Slashdot Mirror

← Back to Stories (view on slashdot.org)

It's Time To Start Taking Stolen Phones Seriously

Posted by samzenpus on from the something-worth-stealing dept.

itwbennett writes "'Find My iPhone' is neat, but it's time for smartphone makers and carriers to stop pretending their anti-theft measures are anything more than minimum viable products, says blogger Kevin Purdy. He's not the first to point this out: As reported in Slashdot, 'NYC Mayor Michael Bloomberg said overall crime in New York City was up 3.3% in 2012 due to iPhone, iPad and other Apple device thefts.' And now San Francisco and New York attorneys general are calling a 'Smartphone Summit' where representatives from Apple, Google, Samsung, and Microsoft are due to meet and discuss the implementation of a industry-wide 'kill switch' system."

53 of 282 comments (clear)

  1. But, But... by Anonymous Coward · · Score: 5, Insightful

    When a phone is stolen, another phone gets purchased. Reducing phone thefts will cut into new phone sales!

    1. Re:But, But... by Randall311 · · Score: 5, Insightful

      You mean "free" as in the price of the insurance right? So not so free...

    2. Re:But, But... by calzones · · Score: 4, Insightful

      I keep seeing this line of reasoning on the matter here on /.

      Honestly, it's pretty fucking vapid. The marginal revenue companies get from people buying replacements for stolen products is simply not a viable business model. They may prefer not to spend money dealing with a problem they see as the consumer's and not theirs, but to ascribe some insidious plot on their part to make extra money off of people who get their stuff stolen... it's inane.

      --
      Asking people to think is like asking them to buy you a new car
    3. Re:But, But... by justthinkit · · Score: 4, Insightful
      $Phonemaker does nothing, tons of phones get stolen, $Phonemaker makes tons of replacement phones (i.e. tons of money).
      .

      Or

      $Phonemaker makes a used phone useless, no phones get stolen and $Phonemaker loses tons of money in lost replacement phone revenue.

      Can you explain how each phone stolen is "marginal", as opposed to 100%, gain? Basically, if they do nothing they find money for zero work. This model dictates exactly what they should do -- absolutely nothing. No wonder they are having a big pow-wow about it. Might need to have annual meetings even.

      --
      I come here for the love
    4. Re: But, But... by Anonymous Coward · · Score: 2, Insightful

      Instead of buying a stolen phone someone then has to buy a new phone.

    5. Re:But, But... by bferrell · · Score: 4, Informative

      It's not buying a new phone that is the business model.

      1.) The device is stolen
      2.) New device obtained. (some $$)
      3.) Old device is activated by someone new (recurring new $$. Here is the money for the carrier)

      Now, many many years ago, I was a cellular switching site manager (before we had the giant carrier we have now). When I learn how cellular worked, it was explicitly state the the devices had a thing called an ESN (electronic Serial Number). This was for activating the device AND stolen devices were SUPPOSED to go into a shared database that would be checked to assure stolen devices were not activated. The marketing manager was livid that such a thing could exist. Needless to say it's pretty obvious today how that worked out. There is no shared database of stolen devices in the US (North America?). There is in Europe.

      'nuff said

    6. Re:But, But... by rogueippacket · · Score: 4, Insightful

      Just think it through. Ha ha ha...
      No but seriously, there is no guarantee that a user who has their phone stolen will buy that same phone again. So it's already not 100% gain, they may go to a competitor or buy a refurbished phone from their carrier. Next, assuming they do buy a replacement from you, there is also no guarantee they will buy the same model. They may buy a cheaper one which has lower margins, as many people do when they feel they were targeted as a result of owning the hottest model or simply cannot pay off their subsidy right away.
      Okay, so as a result of this theft, you may wind up selling another phone and make a few bucks - but there are no guarantees whatsoever, and this means you cannot plan around illegal activity when building your financial models. This was the point made above, the returns are simply too small and too unreliable to factor into the models when compared to something like adding new features or running a series of marketing campaigns.
      To coin a car analogy, it would be like Audi saying "Our cars are stolen the most, so we can expect greater revenues as a result" - would you buy an Audi knowing that? Or would you buy a phone from the first manufacturer who allows your car to be killed when it is stolen?

