Feeds

Super Cali signs a kill-switch, campaigners say it's atrocious

Remote-death button bad news for crooks, protesters – and great news for hackers?

Top 5 reasons to deploy VMware with Tegile

California's governor Jerry Brown has signed off on a bill that requires any manufacturer selling smartphones in the Golden State to install a kill switch capable of bricking the handset.

Bill SB 962 has been signed into law, mandating all smartphones sold in California to have software in place to brick stolen handsets. The law applies to all handsets sold after July 1, 2015 but is not applicable to handsets produced after January 1, 2015 that aren't capable of running the remote-death code [How intensive can this code really be? – ed]

According to the bill, the kill switch software must "be able to withstand a hard reset or operating system downgrade, come preequipped, and the default setting of the solution shall be to prompt the consumer to enable the solution during the initial device setup."

California is the second US state to demand kill switches, and the law comes after hard lobbying from San Francisco's District Attorney George Gascón. The DA, and New York State Attorney General Eric Schneiderman, have been pressing for a kill switch as a way to halt the epidemic of phone theft in both cities, and the evidence is that such a system could cut crime drastically.

In July the pair released the results of a crime survey showing that after Apple introduced Activation Lock for iOS in September, thefts of iPhones in San Francisco fell by 38 per cent. By contrast, thefts of Samsung devices, which lack the kill switch, rose by 12 per cent.

California's bill is similar to federal legislation requiring a kill switch, which is working its way through the US Senate. But the mobile phone industry has already accepted the inevitable, and will be introducing kill switches next July – but it won’t be turned on by default.

Wireless tech industry body CTIA – which represents Apple, Samsung, Verizon, AT&T, T-Mobile US and others – fought hard against a kill switch, a move Gascón said was an attempt to preserve its sales of lucrative insurance and replacement contracts.

Privacy groups are also concerned about the technology, worrying that while it's useful for thwarting thieves, it may be abused by governments. The riots in Ferguson prompted a lockdown in the city by police, and the area was made a no-fly zone; if mobiles could have been turned off remotely by cops, it looks likely they would have done so.

"Police could use the kill switch to shut down all phones in a situation they unilaterally perceive as presenting an imminent risk of danger," said Jake Laperruque, the Center for Democracy and Technology's fellow on privacy, surveillance, and security.

"It’s not hard to imagine law enforcement putting such a label on a protest: Managers of the [San Francisco] BART subway system shut down cell service in four stations just prior to planned anti-police demonstrations in 2011, claiming the disruptive measure was justified by public safety concerns."

There are also fears hackers will get hold of the kill-switch feature to cause misery for unlucky mobe owners, pretty much along the same lines as the hassle tech hack Mat Honan went through in 2012: a miscreant was able to hijack his iCloud account to remotely erase and lock his iPhone, iPad and MacBook.

In the short term it is expected that the installation of kill switches will help reduce levels of theft after criminals realize they are most likely going to have purloined phones bricked. But in the longer term crime rates are likely to rise again once a way is found to defeat the locking software. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
BIG FAT Lies: Porky Pies about obesity
What really shortens lives? Reading this sort of crap in the papers
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.