Feeds

Legal eagles pit Apple v. Samsung in thievery test

New York and San Francisco move on phonejacking

SANS - Survey on application security programs

Sick of the number of reported phone thefts in their jurisdictions, lawmakers have decided to hold a contest to discover how easy it is to crack stolen smartphones for resale.

New York attorney general Eric Schneiderman and San Francisco district attorney George Gascón have hired Northern California Regional Intelligence Center staff to try to crack the activation lock on an iPhone 5 and a Samsung Galaxy S 4 that was running $29.95 per year Lojack software.

"Finding technical solutions that will remove the economic value of stolen smartphones is critical to ending the national epidemic of violent street crimes commonly known as 'Apple Picking'," said the pair.

"While we are appreciative of the efforts made by Apple and Samsung to improve security of the devices they sell, we are not going to take them at their word," they said. "Today we will assess the solutions they are proposing and see if they stand up to the tactics commonly employed by thieves."

The testing will involve breaking into the handset and disabling any features that would allow the owner to track the phone. Once these have been broken, the device can usually be wiped, reset, and sold on.

Thieves are getting increasingly savvy about getting around these smartphone tracking features, and police report that taking electronic tracking into account is all part of the criminal business these days.

Certainly smartphone theft is increasingly common, with the FCC reporting that one in three robberies in major cities now involve the theft of such devices. We're carrying something with the price of a laptop computer in our pockets, and thieves follow the money.

Last month the two lawmakers launched the Secure our Smartphones Initiative (SOS – predictably) to push mobile phone makers into installing a "kill switch" into their code that would allow the device to be rendered useless in the event of a loss or theft.

"Together, we are working to ensure that the industry imbeds persistent technology that is effective, ubiquitous and free to consumers in every smartphone introduced to the market by next year," they said.

Nevertheless, El Reg has to take issue with the math behind some of the lawmaker's claims. According to their statement "roughly 113 smartphones" are stolen or stolen every minute in the US. That's 162,720 per day, or 59.3 million per year.

Smartphone usage rates are high in the US, but not that high. Taking out those too young, poor, or uninterested in owning such a device, then that "roughly" sounds somewhat overstated. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.