Skip to main content

A Smartphone Kill Switch Won't Stop Smartphone Theft

Phones Can't Be Killed

Can't block signals

Schneiderman's efforts build upon previous methods of disabling stolen phones.

Until a couple of years ago, phones reported stolen were blacklisted from the airwaves by their carriers, but that proved ineffective as thieves simply swapped in new SIM cards on GSM phones such as those carried by T-Mobile and AT&T.

Under public pressure from politicians and consumer advocates, T-Mobile and AT&T announced in the summer of 2012 that they, as Sprint and Verizon Wireless had already been doing, would block the handset themselves, not just the SIM cards.

The "Big Four" carriers also announced the creation of a shared database of blocked phones, which has arguably been inefficient and spotty.

The database's intent is to make sure a thief who stole a T-Mobile phone, for example, couldn't get it to work on AT&T.

MORE: 10 Desktop Password Managers

The problem is that a database of stolen phones does little good when the phone ends up in a market stall in China or Brazil. It's also possible, using legitimate or black-market software tools, to change a phone's unique ID number so that the network doesn't recognize it as stolen.

Those workarounds may be why smartphone theft is still rising nationwide, especially in densely populated cities.

That rising number of thefts, and a few resulting deaths, spurred Schneiderman's call for a "magic bullet" that would make sure a stolen phone would never work again, anywhere in the world. 

Magical thinking

"[Schneiderman's] proposal sounds good for people who don't understand how mobile phone networks work," said David Kennedy, CEO of TrustedSec in Strongsville, Ohio.

A remote "kill switch" would, by definition, have to involve sending a signal to the phone. That signal would have to go out over the cellular network or the Internet, and it would have to "brick" the phone in some fashion, perhaps by simply deleting the OS or by sending out a poisoned firmware update.

But absent of some kind of physical damage to the hardware, the phone could still be made functional by installing a new OS or by using special tools to fix the firmware.

iPhones, in particular, are "jailbroken" routinely, with the phone running software that's essentially a knock-off operating system. From that perspective, there simply isn't any software-based way to render a phone forever nonfunctional.

And a kill switch could simply be avoided. A thief would have only shut the phone off immediately after he steals it (which most experienced thieves already do to avoid tracking software), then wait until he or she got somewhere without a cellular signal — a metal shed or basement would do.

At that point, the SIM card can be removed and discarded, the phone can be turned on, the data wiped and the handset ID number changed — and the carrier network, and kill switch that depends on it, would be totally ineffective.

  • Someone Somewhere
    The only real way is IMEI blocking.
    Reply
  • doive1231
    They should put kill switches in mini motorbikes to stop them when they tear past on the footpaths.
    Reply