Court orders carriers to remotely brick phones that have been smuggled into prisons

Originally published at: https://boingboing.net/2018/07/24/told-you-so.html

…

[Insert joke concerning cellphones hidden in the body cavity here]

Thus causing someone to “shit a brick”.

And how is this not theft?

I take the point about mission creep, but smuggled cell phones really are a problem: I narrowly missed being on a 7-week trial for a member of a Richmond, CA gang who (allegedly) ordered a hit via a smuggled cellphone. I am to understand that pretty much nothing in the case would have happened without a smuggled cellphone, since a lot of the activity happened in real time related to stuff going on in the outside.

It actually was kind of an interesting case – and refreshing, in retrospect – the jury found the guy innocent of the attempted murder, although dinged the guy for a couple of lesser gang-association charges. Nice to know some crimes, when they get to the jury, really can be dealt with some nuance.

are they actually making the phones unusable by destroying some part of the firmware or are they simply blocking the imei on their network?

because blocking the imei on their network seems like a perfectly sane solution since they are forbidden from using cellphone jammers

ps. meanwhile you are right we should focus on the insane profiteering for prison phone calls - they should be logged and monitored with time limitations of course but 100% free as a human right

For good or for ill, convicts have very few legal rights regarding private property in prison.

The only way I see the phone owners exercising legal recourse is if (when?) innocent bystanders’ phones start getting bricked by mistake.

I was wondering about this too; like there’s phones already being made to smuggle, surely they would just not build the kill switch in. And if it’s at a SIM card level then that really doesn’t help with the thefts.

I’m all for it. How is this even a problem?

I can think of a couple ways…

• It demonstrates that telcos can remotely brick phones for any reason, not just for the reasons it was ostensibly implemented. People legitimately fear it will next be used on political dissidents and whistleblowers.

• when prison phones are able to be located, it is not necessary to brick a phone in order to prevent it from being used to make or receive calls. Since the location of all mobile phones is always known (that’s required in order for them to work) their communications can be limited without bricking them. This is like you find your kid drinking soda after bedtime, and instead of simply removing access to the soda, you choose to crush the glass in a vise.

• if bricking is permanent sanctioned phones cannot be reactivated in an emergency (such as a prison revolt or whatever) and all mistakes are permanent, and if criminals find a way to activate the feature, you have no recourse.

So it’s a solution that has unnecessary baggage, and there are other solutions that have fewer risks. For example the telcos could just route all calls originating in the prison to the prison’s administration, and that way legit calls could be identified and permitted.

I’d be curious to know if this actually employed the anti-theft bricking; or the simple fact that a cellphone the Telco won’t talk to is substantially less useful as a phone.

Either implementation has many of the same scope-creep properties (indeed, for pesky demonstration purposes the latter might actually be much more useful: no need to colllect a bunch of IMEIs and go through vendor-specific bricking channels when you can just black out and/or stingray-to-hell-and-back the protest site); but the latter has been built into the system since the very earliest days that the network was able to authenticate you for billing purposes(definitely oldest-school GSM; not sure about some of the antideluvian analog radio trunking arrangements); and relies on no properties of the handset except general lack of l33t mesh fallback capability or something.

Mandatory device killswitches have their own downsides (most notably, the requirement that a robust anti-theft Killswitch be available would seem to be a requirement that an element of the phone, at least sufficient to kill it, be kept out of its owner’s control; which would definitely not go badly); but this case seems much more likely to have just involved some SIMs and/or IMEIs getting burned; since anti-theft Killswitch mechanisms would be more trouble and no obvious advantage).

Unfortunately, from the perspective of being concerned about potential abuse, while these properties feel less sinister(since they don’t involve a state mandated treacherous computing module); they are much trickier, potentially intractable, to evade.

Get a handset that doesn’t care about California law, or has a flaw that can be used to make it so? Probably not an issue if you are willing to shop around a bit. Get a handset that isn’t a very handy RF tracking beacon that is vulnerable to a number of techniques that work against essentially anything compliant with the relevant standards; and which doesn’t become a whole lot more isolated and less useful if the big, robust, expensive infrastructure stops taking its calls? Somewhere between ‘much trickier’ and ‘probably not possible’.

