Slashdot Mirror
Ask Slashdot: Would You Use A Cellphone With A Kill Code?
Slashdot reader gordo3000 writes:
Given all the recent headlines about border patrol getting up close and personal with phones, I've been wondering why phone manufacturers don't offer a second emergency pin that you can enter that wipes all private information on the phone? In theory, it should be pretty easy to just input a different pin (or unlock pattern) that opens up a factory reset screen on the phone and in the background begins deleting all personal information.
I'd expect that same code could also lock out the USB port until it is finished deleting the data, to help prevent many of the tools they now have to copy out everything on your phone. This nicely prevents you from having to back up and wipe your phone before every trip but leaves you with a safety measure if you get harassed at the border.
It could be built into the operating system, added by the manufacturer, or perhaps sideloaded as a custom mod -- but that begs the question of whether it'd really be a popular feature. So leave your own thoughts in the comments. Would you use a cellphone with a kill code?
I'd expect that same code could also lock out the USB port until it is finished deleting the data, to help prevent many of the tools they now have to copy out everything on your phone. This nicely prevents you from having to back up and wipe your phone before every trip but leaves you with a safety measure if you get harassed at the border.
It could be built into the operating system, added by the manufacturer, or perhaps sideloaded as a custom mod -- but that begs the question of whether it'd really be a popular feature. So leave your own thoughts in the comments. Would you use a cellphone with a kill code?
Yes.
Added by the manufacturer == backdoored
Why not have a second PIN that opens a sanitized, but seemingly fully normal, home page? Missing a few critical apps, or having versions signed into a different account.
It would be *very* easy to have smartphones with adequate security from all sorts of perspectives. Secure key storage, secure storage, secure communications, secure boot, secure containers, secure remote management, secure (multiple factor) authentication, secure arbitration of what hardware can access what memory etc. The thing is: if your target audience is largely 15 year old girls, then you probably have commercial priorities elsewhere.
Religion is what happens when nature strikes and groupthink goes wrong.
Then someone hacks it and creates a lot of bricks.
Is there a standard way to backup everything on an Android or IOS device? That would be useful for this, back it up, format the phone, then download the profile over an encrypted connection at the destination.
I'll just avoid travelling to the US.
Put in a PIN code. Set the phone to wipe after 3 incorrect attempts.
When the phone goes to wipe itself, it just deletes the crypto key to the main storage, thereby rendering it completely scrambled in an instant. No need to lock out the Lightning port while this occurs, it happens too quickly.
Specialist Mac support for creative pros, Melbourne
The carrier can brick a cell phone remotely, at least those under contract. A friend recently had phone stolen. When he reported it stolen they offered to brick the device and he agreed.
People will accidentally wipe the phones.
There would be 10 legitimate use and 10,000,000 acciddental customers with lost data and liability claims.
I, as a phone / OS provider, would fight this feature.
I, as a phone user, would fight this feature.
Imagine a prankster or a drunk friend or a child getting your phone and trying this out.
The feds would be up in arms over such a thing. You don't want to help a terrorist destroy evidence, do you? How can the ICE/TSA agents do their job with such phones?
Well, you wipe your phone when trying to enter - it means that you have something to hide and should be detained and not allowed in.
Facebook and Apple already have backdoors for them. This is just a show of power and conditioning of sheep into giving up any notion of private data.
Just have a PIN that unmounts the SD card, or that unmounts a partition of the SD card, to make a 64GB card appear as a 32GB card.
Thanks for reading at 0/-1. I've had a few phones in the past that had
a feature where if you enter the wrong passcode a number of times,
it factory resets.However, features like that defeat the true purpose of a phone.
Phones are primarily meant to track you and provide evidence
against you, so deleting evidence that hasn't been uploaded to a
server defeats the purpose of giving you a phone in the first
place.
While refusing to unlock a phone might cause you some legal annoyance, actively deleting potential evidence might land you in significantly worse trouble.
If they ask to see my phone I should see theirs.