    7. Re:But, But... by tsotha · · Score: 2

      $Phonemaker does nothing, tons of phones get stolen, $Phonemaker makes tons of replacement phones (i.e. tons of money).

      Only if you assume the stolen phone never makes it back onto the market. Otherwise when a customer buys a stolen phone the phone maker loses a sale. It's a wash.

    8. Re:But, But... by irving47 · · Score: 2

      Well, *theft* is... in these cases... But maybe you're worried about people that hobble up to you on a wooden peg-leg and say ARRR Matey... I'll be takin' yer phone, and there's a musketball with yer name on it if ye give chase!

      --
      I had a sucky sig.
    9. Re:But, But... by irving47 · · Score: 2

      You're dead-on close... I used to work for a couple of resellers and it made me mad we didn't have databases at all when I knew as well as you what the ESN's and IMEI's could be used for in this regard.
      We do have stolen device databases now... I believe they're still carrier specific at the moment, but they were to be combined this year or next, I think. Yeah, a marketing manager like that doesn't surprise me at all. Too bad the carriers wouldn't come up with that on their own, but hey, money is money.

      --
      I had a sucky sig.
    10. Re:But, But... by irving47 · · Score: 2

      Forgot to mention the reason we suddenly got the databases... They were "voluntarily" created by the companies a few weeks (or was it days) they got called in front of congress wondering about what could be done...

      --
      I had a sucky sig.
    11. Re:But, But... by xevioso · · Score: 2

      Well, as a counter example, I have at least two friends who have had their phones stolen twice. In addition, I DJ at a club, where phone thefts are rampant; I know of at least 15 instances at said club where people who have had a phone in a purse/jacket/backpack and foolishly left it somewhere while dancing returned to find them stolen. Its a FUCKING rampant problem here in San Francisco.

    12. Re:But, But... by Dahamma · · Score: 3, Informative

      Let's say 5% of iPhone owners have had their phones stolen over all of time (which is a large number if you think of it), that would mean for all the bullshit the company has to put up with regarding a stolen phone they would make all of 5% extra on top of their normal sales. That's ridiculous if you think about it.

      Apple made $80B (BILLION) dollars in iPhone revenue last year. 5% of that is $4B (FOUR BILLION DOLLARS!). You'd better fucking believe $4B in revenue is worth putting up with an UNFATHOMABLY MASSIVE amount of "bullshit".

      Oh, and no need for "piss poor" anecdotes - NY and SF police have stated over 40% of all robberies in their cities now involve cell phones. So yes, tons - literally metric tons - of cell phones are stolen every year in those cities alone...

    13. Re:But, But... by sjames · · Score: 2

      It's the perfect way for them to get another sale even from a 'customer' who can't or won't pay for it.

      A buys 1 phone. B can't afford a phone so he buys 0 phones. B steals A's phone. A buys another phone. They have now sold 2 phones where in a theft free world they would have sold 1.

    14. Re:But, But... by rossz · · Score: 4, Informative

      You can argue all you want that it's not a viable business model to not disable cell phones, but large parts of Europe already have a cell phone "kill switch" and it has virtually eliminated cell phone thefts.

      --
      -- Will program for bandwidth
    15. Re:But, But... by Carewolf · · Score: 2

      You have your number blocked by your carrier, but the phone ID is blocked by the police when you report it stolen. The insurance companies will not cover your loss unless you report it stolen and ensure the thief can not use it.

    16. Re:But, But... by Slashdot+Parent · · Score: 2

      The marginal revenue companies get from people buying replacements for stolen products is simply not a viable business model.

      But the revenue from the insurance plans is huge! You pay $7 a month or something for the "privilege" of paying a $150 deductible for a refurb model that cost them $75 in case you lose your phone.

      If people didn't fear phone theft, then many fewer people would buy the insurance.

      --
      They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
  2. Are you serious? by OhANameWhatName · · Score: 3, Interesting

    industry-wide 'kill switch' system

    It's really for stolen phones .. just like the kill switch for the internet was for emergency purposes. This has nothing whatsoever to do with cutting off people's means of communicating effectively with each other.

    1. Re:Are you serious? by sjwt · · Score: 4, Informative

      LOL your so funny, cause if the Government wanted to or the phone provider wanted to they couldn't cut of your phone access any other way?

