Android thieves beware: Google readies kill switch to remote-brick lost devices

A new brick function could provide a more thorough remote wipe than is currently possible on Android.
Written by Liam Tung, Contributing Writer

The new brick command appears to allow Android phone manufacturers to enable a brick function in some future release.

Image: Google

Instead of just being able to wipe data remotely if someone steals your phone, it may soon be possible to brick the device completely.

The new brick command was merged into the Android Open Source Project (AOSP) on Friday, and appears to allow Android phone manufacturers to enable a brick function in some future release.

"When recovery starts with --brick, it tries to brick the device by securely wiping all the partitions as listed in /etc/recovery.brick," the AOSP change states, adding that it is designed to support bricking lost devices.

Android Police, which first reported the function, notes this feature would be a "nuclear" wipe option since it would also erase the recovery, boot, and bootloader, making it practically impossible to recover, at least when the owner doesn't have possession of it.

What's not yet clear is how device makers would enable a simple recovery tool for when owners have stolen devices back in their hands.

Device makers would determine which partitions, including an external SD card, can be included in the brick function.

Of course, consumers can remote-wipe their devices today using Android Device Manager, which runs a factory reset and wipes media files and photos from the device, but not necessarily everything stored on the SD card.

The function would add another layer to Android's theft-deterrence features, such as Device Protection, which Google introduced amid calls by US legislators for a mandatory kill switch on smartphones.

The feature arrived in Android 5.1 and is only enabled on devices set up with a lockscreen PIN. Once enabled, Device Protection prevents the device from being setup even after a factory reset, rendering it useless unless the person knows the lockscreen PIN or the Google credentials linked to the device before it was reset.

It's uncertain whether Google will make remote-bricking a feature for consumers, but it could be useful for BYOD and enterprise devices that are enrolled with a mobile device-management platform, or MDM.

Read more on Google Android

Editorial standards