Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Future Has a Kill Switch

Posted by Soulskill on from the not-literally-i-hope dept.

palegray.net writes "Bruce Schneier brings us his perspective on a future filled with kill switches; from OnStar-equipped automobiles and city buses that can be remotely disabled by police to Microsoft's patent-pending ideas regarding so-called Digital Manners Policies. In Schneier's view, these capabilities aren't exactly high points of our potential future. From the article: 'Once we go down this path — giving one device authority over other devices — the security problems start piling up. Who has the authority to limit functionality of my devices, and how do they get that authority? What prevents them from abusing that power? Do I get the ability to override their limitations? In what circumstances, and how? Can they override my override?' We recently discussed the Pentagon's interest in kill switches for airplanes. At what point does centralizing and/or delegating operational authority over so much of our lives become a dangerous practice of its own?"

5 of 284 comments (clear)

  1. OnStar (no thanks) by Ritz_Just_Ritz · · Score: 4, Interesting

    When I bought a GM vehicle for my wife a couple years ago, the FIRST order of business was to disconnect the antenna to the OnStar box. I don't need big brother being privy to conversations in the car, or tracking my movements. I'm normally not a tin foil fedora kind of guy, but there has already been evidence of police improperly using OnStar to bug vehicles.

  2. A simple solution by MikeRT · · Score: 4, Interesting

    The first time someone launches a mass shutdown order in a metropolitan area during rush hour, will be all it takes to turn the public wildly against this.

  3. Simple questions, simple answers by Dachannien · · Score: 5, Interesting

    • Who has the authority to limit functionality of my devices, and how do they get that authority? In this order: the Content Cabal, Russian hackers, and federal law enforcement. The Content Cabal gets the authority because they pay Congress and/or the FCC for it, the Russian hackers get that authority because our own security-fu is weak, and law enforcement gets it because terrorists scare the shit out of us.
    • What prevents them from abusing that power? Content Cabal: Nothing (once their power is ensconced in law, it's too late); Russian hackers: Nothing (the teeming masses of neophyte device users will never learn to make themselves secure); and Law Enforcement: Nothing (you can't complain about what you don't know about).
    • Do I get the ability to override their limitations? In what circumstances, and how? I want some of what you're smoking. But seriously, the only guaranteed way to override these limitations is to use devices that are not equipped with such "functionality". (In the case of the Content Cabal and law enforcement, this may eventually not be legally possible.)
    • Can they override my override? As with any form of DRM, it will be a war of escalation between those who want control over their own devices and those who have a vested interest in wresting that control away from you. Any security you manage to get for yourself will eventually become obsolete, either because (a) the device itself reaches obsolescence, through format changes, licensing, insufficient processing power, or plain old wear and tear, or (b) the security measures you obtain are eventually counteracted through countersecurity measures. Neither side will win, of course, which is why the Content Cabal and law enforcement will seek criminal penalties against those who try to maintain control over their own devices.
  4. by the numbers by v1 · · Score: 4, Interesting

    Who has the authority to limit functionality of my devices, and how do they get that authority?

    The laws will be written in a way that appears to limit their application, but the reality will be that loopholes will be woven into the rules, or that people like the CIA just plain don't care about laws and will do whatever they please. There will be no accountability. If someone does get their balls in a vice someone higher up will swoop in and "grant them immunity". (where have we heard that recently?)

    What prevents them from abusing that power?

    Given the above legal scene, nothing. That which can be abused, will be abused. We've been down that road so many times my shoes wore out. We're always promised that it's ok to make the laws a little overly broad just to "make sure we get them all", and then as a result the laws are always abused. It's not can be, it's not might be, it's will be. "Can be abused" always ends up "was abused". Unless you write the law without the wiggle room, it will be abused, guaranteed. End of story.

    History tends to show that loopholes that crop up in new laws were introduced by those who made the law, for those that made the law. Things like congress passing telemarketing rules, that they are conveniently exempt from. (where was the justification? they didn't even bother trying to justify it) People that are already in a position of power just assume the laws don't (or shouldn't) apply to them. Nixon was a hilarious example. He was totally convinced it was OK for the president to ignore the laws. He just didn't get around to making himself legally exempt from them in time. Modern equivalents exist, they just learned from his experience and make sure they have an "out" and then proceed in the same manner.

    Do I get the ability to override their limitations? In what circumstances, and how?

    Just like CSS, you can override their limits, but then they'll make it illegal to do so.

    Can they override my override?

    No (what they tell you) Yes. (the actual practice)

    We recently discussed the Pentagon's interest in kill switches for airplanes. At what point does centralizing and/or delegating operational authority over so much of our lives become a dangerous practice of its own?

    Take a look where we are now. Wouldn't you say we passed that point looong ago?

    --
    I work for the Department of Redundancy Department.
  5. Re:Slippery slope by Anonymous Coward · · Score: 4, Interesting

    We already have this.

    I just stopped a consulting job at a well known software company in Redmond, WA. - a man has to eat and feed his kids after all - On the day after my last workday, I booted the laptop I had used for the contract - it had company installed operating system software on it from over the network as that was a requirement - expecting it to log in and extract my "hours worked" data before I flattened it and formatted the NTFS partition. I was going to do the right thing. Turns out I did not need to; It had just stopped working. No login worked at all, and my IRS data that had been kept on the laptop per contract requirements had to be extracted via a "INSERT Linux" boot disk and a USB thumdrive so I could flatten/format the NTFS partition like I was going to anyway before I sent the hardware back (INSERT Linux is great for this, btw), minus any sensitive data.

    They already have the power to time-bomb and kill switch your computer; It's already happened to me, and most people just don't know its possible yet and wont expect it - as I did not - when it happens to them.