The most unsuspicious way would be to have the smartphone selfdestroy itself by shorting the battery or by executing code that overheats the CPU when the appropriate PIN code is entered. This is the reason why I always buy Samsung smartphones: nobody would blame me if "accidentally" it catches fire
Please ask yourself: would you remember a pin you set half-year ago and never used it? Although most people will not use it (thus why invest in development), those that know it, 90%(so I won't repeat "most") will forget the wipe PIN and would not rememeber it when needed. You have to be extremely well organised+great memory to be able to use it.
I have it already on my own phone; it's a requirement that I change my security settings so that the entire phone is factory reset if the passcode is entered incorrectly a set number of times. I also need to change my PIN regularly, and to register the device with a central authentication server; AND the internal and SD card storage are both encrypted. The requirements came from my desire not to have another work phone to access my NHS emails, but to use my own handset. Since the NHS are so cautious about any unauthorised person having access to patient information, it is entirely understandable. It's inconvenient having to change my PIN or passphrase with the regularity they demand, and when I get a new handset it's a pain to re-register my device - but convenience is always an enemy to security.
I've mentioned this every time smartphone PIN's are mentioned on Slashdot.
What manufacturers should have is a duress code. Eg "I'm being asked to unlock this device against my will", and the phone could be configured to either: erase all user data (leaving the apps installed, but all email, photos, browser cache, and app's data) or total destruction mode which tells the flash memory to self-destruct.
You'd want the former if say... you were visiting a country like North Korea (or crossing the US border from Canada or by Air,) who might arrest you depending on the content found on the device, even if you've done nothing wrong. The total destruction option would instead be for government/military/intelligence devices.
I don't have much on my phone anyway. Don't care to expose myself to technology mishaps. If you have such an issue with authorities finding information on your device. Then why are you using a smartphone in the first place? Buy a throwaway and stop storing stuff you don't want others to see. The other problem with a self destruct PIN is what happens if someone is able to activate that through some malware, attack or just a snafu through an update. Could be more trouble then its worth. Good for the super paranoid people I guess but not much else.
Has anyone tried it yet?
I need a new phone and I'm sick of Google and Apple, and Windows phones look.. not great.
Just design a phone with no internal memory. Swap in a dummy sim at airport. Swap back encrypted sim outside airport.
WMD app on Android, similar apps on other devices. Hand over your phone, leave customs, borrow another phone, send a text and it's wiped. Also most phone carriers give you a web based service account that also includes a remote wipe function. Corporate Cell phone access and management tools also include this capability.
I'm too lazy to compose a creative sig.
Availability of this feature would result in new regulations which make it illegal to nuke your phone when asked to hand it over to a border agent/law enforcement officer. Add something like 1 year in prison etc and the functionality is practically useless.
Just refrain from travelling to the US. This is not an issue in any other country.
But don't memorize it, before crossing the border, and send it to yourself securely on another device not in your possession. That way you can swear that you don't know it and cannot obtain it. It becomes something you neither know or have. State that this is your standard travel policy for safety reasons.
So you have your phone storage encrypted, which means it's quick to make it inaccessible by overwriting a few bytes to make the FS sparkly clean. You think you're good, right? Bad actor (US border, local mob) has nothing on you, right? Well... your action alone will get your fingers smashed with a hammer. Stop falling down the stairs, will ya?
You are in a foreign country.
Upload your data to a foreign server.
I recommend a one-time key for encryption.
Erase it from your phone.
Enter the U.S.A.
Retrieve the data. Erase it from server.
End of problem.
Avoids border hassles.
All perfectly legal.
18 USC 1503 : Federal Obstruction of Justice.
10 years in a Federal pound-you-in-the-ass prison.
Your new cellmate is named "Bubba".
Don't forget the data has not really gone. There is always a shadow, difficult to get at and needs very expensive equipment but its do able.
I can text a kill code from a trusted sender, e.g. my wife's cell. They turn on a siren, wipe, etc... https://www.avast.com/en-us/an...
I should put something clever here. Maybe someday.
... I would have bought a Galaxy 7.
Most people may not like having their phones perused, but they also don't mind terribly, and don't travel so often.
If you do mind, you already have two phones, one for home and one for traveling. That's a safer solution, even if you have to keep both updated.
The real problem will come when not having a Facebook account will make you lose your flight, marking you as a suspect element.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
Yep, I have a work phone and company laptop. Both of them could have commercially sensitive data on them. Our main competitor is a large american corporation. So next time I travel to the US I will be asking our IT security guy whether I should put a clean install on both devices before I leave.
I guess the final solution for laptop security will be thin clients with read-only boot devices that just connect to virtual desktops over an encrypted link. When you're travelling IT Security disable the link for a day. That way you have no access to sensitive data and no way of obtaining access.
Simply buy a Nokia 3310. You won't be putting any private data on it.
It's a feature available on my Sony Android phone and I have it enabled. The phone and SD are encrypted, and require a 2 factor authentication (combination and tether with my Sony SmartBand) to unlock. Everything on the phone is synced between a few cloud services, and restoring it is extremely simple - I've actually had the device killed once by accident and was back up and running within maybe 20 minutes or so and all I lost was a saved game from an app that kept its data private and therefore couldn't be backed up.
It's not only extremely feasible to have a kill code - as long as you're competent with how you synchronize and back up your device it's hardly inconvenient.
I've noticed a lot of people saying they want a security feature for their phones. This is actually quite easy. There are per user MDM services. They have many of the non discovery features people above are asking for. For example a destruction of the encryption on device in case of physical tampering with it being stored in the cloud. Security is available at about $50-100 / device / yr.
I can hear it now. Its a panicked call, from an air port. "Hello, my phone died. I was entering my pin and my phone went blank". "WHAT DO YOU MEAN I ERASED IT????? GET IT BACK". "I don't care about the security, my cards, travel itinerary EVERYTHING is gone".
Go ahead. Put politics aside and just imagine it. Its you Granddad or Sales manager. Oh god I need a drink now.
The real issue is that you are storing sensitive information on a device on which you don't have root.
If you don't have root then how could you trust your phone to keep that data safe in the first place?
Also, the sensitive info that authorities are after are your phone book, your call history and your photos.
The phone should be configured to not store those on the phone itself, either not store them at all to have them on a secure server somewhere.
"We mustn't be caught by surprise by our own advancing technology" -- Aldous Huxley
Anything designed for "war" can be hacked, or can accidentally go off. I'm happy with a reasonable level of security and a realistic understanding of the risks. Most phones provide the first and most users completely fail to get the second. Just give me a padlock that will keep out the vast majority of casual identity thieves.
Remember folks in the USA, you COULD then be charged with tampering with evidence or DESTROYING evidence if you use a kill code. A very slippery slope. Rather, you enter a code in that locks, the phone down, and the next time someone enters any other code than your rescind code, the phone wipes, that way YOU are not the one that wiped it, with L.E. did. However, I am sure they WILL still charge you with something as they will be P!ssed off!
It's a bit late for wiping data, when customs is demanding one enters the PIN. Sure, it's useful when exiting the plane but phones already have a reset screen and I doubt the cost of remembering another PIN (Phones already have a SIM PIN, desktop password, administration PIN) is worth the hassle.
Soon customs agents will be complaining that a person doesn't have a phone, has a phone that is 'too' clean, has a phone that contains too much Facebook/Twitter gossip, etc. In order to continue harassing people, the authorities will claim that everything is suspicious.
In the United States if a border agent asks for your cellphone and you wipe it right there, you've just broken the law. You can now be charged with an obstruction of justice charge. Now if you wipe your phone on the flight or before you're interacting with the border agent, then you've done nothing. But once they ask for it, any actions you do to delete the information on that device is illegal.
Most phones if connected to a admin server like Exchange or BBE will have a setting that force wipes the phone on a number of incorrect pin entry attempts.
"I've been wondering why phone manufacturers don't offer a second emergency pin that you can enter that wipes all private information on the phone?"
