tag:theconversation.com,2011:/au/topics/android-1119/articles
Android – The Conversation
2023-04-12T00:38:49Z
tag:theconversation.com,2011:article/203398
2023-04-12T00:38:49Z
2023-04-12T00:38:49Z
Banning TikTok could weaken personal cybersecurity
<figure><img src="https://images.theconversation.com/files/520368/original/file-20230411-22-e2sc88.jpg?ixlib=rb-1.1.0&rect=0%2C7%2C5000%2C3315&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Banning TikTok could unintentionally pose a cybersecurity risk.</span> <span class="attribution"><a class="source" href="https://www.gettyimages.com/detail/news-photo/in-this-photo-illustration-a-crossed-out-tiktok-logo-is-news-photo/1249797505">SOPA Images/LightRocket via Getty Images</a></span></figcaption></figure><p>TikTok is not be the first app to be scrutinized over the <a href="https://www.theverge.com/2020/3/6/21168079/grindr-sold-chinese-owner-us-cfius-security-concerns-kunlun-lgbtq">potential exposure of U.S. user data</a>, but it is the first widely used app that the U.S. government has proposed banning over privacy and security concerns. </p>
<p>So far, the discussion has focused on <a href="https://theconversation.com/should-the-us-ban-tiktok-can-it-a-cybersecurity-expert-explains-the-risks-the-app-poses-and-the-challenges-to-blocking-it-202300">whether TikTok should be banned</a>. There has been little discussion of whether TikTok could be banned, and there has been almost no discussion of the effects on cybersecurity that a TikTok ban could cause, including encouraging users to sidestep built-in security mechanisms to bypass a ban and access the app.</p>
<p>As a <a href="https://www.rit.edu/directory/rboics-rob-olson">cybersecurity researcher</a>, I see potential risks if the U.S. attempts to ban TikTok. The type of risk depends on the type of ban.</p>
<h2>Blocking TikTok in the network</h2>
<p>Blocking access to TikTok by filtering traffic destined for addresses believed to be owned by TikTok is possible but would be difficult to accomplish. Server addresses can be changed and a TikTok ban could devolve into a game of cat and mouse. </p>
<p>Additionally, this sort of block could be bypassed using virtual private networks (VPNs), which encrypt data flowing between servers and devices. VPNs can be used to shield traffic between servers in other countries and devices in the U.S. VPNs were once widely recommended for people <a href="https://www.tomsguide.com/news/why-you-need-to-use-a-vpn-on-public-wi-fi">using public Wi-Fi</a>, and people are already using VPNs to <a href="https://www.pcmag.com/how-to/how-to-unblock-netflix-with-a-vpn">access blocked streaming services</a>. While security experts <a href="https://consumer.ftc.gov/articles/are-public-wi-fi-networks-safe-what-you-need-know">no longer recommend VPNs for public Wi-Fi</a>, many people have used them and so are familiar with a tool that would help them bypass a TikTok ban.</p>
<p><a href="https://www.sans.org/white-papers/33523/">DNS sinkholes</a> are another technique that could be used in TikTok bans. DNS, the Domain Name System, is a network protocol that behaves like the internet’s phone book. Computers need to know the IP address of a server in order to communicate with it. DNS allows a computer to look up that address using a name convenient for humans to remember, such as www.google.com.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/FsGUi5pXpLk?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">How the Domain Name System works.</span></figcaption>
</figure>
<p>DNS sinkholes stop that lookup. DNS sinkholes don’t directly block access to a server. Rather, they stop other computers from being able to look up the server’s address. It’s fair to think of a DNS sinkhole as removing someone’s name from a phone book.</p>
<p>DNS sinkholes are often used to <a href="https://techcrunch.com/2019/07/08/the-wannacry-sinkhole/">stop malware</a> and <a href="https://docs.pi-hole.net/">advertisements</a>. They could be used in a TikTok ban. However, DNS sinkholes only work if lookups are confined to DNS servers that are configured to be sinkholes. A ban using DNS sinkholes would likely cover most DNS servers that people’s computers use by default. </p>
<p>However, you can relatively <a href="https://developers.google.com/speed/public-dns/docs/using">easily change</a> DNS settings on your computer to circumvent a ban based on DNS sinkholes. There are many <a href="https://public-dns.info/">public DNS servers</a> that people could use instead of their current DNS servers, which are commonly maintained by internet service providers. Blocking TikTok with DNS sinkholes would require significant international cooperation to make it difficult for people to find DNS servers that could access TikTok.</p>
<p>People circumventing a ban by looking for an alternate DNS server would be at risk. Unless a DNS server uses an <a href="https://blog.apnic.net/2017/06/28/isnt-everyone-using-dnssec/">uncommon extension</a> named <a href="https://www.internetsociety.org/deploy360/dnssec/basics/?gclid=Cj0KCQjw27mhBhC9ARIsAIFsETE_8KhAuriFx6aNrjIeySjCnbPuuOGZt0-u8IZBhAJcZ7usGnHVZjMaArX8EALw_wcB">DNSSEC</a>, you can’t verify the integrity of a DNS response. A malicious DNS server could reply to a lookup with an IP address of a server that’s under criminal control. This opens the door for a number of different kinds of attacks that could put your data at risk. </p>
<h2>Banning TikTok from your phone</h2>
<p>Another way TikTok could be banned is by blocking the TikTok mobile app. This would not affect U.S. users’ ability to access the TikTok website, but it could change how and how often people access TikTok. Blocking the app could address the concern that TikTok could be used without the user’s knowledge to access other systems on a network that a mobile device is connected to. This has been the motivation for some <a href="https://www.pnj.com/story/news/education/2023/04/05/florida-tiktok-ban-uwf-joins-fsu-uf-in-banning-tiktok-on-campus/70086188007/">local TikTok bans</a>.</p>
<p><a href="https://www.reuters.com/technology/democratic-senator-urges-apple-google-kick-tiktok-out-app-stores-2023-02-02/">Removing TikTok from app stores</a> is unlikely to succeed by itself. Both Android and <a href="https://www.techtarget.com/searchmobilecomputing/opinion/Did-you-know-how-easy-it-is-to-sideload-iOS-apps-to-your-iPhone">iOS devices</a> have the ability to install apps from alternative sources, a technique known as <a href="https://www.lifewire.com/sideloading-4158932">sideloading</a>. While this added step may discourage some people, sideloading tutorials are widely available online, and there is <a href="https://www.fortnite.com/mobile/android">already popular software</a> that must be sideloaded to be used on a phone.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/ibw0l5o3hmY?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">How to sideload Android apps.</span></figcaption>
</figure>
<p>Mobile devices assume that mobile apps are coming from a trusted source. Both Google and <a href="https://developer.apple.com/app-store/review/guidelines/">Apple</a> audit mobile apps prior to the app being available for download. While these reviews <a href="https://www.darkreading.com/attacks-breaches/malicious-apps-millions-downloads-apple-google-app-stores">aren’t perfect</a>, they help ensure apps don’t contain vulnerabilities or malware. When app stores aren’t involved, security responsibilities change. Sideloading <a href="https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf">makes users responsible for verifying an app’s legitimacy</a>, and criminals could trick users into <a href="https://www.zdnet.com/article/this-android-trojan-malware-is-using-fake-apps-to-infect-smartphones-steal-bank-details/">installing malicious apps from third-party sources</a>.</p>
<p>But what about the millions of people who already have TikTok installed on their phones? Enforcing a TikTok app ban would likely require that it be removed from mobile devices. Apple has long had the ability to <a href="https://www.macworld.com/article/191897/iphone_killswitch.html">remove software from iPhones</a>, and Google could remove apps using <a href="https://developers.google.com/android/play-protect">Google Play Protect</a>. These tools are important security controls that, at least on Android devices, can remove malware even if it was sideloaded. Enforcing a ban using security controls could motivate users to disable these controls, which would weaken the security of their devices. </p>
<p>Users might even be motivated to “<a href="https://www.lifewire.com/what-is-jailbreaking-an-iphone-577591">jailbreak</a>” their iOS devices or “<a href="https://www.pcmag.com/encyclopedia/term/android-rooting">root</a>” their Android devices to prevent Apple or Google from removing the TikTok app, which would further weaken security. Jailbreaking an iOS device allows users to bypass security restrictions in the operating system. Rooting an Android device means gaining the highest level security access, which allows users to make changes to the operating system. Jailbreaking and rooting are prohibited by Apple and Google. Both actions void the user’s warranty and undermine the security controls that limit criminals’ access to mobile devices.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/Bjq4WYs4Emw?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Why you should not ‘root’ your phone.</span></figcaption>
</figure>
<h2>Security tradeoffs</h2>
<p>I find it unlikely that a TikTok ban would be technologically enforceable. Even China <a href="https://thehill.com/policy/technology/3920214-how-could-a-tiktok-ban-be-enforced/">struggles with content filtering</a>. These difficulties may be why proposed <a href="https://www.congress.gov/bill/118th-congress/senate-bill/686/text">legislation</a> includes significant punishments for bypassing the ban.</p>
<p>Even if the punishments are not <a href="https://www.newsweek.com/does-tiktok-ban-allow-20-year-prison-sentence-1790932">aimed at the average TikTok user</a>, this proposed legislation – aimed at improving cybersecurity – could motivate users to engage in riskier digital behavior.</p><img src="https://counter.theconversation.com/content/203398/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Robert Olson does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Legislation meant to improve cybersecurity could be difficult to implement and might create incentives for riskier digital behavior.
Robert Olson, Senior Lecturer of Computing Security, Rochester Institute of Technology
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/170962
2021-11-17T01:22:06Z
2021-11-17T01:22:06Z
Are our phones really designed to slow down over time? Experts look at the evidence
<figure><img src="https://images.theconversation.com/files/432080/original/file-20211115-19-1ciubp6.jpeg?ixlib=rb-1.1.0&rect=141%2C20%2C3353%2C2305&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">Shutterstock</span></span></figcaption></figure><p>It’s usually around this time of year you hear people complain about their phones slowing down. Apple and Google release new versions of their operating systems (OS) and suddenly there’s a slew of people <a href="https://www.bbc.com/news/technology-51413724">claiming their old devices have started to lag</a> – conveniently just before Christmas. </p>
<p>But do manufacturers really slow down our phones on purpose to nudge us towards shiny new ones, <a href="https://www.npr.org/2020/11/18/936268845/apple-agrees-to-pay-113-million-to-settle-batterygate-case-over-iphone-slowdowns">as has been claimed</a>? </p>
<p>The answer to this, as usual, is complicated. Let’s take a look at the evidence.</p>
<h2>The ol’ operating system shuffle</h2>
<p>Every year, usually around <a href="https://infonewt.com/apple-release-patterns">May and June</a>, tech companies announce their new OS updates. The main news surrounding the releases is often <a href="https://www.macstories.net/stories/ios-and-ipados-15-the-macstories-overview/">new system features</a> such as <a href="https://support.apple.com/en-au/HT204380">Facetime</a> enhancements, improvements to <a href="https://www.theverge.com/2021/6/7/22522993/apple-siri-on-device-speech-recognition-no-internet-wwdc">voice assistants</a>, or a <a href="https://www.wired.com/2013/06/ios7-redesign/">fancier system design</a>.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/H1RZFoG5lic?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Apple introduces a new design with iOS 7.</span></figcaption>
</figure>
<p>But did you know these features are optimised for the new hardware traditionally released during the summer, and the chips that come with it? </p>
<p>As such, system updates have to be programmed to work towards two goals. The first is to support the new hardware and chip, which deliver the newest features. </p>
<p>The second is to continue to work with existing hardware that won’t support the new features. And this means coding the OS so it’s not <em>reliant</em> on the new features having to work.</p>
<p>This challenge exists for desktop OSs as well, as evidenced by the recent removal of old systems <a href="https://www.theverge.com/2021/6/29/22555371/microsoft-windows-11-cpu-support-hardware-requirements-tpm-response">from the Windows 11 compatibility list</a>. Microsoft decided coding around new features was an insurmountable challenge in some instances. </p>
<h2>Hardships with hardware</h2>
<p>So your old smartphone won’t support new features – fair enough. But why does it feel like the new OS update is making existing features slower? To understand this, you need to first understand some of the mechanics of chip design.</p>
<p>Apple used to use other manufacturers’ chips for its devices, but for the past few years has made its own custom silicon. This is referred to as a “<a href="https://anysilicon.com/what-is-a-system-on-chip-soc/">system on a chip (SoC)</a>, as the entire system exists on a single chip designed and manufactured by Apple.</p>
<p>But even if manufacturers design their own chips, it can be hard to predict what consumers will want in the future, and thus which upgrades will come with future iterations of a device. </p>
<p>Manufacturers have to write OS updates to suit the latest hardware, so consumers who purchase it can take advantage of the latest features. In doing so, they must work around the fact that older hardware doesn’t have the same capacity. </p>
<p>These workarounds mean older devices will run more slowly with the new OS installed, even for tasks the system had done for years. The latest OS is not written to make your old device slower, but because it’s written for the latest device, it can’t help but run more slowly on old hardware. </p>
<p>Examples of this abound in the industry, <a href="https://arstechnica.com/gadgets/2020/09/ios-14-on-the-iphone-6s-and-se-performance-is-fine-other-stuff-is-not/">with many articles written</a> about a newly released OS version running slow on older devices until the manufacturer optimises it (if they ever do).</p>
<p>You might be wondering: if a new OS will slow down old phones, why install the update at all? </p>
<p>Well, it’s because people don’t like being told to stick with old features. Apple <a href="https://9to5mac.com/2021/06/07/apple-will-let-users-stay-on-ios-14-and-receive-security-updates-even-after-ios-15-is-released/">recently allowed</a> users of its latest devices to keep the old system, but this is unusual. There is usually a <a href="https://www.popsci.com/update-every-gadget/">push for users to install new OS versions</a>.</p>
<h2>It’s all business</h2>
<p>The truth is device manufacturers are in the business to make money. And this means being able to sell new devices. </p>
<p>While there is often an <a href="https://theconversation.com/upgrade-rage-why-you-may-have-to-buy-a-new-device-whether-you-want-to-or-not-153105">implied expectation</a> from consumers that manufacturers will commit to maintaining old products, at the same time they need to write updates that will work for their latest hardware. </p>
<p>Meanwhile, tech companies aren’t doing enough to educate users on how to adjust their settings to get the best out of their phones, or <a href="https://www.wired.com/story/remove-bloatware-phone/">how to manage software bloat</a> which might contribute to a phone slowing down. </p>
<p>Compounding this are other factors such as network connection issues, like when the 3G mobile network was stopped.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/upgrade-rage-why-you-may-have-to-buy-a-new-device-whether-you-want-to-or-not-153105">Upgrade rage: why you may have to buy a new device whether you want to or not</a>
</strong>
</em>
</p>
<hr>
<h2>Burden of proof</h2>
<p>There’s something else to consider, too. If an OS update <em>was</em> designed to intentionally slow down a phone over time, this would be very difficult to prove. </p>
<p>The system codes are "closed source”, so experts can’t look into them. The best we can do is run timers on different processes and see if they are slowing down over time.</p>
<p>But even if they are, is it because of a system update that can’t be supported by old hardware, or is it malicious conduct from the manufacturer? Could the code be written to force the device to sleep for half a second, every ten seconds, with a sleep command? </p>
<p>It’s hard to say for sure, although our personal opinion is this is highly unlikely.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="An iPhone and airpods on a dark surface" src="https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/432098/original/file-20211116-23-1jhqgqz.jpeg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Apple has had multiple lawsuits filed against it in the past, for which it has paid hundreds of millions in settlements. The company has admitted to slowing down some older phone models, but claimed this was done to reduce stress on the battery and prevent accidental shutdowns as the battery aged.</span>
<span class="attribution"><span class="source">Shutterstock</span></span>
</figcaption>
</figure>
<h2>Choose not to play</h2>
<p>Ultimately, the issue comes down to how device manufacturers sell their products. </p>
<p>The best option for their bottom line is to deliver OS updates and features that work with the latest hardware, even if this leaves old devices behind. The evidence suggests manufacturers are not intentionally slowing phones down, but are prioritising the latest release so you’ll buy it. </p>
<p>In the meantime, if your slow device is getting you down, the best option is to resist the urge to upgrade. You might get prompts directing you to install the latest OS version (and the frequency of these will depend on the company) but you can ignore them. </p>
<p>There may be auto-updates which you can’t avoid, but in most cases these are for security purposes and don’t include major changes or new features. It’s only once these security updates stop coming that you should upgrade.</p>
<p>Until then, a phone running on its original OS should, in theory, run well for a long time.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/yes-the-global-microchip-shortage-is-covids-fault-no-it-wont-end-any-time-soon-161903">Yes, the global microchip shortage is COVID's fault. No, it won't end any time soon</a>
</strong>
</em>
</p>
<hr>
<img src="https://counter.theconversation.com/content/170962/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>The authors do not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and have disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The latest system updates are not written to make your device slower. But because they’re written for new hardware, there’s a good chance they will end up running slower on an older device.
Michael Cowling, Associate Professor - Information & Communication Technology (ICT), CQUniversity Australia
Amy Johnson, Lecturer, CQUniversity Australia
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/145700
2020-09-13T19:49:26Z
2020-09-13T19:49:26Z
Behind the new Samsung Fold: how the quest to maximise screen size is driving major innovation
<figure><img src="https://images.theconversation.com/files/357642/original/file-20200911-22-apy4aa.jpg?ixlib=rb-1.1.0&rect=40%2C209%2C1360%2C702&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">Samsung</span></span></figcaption></figure><p>To enlarge a phone, or not to enlarge a phone? That is the question. In the world of flagship smartphones, there seems to be one clear trend: bigger is better. </p>
<p>Manufacturers are trying to strip away anything that might stand in the way of the largest possible slab of screen. There is also growing demand for thinner phones with diminishing <a href="https://www.lifewire.com/bezel-4155199">bezels</a> (the area surrounding a screen). </p>
<p>This trend has now culminated in the latest innovation in smartphone design, the <a href="https://www.t3.com/au/news/best-folding-phones">foldable screen phone</a>. These devices sport thin <a href="https://www.techradar.com/au/news/what-is-oled">OLED</a> self illuminating screens that can be folded in half.</p>
<p>The newest release is the <a href="https://www.theverge.com/21427462/samsung-galaxy-z-fold-2-review">Samsung Galaxy Z fold 2</a> – a device that is almost three-quarters screen and has extravagant overtones rivalled only by a hefty <a href="https://www.samsung.com/au/smartphones/galaxy-z-fold2/buy/">A$2,999 price tag</a>.</p>
<p>But to prevent the phones themselves from growing to unwieldy size, manufacturers are having to find ways to balance size with usability and durability. This presents some interesting engineering challenges, as well as some innovative solutions. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="A giant, old-style phone" src="https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=472&fit=crop&dpr=1 600w, https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=472&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=472&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=593&fit=crop&dpr=1 754w, https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=593&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/357605/original/file-20200911-22-1vlsst9.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=593&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Why do we love large phones?</span>
<span class="attribution"><span class="source">Pixabay</span>, <a class="license" href="http://creativecommons.org/licenses/by-nc-nd/4.0/">CC BY-NC-ND</a></span>
</figcaption>
</figure>
<h2>Internal design complexities of folding phones</h2>
<p>Modern phones still typically use a thin LCD or plastic OLED display covered by an outer glass panel. </p>
<p>Folding displays are a new category that exploit the flexibility of OLED display panels. Instead of simply fixing these panels to a rigid glass panel, they carefully engineer the panel so that it bends – but never quite tightly enough to snap or crack. </p>
<p>Internal structural support is needed to make sure the panel doesn’t crease, or isn’t stressed to the point of creating damage, discolouration or visible surface ripples. </p>
<p>Since this is a mechanical, moving system, reliability issues need to be considered. For instance, how long will the hinge last? How many times can it be <a href="https://www.theverge.com/2019/10/4/20898484/samsung-galaxy-fold-folding-test-failure-durability">folded and unfolded</a> before it malfunctions? Will dirt or dust make its way into the assembly during daily use and affect the screen?</p>
<p>Such devices need an added layer of reliability over traditional slab-like phones, which have no moving parts.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/the-new-iphone-se-is-the-cheapest-yet-smart-move-or-a-premium-tech-brand-losing-its-way-136507">The new iPhone SE is the cheapest yet: smart move, or a premium tech brand losing its way?</a>
</strong>
</em>
</p>
<hr>
<h2>Large screen, thin phone: a recipe for disaster?</h2>
<p>Each generation of smartphones becomes thinner and with smaller bezels, which improves the viewing experience but can make the phone harder to handle. </p>
<p>In such designs, the area of the device you can grip without touching the display screen is small. This leads to a higher chance of <a href="https://www.cnet.com/news/study-19-percent-of-people-drop-phones-down-toilet/">dropping the device</a> – a blunder even the best of us have made. </p>
<p>There’s an ongoing tussle between consumers and manufacturers. Consumers want a large, viewable surface as well as an easily portable and rugged device. But from an engineering point of view, these are usually competing requirements. </p>
<p>You’ll often see people in smartphone ads holding the device with two hands. In real life, however, most people use their phone with <a href="https://www.smartinsights.com/mobile-marketing/mobile-design/research-on-mobile-interaction-behaviour-and-design/">one</a> <a href="https://alistapart.com/article/how-we-hold-our-gadgets/">hand</a>. </p>
<p>Thus, the shift towards larger, thinner phones has also given rise to a boom in demand for assistive tools attached to the back, such as <a href="https://www.androidcentral.com/best-popsockets">pop-out grips and phone rings</a>.</p>
<p>In trying to maximise screen size, smartphone developers also have to account for interruptions in the display, such as the placement of cameras, laser scanners (for face or object identification), proximity sensors and speakers. All are placed to minimise visual intrusion.</p>
<h2>Now you see it, now you don’t</h2>
<p>In the engineering world, to measure the physical world you need either cameras or sensors, such as in a fingerprint scanner. </p>
<p>With the race to increase the real estate space on screens, typically these cameras and scanners are placed somewhere around the screen. But they take up valuable space.</p>
<p>This is why we’ve recently seen tricks to carve out more space for them, such as <a href="https://www.techradar.com/au/news/this-is-the-worlds-first-smartphone-where-half-the-screen-is-a-fingerprint-scanner">pop up</a> cameras and <a href="https://www.google.com/search?q=phone+screen+hole+for+camera&source=lmns&bih=598&biw=1280&rlz=1C5CHFA_enAU871AU871&safe=active&hl=en&sa=X&ved=2ahUKEwjXvcyoveDrAhUwhUsFHXvqBYMQ_AUoAHoECAEQAA">punch-hole</a> cameras, in which the camera sits in a cutout hole allowing the display to extend to the corners. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="Front view of Samsun Galaxy Note 10." src="https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=439&fit=crop&dpr=1 600w, https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=439&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=439&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=551&fit=crop&dpr=1 754w, https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=551&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/357640/original/file-20200911-18-r1bxyk.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=551&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">The Samsun Galaxy Note 10 has a centered punch hole front-facing camera.</span>
<span class="attribution"><span class="source">Samsung</span></span>
</figcaption>
</figure>
<p>But another fantastic place for sensors is right in front of us: the screen. Or more specifically, under the screen.</p>
<p>Samsung is one company that has suggested placing selfie-cameras and fingerprint readers behind the screen. But how do you capture a photo or a face image through a layer of screen? </p>
<p>Up until recently, this has been put in the “too hard basket”. But that is changing: Xiaomi, Huawei and <a href="https://www.extremetech.com/mobile/262497-samsung-patent-shows-phone-camera-inside-display">Samsung</a> all have patents for <a href="https://www.phonearena.com/news/samsung-galaxy-s21-s30-under-display-camera_id125174">under-display cameras</a>.</p>
<p>There are a range of ways to do this, from allowing a camera to see through the screen, to using <a href="https://www.rp-photonics.com/microlenses.html">microlenses</a> and camera pixels distributed throughout the display itself – similar to an insect’s <a href="https://www.britannica.com/animal/insect/Nervous-system#ref250944">compound eye</a>. </p>
<p>In either case, the general engineering challenge is to implement the feature in a way that doesn’t impact screen image quality, nor majorly affect camera resolution or colour accuracy.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="Close up of an insect's compound eyes" src="https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/357639/original/file-20200911-20-1vwk072.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Insects have compound eyes. These are made up of repeating units called the ommatidia, sometimes with thousands in each eye. Each ommatidia is a separate visual receptor.</span>
<span class="attribution"><span class="source">Shutterstock</span></span>
</figcaption>
</figure>
<h2>Laptops in our pockets</h2>
<p>With up to 3.8 billion smartphone users <a href="https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/">expected by 2021</a>, mobile computing is a primary consumer technology area seeing significant growth and investment.</p>
<p>One driver for this is the professional market, where larger mobile devices allow more efficient on-the-go business transactions. The second market is individuals who who <a href="https://www.statista.com/topics/779/mobile-internet/"><em>only</em> have a mobile device</a> and no laptop or desktop computer.</p>
<p>It’s all about choice, but also functionality. Whatever you choose has to get the job done, support a positive user experience, but also survive the rigours of the real world.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/apples-iphone-11-pro-wants-to-take-your-laptops-job-and-price-tag-123372">Apple's iPhone 11 Pro wants to take your laptop's job (and price tag)</a>
</strong>
</em>
</p>
<hr>
<img src="https://counter.theconversation.com/content/145700/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Andrew Maxwell does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The upcoming Galaxy Z Fold 2 is almost three-quarters screen. And while that’s convenient, it’s important to actually be able to hold the phone. As design evolves, how do manufacturers adapt?
