Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

California Passes Law Mandating Smartphone Kill Switch

timothy posted about 2 months ago | from the we-control-the-vertical dept.

Cellphones 233

alphadogg (971356) writes "Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen. The demand is the result of a new law, put into effect on Monday, that applies to phones manufactured after July 1, 2015, and sold in the state. While its legal reach does not extend beyond the state's borders, the inefficiency of producing phones solely for California means the kill switch is expected to be adopted by phone makers on handsets sold across the U.S. and around the world."

cancel ×

233 comments

Sorry! There are no comments related to the filter you selected.

The worrisome part (4, Interesting)

Joe Gillian (3683399) | about 2 months ago | (#47755985)

From the article:

Police can also use the tool, but only under the conditions of the existing section 7908 of the California Public Utilities Code. That gives police the ability to cut off phone service in certain situations and typically requires a court order, except in an emergency that poses “immediate danger of death or great bodily injury.”

Re:The worrisome part (2)

i kan reed (749298) | about 2 months ago | (#47756009)

Oh no, they might killswitch a phone thought to be a bomb trigger.

I get the worry you've got: that "they" will use this language as a fiat tool to shut down whatever "they" want. Of course if "they" are really that arbitrary, what does the language in the law matter?

Re:The worrisome part (0)

Anonymous Coward | about 2 months ago | (#47756105)

It wouldn't make sense to use a new smartphone as a trigger device.

Re:The worrisome part (1)

Overzeetop (214511) | about 2 months ago | (#47756167)

Too expensive? Because otherwise it's the perfect, self contained sensor and communication platform for a wide variety of initiation options.

Unintended Consequences (2)

Mr D from 63 (3395377) | about 2 months ago | (#47756741)

The thief will have to steal more phones in order to get one that has the feature disabled.
The thief will unfairly target older phone model owners.
The thief will have limited time to make a call on a stolen phone, so he'll need to steal another one to make another call. "Just in time theft."
Tracking of stolen phones will be disabled, so stolen phones will be harder to locate.

Re:The worrisome part (2)

NatasRevol (731260) | about 2 months ago | (#47756499)

Actually, it would make perfect sense.

Make it a dead mans switch.

Doesn't go off until police turn off phone service, which doesn't send 'don't blow up' message.

Make sure you're in good cell coverage first though...

Re:The worrisome part (1)

ShanghaiBill (739463) | about 2 months ago | (#47756971)

Actually, it would make perfect sense.
Make it a dead mans switch.
Doesn't go off until police turn off phone service

If you just want it to go off at a random time, then you don't need a cellphone trigger at all. The whole point of using a cellphone trigger is to detonate the bomb when a specific event happens, such as the passing of the presidential motorcade. A dead man switch is not going to accomplish that.

Re:The worrisome part (1)

kilodelta (843627) | about 2 months ago | (#47756959)

Agreed - if you're really intent use a throwaway FRS or MURS radio.

Re:The worrisome part (1)

Anonymous Coward | about 2 months ago | (#47756131)

"what does the language in the law matter?"

It doesn't.

"that 'they' will use this language as a fiat tool to shut down whatever 'they' want."

'They' will, 'they' always do - regardless of what law or level.

Re:The worrisome part (-1)

i kan reed (749298) | about 2 months ago | (#47756333)

And that attitude is exactly why we can safely take your opinion, and ignore it.

You seem to think cynicism is inherently reasonable and sane, and thus end up believe absurd bullshit in the name of pragmatism. You don't recognize that this isn't informed from any sort of careful study, but instead kind of boring extrapolation of the media notable times that the rule-of-law doesn't hold up.

You don't (mentally) live in a world where almost every single person accused of a crime in the US gets a trial. With a jury of their peers. And a chance to appeal if due process isn't followed. Your brain lives in an alternate reality, where all power is abused at all times, because that makes you smarter than everyone else. More clever, seeing the things that "those dullards" or whatever don't.

It is true that every power that's granted to government in a liberal democracy needs watchdogs, and alert citizenry. You seem to mistake that duty with an obligation to condemn socially useful features of government out of paranoid fear. What you're actually doing is creating a lot of white noise to distract from those who are doing their proper duty, looking out for real abuses. You aren't helping.

Re:The worrisome part (2, Insightful)

Anonymous Coward | about 2 months ago | (#47756459)

NSA apologist and shill above. The NSA broke the law, with a watchdog, and a citizenry that knows they broke the law, and they are still continuing to break the law.

Your statements do not match up with recent history. The cynic above you is actually provable correct.