Are you not aware that destroying evidence (whether or not it is incriminating) is a crime? Once you have been confronted by a law enforcement officer in an official encounter, any steps you take to destroy evidence are per se illegal, as there is an automatic legal obligation to preserve evidence once you are officially involved in a state inquiry.
Building in this feature would be tantamount to providing tools of crime and would make the provider of such a feature a criminal accomplice to obstructing justice and tampering with evidence.
Total destruction seems excessive. If your phone is (properly) encrypted, a simple deletion of the key is sufficient. I think a WIPE (Witness Immunization from Procurement of Evidence) PIN would be a fabulous addition to both Android and iOS.
If nothing else, the existence of such a PIN would stop law enforcement from requesting/requiring your PIN, as they could receive the wrong one.
Is it just my observation, or are there way too many stupid people in the world?
For those worried about hackers remotely wiping your phone - such a mechanism already exists. If you mis-enter your pin X times, most phones will automatically lock or wipe as an anti-theft protection. If you're concerted about a hacker entering your wipe code, you should be more concerned about the same hacker entering 5/10/12 incorrect PINs and locking you out or using the iOS or Android Find My Phone functionality to remotely wipe the phone.
Is it just my observation, or are there way too many stupid people in the world?
This is proof of the value proposition for a new app. This is an app.
Someone should make it.
-EngrStudent
I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept. If I'm being forced to unlock my phone, I want to make it tough to disappear me, no matter what the circumstances are.
If you want, have it fire a user-defined script too, that way if you want to fry your crypto memory, have at it, or wipe your lastpass storage, or whatever.
Min
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
I suppose those who put their entire life online or on their phones might find the feature useful.
Since I don't have or keep anything of interest on mine, I probably wouldn't have any need for it.
Friends and family phone numbers, maybe the doctors office number and the bullshit email account I use.
No apps, no online banking, and I don't access anything that requires login credentials. They pull the cache they'll note I visit three or four news sites and Slashdot daily. That's pretty much it.
Reason ?
The border searches are a distraction to the fact they can pull your data anytime they want if you're actively using your phone. ( You've conveniently unlocked it for them )
Does this count?
You mean, like the Samsung phones?
Our sales reps take factory wiped burner phones and laptops with them when they go on trips to the USA...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
If the phone is already in the hands of the Trump regime's stormtroopers, it is already too late. Secure wipe everything before crossing borders.
Wouldn't it be better to start holding our governments accountable to us, the people who elected the leaders of said governments, and the people who ultimately pay all their salaries? Yeah, I know, corporations own the governments, you can't fight city hall, etc. But really, fuck this nonsense of either taking inconvenient, expensive, extraordinary, and unreliable countermeasures to protect ourselves from our own elected and paid for governments, or taking it up the a** from same! It's time to start organizing and fighting for change, the way civil rights activists did decades ago. Our civil rights are being violated, and it's time to politely but firmly say "No!" to sitting at the back of our own goddamned bus!
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
Our sales reps take factory wiped burner phones and laptops with them when they go on trips to the USA...
How long will it be before 'clean' devices like that will be sufficient cause for being denied entry? For the "nothing to hide, nothing to fear" crowd running things now, anything suggesting that you value your own privacy enough to take precautions, makes you at least an object of suspicion, and possibly even a criminal or a terrorist.
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
Didn't this company try things like this and we laughed them out of existence?
If you're worried about the border patrol, it seems pretty easy to know when you're approaching a border. You can just wipe the phone in advance using the built in feature to wipe the phone and return it to the factory settings.
The whole thing gets more complicated if we're assuming the police just start confiscating phones of random people without a warrant, but I'd imagine that would face a stronger 4th amendment challenge. And really, at that point, I don't think a kill switch would be good enough. I'd want manufacturers to rethink the whole security design, probably limiting the information stored on the phone in the first place.
The Nokia 3010 just came back on the market for $50. This sucker will have a battery life for MONTHS. If all you need is a phone and you travel and don't want the bad man looking at your email just carry a crappy phone that you don't mind losing and forward all your phone calls to that other number.
I'd love to see the look on the security person's face when they try to figure that device out. It'll be insanely hilarious.
