They could probably stop some of this right away by making it illegal for laundromats to sell phones at all. Seriously, who the hell would buy a phone at a laundromat expecting it to be legitimate?!
A New York State legislator has proposed a law designed to combat smartphone theft by making it illegal to buy or sell a used mobe without valid proof of ownership. Phone theft is on the rise in cities around the US and the UK. An estimated 1.6 million Americans were mugged for their mobes in 2012, and in tech-savvy San …
They could probably stop some of this right away by making it illegal for laundromats to sell phones at all. Seriously, who the hell would buy a phone at a laundromat expecting it to be legitimate?!
Just make stealing a iphone a mandatory 20 year sentence and stealing an Android phone a mercy theft that comes with a £100 reward.
(Apologies apply about appalling alliteration above)
Technical solutions are what we as technologists first turn to by instinct, but they're not always the best answer. This scheme could knock the problem back, not eliminate it for sure, but massively dent it for very little cost.
I once worked for a biiig software company who had electronically delivered payslips. The system to do this failed security audit and I was tasked with sorting it out. The reason it failed was because it punched a hole in the firewall giving an external company direct domain access, they were right to fail it for several corporate security reasons.
I proposed 3 different solutions to the business, one of which was massively cheapest and most robust - printing the payslips and delivering via internal mail. Cheaper to the tune of thousands of pounds a year even once everything was fully factored in from paper to delivery staff. That option was rejected for a far riskier, less secure, far more expensive one because people 'were used to having electronic payslips'. They would rather risk the corporate network than lose face.
Irony was, nobody trusted the electronic payslip application anyway, so printed them regardless. Paperless office my arse.
This scheme could knock the problem back, not eliminate it for sure, but massively dent it for very little cost.
You don't get something for nothing. This scheme will have little effect if implemented. It is a case of a politician needing to be seen doing something.* It is already a crime to steal a phone. It is already a crime to sell stolen property. Does it make it easier to track stolen phones? Not as far as I can tell. Does it make it more difficult to fence them? Perhaps in this one jurisdiction, but even there I doubt it will. Does it provide more funds to pay police to prevent theft? Probably not, but it does give them another easy way to harass someone trying to take a picture with their cell phone of the cops doing something they should not... and teens in general. I am sure this law will be used vigorously, but it will have little effect on theft.
* Passing a law that reiterates something already on the books as illegal rather than making a meaningful change.
> Paperless office my arse.
My wife's employer recently moved to electronic payslips that you view as a web page.
Problem is, if the tax man comes calling, you need to be able to show them something without having to rely on them being accessible online forever and a day. So we print them off and keep them in a file like many others.
The real reason for this transition is to save money and the cost of someone printing them off and delivering them, regardless of the greenwashing reasons used to justify them. They're passing the cost to the employees. The irony is, employees printing them off on their home inkjet printers is much more expensive and less "green" than what they used to do in batch. It's just a transfer of cost.
...given the frankly oddball legislation that the Yanks pass every year as local "ordinances", the idea of this yank is a surprisingly reasonable, considered, and actually practical one - whether is gets off the ground is another matter. Good luck to him on this one - it actually *should* get voted into law.
Unless of course it is possible to transport 'out of state' phones into NY or move stolen ones out.
It will also have the entirely un-expected side effect of making anyone owning an unregistered 'burner' phone as a suspected criminal or jouranlis
It will make anybody selling 3 or more
unregistered unreceipted burner phones as a suspected criminal. Shops will still be able to sell brand new burner phones in any quantity to anybody they like, it is the second hand selling market this is aimed at, not the second hand owners.
Next: Legislation that makes it illegal to demand payment for state services you have already paid for with taxes.
Should be a winner!
But seriously, it makes sense. Why not integrate a digital signature-based chain of ownership in the mobile though? One could check immediately if a prior owner has no properly signed the "check-out".
>>Why not integrate a digital signature-based chain of ownership in the mobile though?<<
Not in the land of the free, sunshine.
"Why not integrate a digital signature-based chain of ownership in the mobile though?"
The NRA would never stand for it. "Thin end of the wedge"
Has he really had someone killed over an iPhone? Quite brave of him to admit it publicly.