Re:The worrisome part (5, Insightful)

qbast (1265706) | about 2 months ago | (#47756497)

So you live in a world where almost every single person accused of a crime in US gets a trial by jury of their peers? What colour is sky in your world? Because here, in real world jury trial is a very rare thing - 97% prosecutions end with plea bargain ( http://www.thecrimereport.org/... [thecrimereport.org] ) . This is a real problem, because plea bargain has nothing to do with justice.

Re:The worrisome part (0)

Anonymous Coward | about 2 months ago | (#47756659)

Choosing not to go to trial is very different than never being offered one.

Re:The worrisome part (4, Insightful)

ShanghaiBill (739463) | about 2 months ago | (#47757081)

Choosing not to go to trial is very different than never being offered one.

Except that the "offer" is accept a plea bargain and go to prison for five years, or go to trial and risk going to prison for twenty years. A trial by jury should be a right of every citizen. You should not have to spend your life in prison just for asserting that right.

Many of the people exonerated and freed by the Innocence Project [wikipedia.org] had plead guilty, to avoid a harsher sentence, despite being innocent of the crime.

Re:The worrisome part (1)

funwithBSD (245349) | about 2 months ago | (#47756571)

"The blade itself incites to acts of violence"

If you give someone a powerful tool, they will use it.

Re:The worrisome part (1)

i kan reed (749298) | about 2 months ago | (#47757189)

"they".

Those bad people out to get you. You know.

Re:The worrisome part (1)

Anonymous Coward | about 2 months ago | (#47756163)

Or they might killswitch a phone being used by a reporter who is recording them while they beat on the camerman next to them.

Once they "can" wipe / brick a phone, they will do it for any petty reason they can think of.

Neighbor's dog shitting in their yard, boom bricked the neighbor's phone(s).

Daughter's boyfriend brings home daughter 5 minutes late - boom - boyfriend's phone bricked.

Spouse suspected of infidelity - boom - spouse's phone bricked.

Once it starts, it won't stop.

Kill switching should be under the control of the phone's owner and only the phone's owner, without their cooperation (not coerced) - it should be impossible for anyone else to trick the phone for any reason whatsoever.

Re: The worrisome part (2)

DigiShaman (671371) | about 2 months ago | (#47756311)

It's why your photos and media should sync to the cloud immediately after. Brick the phone? Fuck you, in the cloud baby! Put me in prison? Fuck you, deadman switch will release all data to the public!

Re: The worrisome part (3, Interesting)

qbast (1265706) | about 2 months ago | (#47756563)

Exactly. Does anyone know of an audio recording app for android which *immediately* (while it is still recording) uploads to remote server? Even better if it is possible to start it in unobtrusive way.

Re:The worrisome part (1)

Anonymous Coward | about 2 months ago | (#47756251)

they could already cut off service to the phone so that really wasn't an issue.

this could be used if say somebody had incriminating evidence against the police on the phone, so they send a wipe command. Or lock all phones in a protest to prevent people from offloading the data so they can crack down and make sure nothing incriminating can get out.
sounds like it is time to start removing the function from your firmware. much like it is illegal to remove the tags off a mattress for a merchant, but the end user can do it.

Re:The worrisome part (4, Insightful)

mrchaotica (681592) | about 2 months ago | (#47756407)

The language in the law matters because it mandates that carriers must make it technically possible for law enforcement to use the killswitch. Otherwise, it could have been implemented in such a way that only the owner could do it (e.g. by requiring a user-set access code).

Re:The worrisome part (2)

Mr D from 63 (3395377) | about 2 months ago | (#47756047)

Can't they already cut off phone service without killing the phone itself? Seems like two different things mixed together. If the purpose of the kill switch is to erase data and render inoperable, and therefore prevent theft, there is little logical reason that not erasing a phone's data would somehow present a threat or prevent a criminal act. In fact, it may erase evidence.

Re:The worrisome part (1)

silas_moeckel (234313) | about 2 months ago | (#47756569)

They can cut off phone service in this and other countries but the theft is going to china etc that does not care or the be broken down to parts.

Re:The worrisome part (0)

Anonymous Coward | about 2 months ago | (#47756049)

Actually, it's much worse than that. That is only in California. There are no laws concerning the use of this kill switch by police in the rest of the country, as none of the other states mandated this switch and wrote in protections.

Re:The worrisome part (1)

NatasRevol (731260) | about 2 months ago | (#47756727)

Guess what business will be cropping up in Reno soon?

