There was an error in this gadget

Tuesday, July 28, 2015

What good is your mobile device if you don't use it?


For many years, Apple has claimed (quoting third party research such as this recent one) that, while they have a much smaller market share in devices in peoples' hands, the vast majority of usage comes from their devices.  As Clammr now reports, that usage gap extends to podcasts as well.  I find it interesting (and telling) that the other mobile operating systems don't even appear on the report - Windows, Ubuntu, Simbian, Blackberry.

So, if it is true that internet browsing, on-device purchases, and now podcast consumption are completely dominated by the smaller market (relative to Android) of Apple i-device owners, that begs the question, what are all those non-Apple device owners doing with their devices?  From my extensive user survey (conducted completely in my head of over 2,000 imaginary people), I have gathered the top 10 uses for non-Apple devices:

10.  To finally fill that last HDMI port on your TV (non-Apple TV).
 9.  Taking photos.
 8.  Accessing the Google Play or Windows App stores.  Just for browsing.
 7.  As a burner phone for a spy or criminal.
 6.  A flashlight, to light your way when times are dark.
 5.  A toothpick.  What?  You can't do that?  Innovation, time to invent!
 4.  To replace the GPS navigator that doesn't update its maps.
 3.  It looks so sporty (and non-Apple) on my hip / cheek / purse / car holder.
 2.  There's something else you can do with it?  How much does it cost?  $1?  Forget it.

And number 1?  Phone calls and text messages.

Monday, July 27, 2015

Major Android Security Flaw Allows Hackers to Take Control Without You Even Knowing

As reported today by National Public Radio, all a hacker needs is your phone number, and they have complete control of your device.  What the article doesn't make clear, is whether this only applies to phones, or tablets as well (assuming tablets can get text messages).

The way the exploit works takes advantage of the ability to secure videos using what is called a Coder/Decoder (CODEC) routine.  This is a bit of computer software that provides a way to encrypt and decrypt the video, so that video producers can secure their own content.  However, a CODEC is simply a bit of software that frankly can do anything.  Because the video the thief texts you specifies the CODEC it needs, as the video is received by the device, the CODEC is downloaded and installed as well - this all without any security checks, and without asking the user. The fact that Android allows any CODEC, gives it full access to the entire device environment, and does this in the background without your authorization or even your interaction, I find to be absolutely unacceptable.
I've said it before, and again, and again, and again, and again...Android is an inherently insecure mobile OS, because security is an afterthought, and wasn't built into it by design, at its core, like it was in iOS.  If that isn't bad enough, to make matters much worse, the Android ecosphere is a mishmash of hardware manufacturers who have their own fork of Android that deviates from the main Google trunk.  This means it isn't up to Google to get the update out for each device, it is up to the manufacturer.  You can probably trust companies like Samsung, HTC, and LG.  Probably.  But how much, and how well will they do?  And, if you have some other manufacturer, I can't even begin to say.