Alternatively, can’t certain cell towers, that localize a signal as being inside the prison, block all IMEIs (not on a whitelist), stolen or not, from being recognized? Surely there are a lot of non-stolen phones being smuggled in. (The whitelist would, presumably, be the prison employees phones.)

Almost all prisons (except those in urban centers) are located on ample reservations of land and have at least 300m from the wall to the nearest habitation.

Sure, but there’s already the incentive to corrupt the system. This raises the difficulty.

Not sure who is doing all this suing, being that its going to be prison employees in the parking lot.

Whose side are you on anyway? This is gold.

There’s a huge advantage to bricking the phones instead of the SIM cards. Smuggling a phone is risky and difficult because of the physical size of the devices (the existence of the “Beat the BOSS” condom-sized phones shows how important size is.) Smuggling a SIM card can be done with nothing more than a careful application of fingernail polish, so replacing a bricked SIM card represents no challenge.

Brick a phone once, or brick a different SIM card every day - which makes more sense?

Geolocation of phones isn’t precise enough to positively place the phones inside the yard. Reflections, signal attenuation, and other interference means that most phones can be located only to somewhere within an area a few hundred meters wide - the margin of error may be larger than the prison’s real estate. The wireless providers would constantly be sued for wrongly blocking calls made from the prison parking lot, the street outside, from the gas station next door, or wherever. And any whitelist is an invitation to smugglers to corrupt the system to smuggle “unblockable” phones into the prison.

Having a judge sign a court order to brick the offending phones absolves the wireless company of all blame. They’re happy to abdicate the responsibility to someone else.

Neither, really; when you can blacklist the IMEI. Requires almost no cooperation from the handset(if the handset merrily spoofs IMEIs that wouldbe a problem; and by no means impossible; but heavily frowned upon basically everywhere; and by most telcos and baseband/SoC vendors, so much less likely than 'merrily ignores California anti-theft killswitch law); renders it similarly useless as a phone (unlike the ‘just sold overseas where they don’t use our blacklists’ problem that makes this a tepid anti-theft mechanism; you only need the cooperation of carriers with signal coverage of the prison); and gives you the interesting opportunity to continue observing it to see if, and which, SIMs various optimists my try using to get it to work.

Burning SIMs is whack-a-mole; but IMEIs are a bit less ephemeral.

Smuggled cellphones are also a crucial lifeline for incarcerated activists fighting against prison slavery and brutality.

I suspect that they aren’t carefully sorting and forwarding genuine calls to mom; but it would be deeply unsurprising if some prisons have healthier stingray populations than most marine preserves. The FCC has taken a dim view of straight, brute-force, jamming; but clearly doesn’t care about the more discrete stuff; and a building full of people who aren’t supposed to have cellphones, some of them suspected of conversing with their criminal associates, seems far too juicy to pass up.

Naturally, any results with be the work of ‘a confidential informant’; keeping it all neatly unverifiable.

It’s what authority does. If they don’t brick it, its on a stingray anyhow.

We won our independence from tyranny, without cell phones.

What was the lifeline -before- cell phones, and was it more, or less, effective?

Officially permitted calls and visits, smuggled letters.

Regrettably:

1. Permitted contact is already sharply limited by both overt restriction and financial exploitation. Geographic factors also cause harm; urban prisoners are increasingly incarcerated in isolated rural prisons.

2. Prison authorities routinely respond to activism by cutting off contact with the external world. Most prison strikes are barely reported, and prisoner advocacy networks are routinely filled with alerts along the lines of “Joe X is one of our guys in prison Y, he’s been in lockdown for three weeks and we have no idea if he’s still alive”.

Probably less; letters are a very slow means of conducting a detailed conversation.

Prison brutality and slavery is not a new thing, although the scale and industrialisation of it is. US prisoners have been de facto slaves ever since the Civil War, but it’s only now that prisoner numbers are back up to levels comparable to antebellum slavery.