Andrew Maxwell, Senior Lecturer, University of Southern Queensland
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/139026
2020-05-20T07:08:56Z
2020-05-20T07:08:56Z
New Zealand’s COVID-19 Tracer app won’t help open a ‘travel bubble’ with Australia anytime soon
<figure><img src="https://images.theconversation.com/files/336252/original/file-20200520-152344-1e77sfs.JPG?ixlib=rb-1.1.0&rect=117%2C99%2C4899%2C3602&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">The Conversation</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span></figcaption></figure><p>New Zealanders finally have access to the government’s new tracing app to help people monitor their movements as lockdown continues to ease.</p>
<p>As businesses can now open, the <a href="https://www.health.govt.nz/our-work/diseases-and-conditions/covid-19-novel-coronavirus/covid-19-health-advice-general-public/contact-tracing-covid-19/nz-covid-tracer-app">NZ COVID Tracer app</a> allows people to keep a register of the places they visit. This “digital diary” can be used to contact people if it finds they have been in the same place as someone infected with COVID-19.</p>
<p>But the app has some significant shortcomings. These won’t be addressed until at least June, which raises questions about whether it has been released too soon.</p>
<h2>How do you set up and use the app?</h2>
<p>Registering for the app is a four-step process. When you sign up for an account you are presented with a privacy statement. This tells you your personal information is securely stored by the Ministry of Health.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=234&fit=crop&dpr=1 600w, https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=234&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=234&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=294&fit=crop&dpr=1 754w, https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=294&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/336297/original/file-20200520-152349-1q2w2oz.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=294&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Begin the set-up process.</span>
<span class="attribution"><span class="source">Screengrabs</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>The app then asks you to enter your email address and pick a password.</p>
<p>Some may find the password requirements too difficult to meet, especially if you struggle to remember a password of at least ten characters of mixed lower and uppercase letters and numbers.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/explainer-what-is-contact-tracing-and-how-does-it-help-limit-the-coronavirus-spread-134228">Explainer: what is contact tracing and how does it help limit the coronavirus spread?</a>
</strong>
</em>
</p>
<hr>
<p>After entering your email, you will receive a verification code via email to complete the registration.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=296&fit=crop&dpr=1 600w, https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=296&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=296&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=372&fit=crop&dpr=1 754w, https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=372&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/336298/original/file-20200520-152302-1ai7pp1.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=372&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption"></span>
<span class="attribution"><span class="source">Screengrabs</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>In step 4, the app asks you to enter your name and a phone number. The phone number is not mandatory as I was able to create an account using just my first and last names.</p>
<p>An “Account created” message will then appear before you get to a home page with three navigational items: </p>
<ul>
<li><p>dashboard (this is the current home page)</p></li>
<li><p>scan (where you can scan the QR code, I’ll explain why in a moment)</p></li>
<li><p>my profile (where you can log off, update your contact details and address, provide feedback and access a range of other general services such as privacy and security statements).</p></li>
</ul>
<p>By scrolling down the dashboard page, you are presented with features to register your details, update your address and “do a daily self-isolation checking” – this last feature is labelled as coming soon.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=310&fit=crop&dpr=1 600w, https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=310&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=310&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=389&fit=crop&dpr=1 754w, https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=389&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/336275/original/file-20200520-152344-u8x5ii.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=389&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Your dashboard.</span>
<span class="attribution"><span class="source">Screengrab</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<h2>Two types of registrations?</h2>
<p>The register option asks you to enter your first name, any middle name, last name, phone number, date of birth, gender and ethnicity.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=298&fit=crop&dpr=1 600w, https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=298&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=298&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=375&fit=crop&dpr=1 754w, https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=375&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/336281/original/file-20200520-152284-1grqud9.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=375&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Register your details.</span>
<span class="attribution"><span class="source">Screengrab</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>This seems confusing as you must go through two forms of registration. First when registering for an account, as we saw earlier, and second when registering your details here.</p>
<p>These two processes should have been streamlined into one. The app also asks for gender and ethnicity details, but the justification provided is too generic, saying this “helps us confirm we are serving all New Zealanders”.</p>
<h2>So how does the app work?</h2>
<p>The app helps you keep track of the places you visit, like checking in to a restaurant on Facebook. But this process is not done automatically.</p>
<p>To add a place you visit to your digital diary, you must scan a QR code available at that location. It should be in the form of a poster advertised at the entrance of a business.</p>
<p>But this means businesses must register for a QR code, via <a href="https://www.business.govt.nz/covid-19/contact-tracing">Business Connect</a>, and have it clearly advertised at their premises. </p>
<p>By scanning the QR code, the app will then log the location, date and time you visit this business. You can’t manually enter the details of places you visit.</p>
<h2>How will authorities contact you?</h2>
<p>The information provided during registration will be sent to a National Close Contact Service (NCCS) so it can contact you if you are identified as having been in close contact with someone who tests positive for COVID-19.</p>
<p>An update is expected in June, to allow you to transmit your digital diary of the locations you have visited to the NCCS.</p>
<p>Until this function is implemented, if the NCCS contacts you, you will have to read out the locations you have signed into with the app.</p>
<p>How will they know if you have been in contact with someone infected? Not via the app but through <a href="https://www.scoop.co.nz/stories/GE2005/S00123/nz-covid-tracer-app-released-to-support-contact-tracing.htm">contact tracing procedures</a> already in place. Until the auto upload is implemented, I don’t believe they should have released the app.</p>
<p>This approach is a workaround for not using GPS to log your locations, as in the Facebook restaurant check-in scenario. This could be to avoid issues pertaining to location privacy.</p>
<p>But this approach has shortcomings.</p>
<p>It is not reliable to use in commonly used or open spaces, such as food courts, school entrances, airports, train stations or any other places where you could come in contact with other people. This will require the use of lots of QR codes and lots of scanning.</p>
<p>The app is not useful when visiting friends and family. You don’t expect them to have QR codes at their houses, and they can’t actually get one.</p>
<h2>Comparing the NZ and Australian apps</h2>
<p>So how does the New Zealand app compare to Australia’s <a href="https://www.health.gov.au/resources/apps-and-tools/covidsafe-app?gclid=EAIaIQobChMIqJCL0-XB6QIViw4rCh0XKAWfEAAYASAAEgJyOfD_BwE">COVIDSafe</a> app?</p>
<p>The New Zealand app is not scalable to use in Australia as it would require Australian businesses to register for a Business Connect QR code, which they can’t. Likewise, Australia’s app is not for New Zealand.</p>
<p>Visitors to either country would need to use the app specific to that country.</p>
<p><iframe id="YIu9w" class="tc-infographic-datawrapper" src="https://datawrapper.dwcdn.net/YIu9w/3/" height="400px" width="100%" style="border: none" frameborder="0"></iframe></p>
<p>Countries such as Iceland, Italy and Norway have not shied away from using GPS to track their citizens’ whereabouts. Australia and Singapore opted to use Bluetooth technology for contact tracing without accessing people’s location information.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/why-a-trans-tasman-travel-bubble-makes-a-lot-of-sense-for-australia-and-new-zealand-137878">Why a trans-Tasman travel bubble makes a lot of sense for Australia and New Zealand</a>
</strong>
</em>
</p>
<hr>
<p>New Zealand has opted for a softer approach to COVID-19 contact tracing by using only a digital diary. But the director-general of health, Ashley Bloomfield, <a href="https://www.hinz.org.nz/news/508335/Bluetooth-functionality-to-be-added-to-contact-tracing-app.htm">told Radio NZ Bluetooth technology</a> should be added as an optional extra feature in June.</p>
<p>So, at this stage, the NZ COVID Tracer app seems to be a work in progress. It tries to balance or makes some trade-offs between privacy and usability. But this adds to the burden on businesses (the need to set up QR codes) and limits scope when visiting friends or relatives in New Zealand. </p>
<p>On May 5 this year, the New Zealand and Australian prime ministers released a <a href="https://www.beehive.govt.nz/release/prime-ministers-jacinda-ardern-and-scott-morrison-announce-plans-trans-tasman-covid-safe">joint statement</a> to say they had:</p>
<blockquote>
<p>[…] agreed to commence work on a trans-Tasman COVID-safe travel zone – easing travel restrictions between Australia and New Zealand. Such an arrangement would be put in place once it is safe to do so and necessary health, transport and other protocols had been developed and met.</p>
</blockquote>
<p>If the Australian COVIDSafe and NZ COVID Tracer apps are to be part of the solution in opening up travel between the nations, much more work will be needed to make the two apps far more compatible with each other.</p><img src="https://counter.theconversation.com/content/139026/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Dr Mahmoud Elkhodr is the Nomination Chairman of IEEE NSW Section</span></em></p>
The NZ COVID Tracer app helps you keep track of places you visit in New Zealand, in case anyone infected also visited. But the app has some shortcomings that won’t be fixed until June at the earliest.
Mahmoud Elkhodr, Lecturer in Information and Communication Technologies, CQUniversity Australia
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/122006
2019-08-19T15:08:13Z
2019-08-19T15:08:13Z
Four reasons Huawei’s new Harmony OS won’t solve its problems
<p>Huawei’s meteoric rise in the telecoms business was brought to a dramatic halt in April when the US government put a <a href="https://theconversation.com/why-huawei-security-concerns-cannot-be-removed-from-us-china-relations-116770">ban on US companies doing business with the Chinese firm</a>. This includes Google and, crucially for Huawei’s smartphone users, access to the Android operating system updates.</p>
<p>Under pressure to come up with a solution, Huawei announced a new, lean operating system, Harmony OS, <a href="https://www.engadget.com/2019/08/09/huawei-harmony-os-hongmeng-android/">to the world on August 9</a>. Similar to Android, Huawei’s new operating system can easily work across multiple device types, from TVs to smartphones.</p>
<p>The technology behind the OS certainly looks promising. The launch presentation included some staggering benchmarks of improved performance and security, even when compared to what we know about Google’s latest <a href="https://bgr.com/2019/08/09/huawei-harmonyos-vs-google-fuchsia-new-android-replacement-unveiled/">in-development</a> Android operating system, Fuchsia OS. </p>
<p>To some, the announcement was much needed relief for Huawei smartphone owners who have been rightly worried that their expensive purchases would become obsolete more quickly. After all, a new and improved Huawei OS that can easily replace Android OS on Huawei phones will help remove the firm’s dependence on Google’s technology. </p>
<p>Huawei CEO Richard Yu even claimed that, if push comes to shove, the company can do a global rollout of Harmony OS across all its smartphone devices <a href="https://www.google.co.uk/amp/s/www.xda-developers.com/harmony-os-huawei-announce/amp/">on a one-to-two day notice</a>. Unfortunately, Yu was also the first to admit that going head-to-head with Android with a substitute mobile OS is not Huawei’s preferred strategy. </p>
<p>He is right, of course. Here are four reasons why Huawei’s latest OS is not a magic solution to the company’s problems:</p>
<h2>1. App shortage</h2>
<p>Most users have no idea what an operating system does. They use their phones for the apps. App developers target operating systems with large user bases since it means they will recoup their development costs much quicker. No one is interested in operating systems with small market shares. </p>
<p>Although Huawei can theoretically just switch all of its users to its new operating system, the associated apps would need to be altered, as Harmony OS is not compatible with Android. With over 2m apps on <a href="https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/">Google’s Play Store</a>, it would require a lot of patience and deep pockets to convince app developers to port their apps from Android to Harmony and keep them updated.</p>
<p>Even with the right financial incentives for developers, just porting apps across is not a surefire recipe to get customers to adopt a new OS. A good example here comes from RIM, the company behind the ill-fated Blackberry phone. When RIM launched its Blackberry 10 in 2013 it held a big “port-a-thon” event that brought <a href="https://www.computerworld.com/article/2494229/rim-attracts-15-000-apps-for-blackberry-10-in-two-days.html">15,000 apps onto its platform</a> in under two days. As well as making it easy for developers, it gave them a financial reward of US$100 per app. But 15,000 apps is a drop in the ocean of then then one million Android apps and was simply not enough to bridge the gap to save RIM’s struggling smartphone business. </p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/288519/original/file-20190819-123749-1yhfup3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">RIP RIM.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/london-england-september-30-2016-blackberry-491444794?src=eiVS0d8A6JxeTvfhQtwESw-1-3">Lenscap Photography / Shutterstock.com</a></span>
</figcaption>
</figure>
<p>While Huawei claims similar ease of porting between Android and Harmony, it would take a mammoth effort to get thousands of developers across the board and then to stay there.</p>
<h2>2. Lock in</h2>
<p>Switching operating systems is much harder now than it was in the past. A mobile OS today generates and stores most of your personal online passwords, carries a virtual version of your credit card for easy spending, backs up all your videos and images to their respective cloud drives, and much more. </p>
<p>Shifting all of that information across mobile operating systems has so far been a <a href="https://www.techadvisor.co.uk/how-to/mobile-phone/how-move-from-iphone-android-3424758/">broken process</a>. Even dedicated transfer apps by Apple and Samsung have failed to do this seamlessly for various strategic, security and technical reasons. With a third OS in play, it will not get any better.</p>
<h2>3. The trade ban goes beyond Android</h2>
<p>The <a href="https://edition.cnn.com/2019/08/02/tech/huawei-us-ban/index.html">trade ban</a> on Huawei is in full force on all US companies and not just Google. This means that apps from the likes of Facebook, Amazon, Uber, eBay and Paypal among others cannot be simply ported over to the new operating system without a special license.</p>
<p>With increased trade tensions between the US and China, the chances of leeway for these companies to obtain such a license any time soon seem low. Huawei smartphone owners in the West will then have to contend with expensive devices that cannot run their favourite apps – dramatically reducing their value.</p>
<h2>4. Impact on non-mobile business</h2>
<p>Given the dramatic and very public nature of the US ban on Huawei, its financial impact <a href="https://edition.cnn.com/2019/08/02/tech/huawei-us-ban/index.html">will likely</a> affect Huawei’s telecoms equipment business everywhere else. For consumers and governments increasingly worried about privacy and data protection, working with a technology provider in the throes of controversy isn’t exactly comforting. For Huawei, launching a new mobile operating system will not help solve that issue and will continue to put pressure on the technology giant’s exports outside of China.</p>
<p>The Chinese government can do more than any other country to help Huawei out of this pickle, but not nearly enough. Given China’s own ecosystem of highly popular apps, users there will not be as badly affected. But outside China it’s a different story. </p>
<p>Even if the Chinese government were to retaliate by banning Apple and handing its declining market share to Huawei, that still wouldn’t solve the firm’s global conundrum. Huawei was in the vanguard of China’s march towards technological dominance but Donald Trump’s trade ban has stopped it in its tracks. Relenting on Huawei would mean letting the world’s dependence on US tech slip – something the US just isn’t prepared to allow.</p><img src="https://counter.theconversation.com/content/122006/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>The authors do not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and have disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The technology behind the new OS certainly looks promising. But it’s no magic solution to the US trade ban.
Kamal A Munir, Associate Professor of Strategy and Policy, Cambridge Judge Business School
Hamza Mudassir, Visiting Fellow in Strategy, Cambridge Judge Business School
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/100065
2018-07-17T14:09:43Z
2018-07-17T14:09:43Z
Happy 50th birthday Intel, you look a lot like the next Kodak
<figure><img src="https://images.theconversation.com/files/228014/original/file-20180717-44088-1jd61wp.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Chipped china?</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/thedailyexposition/24646411287/in/photolist-DxVipD-5r7ZNB-KViyiE-6qg5GA-KgHu5S-KE19j9-dHGje7-9Ggp8b-7oie2b-iZdjeg-JLpgep-amZMq-9wQ6MM-eN14aW-iZe7r7-eegsDQ-aBDMuC-9ckAnv-6qg67s-8eHhPe-9D7M4y-bpwqhm-ygGej-6qbUwV-otaixG-5z3CoG-7yVudg-qKUSfG-4Wk6Kd-e81y6d-5yYjT4-6qbVmD-dKci48-oy6xAs-9GgyxA-4MoVB5-dKhN7N-7xbpVv-auVkQQ-e7UTJe-jTXHK-7FUuuR-5vooDy-e7UT9D-bjDbDH-27YYsG9-86DXrQ-bjDauR-yBe6U-5wuyjs">The Daily Exposition</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span></figcaption></figure><blockquote>
<p>I am easily a foot taller than Andy Grove. But whenever I was with him, I felt that he was the giant.</p>
</blockquote>
<p>That’s what the bestselling Harvard business professor, Clayton Christensen, <a href="https://hbr.org/2016/03/clayton-christensen-what-ill-miss-about-andy-grove">wrote</a> about the former Intel chief executive when he passed away in 2017. Christensen, who <a href="http://www.claytonchristensen.com/books/the-innovators-dilemma/">coined the term</a> “disruptive technology”, said he would most miss Grove’s ability to understand how a complex organisation works, and to wield it to Intel’s advantage. </p>
<p>It allowed Grove, who started at the company the day it was incorporated on July 18, 1968, to famously re-orient the business in the 1980s. Intel shifted <a href="https://anthonysmoak.com/2016/03/27/andy-grove-and-intels-move-from-memory-to-microprocessors/">away from</a> memory chips for mainframe computers towards the microprocessor – the engine that spurs into motion when you turn on your computer. </p>
<p>Propelled by a deal with IBM to put Intel processors into all its personal computers, the company came to provide Silicon Valley with one of its most essential technologies. Intel Inside and the accompanying jingle became one of the most memorable advertising slogans of the modern era. </p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/aEDpqFHTSVM?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>Even after five decades of dominance, no other company in the world can produce a better and faster microprocessor. Intel is at the pinnacle of an industry that manages to engineer miracles like no other. We tend to perceive innovation as something uncertain, particularly where it’s so reliant on scientists to drive it forward. Yet Intel is anything but ambiguous. It has released successive advances in processor engineering like clockwork. </p>
<p>In 1965, future co-founder Gordon Moore <a href="https://www.intel.com/content/www/us/en/silicon-innovations/moores-law-technology.html">made a bold prediction</a> about the exponential growth of computing power. He predicted that the number of microchip transistors etched into a fixed area of a computer microprocessor would double every two years – and so, therefore, would computing power. Intel has since delivered on this improbable promise, immortalising “Moore’s law”. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=785&fit=crop&dpr=1 600w, https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=785&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=785&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=986&fit=crop&dpr=1 754w, https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=986&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/228011/original/file-20180717-44079-1ss2z7v.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=986&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Intel’s Andy Grove, Robert Noyce and Gordon Moore, 1978.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/intelfreepress/8267616249">Intel Free Press</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>It’s difficult for anyone to fathom the effects of exponential growth. But it is why a single iPhone today <a href="https://www.zmescience.com/research/technology/smartphone-power-compared-to-apollo-432/">possesses</a> many times more computing power than the entire spacecraft for the NASA Apollo moon mission of 1969. Without Moore’s law, there would be no Google, no Facebook, no Uber, no Airbnb. Silicon Valley would be like any other valley.</p>
<h2>The big miss</h2>
<p>And yet, the iPhone is also what Intel missed. Immediately after <a href="https://www.cultofmac.com/431760/today-in-apple-history-steve-jobs-announces-intel-powered-macs/">the company won</a> Apple’s Mac business in 2005, Steve Jobs <a href="https://www.theatlantic.com/technology/archive/2013/05/paul-otellinis-intel-can-the-company-that-built-the-future-survive-it/275825/">came asking</a> for another chip for his smartphone. Intel certainly wanted to dominate this emerging sector but the price Jobs was offering was below its forecasted cost and it misjudged the size of the iPhone market. The company passed. </p>
<p>Apple had <a href="https://appleinsider.com/articles/15/01/19/how-intel-lost-the-mobile-chip-business-to-apples-ax-arm-application-processors">no choice but</a> to build its own chipsets by licensing technologies from <a href="https://www.arm.com">ARM</a>, a British-based company controlled by Japanese interests. If Apple and its iPhone had been the only competitors, Intel might have been able to gradually adapt. But Google came in soon after with Android, a free operating system that Samsung, Huawei and HTC all adopted. Qualcomm, Nvidia, and Texas Instruments, all licensed by ARM, became the phone makers’ go-to suppliers for energy-efficient, low-cost computing devices. </p>
<p>These American rivals are not trying to beat Intel. Qualcomm specialises in mobile phones and Nvidia specialises in graphics in video games. They all outsource production to third parties in Asia. But an Intel microprocessor sells for around US$100 while ARM-based chips sell for around US$10, and often less than a dollar. That’s how ARM-based designs are now found in more than 95% of the world’s smartphones. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=693&fit=crop&dpr=1 600w, https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=693&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=693&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=870&fit=crop&dpr=1 754w, https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=870&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/228028/original/file-20180717-44088-1l0qwr3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=870&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Harvard’s Clayton Christensen.</span>
<span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File:Clayton_Christensen_World_Economic_Forum_2013.jpg#/media/File:Clayton_Christensen_World_Economic_Forum_2013.jpg">Wikimedia</a></span>
</figcaption>
</figure>
<p>In other words, Intel failed to compete in smartphones against those who have far less resources. It’s a great irony when you reflect that Grove once invited Christensen to the Intel HQ in Santa Clara, California, to explain his theory on disruption. Grove later <a href="https://www.bostonglobe.com/business/2015/10/24/clay-christensen-explains-defends-disruptive-innovation/fmYOKIJXOSPPMquj8HQM1O/story.html">credited</a> the meeting as the main driver for Intel’s decision to launch the Celeron chip in 1998, a cheap product aimed at low-end PCs, which within a year captured 35% of the market. </p>
<h2>The new goldrush</h2>
<p>Now the big question is whether Intel is repeating its previous mistake with iPhones – this time in driverless cars. Last March it <a href="https://www.nytimes.com/2017/03/13/business/dealbook/intel-mobileye-autonomous-cars-israel.html?ref=business">purchased</a> Mobileye, an Israeli company that makes digital vision technology, for US$15.3 billion. It was a big bet in a sector that has huge potential: as autonomous driving takes off, vehicles are becoming computers on wheels. They will require more and more microchips and Intel hopes to dominate. </p>
<p>Except for one glitch. Everything Intel has done in the last 50 years is geared towards general purpose, high-end chipsets. Its integrated model – where the company designs and manufactures its processors – means it absorbs an enormous amount of fixed cost, in research and design as well as manufacturing. </p>
<p>The <a href="https://newsroom.intel.com/editorials/krzanich-ai-day/">only way</a> to offset these burdens is to sell a high volume of devices at high margins. The result is that the company is obsessed with technological progress, but has a rigid business model which limits what it can and cannot do. There’s a monster inside Intel with a ferocious appetite. </p>
<p>But what if autonomous driving doesn’t actually require the computing power Intel is counting on? This is the competing vision of Huawei. When I recently visited Shenzhen, executives from the Chinese telecom giant explained to me that much of the city’s infrastructure will be digitalised and that Huawei will saturate it with <a href="https://theconversation.com/what-is-5g-the-next-generation-of-wireless-explained-96165">a 5G network</a>. This will drastically reduce any speed and latency problems for computers. </p>
<p>This means the computing inside cars can be mostly offloaded to the city’s infrastructure. It is a radical vision, but clearly a viable alternative. The implication is that a BMW or Toyota doesn’t need that many high-end chipsets after all. It’s smartphones all over again. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=632&fit=crop&dpr=1 600w, https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=632&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=632&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=795&fit=crop&dpr=1 754w, https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=795&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/228001/original/file-20180717-44082-1ye7e0r.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=795&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">The future once.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/launceston-australiafebruary-2-2012-old-kodak-483403420?src=gO4387mUsXCGBcoqiimWhw-1-37">Steve Lovegrove</a></span>
</figcaption>
</figure>
<p>Christensen’s insight was that successful companies die not because of complacency to change. <a href="https://www.forbes.com/sites/chunkamui/2012/01/18/how-kodak-failed/">Kodak</a>, <a href="https://insights.som.yale.edu/insights/what-was-polaroid-thinking">Polaroid</a>, <a href="https://www.forbes.com/sites/gregsatell/2014/09/05/a-look-back-at-why-blockbuster-really-failed-and-why-it-didnt-have-to/#1c3b6cfb1d64">Blockbuster</a> and <a href="https://www.forbes.com/2001/01/19/0915malone.html#53dbd1631f37">DEC</a> all understood the shifting landscape. </p>
<p>But in each case, their business model and the demands of existing shareholders formed an intractable nexus that even the most courageous executives found impossible to navigate. Grove once said, “only the paranoid survive”. Maybe he was right.</p><img src="https://counter.theconversation.com/content/100065/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Howard Yu does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Silicon Valley’s chip supplier de choix scored a massive own goal with smartphones. If it has got driverless cars wrong too, it could be goodnight Santa Clara.
