Carriers say smartphone ‘kill switch’ would be a juicy target for hackers
By John Ribeiro
Mobile carriers are opposed to the plan for a smartphone ‘kill switch’ that would render smartphones inoperable after they are stolen, claiming that it could be misused by hackers to block critical services.
New York Attorney General Eric T. Schneiderman and San Francisco District Attorney George Gascón have been pushing for the switch to be installed in smartphones, and on Wednesday criticized mobile operators following reports that they were rejecting the proposal. “It is highly disturbing that these corporations rejected a proposal that would have helped keep millions of consumers safe,” the officials said in a joint statement.
Even if technically feasible to develop, a permanent ‘kill switch’ has very serious risks, mobile industry group CTIA said in a filing to the U.S. Federal Communications Commission, titled “Why a ‘Kill Switch’ isn’t the answer.”
CTIA said the kill message, which will be in some format such as a special SMS, could be misused to disable a phone forever as it would be known to every operator and hence cannot be kept a secret. Hackers could take control to disable phones of customers, including those of defense and law enforcement officials.
In one scenario, groups of mobile phones can be permanently disabled by sending multiple messages, such as by incrementing the MSISDN (the telephone number) or IMSI (the unique identity of the customer) or the IMEI (the equipment identifier), CTIA said in the filing. Subscribers will not even be able to make emergency calls, it added.
“This risk of Denial of Service (DoS) is far too large and is the reason the operator community has always maintained that control of operation (and denial of service) be done in the network and not in the mobile device,” CTIA wrote in the June filing.
If a phone is permanently disabled, it could also result in losses to consumers as the device would be unusable if later recovered, CTIA said.
Gascón and Schneiderman announced in June a nationwide Secure Our Smartphones initiative, to persuade cell phone makers to factory-install technology that would make phones inoperable if they are stolen. The officials said in an op-ed that one in three thefts in the U.S. involves a mobile communications device, with many of these thefts resulting in violence and even death.
The industry in contrast favors using apps it already offers for download for remotely erasing, tracking or locking stolen devices. It also wants greater participation by countries and carriers abroad in a database that is designed to prevent reactivation of stolen devices.
CTIA also backs tougher penalties for phone thieves, and supports legislation announced this month by U.S. Senator Charles Schumer that would make tampering with the unique identification number of a phone a federal crime with a five-year criminal penalty. “CTIA and its member companies worked hard over the last year to help law enforcement with its stolen phone problem,” it said in a statement Wednesday.
Dell CouponGrab $100 off $1499+ XPS laptops with this Dell coupon code