Wheel of Time: Book by Book and Sumview (summary review) Bigdady92 style: http://bigdady92.blogspot.com/
I'm not an international spy, so I don't really need something so elaborate.
Waaay back in 2005 (if not earlier, I didn't have one before then), you could configure a blackberry with a duress code.
Blackberries were designed by very smart people who understood security.
Sadly, no one seems to care and the market shifted to "Ooh! Shiny!" a long time ago.
I think it would be great, especially if there is a possibility of invasion of privacy.
i wipe every time i cross a border , and also on regular occasion like a 3 month period or so , but google doesnt forget anything so i'll troll a bit but stay clear of death threats (even if sometimes it burns) and anything that could interest cops
Would you be more suspicious when traveling with out a cellphone?
Given all the issues regarding phone privacy at the border, i doubt i will be traveling with my cellphone any more. Will i no be more suspicious if i say i left my phone at home? will this be a reason for secondary screening?
"what do you mean you left your personal tracking device at home?"
the cellphone has become so invasive in our personal lives that now you are the odd person out when you dont have one with you.
With all the warrantless border searches happening, I wondered the same thing recently. Then I thought of another solution that would do the same thing. Something that is already built into smartphones.
I have my iphone set to wipe after 10 invalid attempts. So the next time I cross the border, I'm going to enter 9 invalid attempts before I arrive at the border crossing. If ask for my passcode, I'll supply an invalid code; bam it's wiped first try!
Is that this is needed in America.
By Americans.
We are Not making America great, we have made it a 3-rd world Dictatorship.
Oh, not Quite yet, but just wait for awhile; it will get worse long before it gets better.
That's going to take another administration, tho.
I didn't realize "Strongly Held Religious Beliefs" meant Torture and Hate; my bad.
The government would quickly make it illegal or find some current statute to charge you with and put you in jail.
Because I'd lose my Candy Crush high score.
Have gnu, will travel.
1. I don't use a smartphone, because they are proven time and time again to be easily exploited and compromised, even if you're careful
2. I wouldn't buy a smartphone, for the reasons stated in #1
3. If I found I had no choice but to own a smartphone, all Internet access would be disabled by intentional misconfigure of network settings (and NO, I don't care)
4. #1 through #3 having been said: If I was travelling internationally, I would NEVER bring my actual phone with me, I would get a cheap prepaid phone, put nothing at all on it, and if it was taken to be 'examined' by customs officials or law enforcement, I'd destroy the SIM card and throw the phone away immediately, and get a new one if necessary.
Seriously, folks, if you're going to travel internationally, leave your real phone at home and buy a cheap porepaid phone to take with you. Then the whole issue of having your privacy invaded and/or your phone compromised and/or your phone confiscated becomes moot. Would cost you all of $50 at most plus however many minutes you want to put on it.
Good luck with your fantasy.
For now I just fed ex or next day the phone in a package to where I am going, along with an encrypted USB Flash Drive
But there is code for remote locking of a phone in case the phone is stolen, could that code be tied to a specific log in ??
I may have nothing to hide personally, but I am sure there is some poor guy who has a picture of his SO he does not want published on the net
I was with you until you said it brings up a wiping screen. I doubt very much that the feds/TSA really give a crap that your last facebook post said you think Trump is an Ahole, otherwise they'd be detaining about 50% of everyone travelling, but the moment they see your phone is wiping itself they will assume you must have something to far more significant to hide.
A much better bet would be to have a removeable SD card and/or a password that silently logs in to a second environment which just has a bunch of bland work-related texts and emails and no social media accounts or anything else.
I can't believe there isn't already an app for this.
Physical wipes are worthless because they take way too long and expose users to liability WRT destruction of evidence.
What I would like to see are mobile computers sporting encrypted file systems designed for deniability. Availability of data depends on key(s) entered by users.
You could elect to enter a "duress" key that only reveals bullshit.
Or you could enter your normal key yet elect not to enter additional keys to reveal additional data. For example a work key that unlocks proprietary data related to a current project.
Everything would be designed for deniability. Without access to encryption key number and extent of encrypted volumes let alone data they contain would be totally indistinguishable from background.
The ideal system would be a computer that always boots from protected read-only volume without any field upgradable persistently stored firmware.
Upgrading core OS requires throwing an actual switch to make overwrite physically possible. A mode that concurrently restarts system if still running and physically disconnects all user storage.
Coupled with an encrypted filesystem you could safely reboot and reuse the same device for multiple purposes without having to ever worry about candy crush selling out your business secrets to the highest bidder even after candy crush has successfully completely rooted your device.
Structures like this would provide real security with real freedom not compromise both by relying on indefensible houses of cards like secureboot.
The problem with your plan is it would be obstruction. You are destroying information the government has requested you provide obstructing their investigation. If you wipe the phone prior to the government requesting it you've done nothing wrong.
If you're concerned about the government accessing your cell phone or computer while you cross the border, wipe it and restore it at your destination.
"Grab them by the pussy" -- President of the United States of America
Prey Project already offers this (https://www.preyproject.com/) and yes, of course you should have a kill code.
Don't you know language evolves?
That means idiomatic writing is completely arbitrary and I can say whatever I want and expect people to understand. :-P
Rather than having a PIN that erases everything, just make one that unlocks a totally different filesystem.
You've got 32 GB of space on your phone, so dedicate 8 GB of that to an alternate system (and make sure the phone doesn't say 32 GB on the outside) and when you give it the alternate PIN you log into the alternate setup that has no access whatsoever to the main setup. You can even install apps and stuff in this alternate setup, so it looks real but it only has the things you've deemed to be OK.
This wouldn't fool the FBI using forensic software on your phone, but it would stop the border patrol guy who wants to poke around your phone, as long as such things don't become common knowledge and he starts checking sizes vs. published specs and such.
You could even set up multiple PINs -- PIN #1 gives the main phone, #2 gives alternate setup #1, #3 gives alternate setup #2, #4 erases everything if entered three times in a row ...
I'm generally a law-abiding U.S. citizen and I wouldn't leave this country with my actual phone. The border issue is just one reason of many to not travel overseas with your primary phone.
Yes, yes I would.
I think a better alternative will be to do a full backup of my phone to some cloud service, public or private, and then factory reset it BEFORE hitting the border. That way, when they ask me to unlock my phone, and I respond, "The PIN is 1234, same as on my luggage," they can gawk at the nothingness of my phone. Settings and info can be restored a short while later.
My bigger issue will probably be with the fact that I don't have social media accounts. I'm not sure if the minimum wage shortbus types who seem to common at the border these days will be able to grasp the concept of "I used to have Facebook, but all I saw was Farmville, Mafia Wars, and morons posting pictures of every lunch they ever ate, so I tracked down the delete account link. That was about 8 years ago."
I'm leaning strongly towards not ever leaving Canada again. This has nothing do with Trump either, since this kind of shit dates well back into the Obama years and started even before that.
If you are not from the USA, then a wiped phone is pretty much an admission that they would have found something on it, and at very least you'll be denied admission and sent home. Worse, you would get a flag on your file and all other western countries will also scrutinize you when you cross their borders.
If you are a US citizen, all you're doing is guaranteeing the same treatment every time you (re)enter the country.
What is needed is a secondary password that opens an innocuous userid with minimal content on it. Someone pointed out "but then they could dump the phone's memory" - not if the two userid's were separately encrypted, each user's memory not decryptable without that user's password. This would also be ideal for people who wanted to, for example, let their kids use their phone (my nephew lets his kids play games on his phone) but don't want those others to do things like send from email or erase critical data. Basically, like multiple users on a PC, but sandboxed enough that it's impossible to determine what other users exist.
(I.e. user-manager won't admit another user exists unless you enter its correct password - "find other users"; "enter password for any other users"; "found (1) user with that password.")
Hi Pedant-Man!