Re:The worrisome part (5, Insightful)

edibobb (113989) | about 2 months ago | (#47756071)

... and the federal government will use the tool whenever they darn well please.

Re:The worrisome part (0)

Anonymous Coward | about 2 months ago | (#47756825)

turning the phone off is not nearly as bad as what they are doing now.

Re:The worrisome part (0)

Anonymous Coward | about 2 months ago | (#47757101)

... and the federal government will use the tool whenever they darn well please.

And they can sue you or jail you or take your money whenever they damn well please already. And you are worried about some stupid phone?

This feature probably has a remote log. If "the man" takes your phone, you can just sue "the man" in small claims and get compensation.

Re:The worrisome part (1)

phrostie (121428) | about 2 months ago | (#47756125)

I have to wonder how this will affect projects like Cyanogen mod.

Re:The worrisome part (1)

Threni (635302) | about 2 months ago | (#47756259)

It's software (hence the stupid comments about cost - it's effectively zero; android already has it, for example). Cyanogenmod can use that aspect of the AOSP stack or not, as they see fit, as can any other rom producer, or end user (if they've a rooted phone).

Re: The worrisome part (0)

frikken lazerz (3788987) | about 2 months ago | (#47756723)

Two things: Given Google's recent trend of hating open source in android, chances are this kill switch will be part of Google play, not AOSP. Will it be illegal to install CyanogenMod until they create their own kill switch? And what happens if an individual user finds a way to block the kill switch? Is that now a crime? What if cyanogen ships the kill switch but provides some code or directions to disable it on their website? And so on. I'm just worried this will have a chilling effect on open source projects, as well as making it even harder for new phone companies to enter the market (even more governmental rules and regulations). So fuck you California. It's one thing if you dumb liberals infect your own state. It's another if you have a chilling effect on the entire US (and perhaps even around the world).

St. Louis (0)

xdor (1218206) | about 2 months ago | (#47756519)

Police can draw the curtain before arrests and shooting begin: effectively turn off everyone's camera and twitter feed.

Now, no one will know...

Re:The worrisome part (1)

Anonymous Coward | about 2 months ago | (#47756547)

I hope noone buys into the bullshit that this is for your own personal benefit in case your some-hundred-dollar-convenience-gadget gets stolen.

This is a brick in the ever growing suppress-the-people wall.

What are you going to do when one day - this day is long behind us if you ask me - you really need to overthrow your government because they are just overdoing it with the corruption, the secret laws, the killing of people in foreign countries without trials? All these little bricks you thought were for your own good suddenly are stones in your way to assemble resistance.

Do you think it's a coincidence the NSA says domestic targets are exempt from spying, yet somehow the technical possibilities are all there in place? They flip a switch, the spying extends to domestic targets and by some other secret law, you're a terrorist. Boom. Welcome to Gitmo.

If you still think you live in a free country you need to wake the fuck up and reach for those pitch forks - metaphorically speaking, because good luck exercising your 2nd amendment against the military-industrial complex when even your run-of-the-mill shithole sheriff comes waltzing in on an armored army vehicle.

The USA is a failed imperium and the sooner it falls, the better for rest of the world.

Re:The worrisome part (1)

Karmashock (2415832) | about 2 months ago | (#47757009)

Root the phone and roll your eyes.

Worldwide reach (4, Interesting)

countach (534280) | about 2 months ago | (#47756005)

An interesting case of how one US state could change worldwide products.

Re:Worldwide reach (1)

Anonymous Coward | about 2 months ago | (#47756057)

Californians (left and right) have always believed that the world revolves around them.

Re:Worldwide reach (1)

eedwardsjr (1327857) | about 2 months ago | (#47756127)

That would be New York, sir.

Tornadoes (4, Funny)

Overzeetop (214511) | about 2 months ago | (#47756177)

They both do. How else do you account for all the rotational energy which spawns tornadoes in the middle of the country?

Re:Worldwide reach (3, Funny)

Anonymous Coward | about 2 months ago | (#47756595)

Given that the UN and the largest financial markets are in New York, it does hold significant weight as a meeting place. On the other hand, what is unique to California? The prevalence of almond production and the odd belief that technology development requires a centralized physical place. So clearly New York is full of liars while California is full of nuts.

Re:Worldwide reach (0)

Anonymous Coward | about 2 months ago | (#47756331)

We need to apply the antitrust laws to California: it's time to break it up.

I remember a quote from a French author who wrote something like "I like Germany. I like it so much I wish there were two of them".

There ought to be at least two baby Californias. Maybe three or four.

