Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Cellphones Privacy

Ask Slashdot: Would You Use A Cellphone With A Kill Code? 301

Slashdot reader gordo3000 writes: Given all the recent headlines about border patrol getting up close and personal with phones, I've been wondering why phone manufacturers don't offer a second emergency pin that you can enter that wipes all private information on the phone? In theory, it should be pretty easy to just input a different pin (or unlock pattern) that opens up a factory reset screen on the phone and in the background begins deleting all personal information.

I'd expect that same code could also lock out the USB port until it is finished deleting the data, to help prevent many of the tools they now have to copy out everything on your phone. This nicely prevents you from having to back up and wipe your phone before every trip but leaves you with a safety measure if you get harassed at the border.

It could be built into the operating system, added by the manufacturer, or perhaps sideloaded as a custom mod -- but that begs the question of whether it'd really be a popular feature. So leave your own thoughts in the comments. Would you use a cellphone with a kill code?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Would You Use A Cellphone With A Kill Code?

Comments Filter:
  • Mandatory (Score:4, Informative)

    by Anonymous Coward on Monday February 27, 2017 @04:50AM (#53936941)

    Yes.

    • Re:Mandatory (Score:5, Informative)

      by michelcolman ( 1208008 ) on Monday February 27, 2017 @06:34AM (#53937289)

      There's no need to lock any ports, though: wiping an encrypted phone can be done in less than a millisecond. All you need to do is destroy the encryption key. That's what iPhones do when you enter the wrong pin multiple times, and the effect is instant and irreversible. It would be trivial for Apple to add a feature that wipes the phone for a specific pin chosen by the user.

      Law enforcement can sometimes retrieve a password. But that password only serves to decode the actual decryption key, which is a random sequence of bits. If that key is gone, it would take billions of years to decode the device.

  • by fredgiblet ( 1063752 ) on Monday February 27, 2017 @04:53AM (#53936949)
    Why not have a second PIN that opens a sanitized, but seemingly fully normal, home page? Missing a few critical apps, or having versions signed into a different account.
    • by Gussington ( 4512999 ) on Monday February 27, 2017 @05:23AM (#53937057)

      Why not have a second PIN that opens a sanitized, but seemingly fully normal, home page? Missing a few critical apps, or having versions signed into a different account.

      Because if the device is confiscated, a simple dump of the memory will reveal everything.

      • What you really want is a "destroy adopted storage decryption key + zerofill SD card" option on the recovery menu.

        At least for Android devices anyway.

        • What you really want is a "destroy adopted storage decryption key + zerofill SD card" option on the recovery menu.

          At least for Android devices anyway.

          The SD card can be encrypted too.

          • Adopted storage is actually automatically encrypted with a 128 bit AES key. Assuming gp is using the correct terminology. Adoptable storage [android.com] is the name that android gave to the ability to store entire apps on a specially formatted portion of the microSD card rather than the previous implementation of some developers allowing a small portion of the app to be moved to an encrypted container file on the card. I think it was meant to allow people to supplement those really tiny entry level phones that may only
        • by chihowa ( 366380 )

          Zero-filling the SD card will take forever and, by the time the device is grabbed, most of the data on the card will be intact with the partial zero-fill being obvious evidence of you trying to destroy the contents of the card. Much better to keep the whole SD card encrypted and just destroy the key there, too.

      • Re: (Score:2, Redundant)

        by jbolden ( 176878 )

        Samsung Knox does what the parent wants. If the device gets compromised the Knox subsystem will blow a physical fuse and destroy the data permanently.

        • by torkus ( 1133985 )

          If the device is compromised in a technical sense.

          Knox doesn't do anything at all for your password/PIN being compromised.

      • Then have the duress code present the fake, normal-looking home page, while it deletes the real user data. Then by all appearances nothing happened (evidence tampering/destruction), and your data is wiped, and you can still use your phone afterwards.
  • Why yes (Score:5, Insightful)

    by bytesex ( 112972 ) on Monday February 27, 2017 @04:54AM (#53936953) Homepage

    It would be *very* easy to have smartphones with adequate security from all sorts of perspectives. Secure key storage, secure storage, secure communications, secure boot, secure containers, secure remote management, secure (multiple factor) authentication, secure arbitration of what hardware can access what memory etc. The thing is: if your target audience is largely 15 year old girls, then you probably have commercial priorities elsewhere.

    • Re:Why yes (Score:5, Insightful)

      by geekmux ( 1040042 ) on Monday February 27, 2017 @05:46AM (#53937153)

      It would be *very* easy to have smartphones with adequate security from all sorts of perspectives. Secure key storage, secure storage, secure communications, secure boot, secure containers, secure remote management, secure (multiple factor) authentication, secure arbitration of what hardware can access what memory etc.

