6 notes

waffle → Played for a Fool

It doesn’t take very many words to stand up for Apple for removing Airfoil Speakers Touch from the App Store for “surreptitiously” implementing AirPlay receiving. Maybe your arguments boil down to: it’s their store and they actually followed their own rules.

I use Airfoil on an iMac to play Rdio over speakers connected to an AirPort Express; it’s the only reason my old AirTunes setup continues to be of any use. But at the intersection of AirPlay closedness and iOS closedness, Apple can operate a service that powerfully defies its users’ changing habits in music consumption. Success! In a way.

Last weekend we got a jambox. They’ve been around for a little while I guess, but it makes AirPlay’s technology seem clunky and outdated, and AirPlay’s opinions about what audio streams it will carry seem positively absurd. Jambox just plays whatever you want, wherever you want. But to be fair, it is not the right box for playing synchronized audio through fixed speakers in every room of your Napa Valley trophy home–That would be Sonos.

The iTunes ecosystem, compared to the rapid evolution outside its gates, is starting to look more like a retirement community. One with death panels.

[Audio] [Streaming] [Apple] [Airplay] [Airfoil]



34 notes

Foxes (or asses) guarding the hen house

Six months ago when the iPhone location logging story broke, this Android fan refrained from gloating. Why? Because you can trust the corporate intelligence of handset manufacturers and wireless service providers about as much as #occupywallstreet protesters can trust the NYPD to lead them merrily across the Brooklyn Bridge.

It was just a matter of time before a severe data breach occurred with the variants of Android that carriers and manufacturers cobble together. We’ve already seen a pretty amazing data destruction bug from Samsung. Everybody’s system customizations are closed source, so nobody else knows what kind of foolishness is going on in there. For a while.

I am quite speechless right now. Justin Case and I have spent all day together with Trevor Eckhart (you may remember him as TrevE of DamageControl and Virus ROMs) looking into Trev’s findings deep inside HTC’s latest software installed on such phones as EVO 3D, EVO 4G, Thunderbolt, and others.

Android Police

Did they find this scary thing before the “bad guys”? Who knows. The bad guys stand to make a lot of money by finding such vulnerabilities quickly, and keeping them secret.

In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users’ devices, easier remote analysis, corporate evilness - it doesn’t matter.

Android Police gets that point right away. It doesn’t matter what the explanation is for this breach, or that breach. This one is worse than Apple’s because the data (including but not limited to location) is accessible to third-party apps. Neither came from building features that users actually want.

The reason these privacy breaches keep happening, in general and across different mobile platforms, is that mobile commercial interests are largely at odds with those of device owners and users. And since there’s little consequence to sellers for using/abusing their power over buyers, it’s only natural for them to do so.

The iPhone location logging incident convinced me that, for devices we take everywhere and use for everything, an open-source operating system is even more necessary than it is on old-fashioned desktops and laptops. It’s the only way to have any confidence that your phone is not, actually, a fancy piece of spy equipment with you as its subject.

But it takes some time and effort to root and flash a phone, and when I got a new (used) HTC Incredible I did really appreciate the famously hawt HTC weather app. (It actually flashes your screen in a thunderstorm!) I allowed myself to slip again into a misplaced trust in the manufacturer to code a better “user experience” for their device than anyone else. That trance could have lasted many more months, but it finally broke when I broke my Incredible’s touchscreen.

Incredible reassembly

I decided to try to replace the glass with my own fumbling fingers. At one low point it seemed like the hardware was borked anyway (it wasn’t), so I went ahead and flashed CyanogenMod on it for fun.

It was love at first sight.

Definition of Open

Touchscreen phones are pretty awesome toys in the first place, but having system software that is actually written for its user is a whole new game. The differences come out in unexpected places, like finally being able to set the screen brightness for particular levels of ambient light. Why can’t you do that on any stock phone? Because the people who make them are stupid, or they think you are. Either way.

And screenshots. I’m now allowed to take screenshots, you guys! So crazy.

A clean install of Android 2.3 is pretty great in general. I had been stuck on 2.2 because HTC isn’t updating the original Incredible these days–why would they? But with CyanogenMod this old battle axe is as sharp as any new phone, which is a funny thing considering you can get a used Incredible for a little over a hundred dollars on eBay. It’s almost as if you don’t need to sign a multi-year, multi-thousand-dollar service contract to be able to “afford” a good wireless touchscreen computer.

But most of the improved value is in the knowledge that all of the code in the OS is open to the public. There is no completely daft insecure logging going on, the way there is right now on stock HTC phones, because nobody would commit such garbage under their own public name. Want to double-check CyanogenMod’s optional, anonymous statistics collection? It’s on github.

If you have a stock HTC phone that can be flashed to an unencumbered operating system, you’d better do it right now to be safe. Or, if you have some other device with mystery meat software running the show, don’t get too comfortable in that hen house.

Whether it’s foxes or asses guarding the door, chickens are somebody’s dinner.

[Android] [Apple] [OSS] [Free Software] [CyanogenMod] [Security]



8 notes
“But Android’s success has yielded something else: a hostile, organized campaign against Android by Microsoft, Oracle, Apple and other companies, waged through bogus patents.”

Official Google Blog: When patents attack Android

[Patents] [Apple] [Google] [Mobile] [Software Freedom] [Competition]



78 notes
Resting on Laurels

Resting on Laurels

[Lenovo] [Apple] [Engineering] [Design]



12 notes

The Art of Surprise

Artist Kyle McDonald installed a program on computers in two New York Apple Store locations that automatically takes a photo every minute. Now his personal computers have been confiscated by the U.S. Secret Service.

Apple Store Sets Secret Service on Spy Camera Artist

What’s this, government police seizing property at the legally dubious behest of an embarrassed Apple Inc? It’s only the second time in two years.

