Prosecutors Want Apple To Use Its iPhone 'Kill Switch' — A Doomsday Device For Apps Few Know Exists

[Goldiegirl]

Prosecutors Want Apple To Use Its iPhone 'Kill Switch' — A Doomsday Device For Apps Few Know Exists

 

By James Cook – 2 hours 28 minutes ago

 

AP Photo/J. Scott Applewhite

 

Tim Cook: Hand on the kill switch?

 

A Brazilian prosecutor is urging Apple and Google to ban the anonymous gossip app Secret from mobile phones over concerns about the spread of cyber-bullying in the country.

Such a move would require Apple to activate its iPhone "kill switch" for the first time ever.

 

The kill switch is an officially unnamed mechanism that allows Apple to remotely delete things from your phone even after you have downloaded them from the App Store. Most people don't even know that it exists. Google also has a kill switch, but that has been used once before. Microsoft also has a kill switch on the small slice of the phone market it controls.

 

Despite some reports claiming that Judge Paulo Cesar de Carvalho of the Fifth Civil Court of Vitória  has already signed an order forcing the tech giants to remotely wipe users' phones, 9to5Mac reports that the ruling has not yet passed. Public prosecutor Marcelo Zenkner is reportedly pushing for the removal of Secret (as well as Cryptic, the app's Windows Phone client) due to a proliferation of bullying cases taking place in Brazil using anonymous gossip platforms.

 

Apple Insider reports that the prosecution's case emerged after a marketing consultant discovered naked photographs of himself published on Secret, with text overlaid alleging that he is HIV positive. (We have no reason to believe the claims are true.)

 

If the ruling passes, Apple, Google and Microsoft will be fined R$20,000 ( around $8,888)  for every day that the apps remain available to download in Brazil. (Apple has about $159 billion in cash on its balance sheet, so the legal costs won't faze it.) 9to5Mac reports that Secret has sent legal representatives to Brazil to investigate the situation, although the company itself is not the target of the civic action suit.

This isn't the first time that Brazil has grappled with the legality of gossip apps. Lulu, a private social network for women that allows them to rate men as potential boyfriends, was taken offline in Brazil after facing a "massive backlash." After viewing his 7.7 out of 10 rating on the app, law student Felippo de Almeida Scolari took legal action against the company. Under the Brazilian Federal Constitution, anonymous reviews are illegal, and Scolari sued Lulu for R$27,000 (around $12,000).

 

The existence of Apple's remote "kill switch" for apps was first discovered by an app development company in 2008. Since then, there has been no reported incident of Apple triggering the system in order to remotely delete an app. The system works by forcing iPhones to regularly contact a secure Apple website and check for a list of unauthorized apps. If the device has a blacklisted app installed, it's deleted and removed from the phone.

 

Google also possesses a remote "kill switch" for Android apps, but unlike Apple, it has made use of the feature before. In 2010 the Android security team deleted two apps created by a security researcher after they "misrepresented their purpose in order to encourage user downloads." Its kill switch is referred to by the company as the "Remote Application Removal Feature."

 

https://ca.finance.yahoo.com/news/apple-asked-activate-iphone-kill-134204967.html

 

[dontlop]

It might be a good idea for some instances

And could be a bad idea in others

So ?

[Goldiegirl]

What is a kill switch?

 

The most basic definition of a kill switch is a feature that allows an owner to render a phone useless after it's been lost or stolen. In theory, it's supposed to deter thieves from being able to sell your phone or access any of the data on board; if every phone can be disabled remotely, why would thieves even bother trying to steal them anymore? If anything can be done to curb smartphone theft, it's worth considering. An FCC report states these types of theft comprised nearly 30 to 40 percent of robberies in most major cities across the country in 2012. And it appears to be getting worse: According to Consumer Reports, 3.1 million Americans had their smartphones stolen in 2013 alone, which is a jump from 1.4 million in 2012.