If that isn't bad enough, it has been proven that Android users typically go around with 2 year old OS (or older), and never download updates.  That's right, you can have a brand new Android device, but the manufacturer forked Android 2 years ago (at the beginning of developing that hardware), and so the security you have is already 2 years old, out of the box.  Another NPR article in the past week entitled "Trying To Keep Your Data Safe? You're Probably Doing It Wrong" states that tech experts have completely different priorities on what it takes to keep you safe from hackers, than the average non-expert.  I completely agree with this article on every level - from the fact that the priorities are different, to the fact that tech experts put number one priority on system updates (from the OS manufacturer) as the primary bastion against hacking.  Nothing is even remotely as important as downloading the latest OS updates - whether for phone, computer, tablet, or car.  (If you followed that last link, you found that Chrysler vehicles from 2012 onward with UConnect have an Internet IP address, that hackers can use to gain control of the vehicle - and do anything they want, including shut the engine off.)
In this day and age, I find it ABSOLUTELY INEXCUSABLE for any product company, especially Google, to release a product that is so wide open to hacking, it fails to incorporate the most basic and accepted computing precautions like firewalls, code signing security certificates, forcing communications over SSL, and the like.  All of which, and more, both iOS and OS X (Apple's mobile and desktop operating systems) take into account, and have since the beginning, as they were designed into their core from the beginning.  So if you want to know why I support Apple so much, for security alone, that is why.  I find it also a case of criminal negligence for a company like Chrysler to produce a motor vehicle (the single most deadly type of machine in mass operation today), and make it vulnerable to such attacks.  This when the computer industry has plenty of security experts, and Science Fiction films have provided plenty of scenarios in which a more connected life can become more vulnerable to hackers.
So, now we know about the UConnect vulnerability - what about all the other vulnerabilities that we don't yet know about?  Here's a scenario that is not farfetched at all.  Imagine that you are driving to the Tigers' game.  On the way home, you stop to get gas, go out to dinner, or some other activity in Detroit.  Unbeknownst to you, some guys with a specialized Internet scanner detect your car, push a button - and malware is uploaded to your vehicle, and boom - the engine quits as you pull out onto the street.  You are mobbed by people who mug you, strip your vehicle, maybe even kill you because you hesitated to give them your wallet.  Science Fiction?  Maybe, but I think it's not at all farfetched, and I wouldn't put it past the people designing the computer systems in your vehicle to neglect basic security like I say above.

Further, recent news stories indicate Apple has hired several thousand employees with Automotive experience, on a top secret project.  Rumors abound, but most likely is they are either working on aftermarket automotive systems, or a new electric vehicle to enter into the automotive market.  I cannot think of a better company to make cars incorporating computer technology than Apple.  Who best to take into account computer security, than one of the companies who helped create computers in the first place?  And who best to lock that security to your digital world of smart phones, tablets, and notebooks?  And who best to make it work seamlessly?

If this scares you, it should - you have a pulse.  Do your research, and take action consistent with your findings.  If it doesn't scare you, then go head and tempt fate.  But when it comes crashing down on your head, and you have to jump through hoops because your credit is shot, your bank accounts raped, passwords stolen, and your entire real life ruined by the digital access to it - you only have yourself to blame for your choices.
Now, here's what scares me about the whole thing.  People go around, buying devices and services, without researching or understanding this whole world they are getting into.  But believe me, thieves sure do understand this world, and how to exploit its vulnerabilities.  And legislators are so far behind, they still think they can pass a law that will fix security issues.  The only way to fix the issues, is at the OS and software developer level.  The OS manufacturer should have security built in as a central tenet of the architecture, and their development kits should make it easier for app developers to make secure apps, than to make insecure apps.  The fact that Android is the most prevalent mobile OS, and Windows the most prevalent desktop OS, means that people just don't get it.  But the growth of Apple, means they can learn.  Realize that you (even I) know very little about security in the online world, and that it can impact your real world in many more ways than just money or inconvenience.  You can actually be killed by a security hack.

(As an aside, if you are an Apple developer, iOS has done simple things like provide access to advanced technology through Kits - or libraries that give developers functions to call that makes it easy to write apps to do advanced things.  But the Kits are secure, and allow the device user to control which apps have access to which functions - the camera, microphone, photos, Internet, etc.  And, by default, apps cannot connect to insecure Internet connections, they must use encrypted SSL connections.  If the app needs to do an insecure connection, the developer has to "jump through hoops" by adding exceptions to the app for specific web addresses, so that only those addresses are allowed to be communicated with over insecure, non-SSL sockets.)

What can Congress do about this?  Nothing.  As you are well aware, Congress is a set of selfish, greedy lawmakers who have lost all touch with their constituency, and are at the behest, beck and call of lobbyists.  If they do eventually get around to doing anything, all they can do is pass a bill - and nothing they could do would have an impact, as it would be too little, too late.  This technology is out now (has been for years), and the vulnerabilities exist now.  It's up to you to safeguard you and your family.