Sloppy phrasing aside (yeah, he should have had a "who was" in there), one wonders whether he the attacker would have acted any differently if the victim didn't have a phone. Can we really say that the phone was the proximate cause? I distrust any politician who has some piece of legislation he wants to get passed or agenda he wants to push (this latter tending to include all of them) and uses scare stories and tabloid-level reasoning (or rather, rhetoric) to achieve their goals. I'm reminded of several cases of politicians managing to get new laws introduced (eg, new drug laws and other restrictions on personal freedoms) based on evidence that's flimsy at best.
I'm not saying that an expensive phone flashed in the wrong place at the wrong time isn't a problem, but it's possible that (a) flashing any sort of bling could have triggered the attack, (b) the attacker may not have wanted the phone as such, but didn't want the victim calling the police, and (c) if it's a question of risking death or serious bodily harm or giving up your valuables, you're probably better off with the second option: you can get insurance against theft, and even if you're not insured against losing a phone (or watch or whatever) the pain of loss is better than the pain of serious injury...
So while I have nothing but sympathy the the victim and their family and friends, but I'm always suspicious of politicians that try to "make hay" out of these situations.
> (a) flashing any sort of bling could have triggered the attack
So the victim should walk about in drab clothes without any form personal adornment or valuables just in case somebody takes a fancy to them
> (b) the attacker may not have wanted the phone as such, but didn't want the victim calling the police,
The victim deserves what they get for threatening the attackers liberty by daring to contemplate calling the police.
> (c) if it's a question of risking death or serious bodily harm or giving up your valuables, you're probably better off with the second option
It must be the victims fault. Fancy daring to defend yourself. The poor attacker might have been deprived of your property or even ** gasp ** hurt. The victim deserves everything they got.
re: (a), (b), (c)
You're drawing inferences that aren't there. I'm not making any of the points you're saying I am: I'm only questioning whether the politician is right to say that the person was killed because of the iPhone.
As long as it is valuable to the thief and said thief considers life cheap, it will happen.
Can happen pretty often in prisons...usually over contraband like cigarettes. I recall a TV show showing one inmate beat a new arrival within an inch of his life...just for the shirt off his back.
Don't assume the person killed was the rightful owner of the phone. The politicians over here (especially in Bloomberg's NY) will spin anything. e.g. Bloomberg's anti gun propagander machine even listed Tamerlan Tsarnaev as a victim of gun crime! He was the Boston Bomber shot by police trying ot escape. Some victim.
It could be the bad guy was trying to steal the phone as part of some other crime and was killed for his efforts. A vague reference by a politician should be taken with a pinch of salt.
My nit-picking above aside, there's also the question about whether this is even the right (or even a good) solution to the problem. It's the same old Sir Humphrey logic: we must be seen to be doing something. This is something, therefore we must do it. Will this make it harder for thieves to sell on phones? Well it might make a marginal difference, but the black market being what it is, a thief will still have plenty of options for selling what they steal. Will it do anything to deal with the actual causes of violent assault? Of course not. For that you need a completely different, and much more expensive set of measures like more cops, better street lighting, and maybe technological measures like (silent) panic alarms in phones, automatic shutdown/bricking (combined with a reasonable mechanism to get a replacement phone) and so on. Unfortunately, fingerprint scanning isn't one of those technological solutions, IMO...
Phones should be like credit cards... Call up the operator to declare your phone missing, the IMEI is put on a blacklist, and it cannot be used on any network that checks it. You buy a phone, give a premium rate number/sms (50 cents) and you can send or call from another phone the imei number and get a response from the blacklist - ok or stolen.
Banks already have this in place to internationally blacklist a credit card and have had it for years. Given the price of a mobile phone and the theft risk, I'm surprised that this has not been rolled out worldwide for GSM's.
> I'm surprised that this has not been rolled out worldwide for GSM's.
Like this one?
The clue is worldwide. How do you get every country to agree to it?
Leaving aside those countries with almost no function government who are still a market for cell phones.
Chinese state security sends America a weekly list of "stolen" imei that it wants blocked? Or the NSA sends a similar list to China?
Long time ago some phones ware (SIM) locked to their networks by their IMEI number
so you could change the phones IMEI number job done.
Nowadays it is illegal to change it and I think manufacturers are required to make
it impossible for someone to alert the IMEI of mobile device.