There are two kinds of kill switches: Hard and soft. The former would "brick" the phone so it becomes a permanently disabled hunk of circuitry, never to be enjoyed or loved again, while the latter -- the more popular alternative among companies and legislators -- can be reversed as long as you have the authorization to do so. (At this moment, every existing switch is soft, as hard switches are much more difficult to implement.)

Even if your phone doesn't have a kill switch, it likely can be remotely locked and wiped. This clears all of your personal data from your phone and reverts it back to the way it was when you bought it. Android's official Device Manager is an example of this. Problem is, your device can be sold and reused. If you activate a kill switch and the thief can't figure out how to bypass your authorization (more on that later), he or she has a useless and unsellable phone.

Regardless of government involvement, some companies are already adding soft kill switches to their products. Apple added Activation Lock to iOS 7 last year, which allows users to turn on Lost Mode (using Find my iPhone) and prevents others from unlocking your device without your Apple ID and password. Samsung's added a similar feature called Reactivation Lock to the Galaxy Note 3 and Galaxy S5 that does essentially the same thing. Both options are opt-in, which ensures that your phone doesn't get disabled by pure accident. That said, it also means a lot of phones will still be vulnerable if they're stolen, so thieves still have a good shot at success if they ****** your handset.

A few preliminary studies show that kill switches have already caused a drop in smartphone theft. Police officers in London and San Francisco reported a noticeable drop in iPhone robberies (24 percent and 38 percent, respectively) between the six-month period before the feature came out and the six-month period after. This is an encouraging report, but it'll be even more telling as a larger chunk of the wireless industry follows Apple's and Samsung's lead.

Within the next year, we may see exactly that -- if you trust tech companies to live up to their word. Google and Microsoft have vowed to incorporate kill switch tech into the next major releases of Android and Windows Phone; and the CTIA, a lobbying group that represents nearly every wireless carrier and manufacturer in the country, teamed up with the US branches of LG, Samsung, HTC, Huawei, Motorola and Nokia, as well as the five largest US networks, to commit to adding "baseline anti-theft tools" to their devices by July 2015. Curiously, phone insurance provider Asurion was also listed as one of the supporters of the CTIA's pledge; the company makes money by convincing people they need insurance to cover stolen phones, so the fact that it's even voicing support for anti-theft measures is encouraging.

Government to the rescue!

Phone makers and carriers may be getting their gears in motion, but it's not enough for the government. In May, Minnesota passed a bill requiring that any smartphone manufactured (and sold or purchased in the state) on or after July 2015 "must be equipped with preloaded anti-theft functionality or be capable of downloading that functionality." Additionally, it mandates manufacturers and carriers submit a report describing the anti-theft tool they use.

At first, it sounds like this is a foolproof method of ensuring that all phones will now come with a built-in kill switch, but the text of the bill is incredibly vague. It never mentions a kill switch, nor does it even specifically describe what the anti-theft functionality is supposed to do. Furthermore, it also doesn't have to be installed on the device at launch; at minimum, it needs to be available as a free download for anyone who wants it.

Last week, California passed a very similar bill after its second run through the state Legislature, and it's awaiting a signature from Governor Jerry Brown. In this case, the text of the bill, known as SB962, is more clear: It states that any smartphone manufactured on or after July 1, 2015, must have anti-theft functionality included at the time of sale. As long as the essential features of the phone are rendered inoperable when it's stolen, it doesn't matter if it's a hardware or software solution. The feature should, "when enabled, be able to withstand a hard reset ... and prevent reactivation of the smartphone on a wireless network except by an authorized user."

The bill specifies that a soft switch is required; it must be reversible so that the owner can reuse their phone if it's recovered. It's also opt-out, which implies that manufacturers can enable the kill switch right out of the box as long as they let the user disable it at any time.

Arguably, California's bill is important because it could impact devices all across the country. Since the state boasts a good chunk of the nation's smartphone buyers, it likely doesn't make sense for manufacturers to push out state-specific firmware. And because most companies are already committed to adding kill switches to their products anyway, this is simply more incentive for them to do so on all of their devices -- precisely what the government wants.

