CNET has an interesting article about how warrants to access suspects mobile phones are handled by two of the big mobile OS providers; Apple and Google. Focusing on Apple, the article mentions cases where the police has to wait for Apple to perform the unlocking, while Google “resets the password and further provides the reset password to law enforcement”.
From a technical perspective, it is not clear what kind of unlocking is performed; whether it is the SIM code, screen lock, or account password. It is interesting that the article mentions decryption, but it is probably a misunderstanding, or wrong wording: Android phones do not use encrypted storage by default, and in fact, if you have a model with a removable memory card, you can read that in any SD card reader. Accessing the embedded phone storage is also easy if it already unlocked (using fastboot / adb). iPhones does not use encrypted storage by default either, to be best of my knowledge. The article does indeed state that “It’s not clear whether that means Apple has created a backdoor for police [...] , or whether it simply is more skilled at using the same procedures available to the government.”.
From a privacy and security point of view, it is clear that it is irrelevant what the default security setting is. It can simply not be trusted to perform the task a user would expect. Rather, one should use take matters into own hands, and use software that has been proven to not contain backdoors for police or others. The only option is free and open source software, which has been vetted by security experts and the community.
In his insightful piece on Andy Rubin’s departure from the helm of the Google Android division, Charles Arthur looks into the future to see what’s next for the Android platform. He makes a case for a merge between Android and Chrome OS, however that has been speculated for four years already; even from the horse’s mouth.
What’s perhaps more interesting, is Arthur’s observation that Rubin was in fact a proponent of open source, and Android as a free platform, even though that was difficult to see at times. Arthur contrasts Rubin’s stance against Google’s and possibly Sundar Pichai’s (Rubin’s succeeder) desire to control the Android ecosystem. That path could conflict with handset manufacturer’s wish to brand and distinguish their products from their competitors. Arthur points out that about half of the 145m Android phones shipped in Q4 2012 were in fact not Google enabled (with a Google account, Gmail, etc). He speculates that the logical move for Pichai is to tighten control of the platform; making it less open.
That brings us to another headline: The general fight for control of devices, not just mobile phones, and the right to do whatever we want with the hardware we’ve bought, paid for and own. Kyle Wiens makes the case that we should be allowed to unlock any device, with tractors and cars as prime examples. These farmer and household items have become so complex to repair and maintain, that independent mechanics can no longer do the work. And even if they could, they are barred from access to embedded computers, sometimes based on proprietary tools and software, but also based on copyright, of all things. The access codes (passwords) are copyrighted, as are the service manuals, and only licensed technicians are granted access.
So are we headed towards the locked down nightmare Stallman warned us about sixteen years ago in his 1997 easy “The Right to Read”? If we keep letting mega-corporations have their way, that is a danger. However, as Wiens points out, Massachusetts passed Right to Repair legislation to make it possible to repair automobiles; other states are following. The White House petition to make it legal to unlock mobile phones did get a response, however, it is unclear if it is enough to avoid the criminal law which now applies to phone unlocking. Maybe there is still hope.
It was less than two months ago that I echoed John Naughton’s warning that “nothing lasts forever”. Naughton was talking about the “empires” of Facebook and Apple, but it is certainly true on a small scale for individual services as well. Google just announced that they will shut down their RSS Reader, along with a few other APIs and services. The reader in particular seems to have sparked a bit of an uproar, since it has small but loyal crowd of followers.
Many users feel betrayed, however as Alex Kantrowitz points out in Forbes, none of them actually paid for the Reader services, and thus the feeling of ownership is misplaces. As the old cliché goes: If as a user of a web service you don’t pay, you are the product, not the customer. You’d think some have learnt by now, but it will take many more of these stories before that message is clear.
So are the alternatives? Well, but of course there are! Many of them! Each user will have to decide for himself what fits his purpose and use best, but that’s a choice which is worth appreciating. Some will maybe continue with a web service style application, while others have learnt that “the cloud” can evaporate right in front of their eyes, with little chance of saving the remains of what once was.
The online magazine Motherboard recently ran a feel-good story about a community of British farmers in Lancashire who dug their own ditches to put down Internet fiber. The background was the ever so typical story about the big telecos not bothering with sparsely populated areas because it’s not worth the investment on their bottom line. So the a local group got together and found that they might as well build their own high-speed connection. Any nothing should stop them from doing that, right?
Well, the article also mentions a few similar stories from “The Land of the Free”, where digging your own ditch is now legislated against. In the interest of the free market economy, of course. Parallels are drawn to big company lobbying and FUD in the late 19th and early 20th centuries, when rural communities formed their own electric utilities. It states optimistically that there are to this day thousands of local communities with local electric services, but also that most of it was (and is) consolidated into a small group of companies.
Another interesting approach to Internet build-out which is mentioned is Google’s Fiber project, with Kansas City as the Guinea pig. However, there the roll-out is in “big company” fashion, with marketing “threats” of missing the boat if they don’t sign up NOW. Not your friendly farmer dig-out, in other words.
Regardless of strategy though, the local, sometimes DIY, approach to physical layer last-mile build-out fits very well with the scale-free network topology of the Internet. It is with this kind of ungoverned and unplanned growth it thrives best. Legislating against it of course make no sense at all, but waiting for a big tele or cable company to do the job should really not be encouraged either.
Again, small and decentralized triumphs over big and inefficient. It’s simply the way of the future.
The “Real Names” discussion is raging these days, and it’s great to see not only fringe opinionist chipping in, but big names on both sides. Danah Boyd from Microsoft chooses to focus on the power people ought to have to secure themselves. While Alexis Madrigal, senior editor at The Atlantic, looks at pseudonyms and how they can be used to avoid persisting and attaching information to one’s real identity. The Slashdot crowd says, “if you don’t like it, don’t use their service”. Everybody has a story from Facebook when sensitive information leaked out to the wrong people.
All this starts to sound familiar, and indeed the various points raised now were all neatly collected about two years ago in Viktor Mayer-Schonberger’s book “Delete: The Virtue of Forgetting in the Digital Age“. Schonberger’s argument was not focused on real name or pseudonyms, but rather examined what happens when the default shifts from forgetting to remembering almost everything. He investigates several options and solutions to the problem of eternal memory, and has at least one suggestion which might help: expiration dates for information.
Although engineers and managers alike would get much back from reading the book, I fear that Schonberger’s argument would be lost on many of them. It would drown in technical details and resistance, never making it into code. Expiring digital information is so counter-intuitive to how engineers work and think, it would be written off as impossible.
As for the “Real Names” debate, my take is “trust no one”. “Enemy of the State” is definitely worth a re-watch if you haven’t seen it lately.
Over at “if !1 0“, they have a straight forward how-to for installing Chrome from a repository in Fedora 13 or 14. All you have to do is add a repository file, and install.
If you want to use the built in version of Flash, you’ll need the 32 bits version and repository. Also note, that you’ll have to do an update after the initial install, as the latest version is NOT automatically installed at once.
name=Google - i386
name=Google - x86_64
yum install google-chrome-stable
yum update google-chrome-stable
* For 32 bits, if installing on a 64 bit machine:
yum install google-chrome-stable.i386
yum update google-chrome-stable.i386
yum install libpk-gtk-module.so libcanberra-gtk-module.so libasound_module_pcm_pulse.so