Friday, 20 June 2014

Mobile phone kill switches

Microsoft and Google have just announced so-called kill switches for Windows Phone and Android devices.

Apparently this is a response to a reduction of iPhone thefts reported since Apple introduced Activation Lock into iOS 7.

Kill switches are great in principle but hard to implement properly.

Don't assume that a kill switch will 'brick' a phone.

A kill switch is a way to render a lost or stolen phone useless, but currently they don't really do that. Or not fully, at least.

Users can lock or wipe Android devices remotely using third-party apps and, more recently, the Android Device Manager. Windows Phone users will soon see similar abilities included in the Find My Phone feature.

Wiping resets the device and that effectively means the thief (or whoever finds it) gets to keep a fresh and functional gadget. A locked smartphone can be reset too. The data may be wiped but someone else gets the benefit of your expensive hardware.

It's been possible to lock and wipe mobile devices from the major vendors for a while now. The real news is that these security features will soon be enabled by default.

The official statement from Attorney General Schneiderman includes, right at the end, the following:
"Because kill switches are only available on an opt-in basis, not enough consumers are signing-up. This underscores the urgency... to make kill switches a standard opt-out function on all phones."
So we've had kill switches for a while and now they will be opt-out. So far so good.

The kill switches used or planned by Apple, Google and Microsoft are based on software. As we know, there are ways to resurrect a phone locked down by software.

A more effective option would be to build new phones with hardware kill switches. Imagine a fuse that can be blown remotely. The device would then be properly 'killed' and would require expensive repairs to restore the device.

Hardware kill switches bring their own problems.

  1. How do you test that they work without destroying your new phone?
  2. If you can't test the kill switch, how confident are you that it will work when you need it?
  3. You might 'brick' your lost phone and then find it down the back of the sofa.

If introducing software security features reduces thefts of expensive devices then it's worth doing, but users should be aware of the limitations inherent in this approach.

One final thought: if an unauthorised individual or organisation was to gain access to your account they would be able to kill your phone, tablet or other mobile device. If the kill switch was a software version then you'd experience significant inconvenience. If it was of a hardware type you'd face additional cost.

Friday, 13 June 2014

Why don't people encrypt email?

Most PGP/GnuPG reviews/howtos I've seen start with long description of public key cryptography and instructions on key generation.

And that's the problem.


(I've been using PGP/GPG for 20 years and I still use a cheat sheet).