Re:Worldwide reach (0)

Anonymous Coward | about 2 months ago | (#47756085)

I am wondering if this will go to court myself? A State should not have to the power to force a separate product. The Feds can overrule this because it does come under the Commerce Clause. I don't think it will since phone manufacturers are already implementing something but the State should NOT have the capability of shutting off my phone.

Re:Worldwide reach (0)

Anonymous Coward | about 2 months ago | (#47756225)

Well the State, the Manufacturers, possibly your Service Provider, undoubtedly police and probably every other bored teenager.

Re:Worldwide reach (3, Informative)

mrchaotica (681592) | about 2 months ago | (#47756699)

A State should not have to the power to force a separate product.

That ship has already sailed. The California Air Resources Board (CARB), for example, has had stricter auto emissions standards for years, resulting in cars being sold in either "49-state" and "California emissions" versions, or a "50-state" version that meets CARB standards whether it's sold there or not.

Re:Worldwide reach (1)

CanHasDIY (1672858) | about 2 months ago | (#47756101)

They were going to start putting in "killswitches" anyway - too much worldwide governmental pressure not to. Methinks that line in the summary is the result of wishful, "look-how-important-I-feel" thinking.

No different than emission standards (2)

swb (14022) | about 2 months ago | (#47756185)

California is basically a nation-state unto itself. It is so large and relatively wealthy that when it sets standards, it often sets them for the entire nation and occasionally the world.

IIRC, auto emissions controls were one of those things California began to mandate. Not selling cars in California wasn't an option, so automakers began basically making cars that met their standards and sold them everywhere because the economies of scale made it make sense to do so.

Re:No different than emission standards (0)

Anonymous Coward | about 2 months ago | (#47756453)

Not true. One of my friends moved out from California a few years ago. His car actually has different emissions hardware than my car. My uncle just moved out to California, and in order to register his car in the state, he had to get additional hardware installed.

Re:Worldwide reach (3, Interesting)

i.r.id10t (595143) | about 2 months ago | (#47756611)

Has happened quite a bit in the past... even now, some firearms have "California models" vs. "everywhere else". Example would be the GSG and/or SIG 1911 clones in 22lr that have threaded barrels for "everywhere else" and the thread protector is either silver soldered in place or a different barrel is used for the California model.

A less inflammatory example would be the Porsche 930 from '84 to '89. The California emissions laws wouldn't allow them to be imported into the US at all (greymarket cars from Canada aside, and now the old age exemption). Porsche solved this by offering the factory Turbo Look option, priced about half way between the normal 911 model and the 930 model. To make them, they took a 930, removed the rear windshield wiper, the turbo script under the whale tail, and the turbo engine, putting in the 3.2l normal engine. These were known as "M491" cars after the option package code, and just over 1000 were produced in the 5 year model span (420 for the '83 model year, dwindling down to 15 or so in '89 and almost all were coupes - very few cabriolets were made, and only a few targa models), almost all of which were for US delivery. Buyers got that great wide back end sexy body look, the better brakes, suspension, etc. of the 930, but the regular 3.2l engine that could pass California's emissions laws.

Bets on first use (4, Insightful)

Anonymous Coward | about 2 months ago | (#47756011)

How many want to take up a bet when the next 'troublesome' protest gets targeted with the kill switch... in the name of public safety, of course....

Re:Bets on first use (1)

PackMan97 (244419) | about 2 months ago | (#47756141)

Exactly! Or maybe someone took some photos or videos that a government doesn't want to get out. Simply kill the phone and you are done with that problem.

The bad scenarios are far more dangerous than not having a kill switch.

Besides, weren't there apps that do this that folks could purchase of their own free will"?

Re:Bets on first use (2)

Jeremi (14640) | about 2 months ago | (#47756487)

Besides, weren't there apps that do this that folks could purchase of their own free will?

There are, but the feature doesn't work as a theft deterrent unless almost everybody has it. If only a few people have it, thieves will steal phones anyway, because the likelihood is they can resell most of the phones they steal. If/when we get to the point where almost all phones auto-brick after they are stolen, cell-phone thieves will lose their profit incentive and move on to something else.

Re:Bets on first use (2)

qbast (1265706) | about 2 months ago | (#47756587)

Yes, but the problem with these apps is that they give control only to owner of the phone, not to police.

Or just don't sell phones in California (1, Insightful)

Anonymous Coward | about 2 months ago | (#47756017)

I'm sure they can live without for a while. Why should everybody suffer is some state in some backwater country makes a bad decision?