Howard Yu, Professor of Management and Innovation, International Institute for Management Development (IMD)
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/86092
2017-10-24T13:45:36Z
2017-10-24T13:45:36Z
Robotics, science fiction and the search for the perfect artificial woman
<figure><img src="https://images.theconversation.com/files/191610/original/file-20171024-30565-p2y72k.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">Ociacia/Shutterstock.com</span></span></figcaption></figure><p>Three photographs have been shortlisted for 2017’s <a href="https://www.npg.org.uk/whatson/twppp-2017/exhibition/shortlisted-artist/">Taylor Wessing Photographic Portrait Prize</a>, hosted by the National Portrait Gallery in London. But there is something out of the ordinary about one of this year’s contenders for the prize. One of the portraits – by the Finnish artist Maija Tammi – is not of a human, but a female android.</p>
<p>The android in the photograph is Erica, <a href="https://www.theguardian.com/technology/2015/dec/31/erica-the-most-beautiful-and-intelligent-android-ever-leads-japans-robot-revolution">described</a> by her creator, Osaka University professor Hiroshi Ishiguro, as “the most beautiful and intelligent” robot in the world. The hardware beneath her silicone skin helps her achieve facial and mouth movements, but these can be rather unnatural, out of sync with her synthesised voice. She is cognitively sophisticated, though still unable to work out answers to complex questions from first principles, and she cannot move her arms and legs. </p>
<p>If this seems like something out of science fiction, you’re not far off. One of Ishiguro’s first female robots was named Repliee Q1 and he himself <a href="https://books.google.co.uk/books?id=KpjxoQEACAAJ&source=gbs_ViewAPI&redir_esc=y">has said</a> that the name derives from the French for “replicate” and from the “replicants” in Blade Runner: science fiction and robotics have always been entwined. Indeed, in <a href="https://www.theguardian.com/technology/ng-interactive/2017/apr/07/meet-erica-the-worlds-most-autonomous-android-video">a documentary</a> made by the Guardian about Erica, Ishiguro reveals that he wanted to be an oil painter and insists on the similarities between his work and artistic creation. </p>
<p>It is difficult not to see here a masculine Pygmalionesque desire to create the perfect artificial woman. “Ishiguro-sensei is my father and he understands me entirely,” Erica pronounces in the documentary. Her vaunted autonomy seems more like a projection on the part on the roboticists who programme her thoughts, but also occasionally anthropomorphise her: the scientist who introduces himself as Erica’s “architect” also thinks that she is “really excited to interact with people”.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=650&fit=crop&dpr=1 600w, https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=650&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=650&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=817&fit=crop&dpr=1 754w, https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=817&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/191410/original/file-20171023-1722-x95kfx.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=817&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">One of Them Is a Human #1 by Maija Tammi (Erica: Erato Ishiguro Symbiotic Human-Robot Interaction Project).</span>
<span class="attribution"><span class="source">© Maija Tammi</span></span>
</figcaption>
</figure>
<h2>Illusions of mastery</h2>
<p>There has been heightened interest in female robots recently: from <a href="https://www.theguardian.com/technology/2015/dec/31/erica-the-most-beautiful-and-intelligent-android-ever-leads-japans-robot-revolution">articles</a>, <a href="https://www.theguardian.com/science/audio/2017/may/03/erica-answers-responses-from-an-android-science-weekly-podcast">podcasts</a> and <a href="http://www.bbc.co.uk/programmes/p059t7k1">TV programmes</a> featuring Erica, to excited tales of bionic sex dolls (equipped with “personality” apps) in the more lurid corners of media space. If we are to co-exist and interact with robots – and we need serious debate on the psychological, <a href="https://theconversation.com/after-75-years-isaac-asimovs-three-laws-of-robotics-need-updating-74501">ethical</a>, <a href="https://theconversation.com/machine-gaydar-ai-is-reinforcing-stereotypes-that-liberal-societies-are-trying-to-get-rid-of-83837">social</a> and legal implications of this – it is perfectly possible to construct embodied AIs that are not humanoid and gendered. So why female androids – and why now?</p>
<p>The idea of the machine-woman first acquired a particular force in the 1920s and 30s, which saw a proliferation of cultural images of robots, from the <a href="https://www.wired.com/2011/01/0125robot-cometh-capek-rur-debut">invention of the term</a> by the Czech writer Karel Čapek in 1921 to the iconic female android in Fritz Lang’s film <a href="http://www.rogerebert.com/reviews/great-movie-metropolis-2010-restoration-1927">Metropolis</a> in 1927. This was also a time of unprecedented female mobility, in all senses of the word. The French <em>garçonnes</em>, the <em>neuen Frauen</em> of Germany, and the Japanese <em>modan gāru</em> (modern girls) crossed boundaries between masculine and feminine with their short hair, androgynous figures and demands for political equity (the latter often obscured by an obsessive media focus on their sexuality). </p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/on2H8Qt5fgA?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>The images of submissive artificial women in art and science fiction betray a male cultural desire to symbolically control these new female subjectivities. This was also a time when Fordism and automatisation seemed to transform human bodies as well as machines: the mechanical movements of Chaplin’s assembly line worker in his film Modern Times (1936) are comical, but also deeply disturbing. While machinery has largely been associated with masculinity, fears about technology out of control could be displaced by being projected onto woman, traditionally seen as the weaker, inferior other.</p>
<p>The current media fixation on hyperrealistic female androids and <a href="https://theconversation.com/child-sex-dolls-and-robots-exploring-the-legal-challenges-81912">sex robots</a> comes at a moment when automation threatens not only unskilled labour, but also such bastions of middle-class masculinity as the lower echelons of banking, insurance and law. It is hardly surprising, then, that popular culture is again awash with fantasies of compliant automatised females.</p>
<h2>Animating visions</h2>
<p>While the creators of the new Blade Runner film remain in the familiar territory of “pleasure model” replicants and comforting holographic girlfriends, other artists have been more reflexive about the skewed gender politics of some science fiction and its worrying implications for robotics and for our technological future in general. Ilinca Calugareanu, the director of the Guardian documentary about Erica, and Maija Tammi, the artist who took Erica’s portrait, belong in a long lineage of artists who have interrogated male cultural fantasies of artificial women.</p>
<p>Calugareanu shoots people in slow motion, making actions rhythmic and somewhat inorganic, subtly erasing the differences between human and machinic movement, but also emphasising, by contrast, Erica’s immobility. Erica and her creators are filmed in medium close shots, in the centre of the frame. The men are silent and immobile, their thoughts narrated via a voice-over: the split between speech and mouth movement is similar to Erica’s. The masculine human subjects and the female android get the same filmic treatment, in a gesture that elides the distinction between them.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/qfAW0RPY3HQ?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>Maija Tammi’s photograph of Erica, meanwhile, is part of a series titled “One of Them is a Human” that includes a portrait of Ishiguro. The camera angle and the play of light in Erica’s portrait give silicone the warm texture of skin. The slightly tousled hair implies movement, as if she has just turned her head. She looks intently outside the frame with an enigmatic half-smile. </p>
<p>Tammi has spoken about the conventions of portraiture and how they compel us, the viewers, to invent meaning, to endow the sitter with an inner life. Robotic creation can involve a similar element of narcissistic projection. Erica’s “personality” is programmed by her designers; she echoes their taste in robot-themed films and their techno-utopianism (in the documentary, both roboticists and android insist that robots will run the world much better than humans: after all, they are impartial, rational and selfless). </p>
<p>Such work makes us confront our own reflexes of projection, while also questioning divisions between human and machine along gender lines. </p>
<p>In contrast to some of their male counterparts, female scientists such as Synthia Breazell at MIT are developing <a href="http://robotic.media.mit.edu/project-portfolio/">social, empathetic robots</a> that are not explicitly (and stereotypically) gendered. </p>
<p>Let’s hope such efforts – artistic and scientific – soon seep into the mainstream idea of robots too.</p>
<hr>
<p><em>Editor’s note: this article was amended on 25 October to correct the German term ‘neuen Frauen’.</em></p><img src="https://counter.theconversation.com/content/86092/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Irena Hayter does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Why do roboticists dream of electric women?
Irena Hayter, Lecturer in Japanese Studies, University of Leeds
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/85632
2017-10-12T14:29:03Z
2017-10-12T14:29:03Z
Computers will soon be able to fix themselves – are IT departments for the chop?
<figure><img src="https://images.theconversation.com/files/190005/original/file-20171012-31440-1tzlhhl.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">They call me the digital lizard. </span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/laptop-computer-hand-coming-through-screen-74147725?src=QhzS2EeTL3o35SNF_68PDg-1-4">Jeffrey B. Banke</a></span></figcaption></figure><p>Robots and AI are replacing workers at an <a href="https://www.theguardian.com/technology/2017/mar/24/millions-uk-workers-risk-replaced-robots-study-warns">alarming rate</a>, from simple manual tasks to making complex legal decisions and medical diagnoses. But the AI itself, and indeed most software, is still largely programmed by humans. </p>
<p>Yet there are signs that this might be changing. Several programming tools are emerging which help to automate software testing, one of which we have been developing ourselves. The prospects look exciting; but it raises questions about how far this will encroach on the profession. Could we be looking at a world of Terminator-like software writers who consign their human counterparts to the dole queue?</p>
<p>We computer programmers devote an unholy amount of time to testing software and fixing bugs. It’s costly, time consuming and fiddly – yet it’s vital if you want to bring high quality software to market. </p>
<h2>Testing, testing …</h2>
<p>A common method of testing software involves running a program, asking it to do certain things and seeing how it copes. Known as dynamic analysis, many tools exist to help with this process, usually throwing thousands of random choices at a program and checking all the responses. </p>
<p>Facebook <a href="https://arstechnica.co.uk/information-technology/2017/08/facebook-dynamic-analysis-software-sapienz/">recently unveiled</a> a tool called <a href="https://www.youtube.com/watch?v=j3eV8NiWLg4">Sapienz</a> that is a big leap forward in this area. Originally developed by University College London, Sapienz is able to identify bugs in Android software via automated tests that are far more efficient than the competition – requiring between 100 and 150 choices by the user compared to a norm of nearer 15,000. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=636&fit=crop&dpr=1 600w, https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=636&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=636&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=800&fit=crop&dpr=1 754w, https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=800&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/189609/original/file-20171010-17676-10qdlsm.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=800&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Bug on out.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/software-bug-causing-program-error-647034754?src=ShnB1VkW4HlqgkzEbavO3g-1-14">Phichak</a></span>
</figcaption>
</figure>
<p>The difference is that Sapienz contains an evolutionary algorithm that learns from the software’s responses to previous choices. It then makes new choices that aim to find the maximum number of glitches and test the maximum number of kinds of choices, doing everything as efficiently as possible. </p>
<p>It may soon have competition from DiffBlue, a spin-out from the University of Oxford. Based on an AI engine designed to analyse and understand what a program is doing, the company is developing several automated tools to help programmers. One will find bugs and write software tests; another will find weaknesses that could be exploited by hackers; a third will make improvements to code that could be better expressed or is out of date. DiffBlue recently <a href="https://techcrunch.com/2017/06/27/diffblue/">raised</a> US$22m in investment funding, and claims to be delivering these tools to numerous blue chip companies.</p>
<p>The tool that we have developed is dedicated to bug hunting. Software bugs are often just an innocent slip of the finger, like writing a “+” instead of a “-”; not so different to typos in a Word document. Or they can be because computer scientists like to count differently, starting at zero instead of the number one. This can lead to so-called “off by one” errors. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=1129&fit=crop&dpr=1 600w, https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=1129&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=1129&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=1418&fit=crop&dpr=1 754w, https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=1418&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/189597/original/file-20171010-17715-1npsivb.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=1418&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Here he is!</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/fort-greene/7484436922">Fort Greene Focus</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>You find these annoying little glitches by making one small change after another – repeatedly testing and tweaking until you make the right one. The answer is often staring you in the face – a bit like the game “<a href="http://findwally.co.uk">Where’s Wally?</a>” (or Waldo if you’re in North America). After hours of trying, you finally get that a-ha moment and wonder why you didn’t spot it sooner. </p>
<p>Our tool <a href="https://dl.acm.org/citation.cfm?id=3082517">works as follows</a>: office workers go about their normal administrative duties in the daytime and report any bugs in software as they find them. Overnight, when everyone is logged off, the system enters a “dream-like” state. It makes small changes to the computer code, checking each time to see if the adjustment has fixed the reported problem. Feedback from each run of the code is used to inform which changes would be best to try next time. </p>
<p>We tested it for four months in a Reykjavik organisation with about 200 users. In that time, it reported 22 bugs and all were fixed automatically. Each solution was found on these “night shifts”, meaning that when the programmer arrived at the office in the morning, a list of suggested bug fixes were waiting for them. </p>
<p>The idea is to put the programmer in control and change their job: less routine checking and more time for creativity. It’s roughly comparable to how spell checkers have taken much of the plod out of proof-reading a document. Both tools support the writer, and reduce the amount of time you probably spend swearing at the screen. </p>
<p>We have been able to show that the same system can be applied to other tasks, including making programs run faster and improving the accuracy of software designed to predict things (full disclosure: Saemundur recently co-founded a company to exploit the IP in the system). </p>
<h2>Future shock?</h2>
<p>It is easy enough to see why programs like these might be useful to software developers, but what about the downside? Will companies be able to downsize their IT requirement? Should programmers start fearing that <a href="https://www.theguardian.com/politics/2017/oct/04/the-cough-the-p45-the-falling-f-theresa-mays-speech-calamity">Theresa May moment</a>, when the automators show up with their P45s?</p>
<p>We think not. While automations likes these raise the possibility of companies cutting back on certain junior programming roles, we believe that introducing automation into software development will allow programmers to become more innovative. They will be able to spend more time developing rather than maintaining, with the potential for endlessly exciting results.</p>
<p>Careers in computing will not vanish, but some boring tasks probably will. Programmers, software engineers and coders will have more automatic tools to make their job easier and more efficient. But probably jobs won’t be lost so much as changed. We have little choice but to embrace technology as a society. If we don’t, we’ll simply be left behind by the countries that do.</p><img src="https://counter.theconversation.com/content/85632/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Saemundur Haraldsson is a director of Easy Advanced Systems, which has been set up to develop the IP behind the system he developed at University of Stirling.</span></em></p><p class="fine-print"><em><span>Alexander Brownlee receives funding from EPSRC and Microsoft.</span></em></p><p class="fine-print"><em><span>John R. Woodward does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The automation wave is coming for computer programmers – up to a point.
Saemundur Haraldsson, Postdoctoral Research Fellow, University of Stirling
Alexander Brownlee, Senior Research Assistant, University of Stirling
John R. Woodward, Lecturer in Computer Science, Queen Mary University of London
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/79485
2017-06-22T06:34:12Z
2017-06-22T06:34:12Z
Explainer: how malware gets inside your apps
<figure><img src="https://images.theconversation.com/files/175086/original/file-20170622-30205-1nzqzt1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Why is malware getting into your apps? For money, of course.</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/kazan-russia-april-11-2017-set-621349628">Stanislaw Mikulski/Shutterstock</a></span></figcaption></figure><p>Malicious software on popular mobile platforms such as iOS and Android is at best a nuisance and at worst a security threat to individuals and businesses. </p>
<p>Known as malware, some perpetrators use it to infect apps and get inside your smartphone. Why do they do it? Money, mostly. </p>
<p>The recent <a href="http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/">Judy malware</a>, for example, was reportedly found in 41 apps in the Google Play store. It seems to have made money for its creators by repeatedly auto-clicking on advertisements. <a href="http://www.csd.uoc.gr/%7Ehy558/papers/mal_apps.pdf">Other mechanisms</a> for mobile malware monetisation include covert sending of premium rate SMS messages, financial fraud and credential theft.</p>
<p>With millions of apps out there, it’s a growing problem.</p>
<h2>Pervasiveness of mobile app malware</h2>
<p>It’s difficult to get a firm idea of the size of the malware problem when it comes to apps.</p>
<p><a href="http://www.syssec-project.eu/m/page-media/3/andrubis_badgers2014.pdf">A study</a> conducted as part of a project called ANDRUBIS, published in 2014, examined one million Android applications. These were gathered directly from the Google Play app marketplace, as well as from unofficial marketplaces and services offering pirated apps. </p>
<p>The study found 1.6% of apps sampled from Google Play to be malicious in nature at the time, but other studies have shown different ratios. There is a lack of comprehensive data available concerning malware on the Apple App Store, although there are some <a href="https://www.theiphonewiki.com/wiki/Malware_for_iOS">known</a> <a href="http://bgr.com/2015/09/24/iphone-apps-xcodeghost-malware/">examples</a>.</p>
<h2>How apps get infected</h2>
<p>The most obvious way malware makes its way into marketplaces is through developers intentionally releasing malicious apps. However, this avenue of attack requires a developer who is willing to produce an application, market it, gain a following and then activate the hostile routines within the application. </p>
<p>It is far more common for malware to be inserted into already existing applications. There are a number of different mechanisms through which criminals achieve this feat:</p>
<ul>
<li><p><strong>Application republishing:</strong> Apps are automatically downloaded, infected with malware, then republished to app stores, both <a href="http://dl.acm.org/citation.cfm?id=2435378">official and unofficial</a>. Attackers making use of this strategy may publish under the original app name or one that is slightly different. An example of republishing malware was seen recently with the <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/dresscode-android-malware-finds-successor-milkydoor/">MilkyDoor malware</a>, which allows attackers to bypass firewalls.</p></li>
<li><p><strong>Malvertising:</strong> Advertisers provide packages of code to allow developers to incorporate ads into their apps. There have been instances in which attackers have managed to purchase advertisements <a href="https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/fireeye-sidewinder-targeted-attack.pdf">that perform malicious actions</a> through an otherwise benign app. An example of this was the <a href="https://securelist.com/disassembling-a-mobile-trojan-attack/76286/">Svpeng malware</a>, which was installed via Google AdSense ads targeting Google Chrome for Android users in Russia. The users did not have to click the ad – simply opening a page and <a href="https://www.bleepingcomputer.com/news/security/over-318-000-android-users-affected-by-auto-downloading-malvertising-attack/">displaying the ad</a> was enough.</p></li>
</ul>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/rFcxpDW_dC4?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Malware attacks App Store, Apple pulls infected apps.</span></figcaption>
</figure>
<ul>
<li><p><strong>Application acquisition:</strong> Some developers may wish to sell their apps outright. There is potential for the new owners to release malicious updates that will be automatically installed. While there are no documented cases of this occurring on mobile platforms, developers of <a href="https://www.labnol.org/internet/sold-chrome-extension/28377/">browser extensions</a> <a href="https://arstechnica.com/security/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/">have spoken out</a> <a href="https://www.reddit.com/r/IAmA/comments/1vjj51/i_am_one_of_the_developers_of_a_popular_chrome/">about this issue</a>. In some cases, it is possible to purchase applications with hundreds of thousands of users for a few hundred dollars. </p></li>
<li><p><strong>Infected development tools:</strong> In <a href="https://www.trendmicro.com/vinfo/us/security/news/mobile-safety/malware-laced-xcode-tool-used-to-infect-ios-apps">one (documented) case</a>, it was reported that infected app development tools were being distributed to app authors. A version of XCode, the primary tool used by iOS developers, would insert malicious functionality into applications that it built and prepared for distribution. Apple <a href="http://www.reuters.com/article/us-apple-china-malware-idUSKCN0RK0ZB20150920#tt">told Reuters</a> at the time it was working with the developers to ensure “they’re using the proper version of Xcode to rebuild their apps”.</p></li>
</ul>
<h2>How malware evades safeguards</h2>
<p>Of course, the maintainers of official app marketplaces like Apple and Google have an interest in keeping malware off their platforms. </p>
<p>There are a number of schemes aimed at addressing this: Apple has its app <a href="https://developer.apple.com/app-store/review/guidelines/">review process</a>, and Google has recently launched its <a href="https://www.android.com/play-protect/">Play Protect feature</a>. Among other programs, these efforts make use of a mix of automated and manual examination of apps in an effort to determine whether they are safe or not.</p>
<p>Malware authors attempt to defeat these processes by concealing the true functionality of their code. There are many ways in which this is accomplished: an attacker may have the application download the hostile portion of the code at a later date after installation, rely on time delays or instruct apps to wait for an external signal <a href="https://link.springer.com/chapter/10.1007/978-3-319-24018-3_12">before launching</a> their malicious payload. </p>
<p>In fact, similar approaches <a href="https://www.theregister.co.uk/2017/04/24/uber_cloaked_its_spying_but_apple_gave_it_a_wrist_slap/">were reportedly used by Uber developers</a> to show a different version of their app to Apple’s engineers, based on their location.</p>
<h2>What are the solutions?</h2>
<p>Unfortunately, there isn’t a single solution to these issues. </p>
<p>End users can ensure they only install applications from reputable developers, app marketplaces can continue to improve detection mechanisms and operating system developers can continue to improve security.</p>
<p>Nevertheless, malware authors will not be far behind in improving their strategies and devising new ways to compromise devices.</p><img src="https://counter.theconversation.com/content/79485/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Peter Hannay works for Edith Cowan University. He is affiliated with WAHCKon Heavy Industries Pty. Ltd.</span></em></p>
It’s not safe out there for an app.
