back to article US mobile firms cave on kill switch, agree to install anti-theft code

US mobile companies have finally agreed to install free anti-theft software on their products, but not until the middle of next year and they plan to leave it turned it off by default. The CTIA, which dubs itself "the Wireless Association," announced that its members – including Apple, Samsung, Verizon, AT&T, and T-Mobile US, …

COMMENTS

This topic is closed for new posts.
  1. Someone Else Silver badge
    Facepalm

    Only in America...

    ...can $GIANT_CORP install a pwn vector into a product, and sell it as a feature. And only in America will we schmucks buy it!

    1. Alan W. Rateliff, II
      Paris Hilton

      Re: Only in America...

      Sure, but only early adopters. Eventually the product will become so commonplace that it will become a standard feature.

    2. big_D Silver badge

      Re: Only in America...

      Using EMEI we've been able to kill phones since at least the introduction of GSM. Most of the carriers don't like doing it though. It isn't 100% reliable, but changing the EMEI is beyond the average theif.

      1. Anonymous Coward
        Anonymous Coward

        Re: Only in America...

        Well if the police are telling the truth and people are killing other people to get their phones then this i unlikely to help as they'll just kill them to get something else if this avenue is closed off.

        While I'm not against the idea (although there are plenty of risks as others have pointed out) the root cause seems to be people who are prepared to kill to get money. American society seems to breed more of these than most others so I'd suggest looking at why.

        1. Eddy Ito

          Re: Only in America...

          If you kill the owner of the phone, who or what triggers the phone's kill switch? Right now the problem is theft and mugging potentially leaving the victim in the hospital. Murder - which is a rather big leap for the traditional snatch and grab petty thief - solves the problem of having someone disable the phone. By the time the carrier realizes the subscriber is dead some months later, longer if they have auto-bill pay, the phone will have been used by someone in Spangalore Atoll for quite some time.

      2. Robert Carnegie Silver badge
        Thumb Up

        Psst: IMEI

        http://en.wikipedia.org/wiki/International_Mobile_Station_Equipment_Identity

        since "EMEI" doesn't Google, or, rather, it Googles as other things instead.

      3. Alan Brown Silver badge

        Re: Only in America...

        "changing the EMEI is beyond the average theif."

        But unfortunately, not beyond the average fence.

  2. Gene Cash Silver badge
    Facepalm

    For once I've got to agree with Schneiderman. An even better solution would be a mandatory blacklist of stolen IMEIs like Canada and Europe do.

    1. Charles 9

      We already have that. The HARD part is sharing and ENFORCING it between countries. Good luck with that part.

  3. Graham Marsden
    Devil

    How dare you...

    ... jeopardise our profits!

    That's Un-American, you know...!

  4. Tom 35

    24 hours?

    How long will it take some one to figure out how to unbrick the phones?

    1. Charles 9

      Re: 24 hours?

      People already know how to PREVENT the phones being bricked. Faraday bag.

    2. big_D Silver badge
      Flame

      Re: 24 hours?

      Easy, the kill instruction breaks open an acid capsule in the phone, melting the motherboard.

      1. Orecomm

        Re: 24 hours?

        No need for acid. Thermite is more stable, but it's been pretty well shown that just shorting the battery will melt down the phone, the pocket it lives in, and pretty much anything else in close proximity quite nicely.

        1. Gerardo McFitzpatrick-O'Toole

          Re: 24 hours?

          Either way, this paves the way for some inconvenient and eye-wateringly expensive Denial of Service attacks.

  5. Neoc

    "Hi - we'd like to install security software on your phone which will become the perfect ransomware as soon as someone cracks our security in three... two... one..."

  6. Anonymous Coward
    Anonymous Coward

    So this kill switch is

    ... a bit like a pencil without the graphity bit: POINTLESS

  7. JaitcH
    Thumb Up

    I don't understand the fuss

    When the FCC dictated that all US-bound handsets had to have GPS modules - that actually cost hard cash - there were no complaints.

    The big difference, I suspect, is that anti-theft software will affect their sales - something GPS didn't do.

    1. Donn Bly

      Re: I don't understand the fuss

      Well, since they were planning on using GPS to generate timing signals, they were already planning on putting GPS in the handsets - and thus it didn't cost them anything that they weren't already planning on doing.

      iPhones already have the capability of remote lock and wipe, and Android phones already have the capability of remote lock and wipe, so I am really trying to hard to figure out what else they are trying to do here - perhaps educate the public that the features exist? Or perhaps force Microsoft to include a similar feature?

  8. John Smith 19 Gold badge
    Gimp

    Oh how handy. Remote backup.

    That will save some NSA bandwidth.

    All the data in one place.

    Feature creep anyone?

