, of course, the California legislature has passed a bill mandating it, introduced by California State Senator Mark Leno and sponsored by SF District Attorney George Gascon. While end users could “opt-out,” how many people do you think will actually make that decision?
The reasoning behind this bill seems sound: a kill switch makes stealing phones less valuable, thereby decreasing phone theft. But, the mandate is dangerous for a number of reasons. If individuals want to use a kill switch there are plenty of third party apps they can get to do that themselves. But much scarier is how such kill switches will undoubtedly be abused. Having a single technology that can brick a ton of phones will be a very tempting target for hackers. And, it will probably be even more tempting for law enforcement for a variety of reasons. Someone videotaped the police doing something bad? Instead of having to go confiscate the phone, why not just brick it from afar? This seems like yet another bill pushed with good intentions that risks some very dangerous consequences.
Filed Under: california, kill switch, law enforcement, mobile phones, slippery slope, stolen phones
Comments on “Bad Idea: California Legislature Passes Bill To Mandate Mobile Phone Kill Switches”
It could be good with propert protections.
I understand your objections to the concept, but there have been indications that something like this could reduce crime (including muggings for cell phones and others). This would only work if such kill switches are widespread and common, and that is best achieved by mandating them.
Of course, some of the abuses by both hackers and potentially by authorities (not to mention the phone companies) are true risks. But the answer rather than abandoning the idea is to build in both legal and technological safe guards against its abuse.
Re: It never fails...
“It could be good with propert protections.”
No matter how well intentioned, planned out, penned and passed, no thing is ever perfetct or fool proof.
As evidenced by the quote above.
Re: It could be good with propert protections.
“But the answer rather than abandoning the idea is to build in both legal and technological safe guards against its abuse.”
I disagree. Mandating the kill switch is a non-starter. As an opt-in? Perfectly fine (it’s what we have right now). As an opt-out? That sucks, but I could live with it. As a mandate? No way, no how.
Legal safeguards aren’t worth the paper they’re written on. We have plenty of examples about how legal safeguards are worked around or ignored. Technological safeguards? What would this look like? What kind of technological safeguard would stop your carrier or the government from killing your phone against your will?
Re: Re: It could be good with propert protections.
Thankfully this bill does allow opt out. If people are too stupid to turn this feature on then I don’t really think it should be mandated, but turning it off isn’t that hard either. I’m therefore neutral on the bill. I can live it with it.
Re: Re: Re: It could be good with propert protections.
But will it be able to be turned well and truly off? Or could your decision to turn it off be overridden somewhere?
Re: It could be good with propert protections.
That’s all fine and good, but when is the Treasury Department going to finally put a kill switch in currency to reduce crime?
Re: It could be good with propert protections.
“But the answer rather than abandoning the idea is to build in both legal and technological safe guards against its abuse.”
At this point it’s pretty clear that governments and law enforcement could not by trusted with this power, no matter what safeguards appear to have been put in place. Based on recent history, the benefits, however legitimate they may be, simply do not outweigh the almost guaranteed downsides.
Re: It could be good with propert protections.
This seams to be redundant each mobile has a unique serial, this can already be used to block off a phone from the network if stolen, This just requires an effective beurocratic structure to keep track of the number at time of purchase, an a law requiring phone companies to stop access to the phone network when the phone is identified as stolen, (many countries are now doing this, some have been since the ninties.
Only an American politician would want to “reinvevt the wheel”
Re: It could be good with propert protections.
Please enlighten us all as to your foolproof method that won’t mean 500,000 Samsung phones get mysteriously disabled the day before a new iphone launches (co-incidentally timed with a Senator buying a new multi-million dollar yacht and upgrading his trophy wife to the latest model)
Taking bets on how long until the first report of police using this to kill a phone that’s recording them.
Re: Re:
Not that I am siding with cops, nor am I saying the mandatory kill switches are a good idea, but . . .
How exactly would a cop know which phone to brick? Assuming they have such immediate and instant access to the kill switch. If they take your phone to identify the device, they don’t need the kill switch, just a big hammer. (Or it becomes ‘evidence’ and is subsequently, unexplainably lost.) If they don’t take your device, but identify who you are, then you may have time to get home and move the video from the phone to, say, YouTube — or send it to someone else to upload it. You may not even have to get home first in order to do that.
Re: Re: Re:
ah but using a brick/hammer leaves them open to a claim… however, if they hold the person and their phone “mysteriously/randomly” happens to be bricked about 5-20 minutes after being released then there is no proof as to what happened
Re: Re: Re: Re:
sync video/photo to dropbox or whatever cloud storage you choose. Give yourself a bit of time at least.
