Should Tanks Be More Like iPhones?
Borrowing an idea from Apple, one researcher argues that killing machines should get kill switches
When Iraq’s American-equipped army fled their posts in Mosul last June, they left that American equipment in the hands Islamic State of Iraq and Syria (ISIS), the attacking violent insurgent group. Since then, the U.S. Air Force destroyed some of the captured vehicles. Jonathan Zittrain, director of Harvard’s Berkman Center for Internet and Society, wonders if there’s a better way to stop stolen equipment from working. He proposes “kill switches,” like those found in iPhones, as a means for keeping American arms, given to allies, from working in the hands of enemies.
Here’s the key idea from Zittrain’s article:
Through email, Popular Science spoke with Zittrain about how these proposed killswitches could work, and what they would mean for arming allies in the future.
Popular Science: Cell phone kill switches work in a world filled with cellphone towers and internet connections–things that are rare on battlefields. I know you mention satellites, but what kinds of infrastructure do you think a kill switch would require?
Jonathan Zittrain: Some [military] hardware already relies on communications with a home base perhaps thousands of miles away. For example, remotely piloted drones. The technology used to securely direct drones might be usable for other instruments of war. Essentially, the more sophisticated and communications-based, such as relying upon military-grade GPS, the less of an incremental change a kill switch would represent.
**PS: **What kinds of military gear do you see as likely kill switch candidates?
**JZ: **Medium and heavy weaponry, including tanks, anti-aircraft missiles, helicopters, and jets.
**PS: **What safeguards could prevent an armed non-state actor from “jailbreaking” their killswitch-enabled MANPADS [Man Portable Air Defense Systems], tanks, or rifles?
JZ: No safeguard is foolproof, and physical possession of the gear in question is often thought of as “game over” from a hacking perspective. But if we see the problem in terms of time and effort to break the lock, rather than “can it ever be broken,” there may be useful ways of integrating this technology, especially when balanced against the costs of misuse of the weapons should they be completely unsecured. (Right now we might depend on such things as batteries that naturally expire and are hard to replace, or other maintenance that an adversary won’t be in a position to do.)
Steven Bellovin at Columbia has done a lot of thinking about this problem for nuclear weapons, which need to be hardened against use should they fall into someone’s wrongful possession. He’s written up his thoughts here.
One could also imagine an expiration date requiring renewal with a code or signal, so that no adversary could hack the switch itself and render the weapon useless even if it hadn’t been stolen. At most the hacker could allow the weapon to continue operating past its due date.
Iraqi Army Patrolling Mosul, 2008
**PS: **Many small arms in current use are decades old if not older. Would you support retroactively adding kill switches to these before distribution, or are kill switches more for advanced equipment?
**JZ: **I see them as more useful for more advanced equipment. With the world awash in small arms, it seems harder to make a dent in that supply.
**PS: **With kill switch-equipped weapons, do you think the United States or others would be more likely to arm friendly non-state actors?
JZ: This is a distinct possibility, and could mean that kill switches would, as a second-order effect, lead to more arms being sold or given to parties. If the worst uses can be foreclosed — or we convince ourselves that they are — it changes the downside risk of providing the arms to begin with.
**PS: **Kill switches come with a major trust issue. While America might promise killswitchable weapons to an allied army so that an insurgent can’t use them, what assurance would the ally have that the kill switch wouldn’t leave them vulnerable?
JZ: That assurance may already be in question. Any secret kill switches already in use would presumably be used rarely in order not to eliminate that trust. Here, stated up front, a recipient knows the conditions by which the arms are transferred. The easy case is the recipient possessing the kill switch; the more difficult is the providing country having it; the most radical would be for the UN Security Council or some other group to have to come to consensus to trigger the switch.