      It would be *very* easy for citizens to give a shit enough about their privacy to not carry around their entire lives in a cellular tracking device too.

      Simple fact is, they don't give a shit, convenience trumps privacy every time, and it's gonna take a hell of a lot more than a dozen border patrol searches gone overboard to change human behavior.

      The thing is: if your target audience is largely 15 year old girls, then you probably have commercial priorities elsewhere.

      Yeah right. Everyone from 7 - 70 years old uses a cellular device these days, and the models are hardly different no matter who is using it. Governments rather enjoy insecure civilian communications and devices. They also know you will gladly surrender your Rights in exchange for giving back the precious confiscated cell phone. Addiction is often an easy exploit in order to enforce Control.

    • Re: (Score:3, Interesting)

      by GuB-42 ( 2483988 )

      People don't want super-tight security.
      They don't want to enter passwords everytime they need to use their phone, especially not long/string passwords.
      They want to be able to recover their password in case they forget it.
      They want their apps to communicate : share a picture in one click, have their contact book shared between multiple services.
      Some want to be able to customize their device, add features, etc...

      Securing a device while taking into account user needs for a general purpose computer (this is wha

    • by AmiMoJo ( 196126 )

      Lots of phones have that level of security now. Their target audience is business users and consumers who care about privacy. 15 year olds don't really buy many phones, having little disposable income and only one birthday/xmas a year.

    • by chihowa ( 366380 )

      You could have phones with great security that even the 15 year old girls would be fine with. The priorities toward non-securirty come from the the data harvesting interests of the phone manufacturers, carriers, advertising companies, and (comparatively distantly) snooping governments.

      Seriously... the most common phone OS is developed by an advertising company and it's a surprise that security and privacy are low priorities?

  • No. (Score:5, Insightful)

    by Anonymous Coward on Monday February 27, 2017 @04:58AM (#53936967)
    I'll just avoid travelling to the US.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      This. In practically no other "modern western country" is this an issue except in the US (and to some extent in the UK either now or in the immediate future). Everyone knows this. Everyone knows how to avaoid it, and that makes it completely useless.

  • Put in a PIN code. Set the phone to wipe after 3 incorrect attempts.
    When the phone goes to wipe itself, it just deletes the crypto key to the main storage, thereby rendering it completely scrambled in an instant. No need to lock out the Lightning port while this occurs, it happens too quickly.

    • Re: (Score:2, Redundant)

      by TheReaperD ( 937405 )

      I would gladly have a phone that would have a self-wipe feature after both a multiple failed attempts and with an alternate code or different fingerprint entered. That last one being especially important with the police forcing people to unlock phone with their fingerprints. This would allow you to use your fingerprint on the phone but instead of unlocking it, it would wipe. Now, you'd be facing destruction of evidence of obstruction of justice charges but, that is probably better than what you would hav

      • Yeah, if I go to the USA again at any stage in the foreseeable future, I'm seriously considering just wiping my phone on the plane and then restoring from a cloud backup as soon as I've cleared customs.

      • by geekmux ( 1040042 ) on Monday February 27, 2017 @05:55AM (#53937199)

        ...Now, you'd be facing destruction of evidence of obstruction of justice charges but, that is probably better than what you would have been facing had the phone been unlocked.

        Fucking seriously?

        Unless you're engaged in some seriously illegal activity that you rather enjoy conducting on your smartphone, perhaps you should *really* sit and think about those charges before making such a statement. Gut feeling is a criminal record will impact you a hell of a lot more than your Facebook data being confiscated.

        • by Kergan ( 780543 )

          Unless you're engaged in some seriously illegal activity that you rather enjoy conducting on your smartphone, perhaps you should *really* sit and think about those charges before making such a statement. Gut feeling is a criminal record will impact you a hell of a lot more than your Facebook data being confiscated.

          > If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.
          > -- Richelieu

        • by AmiMoJo ( 196126 ) <<mojo> <at> <world3.net>> on Monday February 27, 2017 @08:39AM (#53937581) Homepage

          If you give me a phone unlocked by the hand of the most honest of men, I will find something in it which will hang him.

          - Cardinal Richelieu

      • by 0111 1110 ( 518466 ) on Monday February 27, 2017 @06:47AM (#53937315)

        Index finger fingerprint = open phone. Middle finger fingerprint = delete or randomize encryption key. Maybe require a second fingerprint (middle finger on other hand) just to be sure.

