Today’s New York Times reports on the impact of Apple’s decision to allow third-party application software on the iPhone:
In the first 10 days after Apple opened its App Store for the iPhone, consumers downloaded more than 25 million applications, ranging from games like Super Monkey Ball to tools like New York City subway maps. It was nothing short of revolutionary, not only because the number was so high but also because iPhone users could do it at all.
Consumers have long been frustrated with how much control carriers — AT&T, Verizon Wireless, Sprint and the like — have exerted over what they could download to their mobile phones. But in the last nine months, carriers, software developers and cellphone makers have embraced a new attitude of openness toward consumers.
The App Store makes a big difference to me as a new iPhone user – the device would be much less useful without third-party applications. The value of third-party applications and the platforms that enable them is a commonplace outside the mobile phone world. It’s good to see it finally seeping into what Walt Mossberg famously calls “the Soviet Ministries”.
But before we declare victory in the fight for open mobile devices, let’s remember how far the iPhone still has to go. Although a broad range of applications is available in the App Store, the Store is still under Apple’s control and no app can appear there without Apple’s blessing. Apple has been fairly permissive so far, but that could change, and in any case there will inevitably be conflicts between what users and developers want and what Apple wants.
One of Apple’s reasons for opening the App Store must have been the popularity of unauthorized (by Apple) iPhone apps, and the phenomenon of iPhone jailbreaking to enable those apps. Apple’s previous attempt to limit iPhone apps just didn’t work. Faced with the possibility that jailbreaking would become the norm, Apple had little choice but to offer an authorized distribution path for third-party apps.
It’s interesting to note that this consumer push for openness came on the iPhone, which was already the most open of the market-leading mobile phones because it had an up-to-date Web browser. You might have expected less open phones to be jailbroken first, as their users had the most to gain from new applications.
Why was the iPhone the focus of openness efforts? For several reasons, I think. First, iPhone users were already more attuned to the advantages of good application software on mobile phones – that’s one of the reasons they bought iPhones in the first place. Second, Apple’s reputation for focusing on improving customer experience led people to expect more and better applications as the product matured. Third, the iPhone came with an all-you-can-eat Internet access plan, so users didn’t have to worry that new apps would run up their bandwidth bill. And finally, the fact that the iPhone was nearer to being open, having a more sophisticated operating system and browser, made it easier to jallbreak.
This last is an important point, and it argues against claims by people like Jonathan Zittrain that almost-open “appliances” will take the place of today’s open computers. Generally, the closer a system is to being open, the more practical autonomy end users will have to control it, and the more easily unauthorized third-party apps can be built for it. An almost-open system must necessarily be built by starting with an open technical infrastructure and then trying to lock it down; but given the limits of real-world lockdown technologies, this means that customers will be able to jailbreak the system.
In short, nature abhors a functionality vacuum. Design your system to remove functionality, and users will find a way to restore that functionality. Like Apple, appliance vendors are better off leading this parade than trying to stop it.
your gay everyone
You implied it, rather than saying it outright.
We don’t even know how much damage voting machine compromise has caused. We DO know that the outcomes of the last two presidential elections are suspect*, and that the president “elected” on both of those occasions has been the single worst in history**.
* Plenty of DRE problems; first one had a whole state decided by judicial fiat; both had unusually large discrepancies between official outcome and exit polls
** http://davidbrin.blogspot.com/ has oodles of data to support this claim, and plenty of its own citations of its own sources too
Why would you think I’m “attacking” you? I don’t even know who you are, and haven’t said a word about you personally, nor would I have any reason to.
PC compromises have cost businesses and governments billions, and are implicated (how accurately, I don’t know) in at least one very large-scale power outage, numerous network outages, and several cases of espionage. How much damage has voting machine compromise caused so far?
It’s easy to dismiss the *real* costs of one threat compared to the *hypothetical* costs of another. But realistically, between the scenarios spun by voting machine alarmists and the very real history of mobile open computing platforms, there’s little doubt in my mind which threat is more urgent.
Why are you attacking me in public?
“Open-platform cellphones will inevitably be used for the same purposes as PCs already are”
And how many major disastrous meltdowns have we had, so far, due to widespread PC compromise?
Zero.
None that are at all comparable to a national election being stolen in terms of badness factor.