Enforcing kill switches on a state-by-state basis will almost certainly be messy, so it makes sense that it's also being considered on a federal level. Members of Congress have proposed the Smartphone Theft Prevention Act, which is very similar to California's in that a soft kill switch be made available to all new phones. It hasn't been brought to the floor yet, and there's no indication of if or when it'll actually be voted on.

That's a bad thing?

Just because these laws may seem innocent and even helpful doesn't mean they're the best idea for the consumer. If companies are already adopting kill switches, do we really need the government getting in the way? The Electronic Frontier Foundation (EFF), a nonprofit that focuses on defending digital civil liberties, doesn't think so. The group argues that numerous kill switches are already available to the end user, either as built-in features or as third-party approaches (such as Lookout, Avast, Prey and others). And once the government gets in the way, SB962 could potentially "lock in" options that aren't as effective and could therefore stifle competition and innovation among third-party developers. "Technology is fast; the law is slow," the EFF's Adi Kamdar said. The other issue, the EFF claims, is that the bill isn't specific enough in its language regarding who's "authorized" to activate the kill switch. If it's not explicitly defined, the group argues, what's stopping the government or wireless providers from considering themselves authorized to do it as well?

Even the CTIA, which (as mentioned earlier) voiced its support for the installation of kill switches in April, opposes SB962 for several reasons. The CTIA argues that the bill doesn't make mention of educating consumers on smartphone theft and how to protect yourself; a stolen-phone database was established late last year and the government hasn't given it enough time to prove its usefulness; state law may interfere with federal smartphone requirements, such as the mandate that each phone gets 911 service at all times; and if individual states pass bills with different requirements, it'll make it more difficult for manufacturers to produce phones that can be sold in all 50 states.

Finally, other opponents of the measure, such as California state Sen. Mark Wyland, believe that the maximum $2,500 penalty that manufacturers would have to pay per phone is too high -- especially if the wrong devices accidentally get shipped to California instead of some other part of the country. "It's a big burden on a retailer to ensure that every single product they sell meets every single standard," Wyland told the LA Times.

California and Minnesota may be the first states to pass legislation, but they may not be alone for long. New York and Illinois are also discussing similar measures, and other states -- especially those with high rates of smartphone theft -- could follow along as well. Additionally, a group of elected officials and law enforcement leaders signed the Secure Our Smartphones Initiative in June 2013, which calls for a hard kill switch in every device.

Kill switches in their current form aren't foolproof, either. They can't be activated without an internet connection, so the thief can simply activate airplane mode before the victim realizes the phone is missing. Hackers may also be able to find ways to bypass the switch and falsify authorization. After Apple introduced Activation Lock, a few loopholes were found in the phone's security that allowed knowledgeable thieves to bypass the kill switch; the iPhone has fallen victim to a few of these bugs, and to its credit, Apple is often quick to fix them. But will other manufacturers take care of similar issues in a timely and effective manner? Especially when they require additional carrier tests before they can roll out? Proper and successful kill switch implementation takes time.

Sadly, although there are plenty of reasons to oppose legislation, state mandates still hold more weight than the CTIA's commitment. Just because a group of companies have agreed to add anti-theft tech to their phones, doesn't mean they're held to a blood oath. The agreement isn't an enforceable contract, nor will ramifications befall any of them if they fail to get it done in time.

There's no longer any reason a phone shouldn't have kill switches installed, but companies -- not the government -- need to be in charge of making sure the functionality is done properly. State involvement isn't anywhere close to a perfect solution, but without their interference, individual companies won't be held accountable if they sit on their hands and take forever to add this functionality to their phones. States like New York and Illinois aren't going to wait around and see if companies will stay true to their word; if the wireless industry puts it off for too long -- as is sadly often the case -- the government will simply have to take matters into its own hands.

 

http://www.engadget.com/2014/08/18/cellphone-kill-switch/

How to enable the “Kill Switch” on your iPhone or iPad, right now!