Legislating Technology (0)

Anonymous Coward | about 2 months ago | (#47756045)

"...The technological solution shall be
reversible, so that if an authorized user obtains possession of the
smartphone after the essential features of the smartphone have
been rendered inoperable, the operation of those essential features
can be restored by an authorized user...."

So, in essence this law protects nothing (data is not wiped), and I'm sure competent hackers will immediately find ways around this stupid "Kill Switch" idea. Let the market provide the solution! This does not need to be codified into law.

Re:Legislating Technology (1)

mark-t (151149) | about 2 months ago | (#47756593)

I'm sure competent hackers will immediately find ways around this stupid "Kill Switch" idea.

I would assume that reversal requires physical access to the phone, and also the manual entry of the correct password into the device itself, the password being one that is created by the user (initially randomized at manufacture, the default code for it being on a small slip of paper that comes with the phone when you buy it brand new). Since each password attempt would have to be manually entered, there is no viable way to expedite cracking such a phone, and I would imagine that most people even trying to do so would probably quickly abandon the attempt. And if the point of the law is to simply make theft of cell phones unprofitable, I think it would probably succeed.

Re:Legislating Technology (0)

Anonymous Coward | about 2 months ago | (#47757129)

So how is that any different from using a decent password on the lock screen today? Why do you need a "remote lock", when the phone is fully capable of locking itself after XX seconds of inactivity? NOTE that there is no remote _wipe_ legislated here, TFS and TFA both got that wrong.

The only thing new here (that the law is forcing into existence) is that The Police can now do it remotely -- and I'm sure they are the ones who get to pick the unlock code too.

Re:Legislating Technology (1)

Hotawa Hawk-eye (976755) | about 2 months ago | (#47757135)

I predict that as soon as a phone with the (undoubtedly standard) kill switch is released, someone will write a software program to reverse the locking. For good measure, that software program will probably also users to kill a phone remotely by spoofing the signal to make the kill switch program believe it's coming from the telecom company or law enforcement.

Unless there's a hardware component (say a physical key you need to insert into a slot on the side of the phone) the security WILL be broken quickly because the financial and bragging rights rewards for doing so are huge. If there IS a hardware component, the thief will likely turn mugger and demand the person's keys -- I suspect many people will probably put the key on their key ring.

Unintended consequences ... (5, Interesting)

gstoddart (321705) | about 2 months ago | (#47756055)

I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).

I predict it will be less than a year before hackers figure out how to brick or otherwise damage cell phones.

Because, as usual, when you try to pass a legal solution to a technical problem, you will introduce new technical problems, and if law enforcement can abuse something they will.

This will be misused, it's only a matter of time. And, since manufacturers will decide to make the phone the same for everywhere, we're all fucked because of a decision in California. And I don't trust that the carriers won't brick a phone you own if your bill is late, instead of just cancelling your service they'll kill your phone.

Everyone around the world will now have a phone which has a loop-hole allowing law enforcement, government, and private industry to brick it. Add to that the likely back doors for law enforcement to look into your phone, and suddenly your phone is controlled by entities which aren't you.

Re:Unintended consequences ... (1)

91degrees (207121) | about 2 months ago | (#47756109)

I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).

What prevents them from doing this now? They effectively control the exchanges.

Re:Unintended consequences ... (1)

gstoddart (321705) | about 2 months ago | (#47756165)

One is at a network level, the other is at a device level.

When LEOs can brick your phone, it's more than disrupting your service, it's destroying your property.

Police can also use the tool, but only under the conditions of the existing section 7908 of the California Public Utilities Code. That gives police the ability to cut off phone service in certain situations and typically requires a court order, except in an emergency that poses "immediate danger of death or great bodily injury."

And they've demonstrated that they will expand the scope of that, or misuse it as they see fit. Because they always expand the scope of these things down the road for something else since they already have the mechanism.

They will have also built in a mechanism whereby malicious actors will be able to do this just for the fun on it.

Re:Unintended consequences ... (1)

LynnwoodRooster (966895) | about 2 months ago | (#47756847)

Exchanges/telcos are regulated and controlled at the State and Federal level, levels well above local police. Your local police officer can get a part-time magistrate in traffic court to approve bricking your cellphone. To do that with an exchange would take a State or Federal circuit court judge (something well above the reach of your average police chief).

Already (mostly) exists (1)

Overzeetop (214511) | about 2 months ago | (#47756223)

You do realize that both Android and iOS have this feature baked in, right? You can remotely wipe your phone, and with a court order the police can coerce you to do it as well (if you worry about such things). All that's required is the device lock, which is fairly trivial given the propensity for modders to brick phones accidentally.