So if the phone gets blacklisted by all of the networks, then the only option for the
thief is to export the handset to another country / continent :(
If there is a will there is a way!
My friend had her brand new iPhone stolen,
while it has been blocked in the UK, there is a likelihood that as it can't be used here
it will be sold on eBay or exported out of the UK. BUT, in order to use the phone to download
all the crap to it you need to sign in to Apple store, where they see the phones IMEI (and all
sorts of other data from the phone) so can someone explain to me why do they not do anything about it?
I think same applies for Android based phones.
Problem solved Mr. Klein ;)
IMEI blacklisting systems are already a part of the 3G standards and gave been for a long while (back to the GSM days). The problem is no operators (AFAIK) have implemented the systems since they are expensive to run due to the cross-operator links that they require (or of the blacklists have to be synchronised, otherwise a stolen mobile could still slip on to the network). Centralised blacklisting systems do not exist; they are not a part of the 3G standards.
"... (or of the blacklists have to be synchronised, otherwise a stolen mobile could still slip on to the network)..."
Sure it is not so hard? There is no need to be real time sync: once a day would be good enough.
Every 3 hours shouldn't be hard: how many mobiles are stolen per hour - wolrdwide? 10k? 30k? Even 100k entries would be easy to syn once a day. Hell, Usenet lift a very heavier load in terms of messages/second - and has been doing it for years.
Remember: There is only need to sync the IMEI, the operator's code, the country and the time of block. What all this would amount to? 512 bytes/mobile?
The problem with that is government relations. Consider if you think the Chinese would really care so much about a US blacklist.
It would only be halfway effective anyway. A quick check on ebay shows replacement iphone screens go for £20. Battery for another £10. Add in all the little bits - antennas, accelerometer, cables, etc - and you probably get another £10 or so. That's £40 an iphone just in ebay parts value. Quite enough to justify a mugging.
Service providers could simply refuse to activate smartphones without proof of ownership, such as a bill of sale. Just like having to provide a bill of sale before being able to register licence plates on a motor vehicle. This would kill the black market demand, assuming the demand is for functional phones.
Cars are also titled with the state; there are no titles on a phone. Don't give the government any ideas otherwise you will see a $26 fee for a phone so it can be titled.
So this law makes the selling of stolen goods illegal? That's a pretty good idea. I wonder how the legislation proposes to let the purveyors of stolen goods know that what they're doing would be illegal?
But seriously, who keeps the central ownership records? How are those records managed? Who is going to verify the authenticity of the sales receipts? Who keeps the cops trained in finding the serial numbers? Who pays for it all?
As noted above, this is a lawmakers attempt to be seen to be doing something without thinking through the implications of the law. Simply declaring an already illegal act illegal, again, doesn't do anything. Effective legislation has to have viable enforcement/validation measures behind it or its nothng but a waste of resources. Criminals, as defined as people engaging in illegal activity, aren't known for heeding the law in the first place. Making another law won't change that.
"So this law makes the selling of stolen goods illegal?"
Might I be so bold as to suggest that you actually read the article, and then ask someone else to read and EXPLAIN it to you?
Then you'll know what it's about.
So this law makes the selling of stolen goods illegal?
Oh no, this is far cleverer than that, it makes the selling of legal goods illegal (under the right circumstances).
My reading comprehension isn't in doubt here. I suggest you take your own advice as you've completely missed the point. Try reading it slower this time. Maybe aloud if that helps you.
There is the same requirement to keep such records in the EU if you sell mobile phones or a few other things, such as memory chips. However this was done to crack down on VAT fraud rather than to stop people selling stolen phones. There is a blacklist of stolen IEMI numbers, and it does seem to work quite well, however that just means that stolen phones get exported elsewhere to countries that don't use the same blacklist.
If I loose my CC or some other type of representation of my money, I can have that account locked. period. I've even had some type of company call me questioning my transactions, representing the bank, and when I did not cooperate (because someone from india calling me asking me about my transactions is simply a red flag), THEY have disabled my account!
My point: There should be absolutely no problem at all with deactivating something as a petty phone. If this device is useless, thus worthless to a criminal, crime goes away.
