Difference between revisions of "1934: Phone Security"

Explain xkcd: It's 'cause you're dumb.
Jump to: navigation, search
(Explanation: Note that all of these security measures, except for the remote detonation, could theoretically be done by a security app on a phone, although the fake factory reset and most of what follows would probably be rather difficult.)
(Explanation: The problem with detonation is not the possibility of manslaughter against the thief, but the risk of having a mortal accident of the owner.)
Line 17: Line 17:
  
 
If phone is stolen it may be:   
 
If phone is stolen it may be:   
* '''Tracked''': This would be reasonable, as it would allow the police to catch the perpetrator and return your phone.   
+
* '''Tracked''': That would allow the police to catch the perpetrator and return your phone.   
* '''Erased''': This would also be reasonable, as it would prevent any sensitive data from being taken by a thief.   
+
* '''Erased''': That would prevent any sensitive data from being taken by a thief.   
* '''Detonated''': This would be less reasonable, as it would likely harm the thief, possibly severely depending on how the phone was detonated.
+
* '''Detonated''': That would likely harm the thief, possibly severely depending on how the phone was detonated. The main problem with this approach (ignoring the possibility of manslaughter), is that if the phone has the required chemical substances to detonate, is not impossible that, by accident or glitch, the phone could detonate on its own, possibly hurting or killing the rightful owner.
  
 
'''If the phone is stolen, play an earsplitting siren until the battery dies or is removed''': This would be to draw attention to the thief, and discourage them from stealing future phones.   
 
'''If the phone is stolen, play an earsplitting siren until the battery dies or is removed''': This would be to draw attention to the thief, and discourage them from stealing future phones.   

Revision as of 22:27, 27 December 2017

Phone Security
...wait until they type in payment information, then use it to order yourself a replacement phone.
Title text: ...wait until they type in payment information, then use it to order yourself a replacement phone.

Explanation

Ambox notice.png This explanation may be incomplete or incorrect: Do NOT delete this tag too soon.
If you can address this issue, please edit the page! Thanks.

This comic pokes fun at various phone security measures. At first, it covers some real measures, and then continues on to measures that are clearly somewhat overzealous or otherwise humorous. It is worth noting that all of the options are turned ON in the screen shown, so apparently the owner must be very afraid that their phone is going to be stolen, or just wants to see what will happen. These may be options that would appear on the XKCD Phone, but that is not mentioned specifically, and this comic does not appear to be directly linked.

The first two options: Set Passcode to Unlock, and Erase phone after 10 failed unlock attempts are both real security measures found on most phones. The additional options:

If phone is stolen it may be:

  • Tracked: That would allow the police to catch the perpetrator and return your phone.
  • Erased: That would prevent any sensitive data from being taken by a thief.
  • Detonated: That would likely harm the thief, possibly severely depending on how the phone was detonated. The main problem with this approach (ignoring the possibility of manslaughter), is that if the phone has the required chemical substances to detonate, is not impossible that, by accident or glitch, the phone could detonate on its own, possibly hurting or killing the rightful owner.

If the phone is stolen, play an earsplitting siren until the battery dies or is removed: This would be to draw attention to the thief, and discourage them from stealing future phones.

If the phone is stolen, do a fake factory reset. Then, in the background... :This series of options is all humorous, indicating that the phone would allow the thief to think that it had factory reset, but the phone would, in fact, not do so, and would instead foil the thief by doing various horrible things to them.

  • Constantly Request Dozens of Simultaneous Rideshares to the Phone's Location: This would cause tons of "rides" to show up at the stolen phone, leaving a lot of annoyed ridesharers, and possibly alerting the police to the thief's location.
  • Automatically order food to the Phone's location from every delivery place within 20 miles: This would be similar to the ridesharing issue, except it would be implied that the thief would be on the hook to pay for all of that delivered food. This could also lead the police to the thief.
  • If the thief logs into Facebook, send hostile messages to all their family members: This has now deviated from things that could even possibly be useful, and is now just getting revenge on the thief, or potentially the person that the thief sells the phone to.
  • Automatically direct self driving car to drive toward the phone's location at 5mph: This would cause a self driving car to slowly follow the thief. This could absolutely catch the thief, but would also just be really, really creepy. This is similar to the plot of the movie "It Follows".
  • Take photos of random objects at the thief's address and post them as "Free" on Craigslist or NextDoor: Craigslist and NextDoor are sites that allow people to post advertisements for various things. Posting a large number of things for free would cause a lot of people to show up at the thief's residence (though it is not noted how the phone would know where the thief resides) requesting the free things, or, more humorously, if the thief was not home, people may just come by and take things, causing them to steal from the thief. This would be a humorous form of poetic justice.

The title text extends the last category with: Wait until they type in payment information, then use it to order yourself a new phone. This would be the ultimate in poetic justice, as it would basically say that the user does not care if their phone gets stolen, because the thief will end up unintentionally buying them a new one. If the thief were to complain about this, they would have to admit that they had stolen the first phone in order to do so, which they would be disinclined to do.

Note that all of these security measures, except for the remote detonation, could theoretically be done by a security app on a typical smartphone, although the fake factory reset and most (if not all) of what follows would probably be rather difficult to program.