Not saying this isn’t a stupid idea that will totally get abused, because that’s what happens, just a workaround.
Re: Re: Re:How exactly would a cop know which phone to brick?
“How exactly would a cop know which phone to brick?…”
Easy you stupid Citizen!
ALL OF THEM!!!
Re: Re: Re: Re:How exactly would a cop know which phone to brick?
All of them that connect to a particular Stingray tower.
Re: Re: Rhetorical question, right?
I assume you mean if they don’t question your first and ask your phone number? 🙂
Re: Re: Re: Rhetorical question, right?
I thought I sort of covered that possibility when I said “If they take your phone to identify the device, they don’t need the kill switch, just a big hammer.”.
I supposed if they took your phone to identify the device, it would be quicker to just destroy it rather than brick it later.
Either way, I suppose if the phone is bricked using the new mandatory kill switch, or using a real brick / hammer / cinder block, it would be obvious who had done it and why.
Re: Re:
The cops in Ferguson don’t need a kill-switch as they just stomp on the heads of anyone that even LOOKS like they might own a phone with video capability.
Then stomp on the phone of course…because terrorism…
When recording police misconduct . . .
When recording police misconduct you need an app that can immediately upload the video somewhere beyond the reach of the kill switch. That way if they brick your phone, even by using a real brick or cinder block (which the cop may have a better understanding of), the video is already safe.
Re: When recording police misconduct . . .
i believe the ACLU has such an app
Police take a huge sigh of relief
They will no longer have to worry about that guy recording from across the street. Now they can just kill his phone when he’s taking inconvenient video.
Course this means it will be in *all* new phones once fully implemented. OEMs aren’t going to whip up a new assembly line process just for California.
Re: Re:
This would be unlikely to require a hardware (thus assembly line) change.
Re: Re: Re:
So, as long as we purchase the phone from any location outside California, we’re good?
Re: Re: Re: Re:
No.
It will be cheaper to just sell one phone model in the US. That model will have to comply with California law.
In principle, two models could be made for the US, but that costs more money to make two different model numbers. Carriers won’t like it because they have to deal with two different models, and make sure their stores in CA have the right model. It also creates more record keeping.
Re: Re: Re:
It’s probably just a software change. There is probably no physical difference in the hardware.
The kill switch feature just has to effectively brick the phone in a way that it becomes worthless and can never be used again.
This is a clear “us” vs “them” decision from the government to their subjects. There’s really no other explanation as to how this could have passed otherwise.
SWEET!
This is awesome! I can’t wait until some hacker comes up with a tool to brick phones.
Combine that tool with a wardialer style unique identifier generator and phones will be dropping like flies!
But then, what do you expect from California, the state that elected and consistently RE-ELECTED one of the biggest IDIOTS and TECHNO-NOOBs in politics – Nancy Pelosi, who said… of the healthcare bill… we have to pass it so we can find out what’s in it.
How does the home of Silicon Valley elect such a clueless shill?
Can we just agree to kick California out of the Union? Seriously.
I live on the East coast, and I’ve lived in the Mid-West. I’ve still had to deal with labels that say this product contains chemicals known to the state of California to cause blah blah blah. Cars are mostly designed to meet some of their stricter emissions standards. I have a hard time believing that this will stay in California when the phone manufacturers decide it’s simply cheaper to only build phones that meet the California requirements and sell them everywhere.
So please, lets kick them out of the Union before their poorly thought out ideas pollute our country any further.
Re: Re:
Wait… are you saying that having cars everywhere designed to meet California’s strict emissions standards is a bad thing?
Re: Re: Re:
No. I’m saying the way that California’s laws tend to trump and undermine Federal laws and impact other State’s and their residents is a problem.
If I wanted to pay higher taxes, higher prices on consumer goods and have my choices dictated to me above what they already are, I’d move to California. I don’t, and I should be free to live my life free from what passes as State Government in the state of California. My concern is, like many other things that come out of California, this law will affect me even though it shouldn’t.
I merely used the emissions standards as an example because I am aware of it, and figured many others were as well.
Re: Re: Re: Re:ThatFatMan
Shut up you Libertarian scum and learn to OBEY!
Re: Re: Re:2 Re:ThatFatMan
Ummmmm, no?
Re: Re: Re: Re:
“I’m saying the way that California’s laws tend to trump and undermine Federal laws and impact other State’s and their residents is a problem.”
But that’s not California’s fault (their laws don’t actually trump anyone else’s). It’s the fault of manufacturers wanting to sell the same product everywhere without modification. A bit like how Texas determines the contents of textbooks for the whole nation.