Peter Hannay, Lecturer in Digital Forensics and Cyber Security, Edith Cowan University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/71618
2017-06-08T19:26:10Z
2017-06-08T19:26:10Z
Research in autism-friendly technology needs to improve to make a real difference for people
<figure><img src="https://images.theconversation.com/files/172367/original/file-20170606-16895-t9zft1.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Developers need to consider how a person with autism could react to their technology.</span> <span class="attribution"><span class="source">Shutterstock/Dubova</span></span></figcaption></figure><p>People on the autism spectrum can face challenges in dealing with a world they perceive differently to other people, no matter the severity of their condition.</p>
<p>Some people with autism gravitate towards technology for learning, play and communication. For many, technology in the form of augmented communication aids has helped to give them a voice. </p>
<p>We focus on the role technology plays in the lives of autistic people and their families. In particular, what are the benefits and problems, and where can we head in the future to get things right? </p>
<p>As part of that ongoing work, we collected user feedback by pulling data from millions of autism-related comments in public reviews of apps. We found many of the comments showed there were some clear benefits to people with autism, but there were also problems that could have been easily avoided. </p>
<h2>A hole in the evidence base</h2>
<p><a href="http://carlysvoice.com/home/aboutcarly/">Carly Fleischmann</a> was once considered a non-verbal, low-functioning autistic person. Now, with the aid of a digitally synthesised voice, she <a href="https://www.youtube.com/watch?v=a34qMg0aF6w">interviews celebrities such as Channing Tatum</a> and has her own <a href="https://www.youtube.com/channel/UCeKKQlMB1NeOLN31_CSJFRQ">online talk show</a>. </p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/GiYCL27msik?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Introducing Carly Fleischmann.</span></figcaption>
</figure>
<p>But there is little evidence of <a href="http://www.springer.com/gp/book/9783319059808">the long-term benefits and complications</a> of using computers and mobile devices to assist, educate and entertain autistic learners.</p>
<p>This is despite <a href="https://link.springer.com/article/10.1007/BF01538283">positive responses to computer-based therapy first being published more than four decades ago</a>. In part, a dearth of evidence is due to research being expensive and impeded by ethical issues when working with people who are considered vulnerable. </p>
<p>Moreover, <a href="https://theconversation.com/autism-research-isnt-helping-people-live-with-daily-reality-25773">many families are becoming increasingly disillusioned with autism research</a>. Many feel that research outcomes have become distanced from practical strategies that help families manage the challenges that come with autism. </p>
<p>This is important, because <a href="https://theconversation.com/do-more-children-have-autism-now-than-before-4497">1 in 100 children</a> is being diagnosed on the autistic spectrum. Of the participants on the <a href="https://www.ndis.gov.au/medias/documents/hda/h8d/8800076922910/CDRC-Report-2016-17-Q2.pdf">National Disability Insurance Scheme</a> 29% are autistic, the second-largest disability group in the scheme. </p>
<p>From an economic perspective, there is an <a href="https://a4.org.au/node/1064">increasing annual cost</a> estimated to be A$5.8 billion that is borne by families, communities and government. </p>
<p>If technology can help people on the autism spectrum then we need to get it right to help with their learning and communication, and to help their families and carers. </p>
<h2>The current role of mobile technology</h2>
<p>Before we look to the future it is prudent to understand the present role of app-based technology. </p>
<p>We scoured the <a href="https://play.google.com/store/apps">Android Play</a> and <a href="https://itunes.apple.com/au/genre/ios/id36?mt=8">Apple App</a> stores using a <a href="http://www.pcmag.com/encyclopedia/term/54372/webcrawler">webcrawler</a> that scanned as many apps and their associated reviews as could be found.</p>
<p>The webcrawler applied an algorithm that kept reviews related to autism and discarded those that weren’t relevant, for example when autism was used as a derogatory term.</p>
<p>In the end, 56 million reviews were analysed from more than 2-million apps. About one in 7,500 reviews from Apple and one in 50,000 from Android were found to have useful information that told a story. Here’s <a href="https://appwhip.com/app/363843653/my-first-tangrams-for-ipad-a-wood-tangram-puzzle-game-for-kids-perfect-for-montessori-method">a typical example</a>, about the My First Tangrams puzzle app:</p>
<blockquote>
<p>This is a great app it has helped my son who has autism learn motor skills, matching shape recognition, motor planning, independence and makes him think by turning off the magnet.</p>
</blockquote>
<p>From the extracted reviews, more than 85% referred to an app that was neither designed nor advertised for autistic people. We only found 57 apps specifically designed for autistic people that claimed to be evidence-based, but this was not verified. </p>
<h2>The most reported benefits</h2>
<p>The first question we looked at was: what were the main reported benefits?</p>
<p>Common problems in autism include language, education, behaviour, imagination, sleep, motor skills, attention, sensory, social, diary, hygiene, emotions, food and eye contact. So we counted how many times these themes appeared in the reviews. </p>
<iframe src="https://datawrapper.dwcdn.net/DUCuN/3/" scrolling="no" frameborder="0" allowtransparency="true" allowfullscreen="allowfullscreen" webkitallowfullscreen="webkitallowfullscreen" mozallowfullscreen="mozallowfullscreen" oallowfullscreen="oallowfullscreen" msallowfullscreen="msallowfullscreen" width="100%" height="437"></iframe>
<p>We found that language and education had the highest frequency of matches. Apple reviews were more prolific and reported benefits in all areas examined, whereas Android returned a smaller number of reviews across fewer areas.</p>
<p>Although anecdotal, this does give some credence that autistic people and their families are using technology for other than entertainment.</p>
<h2>Tailored for younger users</h2>
<p>It was common for the reviewers to report a particular age. Here’s <a href="https://itunes.apple.com/us/app/relax-jr-with-andrew-johnson/id657908353?mt=8">an example</a> from the Relax+ Jr. with Andrew Johnson meditation app:</p>
<blockquote>
<p>My 7 year old son is autistic and has major sleep problems however since using the original app his sleep has improved dramatically.</p>
</blockquote>
<p>Age consistency was apparent between reviews from the Apple and Android stores, with the largest age groups targeted being between three and five year-olds. The reported ages ranged from one to 18, as shown in the figure below. </p>
<iframe src="https://datawrapper.dwcdn.net/3UBiL/2/" scrolling="no" frameborder="0" allowtransparency="true" allowfullscreen="allowfullscreen" webkitallowfullscreen="webkitallowfullscreen" mozallowfullscreen="mozallowfullscreen" oallowfullscreen="oallowfullscreen" msallowfullscreen="msallowfullscreen" width="100%" height="534"></iframe>
<p>The <a href="https://www.ncbi.nlm.nih.gov/pubmed/16322174">average age of autism diagnosis is typically about three years old</a> and therapy usually starts as soon as possible. It is not surprising that there is a demand for technology suitable for an age group that coincides with the commencement of intensive interventions.</p>
<h2>Are app developers autism friendly?</h2>
<p>We found a recurring theme of developers changing and updating features of the app that often caused distress to young people with autism, such as <a href="https://appsrankings.com/app/632012899/tiny-firefighters-police-firefighters-for-kids">this example</a> on the Tiny Firefighters: Police & Firefighters for Kids app: </p>
<blockquote>
<p>This was my son’s favorite game. My son is autistic. A seemingly small change like this is life-altering drama for him. Please change the icon, at least, so he thinks it’s a different game.</p>
</blockquote>
<p>Here’s <a href="https://itunes.apple.com/au/app/disney-junior-appisodes/id599083564?mt=8">another example</a> on the Disney Junior Appisodes of when things go wrong from an app behaving unexpectely:</p>
<blockquote>
<p>Bought this app for my 5 yr old with autism. He loves Disney. App always crashes so now all he does is scream in frustration when it repeatedly doesn’t work.</p>
</blockquote>
<p>As we said earlier, the majority of the apps we found being used by people were not specifically developed for people with autism. </p>
<p>But had these apps been developed with help from people involved with autism research, then the developers could be better advised on how to avoid causing any distress. </p>
<p>Perhaps we need a set of guidelines for all software developers to help them develop autism friendly apps?</p>
<h2>The future for technology and autism</h2>
<p>Autism diagnoses are increasing and showing no signs of curtailing, and the <a href="https://theconversation.com/what-causes-autism-what-we-know-dont-know-and-suspect-53977">causes are still debated</a>. </p>
<p>Research shows people on the autism spectrum tend to spend significantly <a href="https://www.psychologytoday.com/blog/mental-wealth/201612/autism-and-screen-time-special-brains-special-risks">more screen time than the typical person</a>. As such, they have the potential to rapidly develop skills and learning experiences from technology. </p>
<p>The use of any mobile technology must provide a positive role for people with autism. But there are still some serious unanswered questions as to how best technology should be designed and developed to mitigate overuse, or harm from poor design or deployment. </p>
<p>Are the skills and experiences that are obtained from using a particular app being transferred to the real world? Are people with autism becoming dependent on the virtual world while elements of interpersonal interaction are sacrificed? What are the negative effects of overuse and poor design of apps?</p>
<p>We believe technologies that offer safe, interactive and therapeutic environments will only come about from a multidisciplinary team of clinicians, software developers, people on the autism spectrum and their families. </p>
<p>Nevertheless, the future does look brighter for a person diagnosed with autism and their families as <a href="https://itunes.apple.com/us/app/tinycards-learn-with-fun-free-flashcards/id1109425556?mt=8">one reviewer remarked</a> on the Tinycards memory education app: </p>
<blockquote>
<p>The last two days I’ve finally been having good interactions with my four year old daughter.</p>
</blockquote>
<hr>
<p><em>The app reviews included in this study are anecdotal user testimonials collected from public information.</em></p><img src="https://counter.theconversation.com/content/71618/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>The authors do not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and have disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
There are plenty of apps that people with autism can use for learning, play and communication. Not all are designed with autism in mind, so what can we learn from any online user feedback?
David Ireland, Research Scientist at the Australian E-Health Research Centre, CSIRO
Dana Kai Bradford, Senior Research Scientist, CSIRO
David Silvera-Tawil, Research Scientist, CSIRO
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/70988
2017-01-09T15:23:16Z
2017-01-09T15:23:16Z
Ten years on, the iPhone has taken us back as many steps as it has taken us forward
<figure><img src="https://images.theconversation.com/files/152092/original/image-20170109-23468-92bb4f.jpg?ixlib=rb-1.1.0&rect=0%2C185%2C1936%2C1110&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">A reinvention, yes. But has it taken us in the right direction?</span> <span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File:Steve_Jobs_presents_iPhone.jpg">Blake Patterson</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>The <a href="http://news.bbc.co.uk/1/hi/technology/6246063.stm">10th anniversary of the Apple iPhone</a> reminds us that while it was not the <a href="http://pocketnow.com/2014/07/28/the-evolution-of-the-smartphone">first smartphone</a>, it was the first to achieve mass-market appeal. Since then the iPhone has defined the approach that other smartphone manufacturers have taken. </p>
<p>Smartphones have transformed our lives, essentially giving us an internet-connected computer in our pocket. But while we’re distracted by <a href="https://theconversation.com/mps-could-do-a-lot-worse-than-play-candy-crush-in-meetings-35290">Candy Crush</a> or <a href="https://theconversation.com/why-niantic-didnt-need-marketing-to-make-pokemon-go-viral-63159">Pokemon Go</a>, we are losing freedoms. We are losing control of our own devices, and losing access to the information they contain – in the very same devices that are increasingly important in our life.</p>
<p>To see how far we’ve come, consider that personal desktop computers only became widespread with the <a href="https://www-03.ibm.com/ibm/history/exhibits/pc25/pc25_birth.html">IBM PC</a>. By designing the PC with an open architecture, an enormous industry of PC-compatible products from other manufacturers sprang up. It’s the same today: when you purchase a computer, you’ll have (if you wish) the ability and the right to add or remove, swap or upgrade any element of the system hardware, install or remove any software you wish, including the operating system, and access to any information stored on it.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/vN4U5FqrOdQ?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>However, today the smartphone or tablet have in many cases effectively replaced the desktop or laptop computer. In parts of the developing world, smartphones are the <a href="https://www.theguardian.com/world/2016/aug/08/africa-calling-mobile-phone-broadband-revolution-transform-democracies">first experience many have of computing and internet access</a>. The fact that they are small and portable and work wirelessly means they are put to many other uses, such as receiving guidance from navigation systems, listening to music while exercising, or playing games in waiting rooms.</p>
<p>Yet doing something that’s very simple on a computer – such as listing your files – is impossible on an iPhone. iPhone users can change their background image, their ring-tone, the time of their alarm. But the iPhone guards what files it contains jealously. Your phone that is carried everywhere with you, which knows your precise location, which records the websites you visit – has all of its files completely inaccessible to you. If you care about privacy this should sound disturbing.</p>
<p>We have always had the right to govern our own computers, to do with them as we wished. But the smartphones and tablets we’re buying today come without administrator rights: we are merely users in the hands of the big tech companies, and these firms effectively rule the machines we live with.</p>
<h2>Information and freedom</h2>
<p>Of course, the iPhone does allow access to some information, such as photos, emails or documents. But it is often difficult to get that data off the phone. The way the iPhone communicates with your computer is a closed, proprietary protocol, and Apple changes this protocol each time it updates the phone. So if you use neither Microsoft Windows or Apple Mac computers you will have a hard time even to get your own photos out of your own phone.</p>
<p>Apple also restricts what information can be stored on the device. For example, iPhone users are obliged to transfer any music files on the phone through Apple iTunes software. If you cannot or do not wish to run iTunes – no music for you. Additionally, iTunes will automatically delete all the music tracks on your phone if you try to <a href="https://support.apple.com/en-gb/HT201253">transfer files from more than one computer</a>, due to digital rights management software that assumes that access from more than one computer means that the file has been shared illegally. It’s a bit like buying spectacles that control the conditions under which you’re allowed to read books. Or a backpack that will destroy all its contents if you attempt to carry items bought from different stores.</p>
<p>The same issue also affects which applications can be installed. If you learn how write code, you can develop your own applications to solve your own unique problems. But the iPhone doesn’t allow you to run those programs: only software authorised by Apple and distributed via the Apple Store is permitted.</p>
<h2>Open alternatives</h2>
<p>Why so tightly control what we can do with our devices? Some may argue that these restrictions are necessary in favour of security. If we look again at computers, however, we find that Linux, an open source non-commercial operating system, is also the <a href="http://www.zdnet.com/article/uks-security-branch-says-ubuntu-most-secure-end-user-os/">most secure</a>. It’s true that the Android mobile phone operating system, which is more open, is not as secure as the iOS operating system that runs Apple’s iPhone. But it shows that it is possible to have a system that is both secure and open.</p>
<p>In fact, <a href="http://www.puredarwin.org/">iOS is built around several open source software projects</a> – those whose internal workings are open to anyone to view or modify, for free. But while elements of iOS are open source, they are used as part of a tightly closed system. Android, an open source mobile phone operating system originally created by Google, is the chief alternative to the iPhone. But Android phones too have many closed source components, and Google is constantly <a href="http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/">replacing open components with closed source ones</a>.</p>
<p>Another alternative comes in the form of <a href="http://www.omgubuntu.co.uk/2016/09/ubuntu-phone-ota-13-new-features">Ubuntu Touch</a>, a recent version of the popular <a href="https://www.ubuntu.com/">Ubuntu Linux</a> for phones and tablets, although it is not yet widely used. The fact remains that ten years on, the mobile revolution kicked-off by the iPhone has taken us several steps forward and several steps back; leaving us uncertain of whether some day we will actually fully own our devices.</p><img src="https://counter.theconversation.com/content/70988/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>This article was written based on discussions with Rafael Sahb, manager of the web for development team at the Council on Health Research for Development, an NGO which develops online platforms for health research in Africa and the developing world.</span></em></p>
The iPhone mobile revolution put powerful computers in our pockets, but took away our rights to control them. Is that worth celebrating?
Leandro Soriano Marcolino, Lecturer in Data Engineering, Lancaster University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/59386
2016-07-13T19:40:04Z
2016-07-13T19:40:04Z
Trying to cut your drinking? There’s an app for that
<figure><img src="https://images.theconversation.com/files/130175/original/image-20160712-9289-lzhw4b.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Technology can help cut your alcohol use.</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/mr_t_in_dc/8309908321/">Flickr/Mr TinDC</a>, <a class="license" href="http://creativecommons.org/licenses/by-nc-nd/4.0/">CC BY-NC-ND</a></span></figcaption></figure><p>Australia is known to be a nation of drinkers with almost <a href="http://nadk.flinders.edu.au/kb/alcohol/consumption-patterns/risky-consumption/">18%</a> having a drink on a daily basis at a level that is considered risky. </p>
<p>But the ill-effects of such behaviour extend to <a href="http://www.tacklingbingedrinking.gov.au/internet/tackling/publishing.nsf">binge drinking</a>, impacts on <a href="https://drinkwise.org.au/#q=alcohol%20and%20your%20health&r=true">health and well-being</a>, <a href="http://www.aic.gov.au/publications/current%20series/rip/1-10/04.html">assaults</a> <a href="http://www.aic.gov.au/publications/current%20series/tandi/461-480/tandi472.html">drink driving</a> with resulting car accidents and many others. </p>
<p>Various <a href="http://www.health.gov.au/internet/main/publishing.nsf/Content/health-pubhlth-strateg-drugs-alcohol-index.htm">governments</a> and organisations have launched campaigns and policies to combat problem drinking, such as <a href="http://www.abc.net.au/news/2016-04-22/danny-green-coward-punch-one-punch/7351798">Danny Green’s Coward Punch Campaign</a> and the lock out laws in <a href="http://www.nsw.gov.au/alcohol-and-drug-fuelled-violence-initiatives">New South Wales</a> and <a href="https://www.business.qld.gov.au/industry/liquor-gaming/liquor/compliance-licensees/trading-hours/late-trading">Queensland</a>.</p>
<p>Lock out laws have met with some success in <a href="https://www.mja.com.au/journal/2015/203/9/presentations-alcohol-related-serious-injury-major-sydney-trauma-hospital-after">reducing alcohol-related serious injuries in some regions</a>. But they have also been criticised with claims the laws are <a href="http://www.theaustralian.com.au/life/lockout-laws-nsw-premier-mike-baird-bombarded-on-facebook-and-twitter/news-story/0f627e978dd2002d9a86db9f460da65e">harming businesses</a> or that the cultural image of a high profile and vibrant urban centre such as Sydney is being <a href="https://www.theguardian.com/australia-news/2016/feb/05/sydneys-fun-police-have-put-out-the-light-of-the-nightlife-the-citys-a-global-laughing-stock">distorted</a>. </p>
<p>But there might be another way to tackle the problems related to the over-consumption of alcohol that doesn’t require large-scale government intervention.</p>
<h2>Install an app</h2>
<p>When it comes to overcoming bad behavioural habits, such as drinking too much, technology can help by providing a subtle and more personalised solution to the problem.</p>
<p>Smartphone apps can provide real-time intervention on the go. They allow people to get the right information at the right time regarding their drinking habits.</p>
<p>Popular alcohol control apps include examples such as Stop Drinking with Andrew Johnson (for <a href="https://itunes.apple.com/au/app/stop-drinking-andrew-johnson/id365566955">Apple</a> or <a href="https://play.google.com/store/apps/details?id=com.hivebrain.andrewjohnson.drinking&hl=en">Android</a>) which relies on relaxation and hypnotism and other apps which simply count the intake of alcohol (<a href="https://play.google.com/store/apps/details?id=com.voilaweb.mobile.sobrietycounter">Sobriety Counter</a> is one such app for Android).</p>
<p>Such mediated, anonymous and indirect interaction can also help people suffering from a drinking problem who are otherwise reluctant to visit rehabilitation and facility centres. </p>
<p>In this way technology can facilitate a change in behaviour through persuasion but not coercion. This is known as persuasive technology, a term originally coined by Stanford University researcher <a href="http://www.bjfogg.com/">BJ Fogg</a>. </p>
<p>Such technologies have already helped with other problems, such as obesity, bullying and racism by motivating people, providing knowledge, supporting decision making and ultimately facilitating behaviour change. </p>
<p>There is growing realisation of the importance of persuasive technology in mitigating the harmful side effects of <a href="http://healthland.time.com/2013/12/17/fighting-holiday-overdrinking-why-many-women-may-be-better-off-with-apps-over-aa/">alcohol</a> and other <a href="https://psmag.com/the-invisible-manipulative-power-of-persuasive-technology-df61a9883cc7#.hswxsg3hs">bad habits</a>.</p>
<p>There are a number of <a href="http://www.acar.net.au/control_your_drinking_online.html">web</a> and <a href="http://www.adin.com.au/about-us/latest-news/69-drug-and-alcohol-app-reviews-for-iphone-and-android">mobile</a> applications that help people with their alcohol intake. But web-based applications usually cannot be accessed at a user’s own discretion as they require some form of synchronisation with the user’s phone.</p>
<h2>Which app is best?</h2>
<p>While mobile apps may be best suited to tackle drinking problems there isn’t much of an understanding as to which are more suitable or what features people prefer. </p>
<p>The National Health Service in the UK does provide a <a href="http://www.nhs.uk/tools/pages/toolslibrary.aspx">list of apps</a> that can assist in tackling health related problems. But there is no government or other reputable organisation that maintains a similar list in Australia.</p>
<p>There are some <a href="http://www.techguide.com.au/reviews/apps/smartphone-apps-that-can-save-you-from-drunken-embarrassment/">online rankings</a> of alcohol control apps, but these are not maintained by official health services.</p>
<p>This motivated us to <a href="http://link.springer.com/chapter/10.1007%2F978-3-319-31510-2_9">analyse</a> more than 200 user reviews of apps available on the iTunes store so we could better establish design recommendations for such apps.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=1065&fit=crop&dpr=1 600w, https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=1065&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=1065&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=1338&fit=crop&dpr=1 754w, https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=1338&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/125623/original/image-20160607-15034-1f877yh.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=1338&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Quit That app indicating alcohol consumption trends and money saved.</span>
<span class="attribution"><a class="source" href="https://itunes.apple.com/au/app/quit-that!-track-how-long/id909400800?mt=8">Screenshot</a>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>We focused on 18 apps, such as <a href="https://itunes.apple.com/us/app/quit-that/id909400800?ls=1&mt=8">Quit That</a>, that were meant to reduce alcohol intake through behavioural change strategies. We specifically excluded apps that were purely for facilitating alcohol intake, such as alcohol recipe apps. </p>
<p>We noticed that there were two main types of strategies that were prevalent in such apps. Some used motivation and others self-control to help reduce or monitor alcohol intake. The former rely on different persuasive strategies such as praise and reward mechanism, social interaction with avatars, competitions, reminders and notifications, etc. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=1065&fit=crop&dpr=1 600w, https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=1065&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=1065&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=1338&fit=crop&dpr=1 754w, https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=1338&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/125624/original/image-20160607-15045-smqswr.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=1338&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Step Away app highlights the usage of warnings as a persuasive strategy - an example of a motivational app.</span>
<span class="attribution"><a class="source" href="https://itunes.apple.com/us/app/step-away-mobile-intervention/id688669242?mt=8">Screenshot</a>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>Self-control apps mostly rely on users to monitor and manage their intake by providing information, such as blood alcohol concentration levels. Self-control apps do not explicitly inform the user when their alcohol intake crosses a level of high risk. </p>
<h2>What users want</h2>
<p>Our results showed that users preferred self-control apps, possibly because they did not want to be controlled by an app that was too insistent or fast in its interaction. </p>
<p>Users not only preferred gradual notifications from the apps but they also wished to have full control over how the app interacted with them. We found that a key design guideline for these apps is the ability to customise the way users interact with them. </p>
<p>We noticed that a number of users preferred apps that provided incremental targets. This allows them to attain positive milestones on each step of the behavioural change process. A number of users also stated the importance of sharing their progress on social media.</p>
<p>Implementing persuasive applications is a fraught with challenges, particularly for contexts such as alcohol intake, where real-time monitoring can be difficult. </p>
<p>But there is great potential to use mobile technology to promote positive alcohol behavioural change, particularly if the apps follow certain design features. </p>
<p>If the appropriate governmental authorities can benchmark and recommend apps based on the proposed guidelines, that will go a long way in assisting many in overcoming their alcohol related problems.</p><img src="https://counter.theconversation.com/content/59386/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Omar Mubin does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Smartphone apps can help people cut back on the amount of alcohol they drink. But is it nagging apps or gentle persuiasion that people prefer?