      • by lionchild ( 581331 ) on Monday February 27, 2017 @08:48AM (#53937631) Journal

        I thought you were being detained and your phone searched without due process, because you're in one of those legal "grey zones" not technically in the US. If you can't be protected by the laws there, why would you be subject to charges?

        Customs and boarder crossing is becoming more and more the a little mini US GITMO.

  • by kaur ( 1948056 ) on Monday February 27, 2017 @05:10AM (#53937009)

    People will accidentally wipe the phones.
    There would be 10 legitimate use and 10,000,000 acciddental customers with lost data and liability claims.

    I, as a phone / OS provider, would fight this feature.
    I, as a phone user, would fight this feature.

    Imagine a prankster or a drunk friend or a child getting your phone and trying this out.

    • by bazmail ( 764941 )
      Then don't give the code to pranksters or drunk friends. Problem solved.
    • Re:This won't fly. (Score:5, Interesting)

      by rtb61 ( 674572 ) on Monday February 27, 2017 @05:22AM (#53937049) Homepage

      you would actually want three pin codes. One to open the phone, one to clear the phone and one to open the phone and call the police and leave the microphone open but shut down the speaker. Obviously the code for normal open would be the most complex but the other two codes could be simple and easy to remember and distinct eg 1235 and 0070.

    • I, as a phone user, would fight this feature.

      How would you fight it? By moaning loudly on internet forums?
      The proposal is only a wipe. If this happened accidentally you can log back into icloud or your google account and resync. Crisis averted.
      Personally I have no need for it, but if manufacturers built it in I wouldn't complain. It doesn't have to be compulsory, like most features it could be disabled.

      Imagine a prankster or a drunk friend or a child getting your phone and trying this out.

      How would they know the code?

      • by Kjella ( 173770 )

        The proposal is only a wipe. If this happened accidentally you can log back into icloud or your google account and resync. Crisis averted.

        So to protect all your information, put it in the cloud. The NSA loves you.

        How would they know the code?

        Well what should happen when you type the wrong code over and over? Here it's company mandated that four wrong attempts = wipe. Somebody's figured out the hard way what happens when the kid gets hold of your phone, bye bye vacation photos (abroad, too expensive to cloud sync).

      • How would they know the code?

        His code is 0000.

    • People will accidentally wipe the phones. There would be 10 legitimate use and 10,000,000 acciddental customers with lost data and liability claims.

      There would be zero liability claims, and you would agree to that in the EULA you never read.

      I, as a phone / OS provider, would fight this feature. I, as a phone user, would fight this feature.

      Of course you would.

      So would the rest of society, because privacy is the concept that "won't fly" anymore.

  • by vsavkin ( 136167 ) on Monday February 27, 2017 @05:23AM (#53937059)

    Well, you wipe your phone when trying to enter - it means that you have something to hide and should be detained and not allowed in.

  • If they ask to see my phone I should see theirs.
  • by LordHighExecutioner ( 4245243 ) on Monday February 27, 2017 @06:17AM (#53937245)
    The most unsuspicious way would be to have the smartphone selfdestroy itself by shorting the battery or by executing code that overheats the CPU when the appropriate PIN code is entered. This is the reason why I always buy Samsung smartphones: nobody would blame me if "accidentally" it catches fire
  • Please ask yourself: would you remember a pin you set half-year ago and never used it? Although most people will not use it (thus why invest in development), those that know it, 90%(so I won't repeat "most") will forget the wipe PIN and would not rememeber it when needed. You have to be extremely well organised+great memory to be able to use it.

  • I have it already on my own phone; it's a requirement that I change my security settings so that the entire phone is factory reset if the passcode is entered incorrectly a set number of times. I also need to change my PIN regularly, and to register the device with a central authentication server; AND the internal and SD card storage are both encrypted. The requirements came from my desire not to have another work phone to access my NHS emails, but to use my own handset. Since the NHS are so cautious about a
  • WMD app on Android, similar apps on other devices. Hand over your phone, leave customs, borrow another phone, send a text and it's wiped. Also most phone carriers give you a web based service account that also includes a remote wipe function. Corporate Cell phone access and management tools also include this capability.
  • Availability of this feature would result in new regulations which make it illegal to nuke your phone when asked to hand it over to a border agent/law enforcement officer. Add something like 1 year in prison etc and the functionality is practically useless.

  • But don't memorize it, before crossing the border, and send it to yourself securely on another device not in your possession. That way you can swear that you don't know it and cannot obtain it. It becomes something you neither know or have. State that this is your standard travel policy for safety reasons.
    • by niks42 ( 768188 )
      Forgetting a password will land you in jail for two years in the UK, thanks to the RIPA legislation. No ifs, ands or buts.
      • "I don't know it *now*, but I will know it in the future" would be a new defence. Whilst I'd be inclined to agree with you, it might be a new technicality. Not sure I'm ready to risk my liberty to try it out though.