 

Re:Unintended consequences ... (0)

Anonymous Coward | about 2 months ago | (#47756273)

If you really think this is just because of a decision in California then I have a few bridges I would be happy to sell you.

Why hasn't it happened already? (4, Insightful)

swb (14022) | about 2 months ago | (#47756275)

iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones. Dirty hipsters and their iPhones have been at the center of a lot of protests yet we haven't heard of mass iPhone shutdowns by the police in response to demonstrations.

I think government/law enforcement already have the powers they physically need to fuck with cell phones. Between Stingray devices and the ability to present national security letters to carriers or service providers, if they wanted to they could get IMEIs blacklisted or get someone like Apple to brick a specific phone.

I think this just finally cuts off the ability of the cell carriers to encourage and profit from theft by activating stolen phones. Maybe if we treated AT&T stores like pawn shops and told them it was loss of their licenses and jail time for trafficking in stolen property if they activated stolen phones the kill switches wouldn't be necessary, but because corporate profits and lobbying we don't.

Re:Why hasn't it happened already? (0)

Anonymous Coward | about 2 months ago | (#47756581)

Pawn shops can sell stolen goods with no consequences as long as they didn't "know" the good were stolen (good luck proving knowledge of theft, they will stay willfully ignorant). I know this from personal experience. Stolen goods sold to pawn shop, police involved, and still had to BUY my own property back from the pawn show despite having serial numbers of the goods written down and police agreement that the goods in the pawn shop were stolen. Some other items were already sold by the pawn shop.

Re:Why hasn't it happened already? (0)

StikyPad (445176) | about 2 months ago | (#47756867)

iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones.

http://www.cnn.com/2014/05/27/... [cnn.com]

Now you have.

Re:Why hasn't it happened already? (2)

Theaetetus (590071) | about 2 months ago | (#47757097)

iPhones have had the ability to be remote wiped for a long time. Yet I have not heard of a pandemic of hacker-led mass bricking of iPhones.

http://www.cnn.com/2014/05/27/... [cnn.com]

Now you have.

According to the Ministry the criminals used two “well-established schemes.” [threatpost.com] One of them was hacking users’ email accounts and elaborate phishing pages to glean victims’ Apple ID credentials. The second scheme – which may or may not related to the Oleg Pliss scam – allegedly bound devices to prearranged accounts and used “various internet resources to create ads.” Those ads promised access to Apple ID accounts that contained “a large amount of media content.” As soon as someone accepted the offer and linked their device to the account, attackers hijacked the devices.

Phishing to obtain email credentials and then presenting yourself as the legitimate user, or offering access to free media to suck in greedy people. Social engineering - not the same thing as hacking the bricking/remote wipe protocol.

Re:Why hasn't it happened already? (0)

Anonymous Coward | about 2 months ago | (#47756987)

You appear to be confused. Bricking and wiping are not the same thing.

Re:Why hasn't it happened already? (1)

DutchUncle (826473) | about 2 months ago | (#47757181)

Maybe if we treated AT&T stores like pawn shops

Best point. Why are the phone companies accepting phones that are already linked to other service? Well, I suppose all it needs is changing a SIM in GSM phones, but CDMA phones are stable, and it would be so easy to check the IMEI being registered on a system. Especially iPhones because people tend to keep in touch with Apple.

Re:Unintended consequences ... (0)

Anonymous Coward | about 2 months ago | (#47756283)

Unintended?

Re:Unintended consequences ... (1)

Jahava (946858) | about 2 months ago | (#47756775)

I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).

They'd have to go through all of the trouble of identifying the individuals and gaining cooperation of the carriers/vendors. When they're close enough to identify individuals by name, why go to the trouble of locking phones? They'll just do what they do now and arrest them.

I predict it will be less than a year before hackers figure out how to brick or otherwise damage cell phones.

This depends on how the lock is implemented. iOS and Android already have some remote lock/wipe features that haven't been heavily hit by hackers. Mass phone wipes haven't been a thing yet. I'm sure people will try and I'm sure some will succeed (likely in controlled circumstances), but identity establishment and crypto are both well-known in the industry.

Because, as usual, when you try to pass a legal solution to a technical problem, you will introduce new technical problems, and if law enforcement can abuse something they will.

