Super Cali signs a kill-switch, campaigners say it's atrocious

Remote-death button bad news for crooks, protesters – and great news for hackers?

Remote control for virtualized desktops

California's governor Jerry Brown has signed off on a bill that requires any manufacturer selling smartphones in the Golden State to install a kill switch capable of bricking the handset.

Bill SB 962 has been signed into law, mandating all smartphones sold in California to have software in place to brick stolen handsets. The law applies to all handsets sold after July 1, 2015 but is not applicable to handsets produced after January 1, 2015 that aren't capable of running the remote-death code [How intensive can this code really be? – ed]

According to the bill, the kill switch software must "be able to withstand a hard reset or operating system downgrade, come preequipped, and the default setting of the solution shall be to prompt the consumer to enable the solution during the initial device setup."

California is the second US state to demand kill switches, and the law comes after hard lobbying from San Francisco's District Attorney George Gascón. The DA, and New York State Attorney General Eric Schneiderman, have been pressing for a kill switch as a way to halt the epidemic of phone theft in both cities, and the evidence is that such a system could cut crime drastically.

In July the pair released the results of a crime survey showing that after Apple introduced Activation Lock for iOS in September, thefts of iPhones in San Francisco fell by 38 per cent. By contrast, thefts of Samsung devices, which lack the kill switch, rose by 12 per cent.

California's bill is similar to federal legislation requiring a kill switch, which is working its way through the US Senate. But the mobile phone industry has already accepted the inevitable, and will be introducing kill switches next July – but it won’t be turned on by default.

Wireless tech industry body CTIA – which represents Apple, Samsung, Verizon, AT&T, T-Mobile US and others – fought hard against a kill switch, a move Gascón said was an attempt to preserve its sales of lucrative insurance and replacement contracts.

Privacy groups are also concerned about the technology, worrying that while it's useful for thwarting thieves, it may be abused by governments. The riots in Ferguson prompted a lockdown in the city by police, and the area was made a no-fly zone; if mobiles could have been turned off remotely by cops, it looks likely they would have done so.

"Police could use the kill switch to shut down all phones in a situation they unilaterally perceive as presenting an imminent risk of danger," said Jake Laperruque, the Center for Democracy and Technology's fellow on privacy, surveillance, and security.

"It’s not hard to imagine law enforcement putting such a label on a protest: Managers of the [San Francisco] BART subway system shut down cell service in four stations just prior to planned anti-police demonstrations in 2011, claiming the disruptive measure was justified by public safety concerns."

There are also fears hackers will get hold of the kill-switch feature to cause misery for unlucky mobe owners, pretty much along the same lines as the hassle tech hack Mat Honan went through in 2012: a miscreant was able to hijack his iCloud account to remotely erase and lock his iPhone, iPad and MacBook.

In the short term it is expected that the installation of kill switches will help reduce levels of theft after criminals realize they are most likely going to have purloined phones bricked. But in the longer term crime rates are likely to rise again once a way is found to defeat the locking software. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Verizon bankrolls tech news site, bans tech's biggest stories
No agenda here. Just don't ever mention Net neutrality or spying, ok?
prev story


Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.