I think you’re vastly underestimating the damage that a large-scale compromise of civilian cellphones could cause. Open-platform cellphones will inevitably be used for the same purposes as PCs already are, in addition to functioning as personal telephones, address books, call logs, and so on. They will thus become storehouses not only of sensitive personal information, but also of private security capabilities (such as keys and passwords) for such tasks as online banking, brokerage and secure payment. Moreover, employees’ phones will likely end up containing a good deal of confidential business data as well. Add to that the potential for DDoS attacks against critical telephone infrastructure (911, hospitals, police, and so on), and you have a very serious security problem.
Whether it’s more serious than the threat posed by voting machine compromise is a complicated question. But the two are certainly not at opposite ends of the severity scale, as Ed’s dour scare-mongering about voting machine insecurity and cheerful embrace of wide-open cellphone platforms implies.
Dan Simon: you’re out to lunch. If random civilian cell phones get hacked, we don’t wind up with the next in the series Hitler, Stalin, ? occupying the White House. If random civilian voting machines get hacked …
More significantly, voting needs to be transparent as to the process, opaque as to which way each person voted, and so forth. The phone system needs to preserve user privacy, but not to the extent of actually preventing someone from being able to prove who they phoned, and the stakes are generally lower. Most phone calls are unimportant. Most people will take issue with any claim that most votes are unimportant.
True, there are important phone calls. Business calls, 911 calls, and so forth; plus personal calls are frequently important to the people involved. But widespread spoofing of cell phone calls would just lead to the system being redesigned, and important calls being made by land-line until then. We aren’t even sure we’re detecting widespread spoofing of votes, though there’s some evidence that this may be going on, and we certainly aren’t conducting important elections by paper ballot until the DREs are redesigned…
By the way, just to be clear, none of this is intended as personal criticism of Ed, who’s a smart, personable, and very sincere and well-meaning guy. It’s just that the ethos of his community, to which he broadly subscribes (although not in every detail) contains deep internal contradictions that generally go unacknowledged.
“Cell phones and voting machines serve markedly different purposes, and therefore have markedly different requirements.”
Not so different as all that, at a high level, I’d argue. Both are responsible for protecting the privacy and integrity of ordinary users’ interactions with the device, which contains their confidential data. At the top of the requirements lists for both are, “be easy and convenient for non-technical users to operate”, and “avoid being subverted by malicious code”. Yet in one case, the first goal is neglected in favor of obsessive concern for the second, and in the other, the second goal is neglected in favor of nerdy enthusiasm for the first.
My best guess as to the origin of the distinction is that the techies adopting these contradictory positions stand to gain (in a very general sense) from an open cellphone platform for which lots of whizzy new software can be written, whereas relatively few techies are going to profit (in any sense) from electronic voting systems. I also strongly suspect that once open cellphone platforms are firmly established in the market, the attention of security experts like Ed will turn to the massive security holes in those platforms, and that they will lambaste the industry for selling patently insecure products that fail to provide iron-clad sandboxing of highly flexible, powerful, conveniently integrated applications–protection that is, as Ed frankly admits above, next to impossible to achieve in practice.
At those exorbitant prices, they’d damned well better be making a profit…
Cell phones and voting machines serve markedly different purposes, and therefore have markedly different requirements.
So let’s see if I have this straight: cellphones that allow any software of any provenance to run are a wonderful boon to consumers, but voting machines that might potentially not be completely locked down due to obscure bugs are a security nightmare. Trying to keep unwanted software off a cellphone is hopeless, but only an incompetent boob would ever design a voting machine that can be subverted by someone with direct physical access to it. The combination of wireless connectivity and imperfect software leads to utter disaster for voters, and to a paradise of exciting new functionality for cellphone users.
I’m curious–does “Security Cassandra Ed” ever talk to “Technology Polyanna Ed”? They don’t seem to be on quite the same page…
Kael:
“Given the similarities between an iTouch (an iPhone without the cellular phone capability) and a Nokia N810, I’d be surprised if there won’t also be a Nokia phone shortly that could also step into this niche.”
I’m not sure if Nokia actually has a suitable GSM stack for integrating with their Linux-based Maemo platform. There’s a reason why Nokia is experimenting with Linux on their mobile devices, and I don’t think the tablets are enough of a reason for that. Symbian is getting old, and even though it may get some fresh winds and a prolonged life from opening up that Nokia has announced, they’re probably interested in having a Linux-based platform also for phones just in case.
So, it may be coming, but they aren’t the only ones, but I’m not holding my breath until that happens. On the other hand, some other manufacturers have already released Linux-based phones, although their full openness is another matter.