This is hardly a technical problem, as it's been solved and implemented in various forms for years (e.g., iOS7). This is a policy problem, and a legal solution is quite appropriate. For example, carriers have blocked Samsung from including an activation lock [appleinsider.com] . This kind of thing is what the legal solution solves by taking the decision out of the vendors' (who care about products and reputation) and carriers' (who care about profits) hands. The decision seems pretty reasonable, as existing legislation/policy has resulted in measurable drop in device theft [cnet.com] for those devices.

This will be misused, it's only a matter of time. And, since manufacturers will decide to make the phone the same for everywhere, we're all fucked because of a decision in California. And I don't trust that the carriers won't brick a phone you own if your bill is late, instead of just cancelling your service they'll kill your phone.

Existing lock options are done through the phone vendors, not the carriers. If the carriers did this to your personally-owned device, it is property damage. And if the government wanted to deny an individual cell service, they can do it now (and have been able to for all of cellular history) with a warrant through the carrier. The government/carrier has always been able to shut off your service.

Re:Unintended consequences ... (0)

Anonymous Coward | about 2 months ago | (#47756897)

"We" applies if you mean Americans. Phone makers consider that market separate from the rest.

How long will it be before script kiddies (0, Flamebait)

mark_reh (2015546) | about 2 months ago | (#47756087)

are remotely bricking phones for fun and profit?

Re:How long will it be before script kiddies (4, Insightful)

Overzeetop (214511) | about 2 months ago | (#47756241)

How many iPhones and Android devices are currently being remotely wiped? I ask because both have the feature to do so currently.

Re:How long will it be before script kiddies (0)

Anonymous Coward | about 2 months ago | (#47756997)

From an above post: http://www.cnn.com/2014/05/27/tech/mobile/hackers-iphones/

Lawmakers are generally idiots. (0)

Anonymous Coward | about 2 months ago | (#47756095)

And it's becoming worse. What can we do about it?

Meaning... (0)

Anonymous Coward | about 2 months ago | (#47756115)

That I want to buy a phone that can't legally be purchased in California.

Re:Meaning... (1)

FictionPimp (712802) | about 2 months ago | (#47756239)

Why not, they make California legal and California illegal versions of firearms. Most of the firearms I've bought in the last decade are illegal to buy in cali.

Simplier solution at the carrier level (0)

Anonymous Coward | about 2 months ago | (#47756153)

Isn't the better solution to get the carriers to refer to a "stolen phone" database before providing new service? As in you would tell your service provider that your phone had been stolen, the would upload whatever the unique identifier is for the phone to the database, and henceforth they (and everyone else) would refuse to connect that phone to their network. No need for remote wipes etc. unless the user wanted to go down that root and the goal of making stolen phones basically useless will have been accomplished in a way that would be very difficult to hack around.

Re:Simplier solution at the carrier level (0)

Anonymous Coward | about 2 months ago | (#47756197)

http://en.wikipedia.org/wiki/International_Mobile_Station_Equipment_Identity#Blacklists_of_stolen_devices

Who cares? (0)

Anonymous Coward | about 2 months ago | (#47756201)

Apple [apple.com] phones have already had this for years.

Blackberry [blackberry.com] phones have already had this for years.

Android [google.com] phones have already had this for years.

Windows [windowsphone.com] phones have already had this for years.

What exactly is this law going to change, force FirefoxOS or Sailfish phones to add a remote killswitch? It sure sounds like people are getting riled up about something that has already been done to 99% of the smartphones on the market because now it's "the rules" that they continue to due what they're already doing.

Re:Who cares? (1)

mark-t (151149) | about 2 months ago | (#47756781)

The Android app does not lock the phone, it erases it. The phone itself would still be usable once you replace the sim card. The point of the law is to make the theft of protected cell phones unprofitable by requiring that the functionality be embedded into the device itself, and make the phone unusable for anything beyond making an emergency call, or using the keypad to enter in the appropriate unlock code.

So sad ... (1)

johnlcallaway (165670) | about 2 months ago | (#47756221)

... that we have to pay for features based on the lowest common denominator. Another law from the idiots in California that impact everyone, regardless of where they live.

Wish that San Francisco earthquake had been just a little bit stronger .. and sliced San Diego, LA and San Francisco into the ocean. Ok .. maybe not San Francisco, it's a pretty cool town. The other two are cesspools and I try to avoid them whenever I have to make trips that way.

Re:So sad ... (0)

Anonymous Coward | about 2 months ago | (#47756531)

I think San Diego would be spared.

Instead start with LA and head north all the way up to the USA border with your destruction.

Re:So sad ... (0)

Anonymous Coward | about 2 months ago | (#47756925)

But then who would pay for all the welfare of the other states?