Re: Re: Re:2 Re:
I understand that in reality, California doesn’t have the authority to trump any laws of other states and the Feds. However, in practice this is what happens, precisely for the reason you’ve stated and as I stated in my original comment.
To you point about Texas, I agree as well. However, I don’t see warning labels smeared all over everything citing the State of Texas. You could say the issues coming from Texas are a little less visible to many.
Re: Re: Re:3 Re:
“You could say the issues coming from Texas are a little less visible to many.”
Except for Rick Perry. That issue is WAY too visible to everyone.
Re: Re: Re:3 Re:
But you gloss over my point: these problems are not California’s (or Texas’) fault. They are the “fault” of the manufacturers. If the people in the rest of the states didn’t accept these things, the manufacturers would have different versions for them — much like petroleum companies do with gas formulations.
I think you’re better served putting the blame where it belongs.
Re: Re: Re:4 Re:
I am not glossing over your point. I made the same point in my original comment, that manufacturers will make a product to meed the requirements set forth by the state of California. Because of that, the rest of us who DO NOT live in California will essentially be subjected to their laws, and there is a pattern of this happening throughout the U.S. because of laws passed in California (and apparently others as well, as you mentioned).
I agree that manufacturer’s are also to blame, and really so is the public for not being more vocal about it. For the manufacturers though, they have to respond to changes in the law in order to sell their product. And they have to make a profit too, or at least break even, so they will naturally do things as cheaply as possible (i.e. one method of producing the product instead of 50). They get away with it in part because people outside of California aren’t saying “hey, I don’t want to buy your Widget with California’s requirements” loud enough.
But hey, just my opinion on the matter.
Re: Re: Re:3 Re:
So, the way to fix this is to make a law in another state which declares manufacturer-supplied kill switches illegal… and then let the manufacturers figure out a way to make their products meet the needs of both states 😉
Re: Re:
Actually, we only need to kick a few areas of california into the ocean to solve the problem – the heavily-populated coastal cities.
Can we kill the kill switch?
Is it going to be a SW thing or a HW thing? We can get around the former (CFAA notwithstanding). The latter? Not so much
Re: Can we kill the kill switch?
The easiest Kill-Switch-Killer is too painful for Motorola , Apple, Goolgle, et al.
Just don’t implement it and don’t sell smart phones in CA. Watch how long until the people overthrow the dirtbags in Sacramento.
Re: Re: Can we kill the kill switch?
Since Apple and Google are both based in the Bay Area, this probably won’t happen.
Re: Re: Can we kill the kill switch?
I know Sacramento is the capitol, but I wanted to point out that the asshat who is proposing this law comes from SF… and that’s where a lot of these fucktarded ideas come from.
It’s going to be interesting to watch progression of this decision:
1) Ah hell dog, it’s just to keep people from robbing you, spare me your conspiracy nonsense and put your tin-foil hat away.
2) Your Honor, exigent circumstances required that we disable all the phones in the vicinity. There were protests all around and officers were in danger.
Judge: yes indeed, we have the tools we’d be negligent not to use them. Not guilty!
Annnnnnd it’s all downhill from there.
a kill switch makes stealing phones less valuable,
However, as technology progresses they will inevitably become much less valuable anyway.
Given a bot of time the supposed “problem” will go away of its own accord.
Re: a kill switch makes stealing phones less valuable,
Legislation, however, tends to stick around long after the problem it was meant to solve dies.
Tin Foil Hat On
This conspiracy theory involves the phone manufacturers paying to get this passed so they can selectively ‘mysteriously’ brick phones that ‘need’ replacement, like they are too old or have a contract that is paying too little. Hardware churn too low? Increase ‘mysterious’ brickings.
Tin Foil Hat Off.
Next up… kill switch for all Cars.
And since it can be done for phones why not have a kill switch for guns too.
Re: Re:
Next up… kill switch for all Cars.
Too late. GM’s On Star, Ford’s SYNC and LoJack can already remotely disable a vehicle. I also believe I’ve heard that they can lock the doors in a way that those inside cannot open them too.
“Someone videotaped the police doing something bad? Instead of having to go confiscate the phone, why not just brick it from afar? This seems like yet another bill pushed with good intentions that risks some very dangerous consequences. ”
And there it is. The real reason for passing this. Just like the real reason for certain wiretapping laws was too many politicians and other people of ‘importance’ getting caught criminally putting their foot in their mouth. No new law has anything to do with stopping actual crime. Only protection of the powerful.
Hey phone manufacturers? Wanna kill this bill? Don’t implement this kill switch and no longer offer phones for sale in California and overpopulate every border store just across the state line everywhere with TONS of phones. Revolt from consumers will reverse the bill along with the amount of revenue loss for state taxes, in-state phone stores, etc.
