Microsoft details Windows Phone 7 kill switch
By Stewart Mitchell
Posted on 3 Nov 2010 at 11:43
Microsoft has outlined how it might use the little publicised “kill switch” in Windows Phone 7 handsets.
A kill switch is a tool that allows software controllers to remove certain apps or software from handsets if they pose a security or privacy risk, such as a Trojan planted in an app.
Apple's iPhone and Google's Android phone software also have kill switches built-in to cover the evetuality that they need to remove malware, or even just apps that break guidelines, but talk of a kill switch on Windows Phone 7 handsets has been muted since the platform launched last month.
“We don't really talk about it publicly because the focus is on testing of apps to make sure they're okay, but in the rare event that we need to, we have the tools to take action,” said Todd Biggs, director of product management for Windows Phone Marketplace.
ReviewWindows Phone 7
“Market Place is a complex operation and we need to have the capability for dealing with different situations.”
According to Biggs, Microsoft's strict testing of apps when they are submitted for inclusion in Marketplace should minimise kill switch use, but he explained how the company would react if an application was deemed unsafe once it had been approved.
“If in the Marketplace an app does get through and goes rogue there are a couple of things we can do about it, depending on what it was,” he said.
“We could unpublish it from the catalogue so that it was no longer available, but if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could.”
Rather than pushing out an instant zap the kill switch would be activated when handsets “checked in” with Marketplace as part of routine maintenance.
“From a high-level perspective, phones check in to see if there are any downloads or updates available and it will also check if there are any apps that shouldn't be on there,” he said. “There might be instances where we would remove the app.”
Microsoft was reluctant to give examples of situations that would warrant app deletion, but agreed privacy and security concerns would be on the list.
I'd like to see this kind of thing declared illegal under the Computers Misuse act.
It should be classified as a criminal offense to remove or modify content on a handset without the user's consent.
companies should be prohibitted from removing or modifying the content of a user's handset, and prohibitted from forcing them to accept a removal clause in an contract or agrrement.
Instead companies should be forced to issue an alert to the user, and then allow the user to choose whether to remove the app, or not.
Remote app killing is almost certain to be abused. In fact I'm alarmed at the idea that a handset provider even knowing what apps you have on your handset. Suppose that you downloaded an app that finds gay bars in a specific city, or one that recorded your fertility cycle, or one that reminded you to take meds for a mental illness. That's far too much information for Microsoft to have access to.
Consumers need protecting form this kind of intrusion, and companies should be stopped from making it mandatory on device ownership.
By Perfectblue97 on 3 Nov 2010
How would it look if hackers managed figure out wow to use the kill switch in a virus.They could wipe apps off the phone at will.
By Jaberwocky on 3 Nov 2010
I totally agree with you but they all do it these days. Well possibly Android doesn't but I know Apple does
By TimoGunt on 3 Nov 2010
At the very least the option to turn the kill switch off.
anyone else get that feeling of loosing control?
By SimonCorlett on 3 Nov 2010
Android has used its kill switch
By james016 on 3 Nov 2010
So far, these kill switches have been used only for truly bad apps - the Android case. Apple have positively not used it for apps that clearly violate all sorts of contractual terms (like the apps that set up wifi hotspots to "share" your 3G connection - they were pulled from store, but not killed), so we can expect that they will be used wisely.
By MJ2010 on 3 Nov 2010
It would be good if Apple et al actually made their checking processes more useful to avoid these sorts of apps getting through in the first place. Anecdotal evidence suggests it can be hard to get an app through, but there has been an app in the top 25 for at least 2 weeks which has hundreds of unanimous reviews that it is fraudulent and does not do what it claims, and yet it's still there raking in cash. (Although why people are still buying it is beyond me.)
By halsteadk on 3 Nov 2010
Completely agree and this should be investigated by the ICO, though considering how they dealt with Google lately, I don't hold much hope.
By mviracca on 3 Nov 2010
Since I have not doubt that the majority of software apps including those with potential Malware included must be licensed and developers jump through MS hoops to get on a phone, it would be reasonable to assume that MS benefits financially from third party apps.
Why then should MS be allowed to indiscriminately remove apps from a phone without either owner/user approval or a refund of the cost of app to the user. Not to mention if such an app managed to tank the device forcing the user to replace the device.
Is this a fraudulent method of aquiring money. In essence all MS has to do is create a demand for an App then subsequently retire it in order to fill it's coffers with extra money.
By j_woolliscroft on 4 Nov 2010
Well there is of course one option open to all, don't buy or use these phones. When the manufacturer see that there phone is not selling and becomes aware of the reason for it, then surely, they will do something to rectify it or maybe I'm just thinking that stupidity outweighs greed? After all, no sales hits profits!!!
I do not believe that this is something that any manufacturer can reasonably be expected to be unbiased about, you upset them and bam, your app suddenly becomes unwanted and removed from use.......
By hawg_wild on 4 Nov 2010
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- How to write your company's IT security policy
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords