[ale] A response to Apple v DoJ

Jim Kinney jim.kinney at gmail.com
Thu Feb 25 11:19:13 EST 2016


On Thu, 2016-02-25 at 10:38 -0500, DJ-Pfulio wrote:
> On 02/25/2016 08:02 AM, Jim Kinney wrote:
> > We need a dead man switch app. After X days/hours/time of disuse,
> > the app wipes
> > the user content with a secure wipe. 
> 
> Sounds good, until ...
> 
> Once I was going on an overseas trip for 2+ weeks and in a big hurry.
> I was
> on-time, but some things happened due to another person which were
> out of my
> control and I was late getting to the airport at 5:30am. Still dark
> outside.
> Left my N800 on the passenger seat as I hurried to get my bags to the
> shuttle.
> All the trip info was in that device. Mainly hotels, but contacts,
> etc ...
> inside the airport, it became clear that I'd left it somewhere - knew
> I had it
> in the car because I'd used the GPS, but it wasn't in my carry-on.
> Could have
> been on the car roof for all I knew.
Ouch! A dead man switch will only make it so your data is gone and the
new owner can't impersonate you. 
> Finding the hotel was fun. I didn't make the reservations and Hong Kong is a big
> place.
> ---
> A few years later, traveling with a buddy, he had 2 unlocked, smartphones,
> stolen. First he didn't feel a thing and didn't notice it for at least an hour.
>  2nd was stolen the next day while sitting **inside** a restaurant.  Tracked
> both of those phones - Central Africa and Indonesia - so no way to blacklist
> those phones from the networks.
> 
> We spend the next 8 hrs canceling credit cards, changing account passwords,
> calling bank fraud departments in the USA and filing police reports.
> ---
> 
> So ... what this taught me.
> 
> a) always carry paper with critical details on it. Contacts, hotels, CC banks,
> insurance, flights, embassy addresses
> 
> b) always encrypt any portable devices. The hassle of decryption for thieves
> means your data AND contacts
> 
> I'm more inclined to have a hidden app on the device that if not disabled within
> 2 minutes of unlock, wipes the device. Is that a dead man switch?
> 

Yes! That would be even better. That would allow for the device to
"phone home" before it bricks. Gives notice you lost control. Might be
a way to respond with a pause code or no response means to go into loud
scream mode, etc. Is it legal to make a phone case out of C4? :-)
> Gotta wonder how many people have full, complete, encrypted, backups of their
> smart-phones?  Mine is over 3 months old (I use adb).
> 

And backups defeat the purpose of the dead man switch. It's really a
catch-22 situation. You would need a secret backup with it's own dead
man switch. Miss one scheduled backup time and the clock starts
ticking. Make the backups from the phone manual.
Hmm. Lots of possibilities for this. You are in a large room with many
passages....
-- 
James P. Kinney III

Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain

http://heretothereideas.blogspot.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160225/3a27cecd/attachment.html>


More information about the Ale mailing list