Omar Mubin, Lecturer in human-centred computing & human-computer interaction, Western Sydney University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/61003
2016-06-16T20:04:04Z
2016-06-16T20:04:04Z
Apple iOS 10 v Google Android: which is leading the way?
<figure><img src="https://images.theconversation.com/files/126655/original/image-20160615-22386-rtsabq.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Apple's new iOS 10 includes a slew of new features.</span> <span class="attribution"><span class="source">Apple</span></span></figcaption></figure><p>Both Apple and Google use their developer conferences to introduce updates to their mobile operating systems. Google IO, held last month, <a href="http://www.techradar.com/us/news/world-of-tech/google-io-1307820">introduced</a> Google’s latest version “N” of Android, along with new apps. </p>
<p>Apple has done the same this week at its World Wide Developer Conference, <a href="https://theconversation.com/apple-emphasises-social-responsibility-and-new-features-but-is-superficial-on-both-61008">introducing</a> iOS 10.</p>
<p>While both Apple and Google are likely to be monitoring each others’ releases to stay competitive, there is a big difference underlying the Android and iOS approaches to feature development that means their respective focus will also differ. </p>
<p>Google has little control over hardware and the rate at which OS versions are released on the vast array of Android phones. It can take years before a new version will reach a significant proportion of Android users, if at all. </p>
<p>Android Marshmallow (version 6), released in 2015, is still <a href="http://www.droid-life.com/2016/06/07/android-distribution-update-june-2016-marshmallow-jumps-past-10/#more-187406">only on</a> 10% of devices. Apple’s iOS 9, also released last year, <a href="https://david-smith.org/iosversionstats/">is on</a> 86% of devices.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=321&fit=crop&dpr=1 600w, https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=321&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=321&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=403&fit=crop&dpr=1 754w, https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=403&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/126636/original/image-20160615-22416-1libd9m.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=403&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Apple has recently announced iOS 10.</span>
<span class="attribution"><span class="source">Apple</span></span>
</figcaption>
</figure>
<p>Another important difference driving the design of features is the range of devices that each company targets. Google’s software is designed to run on a range of operating systems and not just Android, whereas iOS apps are tied into the particular release of the operating system software.</p>
<p>What is possibly a more distinguishing difference is the way Apple has emphasised the integration of third-party apps into its own applications. <a href="https://support.apple.com/en-au/HT201287">iMessage</a>, for example, will come with an “app drawer” that can do everything from providing custom animations to allowing users to exchange money or pay for services and products. </p>
<p>Google, on the other hand, has released “<a href="https://play.google.com/store/apps/details?id=com.google.android.apps.fireball&hl=en">Allo</a>”, which is a self-contained messaging app, albeit with some clever predictive awareness built in. </p>
<p>Apple Maps gets upgraded in iOS 10 but still generally lags behind <a href="https://www.google.com.au/maps/">Google Maps</a>. As with iMessage, Apple is expecting developers to add functionality to Maps to make it truly useful. </p>
<p>In the meantime, Apple has added traffic information (for certain countries) and alternative routes based on that information; features Google Maps has had for some time. </p>
<p>Changes to Apple <a href="http://www.apple.com/au/osx/apps/#photos">Photos</a> brings it more into line with Google’s <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.photos&hl=en">Photos</a> app. Photos will be automatically arranged into suggested albums based on a range of information including automatically recognised faces. Photos will also create automatic presentations with accompanying music to create “memories”. Again, this is similar to features in Google Photos. </p>
<h2>Clouds and watches</h2>
<p>An important distinction in approaches that may not be obvious is how much processing happens on the phone itself rather than on the cloud. </p>
<p>Apple can take advantage of the enormous processing power of its phones and do a great deal of its processing locally, whereas Google does much of this type of processing on the cloud. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=600&fit=crop&dpr=1 600w, https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=600&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=600&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=754&fit=crop&dpr=1 754w, https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=754&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/126653/original/image-20160615-22377-4xs4ta.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=754&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Android N is coming soon.</span>
<span class="attribution"><span class="source">Sham Hardy/Flickr</span>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>This means that Apple can ensure greater privacy and security as the information never leaves the phone. Theoretically, law enforcement agencies could intercept Google’s process of facial recognition by gaining access to that information on their servers, something that they would not be able to do with Apple’s approach.</p>
<p>Apple has enhanced its use of information on the lock screen, including what can be done directly from those notifications. This coincides with Google’s revamped <a href="http://arstechnica.com/gadgets/2016/03/hands-on-with-android-n-increased-customization-better-notifications-and-more/">notifications</a> in Android N.</p>
<p>Google and Apple also announced upgrades to their respective watch OSs. Google upgraded <a href="https://www.android.com/intl/en_au/wear/">Android Wear</a> to version 2.0 and Apple’s <a href="http://www.apple.com/watchos-preview/">watchOS</a> goes to version 3.0. In Apple’s case, watchOS gets huge speed-ups (which it really needed), and the ability for apps on the watch to update in the background, in preparation for being launched. </p>
<p>Another intriguing feature not available on Android Wear 2.9 is Apple’s SOS app, which allows the watch to automatically dial emergency services and provide updates to them on the wearer’s location. </p>
<p>The watch will then notify pre-configured contacts and let them know that the SOS button has been activated. This feature still relies on the wearer having their phone available but could prove incredibly useful as an alternative to panic buttons that are provided to the elderly in case of emergencies. </p>
<p>It could also be useful in cases of personal security as activating a feature via the watch in an emergency may be much easier than through the phone.</p>
<p>Other features introduced for watchOS 3 include the ability to “scribble” messages – another feature already available on Android Wear. </p>
<p>Any user of Android on one of the latest phones and a user of iOS would in essence be likely to do the same things on either platform. </p>
<p>If you really value security and privacy, Apple would have the edge. If you use other Apple products, using an Android phone would put you at more of a disadvantage. In all other events, either set of users could answer any “I can do this” with a “me too”.</p><img src="https://counter.theconversation.com/content/61003/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>David Glance owns shares in Apple.</span></em></p>
Apple has announced its next generation iOS 10, but how does it stack up to the latest Android offering from Google?
David Glance, Director of UWA Centre for Software Practice, The University of Western Australia
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/60418
2016-06-06T01:21:54Z
2016-06-06T01:21:54Z
Google wins in court, and so does losing party Oracle
<figure><img src="https://images.theconversation.com/files/125183/original/image-20160603-11620-15adj3n.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Everybody wins!</span> <span class="attribution"><a class="source" href="http://www.shutterstock.com/pic-402095701/stock-vector-gold-trophy-cup-of-winner-in-two-hands-illustration.html">Trophy and hands via shutterstock.com</a></span></figcaption></figure><p>Oracle <a href="http://arstechnica.com/tech-policy/2016/05/google-wins-trial-against-oracle-as-jury-finds-android-is-fair-use/">recently lost its attempt</a> to use patent and copyright law to force Google to pay US$9 billion for using parts of its Java computer language. Nine billion dollars isn’t chump change, not even for Google, but despite the verdict against Oracle, I’d say Google is not the only winner.</p>
<p>The dispute between the two internet giants was <a href="http://arstechnica.com/tech-policy/2016/05/how-oracle-made-its-case-against-google-in-pictures/">whether Google had needed Oracle’s permission to use computer code</a> called the Java API. The API, and therefore the legal issue, relates to some pretty technical details about how computer programs work – how the instructions programmers write are followed on different hardware devices and different software operating systems.</p>
<p>The outcome of the case, decided in parts by a judge, an appeals court and a jury, was that Google’s use of computer code didn’t violate Oracle’s patents, and that Oracle could copyright its code. However, the jury found that Google’s use did not violate the copyright restrictions because it significantly expanded on the existing copyrighted materials, an exception in law called “<a href="http://www.copyright.gov/fair-use/">fair use</a>.”</p>
<p>It is not only a victory for Google, which has done nothing wrong and need not pay Oracle any money. Programmers remain allowed to use a very popular programming language without fear of crippling legal penalties – which in turn benefits the public, who use <a href="https://github.com/trending/java">apps and websites made with Java</a>. And while technically the legal loser, Oracle also won in a way, because it will benefit from Java’s continued popularity.</p>
<h2>What’s an API?</h2>
<p>To understand the heart of the dispute, we first need to grasp what an Application Programming Interface (API) is and what it does for programmers. At its simplest, an API defines the specific details of how a program interacts with a computer’s operating system and the underlying hardware.</p>
<p>Computer manufacturers use a <a href="http://www.makeuseof.com/tag/whats-inside-your-computer-the-story-of-every-component-you-need-to-know-3/">wide range of specific components</a>: hard drives and memory storage units with different sizes, faster or slower processing chips, smaller and larger screens. They also choose <a href="http://www.computerworld.com/article/3050931/microsoft-windows/windows-comes-up-third-in-os-clash-two-years-early.html">different operating systems</a>, such as Windows, the Macintosh OS X, and Linux – each of which is regularly upgraded with a new version.</p>
<figure class="align-right ">
<img alt="" src="https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/125184/original/image-20160603-11585-ehiq95.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Hoping to avoid nightmares: a Java programmer.</span>
<span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File%3AProgrammer_writing_code_with_Unit_Tests.jpg">Joonspoon</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>Each variation might handle basic functions differently – such as reading a file connecting to the internet, or drawing images on the screen. For a computer programmer, that is a nightmare. Nobody wants to write a program that works only on a <a href="http://www.dell.com/us/p/inspiron-15-3552-laptop/pd?oc=fncwc008sb&model_id=inspiron-15-3552-laptop">Dell laptop with a 15-inch screen, a 500 GB hard drive, 4 GB of RAM, running Windows 10</a> – and no other computer. And nobody wants to write the extremely large number of slight variations to make sure a program works on every machine, either.</p>
<p>The API solves that problem for the programmer, handling the complicated and difficult details of exactly how any specific computer will act. That leaves programmers free to concentrate on what they want a computer program to do, without having to worry about precisely how. It’s better for the user, too. If she has (for example) <a href="https://java.com/en/download/">Java installed</a> on whatever computer she uses, programs written in Java will run.</p>
<h2>Java itself</h2>
<p>The Java API contains methods for everything from reading and writing a file, to drawing on a screen, to handling web security certificates. Without a functioning copy of the API, programs in Java are fundamentally broken. Clearly, therefore, he who controls the API controls the language. </p>
<p>Oracle, when it <a href="http://www.oracle.com/us/corporate/press/018363">bought Sun Microsystems</a>, bought the rights to Java and its API. The crux of the legal battle was how this control is exerted and how far it extends.</p>
<p>No one denied that Oracle has a valid copyright on the language and API specification. This is a good thing. It means I can’t just make a copy of Java, give it a name (like “Darjeeling”), and call it a new language that I own. Similarly, a company can’t change the API arbitrarily and still call it the Java API.</p>
<h2>What did Google do?</h2>
<p>When it <a href="https://googleblog.blogspot.com/2008/09/first-android-powered-phone.html">released Android in 2008</a>, Google added software and hardware development to its existing internet service business. If its products were going to succeed, they needed to be able to run lots of interesting programs. The easiest way to do ensure that was to make sure the new devices could understand at least one computer language that’s already <a href="http://spectrum.ieee.org/computing/software/the-2015-top-ten-programming-languages">widely used by programmers</a>. Java is a natural choice. </p>
<p>The alternative would have been to <a href="https://msdn.microsoft.com/en-us/library/67ef8sbd.aspx">create a new language</a>, but that pathway is fraught with difficulties. Introducing a new language requires convincing programmers that it is worth using and giving them time and resources to learn the language.</p>
<p>Once Google decided on Java, it needed to connect Java programs to Android’s hardware and software – it needed a Java API for Android.</p>
<h2>Sharing names for computer commands</h2>
<p>Rather than commissioning Oracle to write it, Google wrote the software in-house, customizing it for cellphone hardware. For example, Bluetooth, touch-screen gestures and telephone calls are not handled in Oracle’s standard Java API; they are solely in Android-specific code. </p>
<p>However, to be sure Android devices could run existing Java software, Google wrote its Android Java with some of the same commands as Oracle’s version of Java. Both Android and Oracle support the <a href="https://docs.oracle.com/javase/7/docs/api/java/io/package-summary.html">Java.io methods</a> that let programmers use the same <em>files.newInputStream(filename)</em> command to initiate the arcane and complex Java file-reading process. </p>
<p>Google didn’t copy the code Oracle had written for other hardware or software systems. It wrote <a href="https://developer.android.com/reference/classes.html">all-new Android-specific</a> instructions for devices to follow each command, but to help programmers, gave many common commands the same name Oracle used.</p>
<p>Oracle’s <a href="http://arstechnica.com/tech-policy/2012/04/oracles-ip-war-against-google-finally-going-to-trial-whats-at-stake/">lawyers sharpened their knives</a> and the battle was on. Could Google use the same names, even if the code they referred to was different?</p>
<h2>The stakes were high</h2>
<p>If Oracle had won, Java’s days as a primary programming language for Android – the <a href="https://bgr.com/2016/06/02/apples-mobile-market-share-sees-big-drop-in-may-as-android-skyrockets/">world’s most popular smartphone system</a> – were numbered. Very quickly, Google would have chosen a new language for Android programmers to use, and published a conversion tool to translate existing Java apps into the new language. Then it would have stopped supporting Java. (I suspect <a href="https://www.microsoft.com/en-us/">one of Oracle’s competitors</a> would have offered Google excellent licensing terms to choose another language.) </p>
<p>Programmers would have lost. The tools to write code for Android would have been, at a bare minimum, more expensive and less flexible. The public would have lost, because new and interesting apps would both be more expensive and released less frequently.</p>
<p>Finally, Oracle would have lost because programming in Java would no longer be a viable option for a major market. Computer languages compete for popularity, so fewer programmers would choose to program in Java, reducing the pool of people who were comfortable and competent in Java. Instead they would choose others, like <a href="https://www.python.org/">Python</a> or <a href="https://www.ruby-lang.org/en/">Ruby</a>. With fewer people working in Java, Oracle’s primary way of making money from it (creating <a href="https://www.oracle.com/java/index.html">Java-based computer systems</a> that can be expanded by third-party developers) would slowly decline.</p>
<p>Instead, while Oracle doesn’t get $9 billion from Google, the programming community – and those of us who use apps and websites every day – gets to keep using an important tool, without fear of a similarly large lawsuit in the future.</p><img src="https://counter.theconversation.com/content/60418/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Robert Harrison does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Google saves $9 billion, programmers and users get to keep a popular language and its apps – and a key Oracle product stays alive.
Robert Harrison, Professor of Computer Science, Georgia State University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/58301
2016-04-29T09:45:32Z
2016-04-29T09:45:32Z
What is the European Commission’s problem with Google and Android?
<figure><img src="https://images.theconversation.com/files/120663/original/image-20160429-10512-dc41xi.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">Yeamake/Shutterstock.com</span></span></figcaption></figure><p>Google has been dragged over the coals by the European Union’s competition watchdog, culminating in the European Commission <a href="http://europa.eu/rapid/press-release_IP-16-1492_en.htm">formally charging Google with abusing the dominant position</a> of its Android mobile phone operating system, having launched an investigation in April 2015.</p>
<p>Powerful firms are prohibited from engaging in anti-competitive behaviour under <a href="http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:12008E102">Article 102 of the Treaty on the Functioning of the European Union</a>, or TFEU. European law calls this an abuse of dominant position, but really it can be seen simply as <a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2163690">bullying</a>. The EU courts have long recognised that dominant firms have “<a href="http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A61981CJ0322">a special responsibility not to allow [their] conduct to impair genuine undistorted competition</a>”. </p>
<p>To violate EU competition law a firm must be dominant in a particular market – just having a large market share indicates dominance, but isn’t sufficient. Other factors need to be studied, such as barriers to market entry and exit, or switching costs. A market that is easy to enter despite one firm having a large share of it may still be contestable by newcomers.</p>
<p>The conduct of firms with dominant positions is subject to particular scrutiny for evidence of abusive conduct, such as that aimed at eliminating actual or potential competitors or exploiting consumers. If any abusive behaviour is found, the European Commission has the power to demand changes to contracts and impose fines of up to 10% of the firm’s annual turnover. In the case of Google, this would be an eye-watering US$7 billion, based on its <a href="http://www.androidcentral.com/google-releases-q4-and-full-2015-earnings">2015 revenues</a>. Any such sanctions are subject to review by the EU courts.</p>
<h2>What are the allegations?</h2>
<p>The European Commission considers that Google is dominant in three markets: general internet search, licensable mobile operating systems as used on smartphones and tablet computers, and stores for Android apps. It considers that Google controls more than 90% of each market. </p>
<p>It’s important to understand that Android is essentially composed of two parts. The first is the open source operating system core, which everyone can use, alter, change, repackage and re-release as their own. The other is proprietary, which is closed source and belongs to Google, which keeps it to itself. This means that a firm manufacturing mobile phones must buy a licence from Google to use the proprietary part of Android, even though the rest of it is open source and free.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=424&fit=crop&dpr=1 600w, https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=424&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=424&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=533&fit=crop&dpr=1 754w, https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=533&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/120601/original/image-20160428-28029-pg1k4m.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=533&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">How the European Commission sees Google’s anticompetitive behaviour.</span>
<span class="attribution"><span class="source">European Commission</span></span>
</figcaption>
</figure>
<p>Google, the commission argues, violated EU rules by requiring manufacturers to pre-install Google Search and its Chrome browser and obliging them to make Google Search a default search service as a condition of being granted a license for Google’s proprietary apps, particularly the Play Store app which is the key marketplace for Android-compatible apps. </p>
<p>Google also prevents manufacturers from selling devices running on any non-standard variations of the Android operating system (known as “forks”) – and offers financial incentives to manufacturers and mobile phone networks if they exclusively pre-install Google Search on their devices.</p>
<p>This behaviour has an essentially foreclosing effect – it makes it difficult for other firms to compete with Google, and reinforces Google’s dominance in general search – its most profitable business area. It may also harm consumers by denying them access to devices run on competing Android forks, thereby stifling innovation. </p>
<h2>Is Google the new Microsoft (legally speaking)?</h2>
<p>These are serious charges. They resemble <a href="http://europa.eu/rapid/press-release_IP-04-382_en.htm">similar anti-competitive charges brought against Microsoft</a> 20 years ago for bundling a media player and web browser with its Windows operating system. One difference lies in the fact that Microsoft built its products into each other, technologically, whereas Google bound them together contractually. </p>
<p>However, manufacturers can use the open source Android, but they cannot pre-install the proprietary Google apps, including the Play Store, which as the main Android app marketplace is seen as critical. There are other app stores available for Android, for example <a href="http://www.amazon.co.uk/gp/feature.html?docId=1000644603">Amazon Appstore</a>, but none has a comparable library of apps. What’s more, Google’s approach is all-or-nothing: installing the Play Store means installing all the other Google apps in the bundle, such as Google Search, the Chrome browser, or Gmail app. The effect is that Google’s own apps are given unparalleled presence and visibility, leveraging and strengthening Google’s dominant position. </p>
<p>In its <a href="http://googlepolicyeurope.blogspot.co.uk/2016/04/androids-model-of-open-innovation.html">first response</a>, Google underlined the voluntary character of the agreements and the open source nature of Android. It argued that Android was designed “in a way that’s good for competition and for consumers”. </p>
<p>Google has 12 weeks to formally respond and show that any such restrictions are legitimate. <a href="http://foreignpolicy.com/2016/04/26/europes-misguided-anti-google-crusade/">Some</a>, particularly in the US, argue that the European Commission is obsessed with scrutinising US tech firms. But the US Federal Trade Commission <a href="http://www.reuters.com/article/us-google-antitrust-idUSKCN0RP0WR20150925">recently opened a similar investigation</a>, so it is not, as some have suggested, anti-US sentiment. But with <a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2242085">differences between EU and US law</a>, where US law tends to be more lenient with larger firms, it’s not clear that the two bodies will come to the same conclusions.</p><img src="https://counter.theconversation.com/content/58301/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Marek Martyniszyn does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
European Commission fires a broadside at Google for using Android to enforce its dominant position.