If the last time is any guide, popular opinion about the incident will be determined firstly by how comfortable people are with the idea of a secrecy-obsessed government protecting a secrecy obsessed-corporation, and secondly by how people feel about the accused. Is he an okay fella or a creep? And that is really a question of whether you can identify with him–Wouldn’t you have just taken the prototype iPhone to the bartender, etc? But we aren’t supposed to be raiding homes and threatening to imprison people based on feelings of personal identification; we’re supposed to apply those most intrusive and dangerous government powers based on actual laws, decided in advance, to provide the public some measure of fairness and predictability.

This reader comment on the Mashable writeup provides some food for thought:

As a customer you have [no] right to install software on store computers.

What is a right? What is software? What is it to install software?

You might think of rights as explicit limits on government power; in the set of all things that are not illegal, rights would the innermost core, the public’s last line of defense. But this statement, made in support of the police action, must be defining rights as the entire set of permitted actions. Effectively and casually, then, the claim is that “As a customer it is illegal to…”.

To do what? With practically every web page you visit on a borrowed computer you are running software of your own choosing. You are running it in JavaScript, or with even more potential for hijinks, in Flash. Flash can take pictures and movies using built in cameras. Could it be illegal to run Flash on Apple Store computers, as a customer? The Secret Service would have a lot more doors to break in tonight.

It’s safe to assume that you can run software on store computers, since everybody does it. What about “installing” it? It’s such an arcane concept, these days! And ironically, the meaning of “install” has always been vague on Apple computers. Did I install it when I dragged the icon from the disk onto the desktop? Or does it need to be in /Applications to be installed–potentially illicitly? Imagine the highly trained government agents, watching the screen with a telescope, waiting for the moment an app icon is released over the “Applications” hot zone! Just another episode of CSI: Apple Store.

But seeing as things like web software and Flash exist these days, we have to think of “installing” more broadly. You might install software by changing your home page, or your browser’s search provider. You might add a link to the bookmarks toolbar that says “Google” but goes somewhere else. You might leave a tab open in some unobtrusive place. The possibilities are endless!

Where do we imagine the line to be drawn between what most people are doing at the Apple store–checking their email and other interesting web sites–and criminal activities that justify the police seizure of property? Just doing something that surprises and upsets the computer’s owner?

That is a strange and unusual power granted to computer owners, but I’ll take it. What if I loan you my laptop to send an email, but later I discover you set my home page to, I dunno, that rick-roll thing. Can I have the Secret Service seize any computers in your possession?

Alas, no. Because there is no principle here. The exhibited use of power depends on whose computer it is, plus some other subjective criteria decided after the fact. You know, Feudalism.

~~~

Is the intervention of a secret police force unjustified in instances of unwanted application preference altering? Should computer makers just figure out how to maintain control their own machines in their own stores? If so, the corollary is that we have been handling “hacking” wrong since the beginning.

Buffer overflows are no different from changing preferences. At every level, computers just follow instructions. Sometimes people use them to produce results other people don’t want. The only way to prevent that is to more creatively anticipate potential instructions. But rather insanely, our reaction has been to punish and often imprison the people who demonstrate the greatest ability to creatively instruct computers.

As if now, because Kyle McDonald’s personal computers have been seized in an effort to build a case against him, Apple Store customers are safe from anyone else doing the same thing. Ha. It’s probably happening all the time, except not as an art project. Rather, a project to phish, sniff, and spoof one’s way into critical accounts of unfortunate users.

Do they plan to lock up everyone capable of configuring Safari?

[Web] [Security] [Apple] [Let's go Shopping] [Nice Hacks]



37 notes
“What’s happening to Growl now is exactly what I feared when I heard the term Mac App Store.”

waffle → Perturbingly

[Software] [Freedom] [Apple] [DRM] [Waffle]



12 notes

FOSS Patents: Apple feels "harassed" by "copyist" Samsung's demands for early look at iPhone 5 and iPad 3; showdown on Friday

Apple made its original request for expedited recovery because it may soon want to file a motion for a preliminary injunction rather. In other words, Apple seeks to get legal leverage to take down some of Samsung’s products in the very short term – which would enable Apple to negotiate a settlement on its preferred terms.

This must be some of that merely defensive use of patents we were told not to worry about.

[Software] [Patents] [Apple] [Samsung] [Software Freedom]



2 notes

On Bin Laden Killing Tech Blogging

Exploiting Bin Laden’s death is one thing. Just wait until we have a real national tragedy that the tech blogs contort themselves to exploit for the pageviews.

No need to wait: How will Japan earthquake affect Apple’s iPad supply chain?

There isn’t anything wrong with SEO per se; it’s the semi-professional media’s way of participating in the moment. But there’s always a new depth of depravity to be plumbed, and title holder for the moment remains he who saw in a catastrophic earthquake the opportunity to mix in a soulless and story-less “Apple” headline.

[Tech] [Media] [Osama] [Apple] [Tōhoku] [ZDNet]



45 notes

U.S. senators ask Apple to pull police-evasion apps

“We know that your company shares our desire to end the scourge of drunk driving and we therefore would ask you to remove these applications from your store.”

If you liked Apple making up its store rules as it goes along, you’ll love government using that single point of control to bypass its legislative process and make up laws as it goes along.

For what it’s worth this blog doesn’t recommend doing much driving, drunk or otherwise. But among the ways the US government can “do something” about its structural problem of transportation casualties, cutting off citizens from facts on one easily manipulated channel is particularly tyrannical and ineffectual. Perhaps instead the Senator from New York could explain why police themselves are so often involved in drunk driving crashes–is there an app for that?

[Alcohol] [Death] [Schumer] [Software Freedom] [Traffic] [Apple]

Page 1 of 4

}