      People don't get mugged for phones much out here in Australia, all you have to do is report the phone stolen and its blacklisted.. Not even doggy pawn shops take a phone without checking that. You would be left selling on ebay, even then the buyer would just file through Paypal to get their cash back.

      --
      You have 5 Moderator Points!
      Which Helpless Linux zealot/MS basher do you want to mod down today?
    2. Re:Are you serious? by MrDoh! · · Score: 2

      Why cut off a phone? Why not let the police use these amazing features the phones have to basically ring the cops and direct them to the thief? Boom, you get the phone back, and catch a thief (or someone receiving stolen goods, that lets you then investigate them/find the person who sold them the phone). Rather than fix the symptom of the stolen phone, why not go just that bit further to stop crime and catch the bad guys? Would anyone A) steal a phone knowing they'll be caught B) buy a cheap stolen phone knowing they'll be caught?

      --
      Waiting for an amusing sig.
    3. Re:Are you serious? by Tom · · Score: 2

      No, it doesn't, because you can already do that. Remember, you are on the carriers network? He can deny service to you at any time, and he will if, for example, you didn't pay the bill.

      If I'm the NSA and want to get you shut down, all I need is your name, address, birth date or whatever the carrier uses to identify you, and a nice letter to the carrier who'll roll over anyways.

      --
      Assorted stuff I do sometimes: Lemuria.org
    4. Re:Are you serious? by Nanoda · · Score: 4, Insightful

      It's really for stolen phones .. just like the kill switch for the internet was for emergency purposes. This has nothing whatsoever to do with cutting off people's means of communicating effectively with each other.

      Don't be asinine. Your cellphone can already be tracked, tapped, disabled, folded, spindled and mutilated. What this is about is centralising and sharing information about stolen phones so that the utility of stolen phones diminishes to the point that you walking around with an iPhone doesn't look like an easy 200$ target to ne'er-do-wells.

    5. Re:Are you serious? by Dahamma · · Score: 4, Insightful

      Because there are so many phones stolen and so many more serious crimes to investigate that the police don't give a crap about your stolen cell phone. You must not have ever had one stolen, because almost anyone who has (myself included) can confirm this complete lack of interest ;)

      If the police cared, the technology is already there to catch many phone thieves. But everyone knows they won't bother. It's much easier (and nearly free) just to make the phone a brick to discourage it in the first place than spend MANY thousands of dollars of taxpayer money on investigation, arrest, booking, court hearing/trial, and imprisonment for a $500 piece of electronics.

    6. Re:Are you serious? by BitZtream · · Score: 2

      And you fail at reading comprehension where he says ...

      THAT THE AUSTRALIAN GOVERNMENT DOES EXACTLY WHAT THE PEOPLE WANT THE KILL SWITCH FOR.

      Really, rather than 'mentioning' something, you should read what you're replying to.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    7. Re:Are you serious? by stephanruby · · Score: 2

      Yes, San Francisco would love an industry-wide cell phone kill-switch.

      The next time, there is Bart cop shooting a person in the back while that person he's laying face-down on the floor, witnesses won't be able to upload the video on youtube before their phone gets confiscated.

      Also, think of the ramifications the next time there is a mass protest. It would be great if you could kill cell phones from thousands protesters, all from only one switch. That would be a Mayor's wet dream!

    8. Re:Are you serious? by stealth_finger · · Score: 2

      People don't get mugged for phones much out here in Australia, all you have to do is report the phone stolen and its blacklisted.

      What's to stop somebody from reporting *YOUR* phone as stolen to inconvenience you?

      Yes, there are people in the world that are demented enough that doing something like that would be enjoyable.... all they'd need to know is your phone number.

      They'd need your IMIE number and to convince the network they're you. You could get it reactivated by contacting your network to find out why you can't make calls, be told it's blacklisted, prove yourself as the owner, probably by your receipt or further account details. It can be undone. Only your home network can do it but it's across all networks.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    9. Re:Are you serious? by L1mewater · · Score: 2

      Those "find my iphone" things actually often have pretty poor accuracy. They'll get you within two hundred yards or something pretty reliably, but that's not all that helpful in a densely populated area. There are lots of stories of innocent people having folks show up at their door all hours of the day or night falsely accusing them of stealing their phones due to this. I'm not generally a big fan of police officers, but I think their (in)action in such cases is actually warranted here.