Marek Martyniszyn, Lecturer in Law, Queen's University Belfast
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/56987
2016-04-05T20:12:40Z
2016-04-05T20:12:40Z
How secure is your smartphone’s lock screen?
<figure><img src="https://images.theconversation.com/files/116881/original/image-20160331-28451-15rssml.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">There's a big difference between a 4-digit PIN and a 6-digit PIN.</span> <span class="attribution"><span class="source">Ervins Strauhmanis/Flickr</span>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>One consequence of the <a href="https://theconversation.com/au/topics/apple-vs-fbi">Apple vs FBI</a> drama has been to shine a spotlight on the security of smartphone lockscreens. </p>
<p>The fact that the FBI managed to <a href="https://theconversation.com/the-fbi-drops-its-case-against-apple-that-only-made-everyones-security-worse-56962">hack the iPhone</a> of the San Bernardino shooter without Apple’s help raises questions about whether PIN codes and swipe patterns are as secure as we think.</p>
<p>In fact, they’re probably not as secure as we’d hope. No device as complex as a smartphone or tablet is ever completely secure, but device manufactures and developers are still doing their best to keep your data safe. </p>
<p>The first line of defence is your lockscreen, typically protected by a PIN code or password.</p>
<p>When it comes to smartphones, the humble four-digit PIN code is the most popular choice. Unfortunately, even ignoring <a href="http://www.datagenetics.com/blog/september32012/">terrible PIN combinations</a> such as “1234”, “1111” or “7777”, four-digit PIN codes are still incredibly weak, since there are only 10,000 unique possible PINs. </p>
<p>If you lose your device, and there are no other protections, it would only take a couple of days for someone to find the correct PIN through brute force (i.e. attempting every combination of four-digit PIN). </p>
<p>A random six-digit PIN will afford you better security, given that there are a million possible combinations. However, with a weak PIN and a bit of time and luck, it’s still possible for someone to bypass this using something like <a href="https://hak5.org/episodes/hak5-1217">Rubber Ducky</a>, a tool designed to try every PIN combination without triggering other security mechanisms. </p>
<h2>Checks and balances</h2>
<p>Fortunately, there other safeguards in place. On iPhones and iPads, for instance, there is a <a href="https://www.apple.com/business/docs/iOS_Security_Guide.pdf">forced delay</a> of 80 milliseconds between PIN or password attempts. </p>
<p>And after 10 incorrect attempts, the device will either time-out for increasing periods of time, lock out completely, or potentially delete all data permanently, depending on your settings. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=900&fit=crop&dpr=1 600w, https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=900&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=900&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=1131&fit=crop&dpr=1 754w, https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=1131&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/117225/original/image-20160403-6806-102tlu2.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=1131&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">A swipe pattern can be easier to remember than a PIN.</span>
<span class="attribution"><span class="source">Mike Dent/Flickr</span>, <a class="license" href="http://creativecommons.org/licenses/by-nc-nd/4.0/">CC BY-NC-ND</a></span>
</figcaption>
</figure>
<p>Similarly, <a href="https://source.android.com/security/">Android</a> devices enforce time delays after a number of passcode or password entries. However, stock Android devices will not delete their contents after any number of incorrect entries.</p>
<p>Swipe patterns are also a good security mechanism, as there are more possible combinations than a four-digit PIN. Additionally, you can’t set your swipe pattern to be the same as your banking PIN or password, so if one is compromised, then the others remain secure.</p>
<p>However, all of these security controls can potentially be thwarted. By simply observing the fingerprints on a device’s display on an unclean screen, it is possible to discern a swipe pattern or passcode. When it comes to touch screen devices: cleanliness is next to secure-ness.</p>
<h2>Bypasses</h2>
<p>Speaking of fingers, biometrics have increased in popularity recently. Biometric security controls simply means that traits of a human body can be used to identify someone and therefore unlock something. </p>
<figure class="align-left zoomable">
<a href="https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=780&fit=crop&dpr=1 600w, https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=780&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=780&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=980&fit=crop&dpr=1 754w, https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=980&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/116883/original/image-20160331-28451-jsl5rh.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=980&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Some Android phones now carry built-in fingerprint sensors.</span>
<span class="attribution"><span class="source">Kārlis Dambrāns/Flickr</span>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<p>In the case of smartphones, there are competing systems that offer various levels of security. Android has facial, voice and fingerprint unlocking, while iOS has fingerprint unlocking only. </p>
<p>Generally, biometrics on their own are not inherently secure. When used as the only protection mechanism, they’re often very unreliable, either allowing too many unauthorised users to access a device (false positives), or by creating a frustrating user experience by locking out legitimate users (false negatives). </p>
<p>Some methods of bypassing these biometric protections have been widely publicised, such as using a <a href="http://www.theregister.co.uk/2014/09/24/iphone_touchid_hack/">gummi bear</a> or <a href="http://arstechnica.com/security/2013/09/defeating-apples-touch-id-its-easier-than-you-may-think/">PVA glue</a> to bypass Apple’s TouchID, or using a picture to fool facial recognition on Android.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/BwfYSR7HttA?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Watch as a picture of a face can unlock an Android phone.</span></figcaption>
</figure>
<p>To combat this, Apple disables the TouchID after five incorrect fingerprint attempts, requiring a passcode or password entry to re-enable the sensor. Likewise, current versions of Android enforce increasing time-outs on after a number of incorrect entries. </p>
<p>These methods help strike a balance between security and usability, which is crucial for making sure smartphones don’t end up hurled at a wall.</p>
<p>Although these lockscreen protections are in place, your device may still contain bugs in its software that can allow attackers to bypass them. A quick search for “smartphone lockscreen bypasses” on your favourite search engine will yield more results than you’d probably care to read. </p>
<p>Lockscreen bypasses are particularly problematic for older devices that are no longer receiving security updates, but new devices are not immune. For example, the latest major iOS release (iOS 9.0) contained a flaw that allowed users to access the device without entering a valid passcode via the Clock app, which is accessible on the lockscreen. Similar bugs have been discovered for Android devices as well.</p>
<p>All of these efforts could be thrown out the window if you install an app that includes malware. </p>
<p>So lockscreens, PIN codes, passwords and swipe patters should only be considered your first line of defence rather than a foolproof means of securing your device.</p><img src="https://counter.theconversation.com/content/56987/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Clinton Carpene works for ECU Security Research Institute. He receives funding from Cisco. He is affiliated with WAHCKon Heavy Industries Pty. Ltd.. </span></em></p>
PIN codes, passwords, swipe patterns and biometrics can help secure your smartphone, but they’re far from foolproof.
Clinton Carpene, Post Doctoral Researcher in network security, Edith Cowan University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/56556
2016-03-29T18:23:31Z
2016-03-29T18:23:31Z
What if the FBI tried to crack an Android phone? We attacked one to find out
<figure><img src="https://images.theconversation.com/files/116681/original/image-20160329-13679-dpipjz.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">How many attempts will it take to unlock this phone?</span> <span class="attribution"><a class="source" href="http://www.shutterstock.com/pic-266071979/stock-photo-smartphone-random-password-hacking-attempt-concept-mobile-phone-security-breach.html?src=Ba4lhoNqlVC7I76EgA6IHQ-1-26">Phone with lock and keys via shutterstock.com</a></span></figcaption></figure><p>The Justice Department has managed to unlock an iPhone 5c used by the gunman Syed Rizwan Farook, who with his wife killed 14 people in San Bernardino, California, last December. The high-profile case has pitted federal law enforcement agencies against Apple, which fought a legal order to work around its passcode security feature to give law enforcement access to the phone’s data. The FBI said it <a href="http://www.computerworld.com/article/3048837/security/doj-cracks-san-bernardino-shooters-iphone.html">relied on a third party</a> to crack the phone’s encrypted data, raising questions about iPhone security and whether federal agencies should disclose their method. </p>
<p>But what if the device had been running Android? Would the same technical and legal drama have played out? </p>
<p>We are Android users and researchers, and the first thing we did when the FBI-Apple dispute hit popular media was read Android’s <a href="http://source.android.com/security/encryption/index.html">Full Disk Encryption</a> documentation. </p>
<p>We attempted to replicate what the FBI had wanted to do on an Android phone and found some useful results. Beyond the fact the Android ecosystem involves more companies, we discovered some technical differences, including a way to remotely update and therefore unlock encryption keys, something the FBI was not able to do for the iPhone 5c on its own.</p>
<h2>The easy ways in</h2>
<p>Data encryption on smartphones involves a key that the phone creates by combining 1) a user’s unlock code, if any (often a four- to six-digit passcode), and 2) a long, complicated number specific to the individual device being used. Attackers can try to crack either the key directly – which is very hard – or combinations of the passcode and device-specific number, which is hidden and roughly equally difficult to guess.</p>
<p>Decoding this strong encryption can be very difficult. But sometimes getting access to encrypted data from a phone doesn’t involve any code-breaking at all. Here’s how:</p>
<ul>
<li>A custom app could be installed on a target phone to extract information. In March 2011, Google <a href="http://googlemobile.blogspot.com/2011/03/update-on-android-market-security.html">remotely installed a program</a> that cleaned up phones infected by malicious software. It is unclear if Android still allows this. </li>
<li>Many applications use Android’s <a href="http://developer.android.com/training/backup/backupapi.html">Backup API</a>. The information that is backed up, and thereby accessible from the backup site directly, depends on which applications are installed on the phone.</li>
<li>If the target data are stored on a removable SD card, it may be unencrypted. Only the most recent versions of Android allow the user to <a href="https://source.android.com/devices/storage/adoptable.html">encrypt an entire removable SD card</a>; <a href="http://android-developers.blogspot.jp/2010/07/apps-on-sd-card-details.html">not all apps encrypt data stored on an SD card</a>.</li>
<li>Some phones have fingerprint readers, which can be <a href="http://gizmodo.com/hackers-iphone-5s-fingerprint-security-is-not-secure-1367817697">unlocked with an image</a> of the phone owner’s fingerprint.</li>
<li>Some people have modified their phones’ operating systems to give them “root” privileges – access to the device’s data beyond what is allowed during normal operations – and potentially weakening security.</li>
</ul>
<p>But if these options are not available, code-breaking is the remaining way in. In what is called a “brute force” attack, a phone can be unlocked by trying every possible encryption key (i.e., all character combinations possible) until the right one is reached and the device (or data) unlocks.</p>
<h2>Starting the attack</h2>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=179&fit=crop&dpr=1 600w, https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=179&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=179&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=224&fit=crop&dpr=1 754w, https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=224&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/116586/original/image-20160329-13683-l0ai4a.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=224&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">A very abstract representation of the derivation of the encryption keys on Android.</span>
<span class="attribution"><span class="source">William Enck and Adwait Nadkarni</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>There are two types of brute-force attacks: offline and online. In some ways an offline attack is easier – by copying the data off the device and onto a more powerful computer, specialized software and other techniques can be used to try all different passcode combinations.</p>
<p>But offline attacks can also be much harder, because they require either trying every single possible encryption key, or figuring out the user’s passcode <em>and</em> the device-specific key (the unique ID on Apple, and the hardware-bound key on newer versions of Android). </p>
<p>To try every potential solution to a fairly standard 128-bit AES key means trying all 100 undecillion (10<sup>38</sup>) potential solutions – enough to take a supercomputer <a href="http://www.eetimes.com/document.asp?doc_id=1279619">more than a billion billion years</a>.</p>
<p>Guessing the passcode could be relatively quick: for a six-digit PIN with only numbers, that’s just a million options. If letters and special symbols like “$” and “#” are allowed, there would be more options, but still only in the hundreds of billions. However, guessing the device-specific key would likely be just as hard as guessing the encryption key.</p>
<h2>Considering an online attack</h2>
<p>That leaves the online attack, which happens directly on the phone. With the device-specific key readily available to the operating system, this reduces the task to the much smaller burden of trying only all potential passcodes.</p>
<p>However, the phone itself can be configured to resist online attacks. For example, the phone can insert a time delay between a failed passcode guess and allowing another attempt, or even delete the data after a certain number of failed attempts. </p>
<p>Apple’s iOS has both of these capabilities, automatically introducing increasingly long delays after each failure, and, at a user’s option, wiping the device after 10 passcode failures.</p>
<h2>Attacking an Android phone</h2>
<p>What happens when one tries to crack into a locked Android phone? Different manufacturers set up their Android devices differently; Nexus phones run Google’s standard Android configuration. We used a Nexus 4 device running stock Android 5.1.1 and full disk encryption enabled.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=314&fit=crop&dpr=1 600w, https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=314&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=314&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=394&fit=crop&dpr=1 754w, https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=394&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/116679/original/image-20160329-13688-192czw6.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=394&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Android adds 30-second delays after every five failed attempts; snapshot of the 40th attempt.</span>
<span class="attribution"><span class="source">William Enck and Adwait Nadkarni</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>We started with a phone that was already running but had a locked screen. Android allows PINs, passwords and pattern-based locking, in which a user must connect a series of dots in the correct sequence to unlock the phone; we conducted this test with each type. We had manually assigned the actual passcode on the phone, but our unlocking attempts were randomly generated.</p>
<p>After five failed passcode attempts, Android imposed a 30-second delay before allowing another try. Unlike the iPhone, the delays did not get longer with subsequent failures; over 40 attempts, we encountered only a 30-second delay after every five failures. The phone kept count of how many successive attempts had failed, but did not wipe the data. (Android phones from other manufacturers may insert increasing delays similar to iOS.)</p>
<p>These delays impose a significant time penalty on an attacker. Brute-forcing a six-digit PIN (one million combinations) could incur a worst-case delay of just more than 69 days. If the passcode were six characters, even using only lowercase letters, the worst-case delay would be more than 58 years.</p>
<p>When we repeated the attack on a phone that had been turned off and was just starting up, we were asked to reboot the device after 10 failed attempts. After 20 failed attempts and two reboots, Android started a countdown of the failed attempts that would trigger a device wipe. We continued our attack, and at the 30th attempt – as warned on the screen and <a href="http://androidxref.com/5.1.1_r6/xref/packages/apps/Settings/src/com/android/settings/CryptKeeper.java#98">in the Android documentation</a> – the device performed a “factory reset,” wiping all user data.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=273&fit=crop&dpr=1 600w, https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=273&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=273&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=343&fit=crop&dpr=1 754w, https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=343&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/116678/original/image-20160329-13701-lv8jwc.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=343&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Just one attempt remaining before the device wipes its data.</span>
<span class="attribution"><span class="source">William Enck and Adwait Nadkarni</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>In contrast to offline attacks, there is a difference between Android and iOS for online brute force attacks. In iOS, both the lock screen and boot process can wipe the user data after a fixed number of failed attempts, but only if the user explicitly enables this. In Android, the boot process always wipes the user data after a fixed number of failed attempts. However, our Nexus 4 device did not allow us to set a limit for lock screen failures. That said, both Android and iOS have options for remote management, which, if enabled, can wipe data after a certain number of failed attempts.</p>
<h2>Using special tools</h2>
<p>The iPhone 5c in the San Bernardino case is owned by the employer of one of the shooters, and has mobile device management (MDM) software installed that lets the company track it and perform other functions on the phone by remote control. Such an MDM app is usually installed as a “Device Administrator” application on an Android phone, and set up using the “Apple Configurator” tool for iOS.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=279&fit=crop&dpr=1 600w, https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=279&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=279&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=350&fit=crop&dpr=1 754w, https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=350&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/116581/original/image-20160329-13679-8mkcbo.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=350&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Our test MDM successfully resets the password. Then, the scrypt key derivation function (KDF) is used to generate the new key encryption key (KEK).</span>
<span class="attribution"><span class="source">William Enck and Adwait Nadkarni</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>We built our own MDM application for our Android phone, and verified that <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)">the passcode can be reset</a> without the user’s explicit consent; this also updated the phone’s encryption keys. We could then use the new passcode to unlock the phone from the lock screen and at boot time. (For this attack to work remotely, the phone must be on and have Internet connectivity, and the MDM application must already be programmed to reset the passcode on command from a remote MDM server.)</p>
<h2>Figuring out where to get additional help</h2>
<p>If an attacker needed help from a phone manufacturer or software company, Android presents a more diverse landscape. </p>
<p>Generally, operating system software is signed with a digital code that proves it is genuine, and which the phone requires before actually installing it. Only the company with the correct digital code can create an update to the operating system software – which might include a “back door” or other entry point for an attacker who had secured the company’s assistance. For any iPhone, that’s Apple. But many companies build and sell Android phones.</p>
<p>Google, the primary developer of the Android operating system, signs the updates for its flagship Nexus devices. Samsung signs for its devices. Cellular carriers (such as AT&T or Verizon) may also sign. And many users install a custom version of Android (such as <a href="http://www.cyanogenmod.org/">Cyanogenmod</a>). The company or companies that sign the software would be the ones the FBI needed to persuade – or compel – to write software allowing a way in.</p>
<h2>Comparing iOS and Android</h2>
<p>Overall, devices running the most recent versions of iOS and Android are comparably protected against offline attacks, when configured correctly by both the phone manufacturer and the end user. Older versions may be more vulnerable; one system could be <a href="http://nelenkov.blogspot.com/2014/10/revisiting-android-disk-encryption.html">cracked in less than 10 seconds</a>. Additionally, configuration and software flaws by phone manufacturers may also compromise security of both Android and iOS devices.</p>
<p>But we found differences for online attacks, based on user and remote management configuration: Android has a more secure default for online attacks at start-up, but our Nexus 4 did not allow the user to set a maximum number of failed attempts from the lock screen (other devices may vary). Devices running iOS have both of these capabilities, but a user must enable them manually in advance.</p>
<p>Android security may also be weakened by remote control software, depending on the software used. Though the FBI was unable to gain access to the iPhone 5c by resetting the password this way, we were successful with a similar attack on our Android device.</p>
<p><em>This article was updated April 8, 2016, to add a missing word “not” in the sentence beginning “The phone kept count…”</em></p><img src="https://counter.theconversation.com/content/56556/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>William Enck currently receives or has received in the past funding from the National Science Foundation (NSF), the Army Research Office (ARO), the National Security Agency (NSA), and a Google Faculty Research Award. The opinions in this article are his own and do not reflect the opinions of the funding agencies.</span></em></p><p class="fine-print"><em><span>Adwait Nadkarni does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The FBI has accessed the data on a shooter’s iPhone. What if the device had been running Android?
William Enck, Assistant Professor of Computer Science, North Carolina State University
Adwait Nadkarni, Ph.D. Student of Computer Science, North Carolina State University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/45225
2015-07-28T04:48:12Z
2015-07-28T04:48:12Z
Microsoft wants to win back your support with Windows 10
<figure><img src="https://images.theconversation.com/files/89875/original/image-20150728-7662-vfy9xr.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Things should look a little more familiar on Windows 10.</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/126940499@N05/15457852442/">Flickr/download.net.pl</a>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span></figcaption></figure><p>The latest version of Microsoft’s Windows operating system will begin rolling out from Wednesday (July 29). And remarkably, <a href="http://www.microsoft.com/en-au/windows/windows-10-upgrade">Windows 10</a> will be offered as a free upgrade to those users who already have Windows 7 and 8.1 installed.</p>
<p>That the upgrade is free is an interesting move and comes off the back of much <a href="https://theconversation.com/why-is-microsoft-dropping-support-for-windows-8-1-25712">criticism over Windows 8</a>. Interestingly, the software giant has also skipped over any planned version 9 of Windows.</p>
<p>So what does this mean for Microsoft and the <a href="http://news.microsoft.com/bythenumbers/index.HTML">1.5 billion people</a> it says use Windows every day? Can the company restore some of the consumer and user confidence <a href="http://www.cnet.com/au/news/microsoft-responds-to-extreme-windows-8-criticism/">it has lost</a> in recent years?</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/Cor-lvXsgx0?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>Under Satya Nadella’s leadership, Microsoft is transforming itself into a “<a href="https://redmondmag.com/articles/2015/07/01/gaming-matters.aspx">productivity and platforms company</a>”. This is a bold re-invention of the company as it seeks to secure its future in a market moving steadily towards <a href="http://www.smallbusinesscomputing.com/biztools/the-pros-and-cons-of-cloud-computing.html">cloud-based services</a> and mobile devices powered by Google’s <a href="https://www.android.com/">Android</a> and Apple’s <a href="https://www.apple.com/ios/">iOS</a>. </p>
<p>Nadella sees it as necessity to broaden the company’s scope of operations beyond its current family of products and conventional modes of delivery. The market does not leave him with much choice if the company is to stay in the game, if not be a leader.</p>
<h2>After Windows 10 it’s just Windows</h2>
<p>For decades, the latest release of Windows has been a major event in itself. But that is set to end.</p>
<p><a href="http://www.microsoft.com/en-us/windows/features">Windows 10</a> will be the last <a href="http://www.forbes.com/sites/gordonkelly/2015/05/08/microsoft-windows-10-last-windows/">numbered version</a> of the operating system. After Windows 10, it will simply be known as Windows. And you will get your updates incrementally from from the cloud via a subscription service. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=337&fit=crop&dpr=1 600w, https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=337&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=337&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=424&fit=crop&dpr=1 754w, https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=424&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/89873/original/image-20150728-7646-8o2iw2.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=424&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Many Windows users will have noticed the upgrade notification appearing on their taskbar.</span>
<span class="attribution"><a class="source" href="http://news.microsoft.com/?attachment_id=213483">Microsoft</a></span>
</figcaption>
</figure>
<p>In what it is calling a “<a href="https://blogs.windows.com/buildingapps/2015/03/02/a-first-look-at-the-windows-10-universal-app-platform/">platform convergence strategy</a>”, Microsoft is creating a unified operating environment for phones, tablets, ultrabooks, laptops, desktop computers and Xboxes. All will be integrated by Windows 10, and increasingly so with the later Windows. </p>
<p>The platform convergence strategy allows the creation of <a href="http://www.engadget.com/2015/01/21/windows-10-makes-microsofts-dream-of-universal-apps-come-true/">universal applications</a> that can run on any platform with Windows 10. </p>
<p>Surprisingly, applications that have been developed to run on Android and iOS devices will also be able to run on Windows 10, albeit once they have been converted to make them compatible. Still, this will open up a vast number of potential applications to run across Windows platforms.</p>
<h2>Focus on gaming</h2>
<p>Microsoft’s <a href="http://www.wired.com/2014/09/microsoft-minecraft-mobile/">acquisition</a> last year of the hit game <a href="https://minecraft.net/">Minecraft</a> for US$2.5 billion is a measure of how seriously Nadella and his strategists take mobile gaming.</p>
<p>Minecraft is a hugely popular open world game that gives players the freedom to create create and manipulate an on-line world made of Lego-like blocks. The move will establish Microsoft in the booming world of mobile games as well as further popularising the Xbox gaming console. </p>
<p>But the question on many people’s minds is whether the personal computer itself is <a href="http://www.extremetech.com/computing/193469-windows-10-is-great-but-it-wont-stop-the-pc-from-dying-and-taking-microsoft-with-it">dead</a>, and along with it Microsoft?</p>
<p>It’s not the first time we have heard such <a href="http://www.technologyreview.com/news/426222/the-personal-computer-is-dead/">dire predictions</a>. It is true that PCs are today part of a more complicated personal computing environment, but it is a stretch to declare the PC dead.</p>
<p>There is only so much you can do with a phone or a tablet. For serious work or fun, a full-spec laptop or desktop is still the machine of choice and will remain so. For example, I am writing this article using a laptop.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/89868/original/image-20150728-7662-esxt67.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Microsoft’s latest upgrade of Windows will be free for many users.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/ericksli/19691620619/">Flickr/Eric Li</a>, <a class="license" href="http://creativecommons.org/licenses/by-nc/4.0/">CC BY-NC</a></span>
</figcaption>
</figure>
<h2>The new digital economy</h2>
<p>The <a href="https://theconversation.com/au/topics/internet-of-things">Internet of Things</a> is expanding, with embedded sensors and data gatherers becoming <a href="http://readwrite.com/2011/07/17/cisco_50_billion_things_on_the_internet_by_2020">pervasive</a>. </p>
<p>Open platforms and operating environments that feed data into the cloud and allow people to derive value will be an important part of the new digital economy. With traditional jobs under threat from automation and artificial intelligence, imagination and creativity will be more important than ever. </p>
<p>Microsoft’s strategy to diversify and integrate its platform offerings and move its services to the cloud while opening itself up to using its competitor’s apps would seem to be a bold but rational response to the current challenges; one that stands a good chance of succeeding. </p>
<p>There will no doubt be loud complaints from those who claim to speak for all of us. But in the end if a computing environment delivers value and allows people to live their lives as they please, then that platform is likely to succeed, particularly when it has the muscle and know-how of a well-established company behind it.</p>
<p>How Google and Apple respond will be very interesting, but competition is a good thing.</p><img src="https://counter.theconversation.com/content/45225/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>David Tuffley does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
After Windows 8 flopped, Microsoft is betting big with a free upgrade to Windows 10 and a new strategy to keep the brand alive in a changing technology landscape.