  • by argee ( 1327877 ) on Monday February 27, 2017 @07:10AM (#53937357)

    You are in a foreign country.
    Upload your data to a foreign server.
    I recommend a one-time key for encryption.
    Erase it from your phone.
    Enter the U.S.A.
    Retrieve the data. Erase it from server.
    End of problem.
    Avoids border hassles.
    All perfectly legal.

    • by kaur ( 1948056 )

      You don't call "encrypt and upload all your data, reset your device, restore data" a "hassle"?
      Consumers disagree.

      • by wbr1 ( 2538558 )
        Rooted phone, using nandrod backup in TWRP or Titanium backup. Drop the encrypted 7z wherever. It is multiple GB so if necessary just have it on a couple thumbdrives for redundancy. Takes lass than an hour in your hotel before you leave.
    • Surely...

      Upload your data to foreign server
      Take a burner phone, or indeed no phone at all (and buy one on arrivial)
      Copy data from server to new phone, or just reference it on server ...would be less hassle.

    • You are in a foreign country.
      Upload your data to a foreign server.
      ...

      Seems to me that an easier solution is to just buy a cheap pay-as-you go burner flip phone. Bring a camera if you want to take photos.

  • 18 USC 1503 (Score:4, Informative)

    by tlambert ( 566799 ) on Monday February 27, 2017 @07:12AM (#53937363)

    18 USC 1503 : Federal Obstruction of Justice.

    10 years in a Federal pound-you-in-the-ass prison.

    Your new cellmate is named "Bubba".

    • I thought US law was suspended at the border. Otherwise the protections of the Constitution would apply.

  • I can text a kill code from a trusted sender, e.g. my wife's cell. They turn on a siren, wipe, etc... https://www.avast.com/en-us/an... [avast.com]
  • Most people may not like having their phones perused, but they also don't mind terribly, and don't travel so often.

    If you do mind, you already have two phones, one for home and one for traveling. That's a safer solution, even if you have to keep both updated.

    The real problem will come when not having a Facebook account will make you lose your flight, marking you as a suspect element.

  • The real issue is that you are storing sensitive information on a device on which you don't have root.
    If you don't have root then how could you trust your phone to keep that data safe in the first place?

    Also, the sensitive info that authorities are after are your phone book, your call history and your photos.
    The phone should be configured to not store those on the phone itself, either not store them at all to have them on a secure server somewhere.

    • by ebyrob ( 165903 )

      This ^^

      Heck, even with root, are you sure you can trust the manufacturers enough not to be keeping something and sharing it with "the authorities". SIM cards, SOC, hidden hardware functionality. Do we really know what those devices are/aren't doing below the OS level?

  • Anything designed for "war" can be hacked, or can accidentally go off. I'm happy with a reasonable level of security and a realistic understanding of the risks. Most phones provide the first and most users completely fail to get the second. Just give me a padlock that will keep out the vast majority of casual identity thieves.

  • Remember folks in the USA, you COULD then be charged with tampering with evidence or DESTROYING evidence if you use a kill code. A very slippery slope. Rather, you enter a code in that locks, the phone down, and the next time someone enters any other code than your rescind code, the phone wipes, that way YOU are not the one that wiped it, with L.E. did. However, I am sure they WILL still charge you with something as they will be P!ssed off!
    • This is the real danger of using a kill or wipe code.

      Still better than handing over your phone. The first rule of criminal law if that you never, ever talk to police without your lawyer present. Never. No matter how innocent or how innocuous the situation is, if you are being questioned you must have your lawyer. Personally, I have nothing to hide, but I'd still wipe my phone if I were detained by TSA or law enforcement.

      • by dbIII ( 701233 )

        The first rule of criminal law if that you never, ever talk to police without your lawyer present. Never. No matter how innocent or how innocuous the situation is

        That works in a perfect world where the police respect you. A lot of people on this site are not in that perfect world and have a choice of talking very politely to police or suffering consequences, sometimes physical ones, if they are silent.

        People with nothing to hide, such as a 70 year old children's book author this week (on her 116th trip to

  • In the United States if a border agent asks for your cellphone and you wipe it right there, you've just broken the law. You can now be charged with an obstruction of justice charge. Now if you wipe your phone on the flight or before you're interacting with the border agent, then you've done nothing. But once they ask for it, any actions you do to delete the information on that device is illegal.
    • Either you have Constitutional rights and won't have to hand over your phone, or you're not under US law at the US border and there's no law to charge you with. There's no legitimate way to charge with a crime at the border like that.