  3. Why is it a consumer isue? by waddgodd · · Score: 3, Funny

    The NSA is listening in on everything anyways, why aren't they arresting phone thieves when they use the phones?

    --
    Just because you're paranoid doesn't mean they aren't out to get you
  4. Cerberus is free today through AppGratis by technomom · · Score: 4, Informative

    The best best for Android is Cerberus. Seriously, it does everything that "Find my iPhone" does plus a few things it will never do. It's free today through AppGratis http://www.droid-life.com/2013/06/06/deal-cerberus-lifetime-license-is-free-today-from-appgratis/

    If you happen to have a rooted phone, there's even a ROM version which will survive a Factory Reset.

    1. Re:Cerberus is free today through AppGratis by pruss · · Score: 5, Informative

      This may be rather good, but I've felt rather uncomfortable with closed source apps that are track a phone or wipe data, and especially ones that can survive a hard reset, so I spent a few hours and rolled together a super-simple, no-UI app (passwords are hardcoded into the source, so I am distributing this source-only: https://code.google.com/p/roottracker/ ) that does basic phone tracking and wiping via SMS. I tried to make the source simple enough that one can easily verify the lack of backdoors.

    2. Re:Cerberus is free today through AppGratis by readingaccount · · Score: 3, Informative

      What makes Cerberus better than Prey? Someone else commented concern for a closed-source tool, whereas Prey is completely open source AFAIK. They both seem to do the same thing, just one has better marketing apparently.

  5. Wrong target by w1zz4 · · Score: 2

    The solution can only be good if provider are the one who are force to fix the issue. You need to realize provider will allow stolen phone on their network until they are force no do to so. The main reason that explain this is that they already lost the phone, if they don't reactivate it to the person who bought it on the street/pawn shop/craigslist, the profit that could be made on this phone is lost forever...

  6. If VZW wont help, just call the NSA by anthony_greer · · Score: 4, Funny

    They will know exactly where that bad boy is and who the theif is calling...

  7. Blame game by Anonymous Coward · · Score: 5, Funny

    NYC Mayor Michael Bloomberg said overall crime in New York City was up 3.3% in 2012 due to iPhone, iPad and other Apple device thefts

    It's Apple's fault that NYC is a crime ridden shit hole. If these disgusting companies would stop making products that people actually want New Yorkers wouldn't have to resort to robbing each other! Why can't Apple and Google be more like Microsoft!

    1. Re:Blame game by clarkkent09 · · Score: 4, Funny

      We are talking about Bloomberg here, the guy who blames large cups for obesity.

      --
      Negative moral value of force outweighs the positive value of good intentions.
  8. Blacklist IMEI? by pauljlucas · · Score: 4, Informative

    Why can't they just blacklist the phone's IMEI?

    --
    If you reply, do so only to what I explicitly wrote. If I didn't write it, don't assume or infer it.
    1. Re:Blacklist IMEI? by MavEtJu · · Score: 4, Insightful

      They said that in the article: It gets sold to a carrier which is not querying the US version of the Stolen Phone database.

      We need something like DNS but then for IMEI numbers. .imei :-)

      --
      bash$ :(){ :|:&};:
  9. Not free by DaveSlash · · Score: 5, Insightful

    After a $150 deductible

    --
    Burn FAT not OIL
  10. Why not block by IMEI -what the rest of world do. by johnjones · · Score: 4, Informative

    cut them off at the network... NYC are talking to the wrong people they need to speak to GSM and CTIA.

    they do it in Europe as well the USA is very slow about this...

    " Carriers AT&T and T-Mobile offer a joint database, as the carriers use the same basic networking technology. Verizon and Sprint offer a second database. By the end of November 2013, the four carriers will combine databases, and adding smaller carriers like Nex-Tech and Cellcom. Plans exist to link the US database with an international version hosted by the GSM Association to prevent stolen phones from being shipped to overseas markets and used on other networks."

  11. Sounds like a comic book super hero job by GoodNewsJimDotCom · · Score: 3, Insightful

    The phone is bait. It should commonly lead you to criminals who have done other illegal things. A super hero who retrieves phones just so he can honeypot get to the criminals would be legit. All he'd need to do is use GPS, then call the phone when he's in range and have a conversation with his prey before closing the distance and kicking tail.