Someone or more than one in a group will brick every single phone that signs on to this mess.
The rest of us will LOL@ CALI.
WTF? All the carriers have to do is work together and have a shared no-activate database for ONLY lost/stolen phones. Don’t water it down with phones attached to unpaid accounts etc. Only stolen phones for the express purpose of lowering the value of the stolen goods.
Either way, there are plenty of companies that will pay for the parts of a used phone. Even bricked, the $600 phone has a $200+ screen to sell.
Re: Re:
Actually, you can replace Samsung screens for around $80 and iPhone for $120 (including labor), so I don’t know anyone that will give you $200 for a screen.
Who will control the kill switch?
Computer Age
Welcome back to the age of laptops and desktop that most people will start to use again after their phone has been bricked for the sixth time in a month. Truthfully if this was in a desktop or laptop computer people would be outraged and would make software to disable the kill switch. That would be funny an anti kill switch app to kill the kill switch.
Misleading
This article is misleading. This is not a new ability, carriers have always had this capability. This bill would make available to the public the capabilities the carriers and the government have always had. It boils down to blacklisting the IMSI that is burned into the phone when it is manufactured.
Re: Misleading
Whew. That makes more sense. Turning your phone into an unbootable brick and removing carrier service for the phone are two significantly different things.
Re: Misleading
No, that’s a different thing. The kill switch idea is not about simply disconnecting the phone from the network. That, as you say, has always existed. The kill switch is about bricking the phone altogether, so you can’t even use the non-phone features.
App For That
Want a kill switch for that legally mandated kill switch, we have a app for that. Not available to residents of CA.
Facts matter
Like you, I am against this mandate because of the obvious abuses it will bring with it (including the destruction of the secondary market for old phones).
But unlike you, I actually know something about technology. For example, I would never say something this incorrect:
“If individuals want to use a kill switch there are plenty of third party apps they can get to do that themselves.”
There is no 3rd party app capable of “killing” a phone. It might wipe it, but it doesn’t prevent reinstalling a OS.
If you don’t know what a “kill switch” is, why write anything at all?
Re: Facts matter
True enough, ignoring phones that have that incredibly objectionable Knox software installed — you can indeed fully brick those. It’s a good correction. I’m not sure why you needed to be so condescending about it.
If you live within a day’s drive of the state line, like I do, you can just go into a neighboring state and buy a phone without the kill switch. The next time I need a phone, I will drive the 140 miles to Reno and buy one there.
Go to Nevada
Just simply drive to Nevada or Oregon a buy a phone, which I will do next time I need a phone. I live 2 hours drive from Nevada and 5 from Oregon. Problem solved.
Dose the law mandate a type of kill? Personally a sort of anti-reset system is all I would really want. My phone is encrypted and pin and such but if i could set it up with a password/phrase that prevent it from being reset to default or used with a different sim without my say so that’s a good kill switch.
Re: Re:
If your concern is to prevent people from being able to use your phone at all (instead of just preventing them from seeing your personal data), then that’s not all you really want at all. A thief can easily install a new OS without having to bypass your pin or decrypt your phone contents. The phone’s reset functionality doesn’t enter into it.
SWEET!
Yeah. I can see a group of hackers bricking all the phones in California. That type of outage could really cause a panic. I and most people I know only have cell phones.
Kill-switches in software aren’t foolproof.
That was amply shown by the fact that by simply trying to turn Find-my-iphone off at the same time as pressing DELETE ACCOUNT then rebooting the iphone immediately causes icloud and all its security features to be disabled **WITHOUT A PASSWORD REQUEST**.
THis bug affects all current versions of iOS and still hasn’t been fixed…no software security system can ever be 100% secure and the only way to ENSURE a phone can never be used again is by causing it to randomly and spontaneously burst into flames/Explode….which I think the top 3 manufacturers already implemented 🙂
Re: Re:
“no software security system can ever be 100% secure”
Why do you specify “software” in there? No security system of any sort can ever be 100% secure. If the kill switch is implemented in hardware, it is no less likely to have a bug — but the bug would be harder to fix once found.
SWEET!
“… the state that elected and consistently RE-ELECTED …”
Two words, Election Fraud. What makes you think that Pelosi, Brown, etc were elected by the people instead of being put into position?
It has been that way in most states, but California had to be controlled the most as it can feed the world. Destroy the food supplies and restrict water and you have obedient slaves or democide.
The real owner of such a phone is the one who pwns the kill switch.
If this is such a desirable feature why hasn’t it been mandated already by consumer market forces.