Tuesday, July 21, 2015

The Massive Misnomer of the Smart "Phone"


Back in the good old (pre-iPhone) days, we used to call these pocket computers that organized your life a PDA (or Personal Digital Assistant).  With the Palm and Blackberry devices, the convergence of PDAs with cellular phone technology began.  I began with what was called the Palm Pilot, later the Pilot, then just simply "Palm" - had that for many years, and when Samsung came out with the I-300 Palm phone, I was all over it.

And, as is now cliche, along came the iPhone and everything changed.  In fact, I was constantly searching for apps for my Palm and downloading them, but the availability of apps was severely limited (especially as compared to today's App Store and Play Store).  And, I noticed that the plethora of people who had Blackberries and Palm phones, called them a pretty evenly split combination of Phone and PDA (a few called them Organizers).  With iPhone, and I suspect related to the product name, it seems we have abandoned the somewhat wonky and clunky "PDA" for the simpler, but less descriptive, "Phone."  When I want to take a photo, and have to look for my device, I say "Have you seen my phone?"  When I need to check bank balances, travel itinerary, play a game, or the myriad of non-phone things I use my "phone" for the vast majority of its usage time, I call it my "phone."  Kind of interesting.

Although these devices are computers, calling it one is also clunky, because it doesn't take into account the communications and mobility aspects, as well as confusing it with all the non-"phone" computers (desktops, laptops, notebooks, and tablets).  Interestingly enough, the kids constantly say "I want a TV in my room," to which I reply, "You have TV's that you can put anywhere, including in your room."  With Netflix, Watch ABC, PBS Kids, the UVerse app, and more - you have these computing devices that are, by all definition, televisions.  Tablet, by the way, is a great name.  But phone is terrible.  We could go with a Trekky "communicator" - but when you unlock it, you will be forced to change your unlock sound to that of a communicator when Kirk whips it out and says "Kirk to Enterprise, come in Enterprise."

At some point in the not-too-distant future, we will see people who have only ever known a "phone" to be a fully-capable, desktop-class computer with a small footprint and touchscreen interface (i.e. a "smart phone"), and when you say to them "pick up the phone please, it's ringing" - they will stare uncomprehendingly at your cordless handset, wondering what it is, what it does, and why you have it at all.  I mean, all it can do is make and receive phone calls - how useless is that?

Sitting right now in my recycle bin, in fact, is a thick book with the letters "YP" on the front cover.  I have no idea what it is for (other than as a platform for advertising - like there aren't other more useful ones built into my iPhone???).  I mean, it is filled with business names and phone numbers.  Really?  Where are their web sites?  If I want to look up a business, I am going to ask Siri, or type it into a web or map search.  The section on private individuals is totally gone, and rightly so - how could a publication hope to stay on top of peoples' contact numbers?  Maybe this book would be good to use as kindling to start my charcoal chimney, except that I have tons of newspaper for that.  Maybe it could be a paperweight - like I need that.  I have a million other things that have other uses that can also weigh paper down on the patio table when we chill outside.  Obviously there is a segment of people who use these books, but I can't imagine who that is besides senior citizens who don't have a smart phone (a very small segment indeed).  Maybe it is simply a bunch of people working in an office, where over the past 10 years most of the employees have been laid off, and they are desperately trying to hang onto their jobs.

Monday, June 22, 2015

What's Missing in the Apple Computer World?

In looking at how amazing the Apple computing experience is, I have neglected the dark side - the lack of Apple mainstream use in much of business computing.  While some companies do use Macs, these are typically limited to creative companies, scientific organizations, and the like.  I believe this is primarily due to perception and familiarity, but I would argue that behind the culture is a truism that much software does not exist on the Mac.

While Java and Web have gone a long way to be cross-platform, there is much native software on Windows that has not been developed cross-platform.  One such genre is design and engineering.

Computers are used for a large variety of tasks in the business world.  I believe that the primary use is that of office document processing, e-mail, and web access.  These 3 things, pretty much any computer can do.  While the Mac does it very well, it is hard to justify spending $800 to $1000 when you can spend $500 on a cheap Windows PC (I'm talking with keyboard and monitor) - in bulk, or for a small business trying to make ends meet, I can see the arguments.  It's a hard cost that is up front in their face when they write the check, and not a soft cost that comes by later in productivity or IT support.