Answer to original question
on android it wipes after 10 wrong attempts, BB10 the number is configurable so you can cut it down to, iirc, 3
The thing that annoys me is, all these suggestions about HOW to set up some kind of "Fool Proof" security system. "Oh, I'm only going to use a burner phone." "Oh, I'm going to set up a fake account." "Oh, I'll wipe my phone first."
No you won't. Most of us wouldn't. It's a hassle, you have no idea in advance what kind of security interrogation you might face, and it's aggravatingly inconvenient if you take all these preventive measures for nothing. I happen to think that the police, Border Services and all the rest actually count on us being too busy, distracted, and unwilling to spend time on the elaborate, 007 James Bond security techniques.
As a result they catch us unprepared, our flight is in 20 minutes, and we have to go to the bathroom. You wind up turning your phone over to The Man, after unlocking it. You grit your teeth, complain and do nothing.
If the Mission Impossible-style Self Destructing Phone was valued, it would exist already. And that's the truth. There's a market for hundreds of millions of phones annually, there's all the sales opportunity you could ever want for high tech security. Instead all the real (as opposed to fantasy) products and services concern breaking security on the limited security features that already exist.
A Cydia developer could make a fortune with this. Side note, it wouldn't surprise me if airports where doing more than charging your phone with those USB ports below the waiting seats.
I'm as vanilla as they come. Retired US Navy officer, don't speed, do drugs, or have any other bad habits. My worst bad habit is drinking too much Diet Pepsi. I cannot imagine that I would EVER need a cell phone, or a computer, or a tablet, with a "kill code".
But you can never imagine it happening until it does, at which time it's too late. Yes, I'd like for Android and iOS and Windows and *nix to offer operating systems with an option of a duress password that invokes a "super vanilla, bare-bones" experience. A smart phone that, if you enter the duress code, reverts to be just a "POTS"; "Plain Old Telephone System". (Better yet, emulate a Nokia with only a handful of basic contacts.) A laptop that, if the duress password is entered, boot into a functional-but-contains-nothing desktop with no network access to ANYTHING. A tablet that would erase the local memory and password list.
We'll never NEED this, of course.
Until we do.
http://nokiamuseum.info/nokia-... The main reason I'm hanging on to it is that it's on a grandfathered $100 per year plan from Virgin Mobile Canada. It's pre-paid, and unused balance carries over. I don't use it much. I try to do my few long-distance calls on it. Although the rates may look high, that's the only way I can use my accumulated balance.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
I already do.
See also: https://www.eff.org/deeplinks/2017/01/fear-materialized-border-agents-demand-social-media-data-americans
Between potentially invasive searches at borders and having had a phone stolen in a foreign country I'm taking the idea of wiping the phone before I leave and restoring more and more seriously. I use a password manager so they can ask all they want for my social media accounts... I don't have the first clue. Plus this has the added benefit of limiting the potential for malware or other problems from shady wifi!
I've been managing Exchange servers for way too many years. It's been since at least 2007 that the remote kill command has been enabled. I've used it quite a few times over the years to deal with C levels losing phones, C level hooker problems, or people getting divorced/splitting up and killing phones they no longer have physical access to.
https://technet.microsoft.com/en-us/library/aa998614(v=exchg.150).aspx
If you're worried about consumer devices at the border buy a burner phone for traveling. That way if someone does search it there's nothing on there. You can get your phone back when you get home.
Modern phones generally have full encryption using strong crypto. Destroying a random 256-bit key is a lot easier than wiping gigs of storage.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
create encrypted partitions and encrypted redactions on a phone - realize that the law says that you must unlock and allow the HS officer to look at and copy data from your phone, if there are hidden or encrypted partitions in the phone or redacted information - that would require an order from a judge to compel you to decrypt it.
$90 or less for a pay-as-you go phone with decent features. Seems more than worth the hassle and potential loss of phone.
Absolutely! But then I'm the kind of person who puts a layer of duct tape over the camera lens of my laptop.
Hell yes
I could be tempted to use a kill code with a cell phone. I think operatives of certain agencies have something like that.
Tracy Johnson
Old fashioned text games hosted below:
http://empire.openmpe.com/
BT
Code to kill it - 12345. Nobody would think of that.