I've no idea what they do with the, sell them on the black market to someone else is my guess. Only use for it would be in a "chop shop" for cell phones but those could be shut down the same way police shut them down for cars.
except that telephone chop shop is a 13 yr old with a laptop and usb cable.
1. People also steal phones to stop victims calling the police (or to stop them cancelling their credit cards when mugged).
2. If this is simple, and works for credit cards (as you say 'crime goes away') then nobody should be stealing credit cards anymore.....but they are.
I agree with your sentiment and think it should be easy to block stolen phones, but the reality is that even if phones could be blocked immediately, I expect they would still be stolen.
........makes sense. It is straightforward, simple and ought to be reasonably ok to administer. That does not, of course, guarantee that it will be as effective as this guy clearly hopes but at least it should not cost a shed load of spons to run. Bloody 'ell, if politicos carry on like this I will be in severe danger of developing some respect for them - see icon.
You can unclench and relax. It's actually a stupid idea for several reasons.
(1) as others have pointed out, there are existing ways (IMEI) ways of bricking stolen phones
(2) it would only work if the phone was resold in NY
(3) charities that take phone donations would be screwed
(4) phone ownership isn't registered so it would be impossible to enforce
This is off-the-top-of-my-head i'm sure there are other reasons/unintended consequences
Add print a fake receipt. It's not like a store can validate a receipt.
You beat me to it! And it's the easiest of the workarounds the perps could use.
You'd be surprised. Unless it's a photocopy of a genuine receipt (which is trickier than you think--most stores use thermal paper, and photocopies tend to leave telltale marks), the receipt would likely not match the transaction and/or date/tiime stamp (and most stores with computerized points of sale keep electronic journals that can be searched), meaning it would be pretty easy for the store to spot a fake receipt.
Just announced last week, Canada now has a thingy on the the Interweb to check the IMEI of stolen or lost phones. http://www.protectyourdata.ca
a) It's run by the evil scum slimeball cel phone companies.
b) It's ugly as sin and confusing to boot.
c) This service is limited to 2 queries per day by Canadian consumers only (WTF??)
d) The website bizarrely doesn't actually tell you how to register your phone as stolen, beyond calling the cops. Who largely don't care about penny ante stuff like phone thefts.
And of course, it's already possible to hack and change the IMEI number http://arstechnica.com/tech-policy/2012/06/police-mobile-software-hack-defeating-anti-theft-measure/
What i can't understand is why all of the stolen/second hand phones on Craigslist are selling nearly retail prices.
Bell and Rogers want as many stolen phones activated on their network as possible, given that they'll still find a way to lock you into a contract and won't charge you any less for not having hardware from them. So I'd imagine this is being run by the same people that run their complaints department and customer service.
"What i can't understand is why all of the stolen/second hand phones on Craigslist are selling nearly retail prices."
For a start, the people who buy dodgy phones, like the people who bid to buy second hand stuff on Ebay, don't neccessarily know what the things are worth.
I've watched bids on something I've wanted on Ebay reach a point where you could buy a new item for almost the same amount. We've even sold a few bits like that. Crazy. And annoying if you're a buyer who just wanted to buy a cheap secondhand something-or-other because you don't need/want a new one.
Second, some of those buyers may want a phone that can't be traced too easily - but without the risk of lifting it themselves.
Terrible law. Terrible.
I'm sure Apple is all for it of course, because it means second hand stores would lose a major source of supply (people selling their old gadgets).
I wonder how hard it is to buy/sell guns, compared to stolen phones, in NYC?
You can print fake reciepts (users can't tell the difference).
Anyone who sells one phone, can sell 10 - all as they're doing it now, cash sale, no questions asked. - just the way they like it.
Or am I missing something and they wan to legistlate cash sales? - yeah I don't see anything going wrong there.
You may be able to print fake receipts, but the stores can probably tell it's a fake through their receipt journals.
> the stores can probably tell it's a fake through their receipt journals.
Only if you take a forgery of one of *their* receipts.
Forge a receipt from any other store and they won't have access to those journals.
But then the OTHER store can check. What stores these days don't keep an electronic journal? At the very least, they use it to cut down on returns fraud, plus it helps when police come calling concerning possible CC fraud (the stores will want to cooperate since that helps get them off the hook).
Biting the hand that feeds IT © 1998–2017