California (0)

Anonymous Coward | about 2 months ago | (#47756231)

There are California and non-Californian versions of a lot of products, despite the inefficiency, so let's just hope that world-wide (non-Californian) demand for non-kill-switch phones is high enough.

lol when those killswitches be gettin hacked (0)

Anonymous Coward | about 2 months ago | (#47756341)

Just lol. All I'm sayin

Reality catches up! (0)

Anonymous Coward | about 2 months ago | (#47756353)

Neo: "You can't scare me with this Gestapo crap. I know my rights. I want my phone call."
Agent Smith: "Tell me, Mr. Anderson... what good is a phone call... if you're unable to speak [on your bricked phone]?"

fuck!? (-1)

Anonymous Coward | about 2 months ago | (#47756377)

Hubbard and JMike *BSD is dying Yet personal rivalries AND EXECUTES A Of its core

Sheep getting ready for the butcher (1)

marcroelofs (797176) | about 2 months ago | (#47756475)

Every population gets the government it deserves.

Kill Switch for the CA Cell Phone Market (2)

Ronin Developer (67677) | about 2 months ago | (#47756737)

So, they are mandating that cell phone manufacturers implement a kill switch to be able to sell mobile phones in CA? Is the cell phone market in CA big enough for the manufacturers to really care? Or, will they tell to CA to screw off and simply not sell in CA and the Nevada cell phone business and black market phone market will boom?

This will be interesting to see how it plays out.

Re:Kill Switch for the CA Cell Phone Market (1)

jmelamed (152545) | about 2 months ago | (#47757187)

California has the 8th largest economy in the world, just behind Italy and in front of Russia. Russia is currently in the news because the sanctions being used against that country are creating real problems for Europe.

So yeah, cell phone vendors care quite a bit about the Golden State market. If the past is any guide, this kill switch will be for all phones sold in the US and soon the world.

Just for irony's sake... (1)

matbury (3458347) | about 2 months ago | (#47756807)

I think all these phones should come with a copy of George Orwell's Nineteen Eighty-four and a copy of the US constitution... for irony's sake. They should also be made suscpetible to packet injection so that the authorities can alter the information that people receive through them. Down the memory hole!

California, the Gateway Drug of States (2)

handy_vandal (606174) | about 2 months ago | (#47756823)

... the inefficiency of producing phones solely for California means the kill switch is expected to be adopted by phone makers on handsets sold across the U.S. and around the world.

First they tempt you with California legislation.

Next thing you know, you're hooked on NAFTA, ACTA, and God knows what other Profit-Seeking Acronyms (PSA's).

I suppose we should feel lucky that Amazon is not using United Nations Black Drones to deliver tracking devices (such as your new phone) to your door ... or wherever they know you are ....

Can we opt out? (1)

troll -1 (956834) | about 2 months ago | (#47756893)

How free are we if the state can take control of our electronic devices and we have no option to opt out? What does freedom mean if the state can tell manufactures what features phones must have? Can I build my own phone that doesn't have this feature? Can I sell it to you? Will they put me in jail if I do? Will they put _you_ in jail for being in possession of a non-government phone? When things like this happen in countries like China everyone jumps on the bandwagon and says how great America because we are free but when it happens in America for some reason it gets justified.

Re:Can we opt out? (1)

jratcliffe (208809) | about 2 months ago | (#47757005)

No, you can't opt out, at least for a phone you're going to sell. By the same token, you can't opt out of FCC regs limiting the frequencies and power levels of your phone, nor can you opt out of regs on the emissions of your car.

Re:Can we opt out? (0)

Anonymous Coward | about 2 months ago | (#47757087)

Try applying your logic to any of millions of other products.

Can you build your own (original style) Lawn Darts? Yep. Can you sell them? No!!!

Can you build your own car that lacks air bags/side-mirrors/seat-belts? maybe. Can you sell it? No. Can you use it on government roads? Maybe.

A script that will be made by somebody.. (0)

Anonymous Coward | about 2 months ago | (#47756921)

while(true){
for every $phone in $world:
{
        kill($phone)
      Console.Write("lol");
  }
}

Encryption encryption encryption (1)

MobyDisk (75490) | about 2 months ago | (#47757023)

This is fine so long as the key to do so is held only by the owner of the phone. Ex: It can't be some kind of message like "WIPE PHONE NOW" it needs to be "WIPE " or something like that.

way around this? (1)

afaiktoit (831835) | about 2 months ago | (#47757169)

what if they just pull the battery or put the phone in a faraday cage till they're shipped off to china/wherever so they cant be bricked?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?