Transcript

Ambox notice.png This transcript is incomplete. Please help editing it! Thanks.
[The content of a configuration screen on a smartphone is shown. All items listed are activated as indicated by green switches.]
Security Options
  • Passcode to unlock (Set Code)
  • Erase phone after ten failed unlock attempts
If stolen, phone can be remotely
  • Tracked
  • Erased
  • Detonated
  • If phone is stolen, erase data and play an earsplitting siren until the battery dies or is removed
If phone is stolen, do a fake factory reset. Then, in the background...
  • ...constantly request dozens of simultaneous rideshares to the phone's location
  • ...automatically order food to phone's location from every delivery place within 20 miles
  • ...if thief logs in to Facebook, send hostile messages to all their family members
  • ...automatically direct self-driving car to drive toward phone's location at 5 mph
  • ...take photos of random objects at the thief's address and post them as "free" on Craigslist and Nextdoor


comment.png add a comment! ⋅ comment.png add a topic (use sparingly)! ⋅ Icons-mini-action refresh blue.gif refresh comments!

Discussion

"Detonated" ah, so this is the feature that Samsung was prototyping last year... Andyd273 (talk) 15:39, 27 December 2017 (UTC)

Ha! Yes, it's too bad their phones kept mistakenly registering as being stolen... stupid bugs. 172.69.70.107 17:28, 27 December 2017 (UTC) Sam
Back in the day if a hacker really hated you, you'd come back to your computer and see smoke pouring out of the CPU. I bet there's some way to detonate a phone in software by overheating the battery, but I imagine it could be different for every phone/battery combination. 108.162.219.64 (talk) (please sign your comments with ~~~~)
Already done. http://www.zdnet.com/article/this-crypto-mining-android-malware-is-so-demanding-it-burst-a-smartphone/ Silverpie (talk) 23:09, 28 December 2017 (UTC)

Someone needs to make a jailbreak that does as much of this as possible, especially the ridesharing and siren 😂 PotatoGod (talk) 15:52, 27 December 2017 (UTC)

there was or is at least one house in the U.S. that was reported, apparently inaccurately, as the location of an extraordinary number of stolen cell phones. Presumably that house would suffer all of the pranks that this phone security performs. As for payment details - someone who stole a phone may have also stolen banking cards, so, the account number that you steal back may belong to another innocent victim. It's just a joke of course, but, saying. 162.158.111.235 22:02, 27 December 2017 (UTC)

Made a account just to ask this - why is the post still considered incomplete? It looks complete to me. Donutman (talk) 13:59, 28 December 2017 (UTC)

Because I added the core explanation, but many improvements have been made since then (bullet points, bolding, transcript). Also, the siren would be insanely easy to do, as would an automated "send the GPS location to the police" among other things. Kashim (talk) 14:15, 28 December 2017 (UTC)
I've removed the tag right now after I added that the phone would have to sense that it is stolen. There is no sensor to detect this. --Dgbrt (talk) 19:46, 28 December 2017 (UTC)
Bluetooth. With paired device on owner, the phone can detect if it was moved from owner. -- Hkmaly (talk) 01:19, 29 December 2017 (UTC)
No good. Firstly, no phone (that I know of) comes with such a device, which I would guess would be called a dongle. Secondly, if they did it wouldn't take long for thieves to realize they have to get the dongle, too. Thirdly, that would mean the owner could never put down their phone, like at home or at work - I've heard of a few workplaces which are high security and don't allow cell phones, so they have to be left in the car or in a locker near the entrance - unless they remember to put down the device too (which would largely defeat the purpose of such a device). And the first time they forget and the phone identified itself as stolen would be enough to convince the rightful owner that this system doesn't work. Fourthly, anything wireless must work by battery. When that battery dies, either the phone would trigger as being stolen, or it would have to detect the battery dying to not go off, in which case you're vulnerable to theft until you charge the ownership dongle. NiceGuy1 (talk) 09:36, 29 December 2017 (UTC)
All points you raised are real, but don't make it impossible. Sure, it would be bad idea to detonate or something like that when the dongle gets out of range, but it can be used to start making noise (the siren option). For the other countermeasures, the phone should detect being stolen by incorrect password being entered repeatedly. -- Hkmaly (talk) 23:36, 29 December 2017 (UTC)
Just to follow this up, for most of the countermeasures, it seems relatively clear that the phone would consider itself stolen when somebody tries to wipe it or enters the wrong password too many times. The owner would have some secret wiping procedure that performs a legitimate wipe, and when the phone is wiped using a normal procedure it considers itself stolen and engages all its countermeasures. 108.162.212.107 19:08, 30 December 2017 (UTC)
You didn't need an account to write a comment - any commenter name that's an IP address is such a guest commentor. I posted many before I created an account. :) NiceGuy1 (talk) 09:36, 29 December 2017 (UTC)

I first thought "erase phone" meant "erase physically", but "detonate" makes that somewhat redundant. 141.101.105.240 11:54, 29 December 2017 (UTC)

Hahaha!!! Waiting for the iOS update with all these features... Herobrine (talk) 13:45, 18 March 2018 (UTC)