David Tuffley, Lecturer in Applied Ethics and Socio-Technical Studies, School of ICT, , Griffith University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/41251
2015-05-06T16:57:56Z
2015-05-06T16:57:56Z
‘Windows 10 on everything’ is Microsoft’s gambit to profit from its competitors
<figure><img src="https://images.theconversation.com/files/80715/original/image-20150506-10953-1u69snm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Windows on anything means revenue from everything, at least that's the idea.</span> <span class="attribution"><span class="source">gadgets by aslysun/shutterstock.com</span></span></figcaption></figure><p>Microsoft’s aim to make Windows 10 <a href="http://www.wired.com/2015/04/microsoft-continuum">run on anything</a> is key to its strategy of reasserting its dominance. Seemingly unassailable in the 1990s, Microsoft’s position has in many markets been eaten away by the explosive growth of phones and tablets, devices in which the firm has made little impact.</p>
<p>To run Windows 10 on everything, Microsoft is opening up. </p>
<p>Rather than requiring Office users to run Windows, now Office365 is available for <a href="http://www.cnet.com/news/microsoft-expands-word-excel-powerpoint-for-android-tablets/">Android</a> and <a href="http://www.macworld.com/article/2844218/microsoft-office-for-ios-goes-free-and-full-featured-on-your-iphone.html">Apple iOS</a> mobile devices. A version of Visual Studio, Microsoft’s key application for programmers writing Windows software, <a href="http://techcrunch.com/2015/04/29/microsoft-shocks-the-world-with-visual-studio-code-a-free-code-editor-for-os-x-linux-and-windows/">now runs on Mac OS or Linux</a> operating systems. </p>
<p>Likewise, with tools released by Microsoft developers can tweak their Android and iOS apps so that they <a href="http://www.itpro.co.uk/desktop-software/24524/android-and-ios-apps-will-run-on-windows-10">run on Windows</a>. The aim is to allow developers to create, with ease, the holy grail of a universal app that runs on anything. For a firm that has been unflinching in taking every opportunity to lock users into its platform, just as with Apple and many other tech firms, this is a major change of tack.</p>
<h2>From direct to indirect revenue</h2>
<p>So why is Microsoft trying to become a general purpose, broadly compatible platform? Windows’ share of the operating system market has <a href="http://www.trustedreviews.com/news/microsoft-pc-market-share-drops-60-in-5-years">fallen steadily from 90% to 70% to 40%</a>, depending on which survey you believe. This reflects customers moving to mobile, where the Windows Phone holds <a href="http://www.idc.com/prodserv/smartphone-os-market-share.jsp">a mere 3% market share</a>. In comparison Microsoft’s cloud infrastructure platform <a href="http://azure.microsoft.com/">Azure</a>, Office 365 and its Xbox games console have all <a href="http://www.zdnet.com/article/windows-azure-joins-microsofts-billion-dollar-business-club/">experienced rising fortunes</a>. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=398&fit=crop&dpr=1 600w, https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=398&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=398&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=501&fit=crop&dpr=1 754w, https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=501&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/80710/original/image-20150506-10919-12vlb5q.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=501&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">We’re way into the post-PC era.</span>
<span class="attribution"><a class="source" href="http://commons.wikimedia.org/wiki/File:The_iOS_family_pile_(2012).jpg">Blake Patterson</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<p>Lumbered with a heritage of Windows PCs in a falling market, Microsoft’s strategy is to move its services – and so its users – inexorably toward the cloud. This divides into two necessary steps.</p>
<p>First, for software developed for Microsoft products to run on all of them – write once, run on everything. As it is there are several different Microsoft platforms (Win32, WinRT, WinCE, Windows Phone) with various incompatibilities. This makes sense, for a uniform user experience and also to maximise revenue potential from reaching as many possible devices.</p>
<p>Second, to implement a universal approach so that code runs on other operating systems other than Windows. This has historically been fraught, with differences in approach to communicating, with hardware and processor architecture making it difficult. In recent years, however, improving <a href="http://searchvirtualdatacentre.techtarget.co.uk/definition/Virtualisation">virtualisation</a> has made it much easier to run code across platforms. </p>
<p>It will be interesting to see whether competitors such as Google and Apple will follow suit, or further enshrine their products into tightly coupled, closed ecosystems. Platform exclusivity is no longer the way to attract and hold customers; instead the appeal is the applications and services that run on them. For Microsoft, it lies in subscriptions to <a href="https://products.office.com/en-gb/business/compare-office-365-for-business-plans">Office365</a> and <a href="http://www.xbox.com/en-gb/LIVE">Xbox Gold</a>, in-app and in-game purchases, downloadable video, books and other revenue streams – so it makes sense for Microsoft to ensure these largely cloud-based services are accessible from operating systems other than just their own.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=350&fit=crop&dpr=1 600w, https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=350&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=350&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=440&fit=crop&dpr=1 754w, https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=440&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/80707/original/image-20150506-10927-8dnpcx.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=440&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">The Windows family tree … it’s complicated.</span>
<span class="attribution"><a class="source" href="http://commons.wikimedia.org/wiki/File:Windows_Updated_Family_Tree.png">Kristiyan Bogdanov</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<h2>Platform vs services</h2>
<p>Is there any longer any value in buying into a single service provider? Consider smartphones from Samsung, Google, Apple and Microsoft: prices may differ, but the functionality is much the same. The element of difference is the value of wearables and internet of things devices (for example, Apple Watch), the devices they connect with (for example, an iPhone), the size of their user communities, and the network effect.</p>
<p>From watches to fitness bands to internet fridges, the benefits lie in how devices are interconnected and work together. This is a truly radical concept that demonstrates digital technology is driving a new economic model, with value associated with “in-the-moment” services when walking about, in the car, or at work. It’s this direction that Microsoft is aiming for with Windows 10, focusing on the next big thing that will drive the digital economy.</p>
<h2>The revolution will be multi-platform</h2>
<p>I predict that we will see tech firms try to grow ecosystems of sensors and services running on mobile devices, either tied to a specific platform or by driving traffic directly to their cloud infrastructure. </p>
<p>Apple has already moved into the <a href="https://theconversation.com/apple-releases-its-watch-and-makes-a-surprise-move-into-the-area-of-medical-research-38566">mobile health app market</a> and <a href="http://www.techradar.com/news/digital-home/the-apple-homekit-collection-these-are-all-the-home-appliances-that-work-with-homekit-1291197">connected home market</a>. Google is moving in alongside manufacturers such as Intel, ARM and others. An interesting illustration of this effect is the growth of digital payments – with Apple, Facebook and others seeking ways to create revenue from the traffic passing through their ecosystems.</p>
<p>However, the problem is that no single supplier like Google, Apple, Microsoft or internet services such as Facebook or Amazon can hope to cover all the requirements of the internet of things, which is predicted to scale to <a href="http://readwrite.com/2011/07/17/cisco_50_billion_things_on_the_internet_by_2020">over 50 billion devices worth US$7 trillion in five years</a>. As we become more enmeshed with our devices, wearables and sensors, demand will rise for services driven by the personal data they create. Through “Windows 10 on everything”, Microsoft hopes to leverage not just the users of its own ecosystem, but those of its competitors too.</p><img src="https://counter.theconversation.com/content/41251/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Mark Skilton is a Professor of Practice at Warwick Business School and also works for PA Consulting as a Digital Expert</span></em></p>
If the money is in the cloud, it makes sense to take as many users there as possible.
Mark Skilton, Professor of Practice, Warwick Business School, University of Warwick
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/40291
2015-04-16T13:34:45Z
2015-04-16T13:34:45Z
Google and Android in the firing line as EU pulls trigger on competition inquiry
<figure><img src="https://images.theconversation.com/files/78221/original/image-20150416-5622-1w5ny1e.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Offers of candy won't prevent the European Commission's scrutiny now.</span> <span class="attribution"><span class="source">Google by Asif Islam/Shutterstock.com</span></span></figcaption></figure><p>There are some specific words that are not particularly popular with the European Commission: “hi-tech”, “anti-competitive” and “bundling”, to name a few. Throw “US firms” into the mix, and the result is as many expected: Google has been <a href="http://www.theverge.com/2015/4/15/8419605/google-europe-android-antitrust-investigation">accused of anti-competitive practices in Europe</a>.</p>
<p>The culmination of a three-year investigation, the commission will now examine not only the prominence of Google’s own services in its search results, but also launches <a href="http://europa.eu/rapid/press-release_MEMO-15-4782_en.htm">an inquiry into Android</a>, Google’s mobile phone operating system.</p>
<p>The European Commission’s competition chiefs have sent a Statement of Objections to Google, requiring the search giant to respond to allegations of anti-competitive behaviour in online shopping, where “Shop with Google” links – paid for by advertisers – are promoted over other search results.</p>
<p>Concerns of anti-competitive behaviour will similarly form the heart of the commission’s investigation into Android, which is expected to focus on Google’s agreements with tablet and smartphone manufacturers which might fall under <a href="http://euwiki.org/TFEU#TITLE_VII_-_-_COMMON_RULES_ON_COMPETITION.2CTAXATION_AND_APPROXIMATION_OF_LAWS">Article 101</a> of the Treaty of the Functioning of the European Union (TFEU).</p>
<p>These sorts of contractual arrangements include exclusivity agreements, such as where manufacturers are required to pre-install Google’s applications and services exclusively in their tablets and phones – for example, apps such as Google Maps, Gmail, Play, Music, Search and the other elements of the Google-branded ecosystem. They also include agreements whereby manufacturers are restricted from developing and marketing rival products to those Google offers.</p>
<p>The commission will also investigate Google’s practice of bundling its applications and services. Tying and bundling occurs when the supplier requires that two or more products are purchased together, even though they might have not been requested. This practice can be equated to abuse of dominance, especially when the supplier is a market giant the size of Google – and particularly in Europe where its dominance in search is greater than in the US and other markets. </p>
<p>This anti-competitive behaviour is likely to trigger <a href="http://euwiki.org/TFEU#Article_102">Article 102 TFEU</a>, which prohibits the abuse of a dominant position due to its likelihood to prevent or restrict competition. Similar issues have dogged Microsoft, which was dragged through the European courts for anti-competitive practices involving, among other things, software bundling and designing its products in such a way that it was difficult for third parties to create compatible products.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=479&fit=crop&dpr=1 600w, https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=479&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=479&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=602&fit=crop&dpr=1 754w, https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=602&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/78222/original/image-20150416-5622-4s1tx3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=602&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Bundling Google’s many products is one bone of contention.</span>
<span class="attribution"><span class="source">logos by Yeamake/Shutterstock.com</span></span>
</figcaption>
</figure>
<h2>Google comes out fighting</h2>
<p>In anticipation of the investigation, Google issued a <a href="http://recode.net/2015/04/14/here-is-googles-internal-response-to-the-imminent-e-u-charges-memo/">memo</a> presenting its basic argument against the commission’s allegations and aiming to reinforce its brand as a promoter of innovation and an investor in new ideas. </p>
<p>Google points to the open-source nature of the Android system, the pricing of its products, as well as the existence of a vibrant competing market for apps and services – worth US$7 billion in revenue for developers and content publishers last year alone. The point Google is trying to make is that in a market where innovation thrives and consumers have wide choice characterised by low prices, there cannot be a negative or anti-competitive effect on trade.</p>
<p>Practically speaking, this investigation is likely to lead to a highly protracted court case – the EU case against Microsoft <a href="https://fsfe.org/activities/ms-vs-eu/timeline.en.html">took 16 years</a>. If and when Google is charged with breach of EU Competition Laws, the firm could face fines up to US$6 billion. But the bigger problem for a company the size of Google is the legal costs such a protracted case will incur. Distracted by arguing its case against the European Commission, Google risks falling behind in its highly competitive and fast-moving industry.</p>
<h2>Proceed with caution</h2>
<p>A lesson from the Microsoft saga is the importance of timing – Microsoft was ultimately forced to unbundle software such as its media player from Windows many, many years after the case was brought – at a time when it no longer mattered. The pace of technological progresses far outstrips the European Commission’s ability to keep pace, and the grounds for a lengthy investigation launched in 2015 may no longer be relevant a few years from now. Markets can change overnight, something of which the European Commission is well aware.</p>
<p>Ultimately, the technology industry and associated markets have unique characteristics in respect of competition law – the pace of innovation means no one can be sure today what tomorrow’s big products will be. Consequently a dominant firm today may be last in line tomorrow. Competition specialists have long identified this fact and called for caution when intervening, as competition in the field of innovation takes place not in today’s markets, but for the markets of tomorrow.</p><img src="https://counter.theconversation.com/content/40291/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Evgenia Kanellopoulou does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
First search, then shopping, now Android – European Commission sets out to take Google to task.
Evgenia Kanellopoulou, Lecturer in Law, University of Salford
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/38397
2015-03-05T16:38:22Z
2015-03-05T16:38:22Z
To upgrade or not upgrade? That is the all-too-frequent question
<figure><img src="https://images.theconversation.com/files/73948/original/image-20150305-3314-j6k4rp.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">'If I'm honest I just don't think this is Windows 10-compatible.' (with apols to Ritchie & Thompson)</span> <span class="attribution"><a class="source" href="http://commons.wikimedia.org/wiki/File:Ken_Thompson_(sitting)_and_Dennis_Ritchie_at_PDP-11_(2876612463).jpg">Peter Hamer</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span></figcaption></figure><p>The question of whether or not to go for the upgrade or stick with the devil you know is an increasingly common contemporary dilemma; the lure of new features against the threat of potentially disabling a device that plays an important role in our lives.</p>
<p>For example, Apple iPhone users who were quick to upgrade their phones to iOS 8 <a href="http://fieldguide.gizmodo.com/the-worst-ios-8-1-bugs-and-how-to-fix-them-1651727596">got burned by bugs</a>. In fact many cynics see “point-zero” software versions (eg, 8.0) as nothing short of testing releases, and wait for later minor updates (eg, 8.1) to iron out the problems.</p>
<p>But even this behaviour can’t explain how Microsoft’s venerable Windows XP operating system, introduced in 2001 and officially retired in 2014, has <a href="http://www.theregister.co.uk/2015/03/02/windows_xp_markets_share_grows_again/">grown its market share</a> against more recent versions.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=193&fit=crop&dpr=1 600w, https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=193&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=193&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=243&fit=crop&dpr=1 754w, https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=243&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/73941/original/image-20150305-3284-1ep0prm.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=243&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Desktop operating system market share, Jan-Feb 2015.</span>
<span class="attribution"><span class="source">netmarketshare</span></span>
</figcaption>
</figure>
<p>The problem for software and hardware developers and technological giants such as Microsoft, Apple, and Google is that despite technology’s constant, rapid advancements many users are happy with what they’ve got. Unintentionally this makes these firms’ task much harder. </p>
<p>Microsoft Windows is 32 years old – businesses have used Microsoft products and applications built to run on them for decades, and they expect <a href="http://www.techopedia.com/definition/4230/backward-compatible">backward compatibility</a>. Developers want those using their products to stick with them as new versions come out, which means data created with older versions must be accessible by the latest version.</p>
<h2>The update rat-race</h2>
<p>While for home and business users the trade off is often between features or convenience and cost, for software companies the issue is the cost burden of supporting and updating not just the current but older versions too. This is why most will <a href="http://windows.microsoft.com/en-GB/windows/lifecycle">declare end-of-life on their products</a> past a certain age. Commercial software developers want to sell you new versions, and developers of all kinds would prefer to be able to focus on improvements and new additions, not the needs of a shrinking group of users wedded to increasingly out-of-date software.</p>
<p>When Google announced it had <a href="https://theconversation.com/google-deals-out-tough-love-as-it-ends-security-updates-for-a-billion-android-users-36367">stopped supporting Android versions prior to 4.3</a>, it was making this point. There are already two more recent versions – 4.4 and 5.0 – and the costs of providing continued support and updates for old versions is a drain. On top of that, older versions may not support new technology or standards (for example for faster internet access technology, better sound or video). Backporting these features into older versions can be costly, time-consuming, and often impossible. Better to persuade handset manufacturers and consumers to upgrade.</p>
<p>Microsoft has this problem on an enormous scale, with its products running what is probably billions of computers and devices worldwide. There have been four subsequent versions (Windows Vista, 7, 8, 8.1) and Windows 10 will arrive soon, but 15 years old or not, Windows XP is still common despite its limitations, and appears in embedded systems such as cash machines and point-of-sale terminals. </p>
<p>For some organisations not upgrading may be a matter of cost, but for others it’s the risk of disruption to daily business operations – particularly if key applications built for one version of Windows won’t play nicely with another. Having the latest version may be “fun”, but when the business is on the line, it’s a case of if it isn’t broke, don’t fix it.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=177&fit=crop&dpr=1 600w, https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=177&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=177&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=222&fit=crop&dpr=1 754w, https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=222&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/73946/original/image-20150305-3327-g9aw4o.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=222&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Well now, that sure sounds expensive.</span>
<span class="attribution"><span class="source">dragonicefire</span>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<h2>A work-around for the upgrade cycle</h2>
<p>If you’re content with what you have then the eternal upgrade cycle can be avoided for many years. But if cost is the issue then there are alternatives – free and low-cost alternatives that provide functionality without the hassle.</p>
<p>The obvious examples are free or open source operating systems such as <a href="https://theconversation.com/linux-is-the-quiet-revolution-that-will-leave-microsoft-eating-dust-28533">Linux</a>. Since the arrival of <a href="http://www.ubuntu.com">Ubuntu</a> (a version of Linux) in 2004 it has also become more user-friendly rather than merely a tool for experts and server administrators. It’s possible to run Linux on much cheaper, less well-equipped computers than required for Windows or Mac OS X and still enjoy the benefits of the current technological generation.</p>
<p>It’s also possible to run really old software using <a href="http://www.techopedia.com/definition/601/desktop-virtualization">desktop virtualisation</a> – software that allows you to run one operating system within another, as if it were just another application. Alternatively many emulators imitate older operating systems or computers – <a href="http://www.dosbox.com/">DOSBox</a> emulates DOS, the text-based precursor to Windows, and others emulate <a href="http://basilisk.cebix.net/">old Macintosh computers</a>, 8-bit home computers, and all manner of video game consoles or <a href="http://mamedev.org/">arcade cabinets</a>.</p>
<p>The update cycle can be a constant churn – driven by the bottom line of the companies involved rather than the utility and value offered to the customer. But as sure as night follows day, better hardware and software will come along and we all jump on. The question is, how long will you wait?</p><img src="https://counter.theconversation.com/content/38397/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Andrew Smith does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
The question of whether or not to go for the upgrade or stick with the devil you know is an increasingly common contemporary dilemma; the lure of new features against the threat of potentially disabling…
Andrew Smith, Lecturer in Networking, The Open University
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/37068
2015-02-02T19:13:59Z
2015-02-02T19:13:59Z
Microsoft’s embrace of open source is driven by commercial practicality not principle
<figure><img src="https://images.theconversation.com/files/70845/original/image-20150202-25825-186234p.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Beware of geeks bearing gifts...</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/johanl/4893436057/">johanl</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>Microsoft’s part in a <a href="http://www.wsj.com/articles/BL-DGB-40241">US$70m investment in CyanogenMod</a> has raised many eyebrows: why is Microsoft investing in a popular version of the Android mobile phone operating system, when it has its own competing <a href="http://www.windowsphone.com/en-gb">Windows Phone</a> product? The firm’s motivations behind investing in the most open version of the Android operating system have justifiably made open-source advocates <a href="http://techrights.org/2015/02/01/cyanogen-microsoft">decidedly nervous</a>. </p>
<p>Android is an open-source project maintained by its creator, Google. Ongoing work goes into the <a href="https://source.android.com/">Android Open Source Project</a> (AOSP), from which Google develops its own <a href="https://www.android.com/history/">“official” releases</a>. Other developers, such as <a href="http://www.cyanogenmod.org/">Cyanogen</a>, are free to take the AOSP codebase and produce their own variations for different devices.</p>
<p>There have been concerns among Android developers that <a href="http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/">Google is taking greater control of Android</a>, closing off more and more of the code. But in voicing the idea of wresting control of the project from Google one would imagine that doing so only to give it to Microsoft was not what they had in mind.</p>
<p>Yet this is exactly what Microsoft’s investment in CyanogenMod gave its CEO the confidence to <a href="http://androidforums.com/threads/cyanogenmod-to-take-google-out-of-android-microsoft-investing.897967">claim</a> – freeing users, he claims, from the requirements of Google’s Play Store or any of the other Google applications that are found by default on most mobile phones and tablets.</p>
<h2>The Cathedral and the Bazaar</h2>
<p>Open-source projects conducting multi-million dollar commercial deals is a far cry from 1999 – the year open-source activist and developer Eric Raymond published his book <a href="http://www.catb.org/esr/writings/cathedral-bazaar/">The Cathedral and The Bazaar</a>, in which he explained how open-source software development could work commercially to a technology industry that understood only a proprietary, closed-source approach. The book provided a workable open-source philosophy for the growing bands of open-source developers – and in the years since, this approach has become more established and found fertile ground in other areas, such as academic publishing and music.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/70848/original/image-20150202-13054-13o1m7v.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Somewhere between a call to arms and a handbook.</span>
<span class="attribution"><a class="source" href="https://www.flickr.com/photos/hades2k/7001927337/">hades2k</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>Raymond’s “cathedral” is a thinly veiled reference to Microsoft’s absolute commitment to proprietary software development – a technocratic priesthood that kept the secrets within the temple. In 1999 a closed, proprietary approach was seen as the primary – if not the only way – to profit from software. This software business model followed the lead of computer hardware manufacturers, who would strive to “lock in” buyers to the firm’s ecosystem of products – compatible with each other but more often than not incompatible with those of other manufacturers. </p>
<p>But the industry has moved on: fledgling companies in the late 1990s such as <a href="http://www.redhat.com/en">Red Hat</a>, <a href="https://www.suse.com/">Suse</a>, and Google, and those that have arrived since such as <a href="http://www.canonical.com/">Canonical</a> and <a href="http://thevarguy.com/open-source-application-software-companies/top-50-open-source-companies-where-are-they-now">many others</a> have become enormous open-source success stories. Industry titans such as IBM and Sun also embraced the open-source approach. Much of the suspicion and fear (<a href="http://www.catb.org/jargon/html/F/FUD.html">FUD</a>) has dissipated. And the proof is in the pudding: open-source software underpins a great number of the applications and systems we use each day, and the internet’s infrastructure itself.</p>