Disclaimer: I’m not affiliated with Nokia, and I’m just speculating just like everyone else.
“It’s interesting to note that this consumer push for openness came on the iPhone, which was already the most open of the market-leading mobile phones because it had an up-to-date Web browser.”
Ed, I appreciate your insight into this matter as well as into others. Frankly, however, I don’t think the web browser was capable of making the first iPhone “the most open [phone] of the market-leading mobile phones,” not by a long shot. There have been at least somewhat decent web browsers (such as Opera Mini, although it’s a little limited) for other phones before the iPhone, and many of those other phones — indeed, almost by definition any smart phones — have allowed third-party applications to be installed, even if some other popular mobile platforms such as Symbian aren’t really that open either.
Even if the iPhone had slightly better web capability than most other phones, most applications still aren’t on the web; the possibility of installing third-party software on the device is still more important for openness than a relatively small difference in web browsing support.
In fact, I’d almost say that what made the iPhone so popular for jailbreaking was the very fact that it was very closed, combined with the technical capability it boasts: hacker-minded people take the former as a challenge, and the latter can make it more rewarding than hacking a device that offers little practical benefit to gain from the achievement.
It will be interesting to see how Apple deals with openness and control issues once you start laying policy issues on top of their approach. Apparently they’ve already had privacy problems:
http://www.unstrung.com/document.asp?doc_id=160339
They are going to have to put a lot of resources into setting and enforcing the policy issues.
They would sell a lot more phones, in the long run, if they would stop playing this game.
Do they make a profit on their hardware though; if not then selling more phones isn’t helpful.
Given the similarities between an iTouch (an iPhone without the cellular phone capability) and a Nokia N810, I’d be surprised if there won’t also be a Nokia phone shortly that could also step into this niche.
The nice thing about the N810 and it’s predecessors is that they run a Linux variant. You can’t get much more open than that.
Things should be a lot more interesting 6 months from now…. Google Android phones should start appearing, Garmin’s NuviPhone is due early 2009, and BlackBerry’s Thunder (their answer to the iPhone) is due late this year.
Between the phone lockups, enclosure cracks and spotty RF performance that are plaguing the iPhone 3G right now, Apple’s day in the spotlight may not last much longer.
Regarding the enclosure cracks on the iPhone 3G, I read a news story that 3 different law firms are already jockeying for position in bringing a class-action lawsuit against Apple – meanwhile, Apple is reported to be ramping up production… So either Apple’s got that aspect of the product corrected, or they’re going out swinging!
One effect of the iPhone app store is that Apple is making it clear to the general public that there is no such device as a cell phone, and, by implication, that the phone companies are conducting an enormous shakedown operation by trying desperately to maintain the pretense that there is such a thing. All there is in the world are handheld computers with various networking capabilities. The entire concept of a phone network is obsolete, and sooner or later, I hope sooner, the general public will recognize the scam for what it is.
What Apple gives it also takes away. Apple is helping to perpetuate the “cell phone” scam by insisting on exclusive (and so exorbitant) tie-in’s with the telco’s for the iPhone. They would sell a lot more phones, in the long run, if they would stop playing this game.
Yes, the AppStore is great, but there are limitations to what can be sold there. Apple has already pulled NetShare (a tethering application) because it may violate AT&T’s terms and conditions (although not Apple’s) and BoxOffice (an app that indicates movies showing nearby) for no reason that anyone yet understands.
The terms and conditions of the iPhone SDK are also rather restrictive, and prevent a number of useful applications from being sold. A very useful application called IntelliScreen (http://intelliborn.com) cannot be sold through the AppStore because it more closely integrates with the iPhone OS than is allowed by the SDK — it can only be sold to jailbroken phones, which necessarily limits its market. Another restriction that apps cannot run in the background prevents a good third-party implementation of the cut-and-paste capability that’s missing on the iPhone.
A good article that discusses the limitations imposed by the iPhone SDK can be found here:
http://gizmodo.com/5027790/why-we-still-need-the-iphone-app-black-market
“This last is an important point, and it argues against claims by people like Jonathan Zittrain that almost-open “appliances†will take the place of today’s open computers”
Sigh. I keep saying Jonathan Zittrain does not need me to defend him, but I really think people are misunderstanding what he’s trying to examine in his book. It’s more aimed at the eternal conflict between freedom and security, not that open computers will disappear entirely.
(note I’m not saying I agree with his reasoning, rather I think that the point of it is often missed).
dude this guy is gay