    I understand why real cops wouldn't want to retrieve phones. It would be easy to spot, but they would be encountering possibly violent criminals more often. No one wants to die even if they're doing their job more effectively.

    --
    God spoke to me
  12. Re:No Kill by mark-t · · Score: 4, Insightful

    What we need is central industry DB that a stolen phone is registered to. Once registered to this DB no carrier in US would allow on their network.

    Apple, Google, Blackbery would ban these devices from their servers also.

    You could have stopped right there. That alone would have negated a lot of the incentive of stealing phones in the first place.

    If anyone buys a phone without checking and later it is found to have been slolden then they get to share in the charges from the person who committed crime. If he killed or maimed they get charges as accessories.

    That rings far too much like "guilty until proven innocent".

    It's stolen property... handle it identically to that. The possessor surrenders it to the authorities at their own expense.

    --
    File under 'M' for 'Manic ranting'
  13. Bad Idea by pitchpipe · · Score: 2, Insightful

    ... Apple, Google, Samsung, and Microsoft are due to meet and discuss the implementation of a industry-wide 'kill switch' system."

    Soon to be highjacked by the job-creating content industry.

    Oops, sorry, looks like you'd better stop pirating Mickey Mouse from 75 years ago if you want to make that emergency call!

    --
    Look where all this talking got us, baby.
  14. IMEI blacklists, use them! by Nichotin · · Score: 2

    I am from a country where all the operators adhere to the CEIR blacklists. Phones are blocked by IMEI, and it is not necessarily trivial to change the IMEI on modern phones. The problem is that most users who have their phone stolen do not bother (or know how) to blacklist. Just reporting the phone stolen does not automatically blacklist it, one has to fill out a separate form for that. If something was done so that close to all stolen phones are blacklisted, stealing a phone would immediately become a lot less lucrative. At least from my experience in Norway, phones are stolen to resell locally or for the thief to use. Effective blacklisting would make sure that stealing a phone would only be feasible for anyone who would send them to a country where blacklists are not enforced, or someoene with the equipment and knowhow on changing IMEIs. This would pretty much rule out petty thiefs.

    --
    Dvorak on Doomtech
  15. So what is the problem? by wisnoskij · · Score: 2

    If you wallet is stolen, you don't expect to get any cash in in back. If your watch in stolen, or your TV, you should not expect to see either again.
    And if your phone is stolen, like every other object on the planet, you most likely will not see it again.

    --
    Troll is not a replacement for I disagree.
    1. Re:So what is the problem? by Sockatume · · Score: 2

      Unlike watches, TVs, or wallets, phones contain technology that should make it trivial to either retrieve the device or reduce its resale value to near-zero by rendering it inoperative. The former reduces the victim's burden and the latter reduces the thief's incentive.

      --
      No kidding!!! What do you say at this point?
  16. On Verizon Wireless by Silver+Surfer+1 · · Score: 2

    When a phone is reported lost or stolen the MEID and the SIM card # are added to a list and cannot be used on the VZW network. Often though the first thing a

    competent thief will due is turn the phone off preventing any GPS locating software to track the phone. The phone will either be sold to a person who does not

    check the MEID # (and when they try and do an ESN change will be told the phone is on the lost stolen list and to please take the phone into a VZW Corp. store.)

    Or they take the phone someplace like Cricket and they will flash the phone to work on the Cricket network. Another option is the phone will be parted out.

  17. You aren't looking at systemic effects. by xmark · · Score: 4, Insightful

    Yes, the phonemaker gets more revenue. However, the money used to fund those replacements comes from an increased levy on all phone purchasers who have coverage. So everyone with coverage pays more for phones. The extra money that everyone pays for phones means less money spent on all other possible purchases. So Apple's revenue increase is Krogers' or Target's or Shell's decrease.

    We usually disregard widely-distributed costs and look at local effects. This is especially true of politicians. But those effects are real and directly affect the aggregate economy numbers.

  18. Re:Exactly by c0lo · · Score: 2

    Given that we have such tools, why would we even need a kill switch?

    You may not need it. The manufacturers do... every stolen and non-killed phone is a lost sale. Pretty much like pirating music or a movie, isn't it?

