| >* The hard reset definition is sort of dumb. When a device leaves the factory, it obviously doesn't have any knowledge of whom its proper owner is. A hard reset, by definition, has to nullify any owner-verification system and no technological solution can withstand it. The way that I'm reading this, a limit to what a "hard reset" can be is being set by (1). It's saying: Any process that you have in order to return a phone to factory condition must not remove the ability for it to be remotely bricked by the State of California. It's labeling whatever that process is as a "hard reset" but they only care about the we can still brick the phone part. That is the diametric opposite of (2), though. Unless the "disabling of the technological solution" is expected to be through software. In order to enforce (1) and (2), California is going to have to: a) Start certifying operating systems, and approving of their solutions for the remote bricking disabler. and b) Implement the remote bricker in hardware. This is actually a really scary bill. edit: The "rightful owner" requirement could be interpreted as really hard to satisfy, especially combined with an inability for the "retail seller" to do it. That may mean that you have to get a code, connect to the manufacturer's server, etc. to get the app to disable the bricking chip unlocked or downloaded, and the additional security theater that would entail - and the bitrot that would happen for older model phones when you had to download it (after a "hard reset") and the manufacturer is either defunct or doesn't care anymore. This bill has too many goodies for too many entrenched interests not to pass. edit2: "Rightful owner" is really creeping me out. That might be seen as insuring that the State must be the one with the killswitch. Who can determine a rightful owner? It could be that you are the one who knows the PIN, or it could be that you file a police report, and they kill the phone from the station. |