Posted on April 21st, 2014 by Graham Cluley

he big smartphone manufacturers—Apple, Google, Samsung and Microsoft—have all committed to introducing a smartphone “Kill Switch” for their devices by 2015.

But what is a “Kill Switch,” why would you want one, and—perhaps most relevantly to readers of this blog—how can you turn on your very own iPhone/iPad Kill Switch today?

A Kill switch is a feature designed to deter the growing problem of mobile phone thieves.

Many smartphones already include the ability to let users remotely wipe their lost devices, ensuring that sensitive data doesn’t fall into the wrong hands. But that doesn’t stop a determined criminal from doing a “factory reset,” and selling the device on as though it were newly purchased from the local store.

The idea is this – if a smartphone can be rendered useless after it has been lost or stolen, that should make it less attractive for criminals to steal in the first place.

Imagine if all smartphones were protected with a Kill Switch, and all thieves knew that a stolen phone wasn’t going to be any use to them.

It’s hard to picture why anyone would be at risk of being mugged for their phone anymore, and wouldn’t that be great?

It would be good news for you, the consumer, and for law enforcement agencies, as Apple iPhones have become by far the most popular target for mobile phone thieves, leading to police to dub the crime “Apple picking.”

The great news is that from iOS 7, Apple’s “Find my iPhone” feature has incorporated a new technology called “Activation Lock,” which is effectively Apple’s version of the Kill Switch.

All you need to do is make sure you know about it, and turn on the feature on your devices. Here’s how to enable the Kill Switch on your iPhone or iPad, right now:

Setting up Find my iPhone
First things first. You need to enable “Find my iPhone.”

• Go to Settings on your iPhone, iPod Touch or iPad.
• Tap iCloud.
• Sign in with your Apple ID, if necessary.
• Turn on Find My iPhone.

Edited August 20, 2014 by Goldiegirl

[Goldiegirl]

The kill switch allows carriers to send a message to stolen phones that would trigger an action to brick the phone, rendering it useless. Carriers have protested the move , citing hacking and privacy issues.

 

And...now for my comment. The Gov't wants to keep these kill switches in there. They want the carriers to be able to "brick" the phone or delete the data, or perhaps even access it.

 

Do you wonder why?  Most of us backup anything significant on our phones. Somehow I wonder why the Gov't is pushing that all these Kill Switches be installed in all phones by 2015. They say it's to protect the public from thieves stealing our phone. Ya..ok, the Gov't really cares that I lost my iphone. NOT...!!!

 

GG

Edited August 20, 2014 by Goldiegirl

[Saint]

GG great article. I had no clue about "Kill Switches" and had never even heard of them. I do have to agree that the Government has no business in this matter. Like you said " Ya..ok, the Gov't really cares that I lost my iphone. NOT...!!  Good informational post. Thank you.

[vietnam1969]

I am with Saint on this one GG. I must be ignorant to the fact that this could be done. Had no clue or just never thought about this before.  Very interesting post.  Thanks. 

[Big Newby]

Think about it:  who regulates Cell frequencies, cell tower power and locations, and gives out cell licenses?  The FCC.  Don't think for a moment there are no federal regulations for cell phone companies regarding their products.  I guarantee you the Federal Gov't makes all of them (in exchange for licenses) put kill switches (software driven) as well as listening capabilities in every cell phone they sell. 

 

We'd probably all be shocked to find out just what access the NSA has to our phone conversations AND the data on our cell phones.

[RVWITHME]

Keep in mind that the "Find My iPhone" service is a background GPS location feature.

 

That means that it always knows where your phone is, within about 6 feet.

 

My son actually had an app once that would tell you haw fast you were going in the car, that was a crazy tracking device (made him delete it).

 

If "they" know the exact location of your phone, isn't it safe to reason that they also would know exactly where you are at any particular moment during the day or night?

 

Something to think about before you trade in, sell or donate that old razor or blackberry.

 

Worst case, take out the battery on your trusty old phone and zip-bag everything separately (including the old charger(s) then put into a larger bag for storage.

 

Never know when those relics will be worth their weight in gold just for the privacy features alone.

[dontlop]

You gotta know the govts would love to be able to kill all cellular activity in certain locations when riots break out or similar things

They would love to shut down cell phones at the beginning of the fergessen riots

I don't call those peacful demonstrations

Not just one phone but maybe they do want to shut down one or some reason

Maybe they want to take me out , the last thing they need is me calling in for reinforcements

[Goldiegirl]

If you have an iphone you can turn it off and on.  I currently have it set to off. Means they can't me or my phone. Otherwise, I can be tracked like a deer that's been tagged.

 

If you ever watch "Person of Interest" one of my favorite shows, last night they showed this. Tracking the guys by use of his cell phone. I tend to think if the TV shows have this in their scripts, it's more than happening out there.

 

There was a time about 5 years ago I needed this. I was lost in bad snow storm. Decided to take a route recommended to me as a short cut home. Long story short. Blizzard bad one!!! and I can't see 2 inches out of my van, dog inside with me and my van was sliding towards the cliff. No idea where I was. Called a friend for help. They called rescue police and tracked me on my phone. Was  happy they found me. Was 5 fee away from a drop into the gorge of 100 feet or more and  probably wouldn't be found until spring. Anyway, it can help where cell phone coverage is available, but having the gov't decide what they can do. NO!!!!

 

They could access our phone data online if we don't have the ability to turn this off.  I don't think short of pulling your SIM card and/or battery for the phone or smashing it like they did on the TV show last night will cut their transmission.

 

We'd probably all be shocked to find out just what access the NSA has to our phone conversations AND the data on our cell phones.

Lets talk dirty to them.  :lol:

[umbertino]

Interesting. Grazie GG

[RVWITHME]

You gotta know the govts would love to be able to kill all cellular activity in certain locations when riots break out or similar things

They would love to shut down cell phones at the beginning of the fergessen riots

I don't call those peacful demonstrations

Not just one phone but maybe they do want to shut down one or some reason

Maybe they want to take me out , the last thing they need is me calling in for reinforcements

 

Pretty sure that already happened there in Ferguson, check this:

"

Wednesday, August 20, 2014

A week ago, Hussein reported live "We’ve just been told by the St. Louis Police Department to turn off our cameras. We will not be turning off our cameras. We will continue to broadcast, even if it is at our own peril." So the cameras continued to film.

Flash forward a week and on early Wednesday morning just after midnight, Argus had no choice in the matter as their feed was cut off.  Hussein reported afterward:

   As soon as the conflict happened there was an over-running of the media station by the protesters who were fleeing from the police. We don't know what the agitation was, but we do know that we lost signal.

    We reset the broadcast three times and it keep saying "no network error". We had a foreign reporter on the roof with us and she wasn't able to get a signal on her cell phone. And people on the ground were saying "I can't tweet out, I can't tweet out."

Use of a government "kill switch" during protests is precisely what civil liberties groups warned makes this technology so dangerous. It's important to note that this kill switch appears to have jammed the cell signal rather than shutting down the entire Internet or specific digital equipment. A recent California bill requires smartphones to have kill switches to prevent theft, but critics worry the government can use them to remotely shut off phone cameras and 4G access.

Regardless, last night the digital surveillance state seemed to merge with the militarized police state in a spectacular show of power."

http://www.activistpost.com/2014/08/ferguson-police-use-kill-switch-on.html

[dontlop]

Oh ya but the big kill switch will be blamed on solar flares

When they shut everything down except theirs

And say the sun caused it

They have already introduced the concept to the human minds that this will happen some day

So when they decide to use it everyone will say oh ya

Solar flares

I heard of that

They will say its going to take a couple years to fix

Then they will make a fortune selling us hard line phones

Radios and then tvs and of course we will need antennas

After a couple years they will start to tell is how they are repairing it and the costs are in the trillions of dollars in taxes sure taxes will be around 75%

Then when they turn the satellites back on they will sell trillions worth of cell phones again and tvs

Everything will need replaced all electronics will be different and need replaced

They got this century all figured out already