  • For those worried about hackers remotely wiping your phone - such a mechanism already exists. If you mis-enter your pin X times, most phones will automatically lock or wipe as an anti-theft protection. If you're concerted about a hacker entering your wipe code, you should be more concerned about the same hacker entering 5/10/12 incorrect PINs and locking you out or using the iOS or Android Find My Phone functionality to remotely wipe the phone.

  • I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept. If I'm being forced to unlock my phone, I want to make it tough to disappear me, no matter what the circumstances are.

    If you want, have it fire a user-defined script too, that way if you want to fry your crypto memory, have at it, or wipe your lastpass storage, or whatever.

    M

    • I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept.

      That's a great idea - until they start operating Stingray equipment at all borders so they can control your phone's data traffic and prevent any such 'security breaches'.

  • Our sales reps take factory wiped burner phones and laptops with them when they go on trips to the USA...
    • Our sales reps take factory wiped burner phones and laptops with them when they go on trips to the USA...

      How long will it be before 'clean' devices like that will be sufficient cause for being denied entry? For the "nothing to hide, nothing to fear" crowd running things now, anything suggesting that you value your own privacy enough to take precautions, makes you at least an object of suspicion, and possibly even a criminal or a terrorist.

  • by jenningsthecat ( 1525947 ) on Monday February 27, 2017 @10:28AM (#53938023)

    Wouldn't it be better to start holding our governments accountable to us, the people who elected the leaders of said governments, and the people who ultimately pay all their salaries? Yeah, I know, corporations own the governments, you can't fight city hall, etc. But really, fuck this nonsense of either taking inconvenient, expensive, extraordinary, and unreliable countermeasures to protect ourselves from our own elected and paid for governments, or taking it up the a** from same! It's time to start organizing and fighting for change, the way civil rights activists did decades ago. Our civil rights are being violated, and it's time to politely but firmly say "No!" to sitting at the back of our own goddamned bus!

  • by nine-times ( 778537 ) <nine.times@gmail.com> on Monday February 27, 2017 @10:45AM (#53938153) Homepage

    If you're worried about the border patrol, it seems pretty easy to know when you're approaching a border. You can just wipe the phone in advance using the built in feature to wipe the phone and return it to the factory settings.

    The whole thing gets more complicated if we're assuming the police just start confiscating phones of random people without a warrant, but I'd imagine that would face a stronger 4th amendment challenge. And really, at that point, I don't think a kill switch would be good enough. I'd want manufacturers to rethink the whole security design, probably limiting the information stored on the phone in the first place.

  • The Nokia 3010 just came back on the market for $50. This sucker will have a battery life for MONTHS. If all you need is a phone and you travel and don't want the bad man looking at your email just carry a crappy phone that you don't mind losing and forward all your phone calls to that other number.

    I'd love to see the look on the security person's face when they try to figure that device out. It'll be insanely hilarious.
  • by PPH ( 736903 ) on Monday February 27, 2017 @12:40PM (#53939095)

    Because I'd lose my Candy Crush high score.

  • 1. I don't use a smartphone, because they are proven time and time again to be easily exploited and compromised, even if you're careful
    2. I wouldn't buy a smartphone, for the reasons stated in #1
    3. If I found I had no choice but to own a smartphone, all Internet access would be disabled by intentional misconfigure of network settings (and NO, I don't care)
    4. #1 through #3 having been said: If I was travelling internationally, I would NEVER bring my actual phone with me, I would get a cheap prepaid phone,
  • I was with you until you said it brings up a wiping screen. I doubt very much that the feds/TSA really give a crap that your last facebook post said you think Trump is an Ahole, otherwise they'd be detaining about 50% of everyone travelling, but the moment they see your phone is wiping itself they will assume you must have something to far more significant to hide.
    A much better bet would be to have a removeable SD card and/or a password that silently logs in to a second environment which just has a bunch of

  • Physical wipes are worthless because they take way too long and expose users to liability WRT destruction of evidence.

    What I would like to see are mobile computers sporting encrypted file systems designed for deniability. Availability of data depends on key(s) entered by users.

    You could elect to enter a "duress" key that only reveals bullshit.

    Or you could enter your normal key yet elect not to enter additional keys to reveal additional data. For example a work key that unlocks proprietary data related to

  • The problem with your plan is it would be obstruction. You are destroying information the government has requested you provide obstructing their investigation. If you wipe the phone prior to the government requesting it you've done nothing wrong.

    If you're concerned about the government accessing your cell phone or computer while you cross the border, wipe it and restore it at your destination.

Neutrinos are into physicists.

Working...