<h2>Opening up</h2>
<p>Microsoft has changed too. It is still the <a href="http://mashable.com/2014/04/01/top-software-companies">world’s largest software company</a> – and the overwhelming majority of the world’s computers at work and at home still run Microsoft Windows and Microsoft Office, despite the company <a href="http://www.google.co.uk/trends/explore#q=microsoft%2C%20apple%2C%20android&cmpt=q&tz=">losing the prominence it once had</a> in comparison to Android or Apple. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=323&fit=crop&dpr=1 600w, https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=323&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=323&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=405&fit=crop&dpr=1 754w, https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=405&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/70836/original/image-20150202-8997-1n66x0d.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=405&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">The rise and fall of Microsoft, Apple and Android’s popularity.</span>
<span class="attribution"><span class="source">Google Trends</span></span>
</figcaption>
</figure>
<p>But Microsoft’s corporate website <a href="http://www.microsoft.com/en-us/openness/default.aspx">now discusses open source</a>, focusing on interoperability between their own proprietary software and a range of open-source projects. Microsoft already has a number of <a href="http://www.microsoft.com/opensource/directory.aspx">open-source projects</a> within the corporate fold, and its developers <a href="https://msopentech.com/">contribute to many more</a>. <a href="http://blogs.msdn.com/b/dotnet/archive/2014/11/12/net-core-is-open-source.aspx">Recent announcements</a> have even included the open-sourcing of projects developed in-house by the company. Some 15 years later, Microsoft has shifted at least part of its efforts from its cathedral to the open-source bazaar.</p>
<p>The announcement that the <a href="http://www.extremetech.com/extreme/197093-microsoft-open-sources-its-worldwide-telescope-project">Worldwide Telescope project</a> would be open sourced was greeted with bemusement. But creating a version of .NET, a core Microsoft development platform upon which Windows-compatible software is written, is a <a href="http://opensource.com/business/14/11/microsoft-dot-net-empower-open-source-communities">significant statement</a>. </p>
<h2>Practicality not principle</h2>
<p>But this is for sound commercial reasons: open the new .NET Core to a wider set of developers and they will help with its upkeep against competing, flourishing open-source products. New adopters it attracts will be tied to various Microsoft plug-ins, additional services and support. This “<a href="http://www.freemium.org/what-is-freemium-2/">freemium</a>” approach – the product is free but support and services come at a cost – is a viable business model already employed by many. However, the chance of success that this decision will brring in coming so late in the game <a href="http://www.infoworld.com/article/2850050/microsoft-net/microsoft-open-source-net-cant-match-open-source-java.html">is debatable</a>.</p>
<p>In the final analysis, embracing open source has become the only option for Microsoft in the face of so many smaller, dynamic competitors. For sure, this is less Microsoft taking on board the principles of <a href="http://opensource.com/open-source-way">open development, sharing and co-operation</a> and more an attempt to buy its way into what has always been the dynamic world of the bazaar in order to harness the talents of developers outside the cathedral walls.</p>
<p>In this as with so many decisions, Microsoft’s wait-and-see approach has its risks. It was late to acknowledge the internet, web, and email. With each of the products it released – Internet Explorer, Outlook/Exchange, Office, mostly through acquired technology – Microsoft infamously attempted to define de facto standards for HTML support, email, word processor and spreadsheet document formats, and more.</p>
<p>Open-source activists are correct to wonder whether Microsoft has more of the same planned: most of its current open-source manoeuvres such as investing in Cyanogen follow the same approach of previous acquisitions. The key difference is that software developed in the bazaar has developers and users who are passionate about the project. For them open-source software is not just a commodity to be bought and sold; whether there is any place for the cathedral in the bazaar is yet to be seen.</p><img src="https://counter.theconversation.com/content/37068/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Gordon Fletcher does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Microsoft’s part in a US$70m investment in CyanogenMod has raised many eyebrows: why is Microsoft investing in a popular version of the Android mobile phone operating system, when it has its own competing…
Gordon Fletcher, Centre for Digital Business, University of Salford
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/36367
2015-01-16T15:43:44Z
2015-01-16T15:43:44Z
Google deals out ‘tough love’ as it ends security updates for a billion Android users
<figure><img src="https://images.theconversation.com/files/69260/original/image-20150116-5165-1ebhu44.png?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Android: unsteady as she goes.</span> <span class="attribution"><a class="source" href="http://commons.wikimedia.org/wiki/File:Android_robot_skateboarding.svg">Bersam/Google</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>Google’s announcement that it will <a href="http://www.bbc.co.uk/news/technology-30795253">not provide security updates</a> for older versions of its Android mobile operating system means that more than a billion users face growing security risks to their phones or tablets. </p>
<p>While Android phones and tablets have <a href="http://www.idc.com/prodserv/smartphone-os-market-share.jsp">grown exponentially in popularity</a>, from 4% market share in 2009 to 84% in 2014, by abandoning support for versions prior to <a href="http://www.android.com/versions/kit-kat-4-4/">Android 4.4 “Kit Kat”</a> Google’s decision affects <a href="http://www.computerworld.com/article/2867043/google-stops-patching-core-android-component-in-60-of-devices.html">more than 60% of Android users</a> running older versions that will now be vulnerable.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=326&fit=crop&dpr=1 600w, https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=326&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=326&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=410&fit=crop&dpr=1 754w, https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=410&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/69249/original/image-20150116-5177-uhladw.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=410&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Android’s long tail - many users still run older versions.</span>
<span class="attribution"><span class="source">Erikrespo/Google data</span>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>At the heart of this announcement is a piece of software called WebView, a component of the built-in web browser in earlier versions of Android, but which also turns up in many apps. It is WebView that Google is dropping support for, replaced in version 4.4 with <a href="https://developer.chrome.com/multidevice/webview/overview">a new component</a> taken from Google’s browser, Chrome. </p>
<p>The reason for this is largely down to the number of security flaws found in the software, at least in part because it <a href="http://appleinsider.com/articles/15/01/13/android-50-lollipop-still-hard-to-find-full-of-bugs-as-google-shrugs-off-security-flaws-for-60-of-its-installed-base">incorporates support for Adobe Flash</a> which has simply proven too difficult to secure – ironically, as it was something Google touted as a plus for Android when <a href="https://www.apple.com/hotnews/thoughts-on-flash/">Apple dropped Flash support</a> for the iPhone.</p>
<p>There was no official announcement. In response to security researchers Rapid7 who had <a href="https://community.rapid7.com/community/metasploit/blog/2015/01/11/google-no-longer-provides-patches-for-webview-jelly-bean-and-prior">reported another WebView bug that needed fixing</a>, Google responded:</p>
<blockquote>
<p>If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch.</p>
</blockquote>
<h2>Many hands make light work</h2>
<p>So Google is no longer fixing problems in anything but their latest (Android 5.0/Lollipop) or second-latest (Android 4.4/Kit Kat) versions, offloading the responsibility to either those that find the flaw, other interested developers, or phone manufacturers such as Samsung, HTC, or LG.</p>
<p>Android is an <a href="https://source.android.com/">open-source operating system</a> developed jointly by Google and other interested developers around the world who are able to update and maintain the codebase, while Google manages and steers the project. By making Android an open-source project, Google increases the community’s ownership of the project, encouraging others to work on it. This approach is contrary to Google’s competitors – <a href="https://www.apple.com/uk/ios/">Apple’s iOS</a> and <a href="https://www.windowsphone.com/">Microsoft’s Windows Phone</a> – who develop their operating systems entirely in-house and keep tight control of their code.</p>
<p>So Google’s decision makes more sense with that in mind – the code for Apple and Microsoft’s operating systems is closed, so those firms wouldn’t be able to hand off their responsibility in this way. But Google can at least offer others the chance to tackle the problems.</p>
<h2>Keeping you and your data safe</h2>
<p>Our mobile phones are used for sensitive activities – from logging in to websites filled with personal data, to <a href="http://www.federalreserve.gov/econresdata/consumers-and-mobile-financial-services-report-201403.pdf">online banking or online shopping</a>. It’s important to keep any software on any device – phone, tablet, or computer – up-to-date with the latest versions that patch those flaws and vulnerabilities that have been discovered. Encouraging more people to use the latest versions has been a key part of Google’s approach, through automatic updates and cloud services. </p>
<p>However, mobile phone manufacturers are keen to sell us their <a href="http://www.geek.com/android/5-android-smartphones-worth-waiting-for-1534820/">latest phones</a>. Providing ongoing support for older phones is expensive and phone manufacturers, and especially the telecoms companies that sell them to us, are already <a href="http://www.extremetech.com/mobile/197346-google-throws-nearly-a-billion-android-users-under-the-bus-refuses-to-patch-os-vulnerability">terrible at updating phones</a>, generally <a href="http://www.xperiablog.net/2014/02/04/sony-mobile-ends-software-support-for-xperia-s-ion-p-u-go-and-more/">dropping support for older models</a> as soon as they can. Expecting them to provide regular security updates seems far-fetched.</p>
<p>The upshot is that now phones even less than a year old are potentially vulnerable – Android 4.4 may have been “released” in late 2013, but new phones were <a href="http://www.techradar.com/news/phone-and-communications/mobile-phones/htc-reviewing-android-4-3-can-t-say-what-products-will-get-it-yet-1168310">arriving with 4.3 installed</a> well into 2014. So, what can we do? Buy a new Android phone, or switch to Apple, Microsoft, or Blackberry? </p>
<p>Apple devices are considered by some to be more secure because of the <a href="http://www.forbes.com/sites/symantec/2014/07/24/android-vs-ios-which-is-more-secure">tightly controlled ecosystem</a>, from the operating system code to the vetting of apps in the App Store. But <a href="http://uk.pcmag.com/opinion/33351/ios-safer-than-android-maybe-not">even iOS is not immune</a>. Part of Android’s appeal is the fact that it is open: easy to access and customise, but with a greater risk from rogue apps, viruses, and hacks. It also means that, with the requisite technical skill and patience, Android users can tackle these problems themselves, unlocking, upgrading and customising their own devices as they like – such is the way with open source. </p>
<h2>The moral of the story</h2>
<p>So, are Google setting more than half their users up for a fall? In practice this may not have a huge impact for most. It may encourage phone manufacturers and the telecoms companies that sell them on to us to be more forthcoming with software updates for their devices, reducing the number of devices running out-of-date software. </p>
<p>Ultimately, the key message is that we need to start thinking of mobile devices as computers, not just phones, with all the caveats about security software, updates and precautions which that entails. This could be the tough love from Google that pushes people in that direction.</p><img src="https://counter.theconversation.com/content/36367/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Aleksej Heinze receives funding from from a number of organisations including the European Commission and Technology Strategy Board (now Innovate UK). He is the head of the advisory board to the Search Engine Marketing Trade Association (SEMTA).</span></em></p><p class="fine-print"><em><span>Alex Fenton does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Google’s announcement that it will not provide security updates for older versions of its Android mobile operating system means that more than a billion users face growing security risks to their phones…
Aleksej Heinze, Senior Lecturer and Co-Director of the Centre for Digital Business, University of Salford
Alex Fenton, Lecturer in Digital Business, University of Salford
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/33641
2014-11-23T19:13:07Z
2014-11-23T19:13:07Z
Sound advice – a new way to eavesdrop on Nexus phones
<figure><img src="https://images.theconversation.com/files/64671/original/3d32gvg5-1416186049.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Listening in to a conversation can be easy if you have the right code in place.</span> <span class="attribution"><a class="source" href="http://www.flickr.com/photos/smoovey/3297533849">A. Strakey/Flickr</a>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span></figcaption></figure><p>You don’t have to look far to see how many ways criminals can exploit mobile devices for nefarious purposes. From simple phishing scams to creating <a href="http://dx.doi.org/10.1016/j.cose.2011.08.004">fake Wi-Fi networks</a>, the methods in which data can be stolen from smartphones seem endless.</p>
<p>In <a href="http://dx.doi.org/10.1016/j.cose.2014.10.016">research</a> to be published in the journal Computers & Security in February, colleagues at the University of South Australia and I showed it’s even possible to pick up data from Android devices by “listening” to sounds humans can’t hear.</p>
<p>Look around you. You probably have at least one smartphone with you most of the time, and these devices can see and hear things around you, as well as <a href="https://theconversation.com/your-phone-knows-the-three-places-you-visit-each-day-13999">pinpoint your location</a>. </p>
<p>Recently colleagues and I <a href="http://dx.doi.org/10.1080/0144929X.2014.934286">surveyed</a> 250 staff and students from the University of South Australia. Unfortunately, but not surprisingly, we found that our survey respondents generally underestimated and did not understand the security and privacy risks associated with the use of mobile devices and apps. </p>
<p>In another recent study, my PhD student Christian D’Orazio and I examined the Apple iOS and systematically analysed mobile devices and apps for vulnerabilities. </p>
<p>By looking into various Apple devices and a range of popular apps (including a government healthcare app), we uncovered previously unknown vulnerabilities (such as software bugs) that could be exploited to expose user-sensitive data stored on or transmitted from the affected devices. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=428&fit=crop&dpr=1 600w, https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=428&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=428&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=538&fit=crop&dpr=1 754w, https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=538&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/64563/original/wg8tmr92-1415943508.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=538&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption"></span>
<span class="attribution"><a class="source" href="http://www.flickr.com/photos/johnragai/8570681159">John Ragai/Flickr</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<p>In our Computers & Security paper mentioned above, Quang Do, Ben Martini and I designed a technique which could allow an attacker to covertly exfiltrate data from Android devices via communication methods such as SMS and audio. </p>
<p>If you want to get technical, we injected exfiltration code into the default keyboard on an Android <a href="https://play.google.com/store/devices/details/Nexus_4_16GB?id=nexus_4_16gb&hl=en">Nexus 4</a>. This produced coded sounds (inaudible to humans) based on key presses, which were picked up by a microphone on an external device and decoded. </p>
<p>We chose the default keyboard on the Nexus 4 because it handled all data input, including usernames and passwords. Another advantage was that it was always running, so the services it instantiated were always running as well.</p>
<p>So how can Google prevent this happening to Nexus 4 users? Something that would work for most apps on the market is to limit the frequencies in which an app may produce sound, and request permission from the user when an app wants to produce inaudible sounds. </p>
<h2>Another step in the digital arms war</h2>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=613&fit=crop&dpr=1 600w, https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=613&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=613&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=770&fit=crop&dpr=1 754w, https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=770&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/64564/original/gdzbqh6z-1415943696.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=770&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption"></span>
<span class="attribution"><a class="source" href="http://www.flickr.com/photos/mastrobiggo/2322403792">Massimo Regonati/Flickr</a>, <a class="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA</a></span>
</figcaption>
</figure>
<p>As the use of mobile devices and apps grows throughout society in general, so does their use by criminals. </p>
<p>This is particularly evident in areas of sophisticated and organised crime where ongoing secure communication is critical for the operation of the criminal syndicate. </p>
<p>During investigations of crimes involving mobile devices, there is usually some accumulation or retention of data on a mobile device that will need to be identified, preserved, analysed and presented in a court of law – a process known as <a href="http://aic.gov.au/media_library/publications/tandi_pdf/tandi460.pdf">digital forensics</a>. </p>
<p>Existing forensic techniques are designed to collect evidential data from typical mobile device users, such as where advanced security features and anti-forensic techniques are rarely exploited to their full extent. </p>
<p>Our research could provide another weapon in this arsenal for crime investigators.</p>
<p>So while serious and organised criminals often make use of devices specifically designed to evade legal interception and forensic collection attempts, such as the Android-based Blackphone and the well-known BlackBerry, we should not blame technological advances for any increase in cybercriminal exploitation. </p>
<p>Rather, we should learn their tricks to use against them.</p><img src="https://counter.theconversation.com/content/33641/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Kim-Kwang Raymond Choo receives funding from the Australian Research Council and National Drug Law Enforcement Research Fund.</span></em></p>
You don’t have to look far to see how many ways criminals can exploit mobile devices for nefarious purposes. From simple phishing scams to creating fake Wi-Fi networks, the methods in which data can be…
Kim-Kwang Raymond Choo, Fulbright Scholar and Senior Lecturer, University of South Australia
Licensed as Creative Commons – attribution, no derivatives.
tag:theconversation.com,2011:article/32059
2014-09-24T14:26:50Z
2014-09-24T14:26:50Z
Android One won’t make Google big bucks, so why bother with cheap smartphones?
<figure><img src="https://images.theconversation.com/files/59799/original/np9f68xs-1411484727.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Time for an upgrade kiddo.</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/sarahamina/3716085867">sarahamina</a>, <a class="license" href="http://creativecommons.org/licenses/by-nc/4.0/">CC BY-NC</a></span></figcaption></figure><p>Google launched its <a href="http://www.android.com/one/">Android One</a> initiative this summer, with the aim of bringing smartphones, apps and the whole mobile internet to the five billion people around the world who do not yet have access to a smartphone. The program targets worlds’ most populous areas, especially in Asia, and the first devices have just <a href="http://techcrunch.com/2014/09/15/android-one-india/">recently been announced</a> in India.</p>
<p>Google will not manufacture or sell the phones itself. The company provides a reference design for an affordable Android device to its partners in the developing world, and software tailored to its target users, such as an offline version of the YouTube app in order to save its users from racking up data transfer bills. Manufacturing partners can modify the reference design to differentiate their products from one another’s. All will undoubtedly benefit from Google’s massive marketing machine.</p>
<p>Producing and selling a high-quality modern smartphone at a price point that is affordable to billions of people sounds like a loss leader strategy. This is the strategy adopted by many video game console manufacturers (although <a href="http://www.forbes.com/sites/timworstall/2013/09/06/microsoft-upends-the-economics-of-games-machines-with-xbox-one/">reversed</a> by Microsoft for its latest Xbox One), consumer inkjet printers or razors – the profits are made on sales of games, ink cartridges or blades respectively. This is not the case with Android One. </p>
<p>Most of the initial partners are brands relatively unknown in the west like <a href="http://tech.firstpost.com/reviews/micromax-canvas-a1-android-one-review-humble-specs-but-brilliant-experience-234768.html">Micromax</a>, <a href="http://www.gizbot.com/mobile/karbonn-sparkle-v-spice-dream-uno-mi-498l-micromax-canvas-a1-top-10-smartphone-rivals-019595-pg1.html">Karbonn and Spice</a> which operate with much smaller margins than global top-tier brands such as Samsung and Apple.</p>
<h2>Cutting edge</h2>
<p>They do not spend billions to advertise their products, for example. And while hardware components carry a cost, it is not nearly as much as the retail price of the latest Samsung or Apple kit would have us believe. The components of the cutting edge, recently launched Apple iPhone 6 cost <a href="http://www.businessinsider.com/iphone-6-teardown-reveals-costs-2014-9">an estimated US$229</a>, compared to its price tag of more than US$600. Using cheaper components, it could be entirely possible to manufacture and sell a decent smartphone below US$100, since most of the research and development costs are borne by Google.</p>
<p>So if Google is going to make hardly any revenue from the sale of Android One phones, why bother? </p>
<p>The push into developing markets is easy to understand when seen against the company business model and strategy. According to Google, its “mission is to ”<a href="https://www.google.com/about/">organise the world’s information and make it universally accessible and useful</a>“. Google makes money by selling highly targeted advertising – primarily from all that information it has made universally accessible and useful. The more users there are of its Android mobile phones, the more valuable advertising targeting information and opportunities there are for monetisation. Android One can be understood as an attempt to secure future growth – with the emphasis on future. Like other major technology companies, Google is cash rich and in an extremely strong position, and this allows them to be very patient and play the long game in order to turn strategic initiatives into profits.</p>
<p>It is also tempting to speculate that Google wants to preempt the possibility that a potential competitor could, by dominating developing markets, gain the momentum to challenge Android – currently the <a href="http://www.ibtimes.com/android-vs-ios-whats-most-popular-mobile-operating-system-your-country-1464892">world’s most popular</a> mobile phone operating system. Google can leverage its business model and massive cash resources to turn smartphone manufacturing into a highly competitive, low-margin business that will make it very difficult for any potential competitor to recoup research and development costs from subsequent hardware sales. In fact Google’s efforts are <a href="http://www.theregister.co.uk/2014/09/19/smartphones_its_the_economics_stupid">already destroying equipment manufacturers margins</a>, changing the dynamics of the industry.</p>
<h2>First world problems?</h2>
<p>What about the consumers who will use these affordable Androids? One could be as unforgiving as <a href="http://www.hbs.edu/faculty/Pages/profile.aspx?facId=6582">Shoshana Zuboff</a>, retired professor at Harvard Business School, who <a href="http://www.faz.net/aktuell/feuilleton/debatten/the-digital-debate/shoshanna-zuboff-dark-google-12916679.html">feels considerable unease</a> at the extent to which one company has expanded its ability to extract increasingly detailed data from the whole world’s population. Perhaps these are "first world problems” that only the western intelligentsia has time for – but they can hardly be faulted for being suspicious of the company whose former CEO famously <a href="http://www.huffingtonpost.com/2009/12/07/google-ceo-on-privacy-if_n_383105.html">stated</a>: “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”</p>
<p>Most people are going to be, at least initially, happy to get their hands on a decent smartphone. There will be lots of ingenious applications that cater for particular social settings and needs. There are genuine social and economic benefits that stem from granting more and more people access to the digital, internet-connected ecosystem, and these cannot be dismissed as a public relations exercise or corporate profiteering. </p>
<p>At the same time, it would be naive not to see the <a href="http://www.washingtonpost.com/politics/how-google-is-transforming-power-and-politicsgoogle-once-disdainful-of-lobbying-now-a-master-of-washington-influence/2014/04/12/51648b92-b4d3-11e3-8cb6-284052554d74_story.html">strategy</a> involved in Google’s data-based business. Today’s technology business behemoths command resources that exceed many national governments, and their activities can change the conditions of people’s lives, whether or not this is their intention.</p><img src="https://counter.theconversation.com/content/32059/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Aleksi Aaltonen does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>
Google launched its Android One initiative this summer, with the aim of bringing smartphones, apps and the whole mobile internet to the five billion people around the world who do not yet have access to…
Aleksi Aaltonen, Assistant Professor of Information Systems, Warwick Business School, University of Warwick
Licensed as Creative Commons – attribution, no derivatives.