    (ducks)

    --
    Questions raise, answers kill. Raise questions to stay alive.
  19. 2 things by Osgeld · · Score: 3, Funny

    I own a microsoft powered phone, no one wants it

    What happens when "hackers" get hold of this kill switch?

  20. Absolute Software... by CohibaVancouver · · Score: 2

    Absolute Software has been in the business of tracking and recovering stolen computers for years. They've recovered nearly 29,000 stolen computers, and they've just expanded to phones - Samsung has just integrated their technology in the firmware level on the S4, with other devices coming soon. Their tracking agent will survive a phone reset and their forensic tools (deployed post-theft) mean that they can actually catch the guy that knocked you over the head and stole your phone.

    http://www.zdnet.com/new-lojack-solution-for-galaxy-s4-makes-theft-meaningless-7000016433/

    Unlike a software solution only, the Absolute Software LoJack system is both a hardware and software solution. Starting with the Samsung Galaxy S4, Absolute's persistence technology is built into the firmware of the S4 and cannot be removed, even if the device is restored to factory settings.

    The Galaxy S4 has the technology built in now, but the necessary Absolute software solution is not yet available. When it is available, you will be able to remotely lock your device, locate it, erase the data from the device and storage card, or have the Absolute Investigation and Recovery Services Team attempt to recover it.

    The Recovery Team is made up of experts from law enforcement, the FBI, the Marines, the US Army, and other government positions. To date, they have recovered 28,000+ devices (laptops and PCs) in over 95 countries.

  21. just have police do their thing! by itsme1234 · · Score: 2

    We all know there is no security without physical security.
    But let's forget about that for a second.
    Even if you make it ueber-secure (not like today when in many Samsung devices the IMEI is actually in some obfuscated file in the efs partition!) and you really manage to bound each device to an IMEI you still have the challange of managing the blacklist/"nuke from the orbit" authorization list.

    It costs 5-10-15EUR to send a box full with phones across Europe, and no customs at all if it's within EU.
    You need to have (at least) EU-wide database. How do you manage that? What recourse you have if you bought your phone in Germany, you leave in Belgium and it gets blacklisted by an operator in Bulgaria based on some typo from a dodgy police station in village? How can you argue that (hint: they don't even use the latin alphabet in Bulgaria)?

    We had enough of this country-coded DVDs and network locked phone and all the crap. Any more of this and will give (another) unfair advantage to your operator: the only safe phones will be the ones bought directly, they know for sure it's legit. Anything else is a risk.

    The real way out here is just to have police go after the thieves. Even the older phones could be tracked well enough and with some social engineering (if you had access to the list of calls) you could find out who has the phone without any GPS or camera and whatnot. However, they just don't bother even if you give them the position of the phone within meters, inside a single-house and a picture of the user.

  22. Re:No Kill by jittles · · Score: 2

    What we need is central industry DB that a stolen phone is registered to. Once registered to this DB no carrier in US would allow on their network.

    Apple, Google, Blackbery would ban these devices from their servers also.

    You could have stopped right there. That alone would have negated a lot of the incentive of stealing phones in the first place.

    If anyone buys a phone without checking and later it is found to have been slolden then they get to share in the charges from the person who committed crime. If he killed or maimed they get charges as accessories.

    That rings far too much like "guilty until proven innocent".

    It's stolen property... handle it identically to that. The possessor surrenders it to the authorities at their own expense.

    Note that, in most jurisdictions, possession of stolen property IS a crime, regardless of whether or not you actually know that the property is stolen. If the DA is very busy, or honestly believes that you did not knowingly purchase stolen property, you will just lose said property. If they think you should have known, you may very well be faced with criminal charges.

  23. The cops have better things to do--like pot busts! by Ellis+D.+Tripp · · Score: 2

    Why would they "spend MANY thousands of dollars of taxpayer money on investigation, arrest, booking, court hearing/trial, and imprisonment for a $500 piece of electronics" when they could spend MANY thousands of dollars of taxpayer money on investigation, arrest, booking, court hearing/trial, and imprisonment for a $10 bag of weed?

    --
    Remember "News for Nerds, Stuff that Matters"? Help make it a reality again! http://soylentnews.org