  9. Anonymous Coward
    Anonymous Coward

    It is not about protecting our phones

    Rapid communications is what prevented Bundy ranch from becoming another Waco. I don't want anyone able to brick my phone in an emergency.

    http://www.washingtontimes.com/news/2014/apr/13/nevada-bundy-ranch-standoff-could-leave-dirt-on-ha/?utm_source=RSS_Feed&utm_medium=RSS

  10. kmac499

    New Feature on Cars

    To align the 'experience' of car and smartphone ownership, as of next year car makers will remove door and ignition key locks, replacing them with a simple swipe button on the drivers door, The engine can then be started by entering a one digit PIN on the radio panel..

    Number plates will be attached with Velcro and available in kit form from Plates_R_Us

    In a related announcement, insurance companies have increased their profit forecasts for next year..

    1. ecofeco Silver badge

      Re: New Feature on Cars

      With Onstar and its imitators, cars can already be shut down by remote and have been for years.

  11. sisk

    Um....ok.....

    My phone has had a kill switch that I set up myself for years now with an app called TotalCare. Send the right text from the right number and it can do a whole plethora of useful things, one of which is to wipe the data and brick the phone. More usefully, it can reply with its current GPS coordinates.

    When mine was stolen I sent it a command adding the number the officer taking the report gave me to the whitelist and then gave him the command to make it reply with GPS coordinates. I got my phone back in about 2 hours.

  12. Vladimir Plouzhnikov

    New virally spreading prank

    "Brick your friend's mobile"

    1. CRConrad
      Holmes

      Re: New virally spreading prank

      "Brick your soon-to-be-ex-friend's mobile"

      There, FTFY.

  13. Anonymous Coward
    Anonymous Coward

    Insurance is a scam only scammers can appreciate

    I had insurance for a while. Their charge ("deductible") to exercise the insurance was almost 1/3 the cost of a new phone. Figuring a replacement used phone is worth about 1/3 of a new phone by 1 -1.5 years after you buy a new phone, and that you have to go through hoops to use the insurance unless you give them the broken phone, means that the insurance is only good for maybe... 3-6 months. And that presumes your phone is totaled, not just damaged and fixable for less than replacing the phone.

    Anyone paying for insurance on a phone more than 6 months old should paste "sucker" on their foreheads.

    1. Charles 9

      Re: Insurance is a scam only scammers can appreciate

      Unless you actually have something go wrong. Me? I paid $10 a month once for the insurance. Nine months in, all the touch-buttons broke down simultaneously. Just flat broke. Got a replacement phone through the mail with little fuss. Phone kept working for the duration of my contract, so I call this Your Mileage May Vary.

  14. ecofeco Silver badge

    What am I missing?

    If they have an easy way for the customer to do this, wouldn't it mean they sell more phones?

    That said:

    - This should have a been available from day one.

    - There are several apps that already do this.

    - Just report your phone stolen to your phone company and they will brick it. I have bricked MANY phones at my previous jobs. Serial+IMEI+SIM# = BRICKED.

    1. Mike 16

      Re: What am I missing?

      You are missing two things. One is that the thieves already have countermeasures, and have for years. The other is that by mandating a unified approach to phone-bricking, LEOs can now brick all phones in a certain area, much like they temporarily shut down cell service at the BART protests, and sent threatening text-messages to the Ukrainian protesters, only more durably. Thieves do not mind using things like Faraday bags because they are taking the phone as an object, whereas protesters actually need the phone to be in communication to send out pictures of trigger-happy "protectors" dealing with peaceful protesters.

      Not that this has ever been a problem in the "Free World".

    2. Vector

      Re: What am I missing?

      You are also missing the fact that hackers will figure out how to leverage a standard "bricking" procedure and that even if the phone gets bricked, there will still be parts in it that have value.

      I, for one, am glad this is being rolled out as opt-in and hope it never gets beyond opt-out. I don't want this functionality on my phone and will disable it for as long ass I can.

      1. Mike 16

        Opt in? (Re: What am I missing?)

        What makes you think you are the one controlling the option?

        More likely it will be like the "write protect" on SD cards (or 5.25-inch floppies for that matter), which merely suggests to the software that you would really rather not write, if the software feels like pleasing you rather than its owners today.

  15. silent_count
    FAIL

    This is one of those occasions

    when the phrase,

    "the very least we could do",

    is completely accurate.

    But they've got Samsung and Apple singing off the same hymn sheet. That's a minor miracle all by itself.

    1. fearnothing
      Coat

      Re: This is one of those occasions

      Samsung and Apple have been singing from the same hymn sheet for a long time.

      It's just that the hymn in question is titled "My patent is bigger than your patent", and the accompanying music is played on particularly esoteric instruments such as the Six-Barrel Rotary Lawyer Cannon.

  16. pacman7de
    Facepalm

    Mobile anti-theft software?

    "US mobile companies have finally agreed to install free anti-theft software on their products"

    And how soon will an employee of such companies sell the unblock code to the criminal community ..

This topic is closed for new posts.

Other stories you might like