However, for engineering software, there are limited choices.  AutoDesk has introduced Inventor Fusion for the Mac, which works well and is a great 3D package.  However, AutoDesk has not been taken seriously in many 3D industries like Automotive or Aerospace (where Dassault, Parametric Technologies and Siemens rule), and has struggled for acceptance in other industries like Heavy Industry and Manufacturing.  They have made some inroads into Consumer Goods, but for the most part have had their strengths in 2D (mostly architecture).

Dassault Systemes has introduced DraftSight, a package that is designed to let users create and edit AutoCAD drawings - I have seen many AutoCAD (the AutoDesk 2D product) customers say they prefer to use DraftSight for its light-weight footprint, better performance, and refreshing take on User Interface.  This is available on the Mac, but I wonder how many people have downloaded it for that platform.

What I see as a big hole, and perhaps a big opportunity, is the lack of high-end, premium 3D design packages for the Mac.  And nowadays, a 3D design package is only as good as its back-end data management system (now called Product Lifecycle Management, or PLM, system) - so not only does the package have to allow designers to draw 3D geometry, but it has to interface with the PLM servers.  So it seems that a significant effort is needed to get a design package to the Macintosh platform.

As an aside, you could imagine that Apple, Inc. has a need to design their products to build (digitally, not by drafting board!).  And, for those designs, they would be made in 3D.  That begs the question, what software does Apple use?  I am not familiar with electrical design software (especially electronics, micro-circuitry, and chip design), but there again the Windows platform has the solutions the industry uses.  Apple designs and builds many of their chips, and so must use Windows to design their Ax chips.  I have looked into that via web searches, and have found some rumors that sound credible.  It appears to be a secret, but I would bet that Apple is using Windows-based 3D software, and it seems even more believable that they are not using it on non-Apple PC's (i.e. they are booting Windows on their Macs).  Now, it would seem that being able to do full 3D design in a Mac-native platform would appeal to them - but of course, Apple is insanely profitable, and doesn't care about paying Windows licensing fees.  But maybe they do care about performance and productivity, and my experience has been that once people use OS X, by and large they tend to want to stick with it primarily, and avoid Windows like the plague.

Thursday, June 18, 2015

Pulse - Still Beating or No Heartbeat?

A short time ago, LinkedIn acquired Pulse, a web site and mobile app that allows you to browse Internet content of interest to you in one place, in a consistent format.  Blogs, news publications, etc. all can be saved for later reference, or shared, and viewed - and marked as read.

I have been using it since before LinkedIn bought it.  I don't know how many of you caught the Keynote Address at the Apple WWDC 2015, but new in iOS 9 will be a News reader app like Pulse.  Of course, in true Apple fashion, they not only went there, but went there in a big way.  Not only does it conglomerate articles of interest to you, it learns what you like the more you use it - and presents it in a truly elegant and beautiful way.  Content providers can even target their articles using publishing features of the News app - things like fully interactive content, animations, transitions, embedded multimedia, and more - of course, presented in a consistent format across feeds, blogs and web sites.  Just like Pulse, but way beyond.

So, after that announcement, it occurred to me that I no longer have a need for Pulse, and that as soon as iOS 9 is available in a more stable Beta (next week perhaps?), I will perhaps have a chance to ditch Pulse once and for all.  As great as Pulse was, there were a few things that drove me crazy.  Namely, it constantly lost the "read" mark, so I would forget the last publication I read from each source.  It crashed every once in awhile, and that was very annoying because it then didn't remember all the articles I had read.  Another one, you would think that All Things Digital would be a source it would know how to display, but instead each and every publication you can't read the content, and have to use the "View on web" link - and I don't want to view on the web in my phone browser, because it is not mobile friendly.

What are your thoughts?  Have you used Pulse, or some other conglomerator (sounds like one of Dr. Doofenschmirtz's -inators)?  If you own an iPhone/iPad/iPod, would you ditch the others and go with Apple's News reader?