2016-02-18



Yes, we need to discuss this. Photo by Janitors on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Ringing Bells Freedom 251: cheapest Android smartphone for just Rs 251 ($3.65) » TechPP

Raju PP:

• 4-inch qHD screen with IPS

• 1.3 GHz quad-core processor

• 1GB RAM

• 8GB internal storage

• microSD slot for up to 32GB of external storage

• 3.2MP rear camera with auto focus

• 0.3MP (VGA) front camera

• 3G support

• 1450 mAh battery

• Android 5.1 Lollipop

The above hardware specifications look like an entry level smartphone from 2014 with no major compromises. Going by the published images, it doesn’t look bad either, at least not an eyesore that one would expect for a phone costing less than what you’d pay for a coffee at Starbucks.

Looks OK (they have actual photos). A bit like something from a cornflakes packet, but at that price it’s proof of how Android is revolutionising communication, and the world.

Only question now is whether the company can survive and make enough.
link to this extract

Samsung fails to secure thousands of SmartThings homes from thieves » Forbes

Thomas Fox-Brewster:

Critically, anyone relying on SmartThings devices for home security is vulnerable. In an environment where the SmartThings hub is connected to the firm’s own motion sensors, which act like traditional security alarms but provide alerts to people’s phones when activity is detected, they allow a hacker to enter a home undetected. Even worse, when connected to a connected smart lock, Cognosec researcher Tobias Zillner says a robber can get break into a home without using any brute force whatsoever.

“At the moment I am able to hack the system … and open the door lock as well as to jam the motion sensor without any trace left back in the system,” he told Forbes.

Come on, you knew the Internet of Things was going to lead to this.
link to this extract

Priorities in a time of plenty » Asymco

Horace Dediu:

The mass phenomenon of measuring the wrong thing because it’s the easiest to measure is called “financialization”. Financialization is the process by which finance and finances (rather than creation) determine company, individual and society’s priorities. It comes about from an abundance of data that leads to fixation on what is observable to the detriment of awareness of hazards or obstacles or alternatives. This phenomenon is more likely when the speed of change increases and decision cycles shorten.

Financialization is creeping into all aspects of society and the extent to which it infects companies is the extent to which they suffer from early mortality.

So is Apple avoiding financialization? How can anyone avoid the tyranny of mis-optimization?

Dediu’s writing is lyrical, despite the topic; the way that he seems to grope towards the conclusion (but actually knows where he’s going) is great to watch.
link to this extract

The ax falls at Yahoo » POLITICO

Peter Sterne:

“On our recent earnings call, Yahoo outlined out a plan to simplify our business and focus our effort on our four most successful content areas  – News, Sports, Finance and Lifestyle. To that end, today we will begin phasing out the following Digital Magazines:  Yahoo Food, Yahoo Health, Yahoo Parenting, Yahoo Makers, Yahoo Travel, Yahoo Autos and Yahoo Real Estate,” [Yahoo global editor in chief Martha] Nelson wrote in a Tumblr post.

In addition, a source familiar with the matter said that Yahoo was ending its tech vertical and moving some of its staff — including former New York Times columnist David Pogue — to Yahoo’s news vertical. Eater first reported that the food vertical was being shut down and Skift first reported that the travel vertical was being shut down.

As part of the changes, the editors of all of the eliminated verticals are being laid off. Dan Tynan, who joined Yahoo Tech as a columnist in December 2013 and became editor in chief of the vertical in July 2015, announced his departure in a farewell memo to staff.

“Well, that was not entirely unexpected. Eight Hundred and Four days after taking the purple, my career as a Yahoo is over,” he wrote.

Doubt the chopping is over yet. Tynan wrote in his memo that he worked with “the best (and smallest) staff of any tech publication on the internet”. You can argue about the quality, but smallest? Lots of news orgs would disagree.
link to this extract

Vaio near deal with Toshiba, Fujitsu to form Japan PC giant » Bloomberg Business

Pavel Alpeyev and Takashi Amano:

Vaio Corp., the personal computer maker spun off from Sony Corp. in 2014, is closing in on a three-way merger with rivals to create a producer that can dominate Japan and weather a shrinking global PC market.

Vaio expects to strike an agreement to combine with Toshiba Corp.’s and Fujitsu Ltd.’s PC divisions by the end of March, said Hidemi Moue, chief executive officer of Japan Industrial Partners Inc., the buyout fund that now controls the former arm of Sony. Vaio expects to own the biggest stake in the merged company, which can help the trio save on research and development and scale production, he said…

…The tie-up “makes sense if you want to build a niche consumer base in Japan,” said Damian Thong, an analyst at Macquarie Group Ltd. in Tokyo. “This approach of merging three Japanese PC makers will probably have little chance of success outside of the country”…

…“In the PC business, all options are on the table for restructuring and partnerships, but nothing has been decided at this moment,” Toshiba’s spokesman Hirokazu Tsukimoto said. A spokeswoman at Fujitsu declined to comment.

In contrast to the gloom, Vaio is set to report its first monthly profit in March and Moue expects the company to be profitable in the year ending May 2017. Japan Industrial Partners has slashed the workforce to 240 from about 1,000, slimmed its product line-up and focused on premium business users, he said.

Consolidation was inevitable.
link to this extract

In the matter of the search of an Apple iPhone seized during the execution of a search warrant » DocumentCloud

This is a scan of the order compelling Apple to help the FBI break into an iPhone 5C used by one of the San Bernadino killers (more details on this below, or in the docket). Note that it says that Apple must “[provide] the FBI with a signed iPhone software file, recovery bundle or other Software Image File that can be loaded onto the Subject Device… The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the Subject Device.”

Apple has five days to appeal. Below is its response.
link to this extract

Customer Letter » Apple

Tim Cook (and perhaps a few others at Apple) on why they’re refusing to create a version of iOS to be installed on an iPhone 5C seized from one of the killers in the terrorist attack at San Bernadino that would let the US government brute-force its password/code:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Apple has framed this well: that it’s about security (not privacy). You’ll recall that last week the FBI’s director declared that investigators couldn’t unlock the phone.

The American Civil Liberties Union and Electronic Frontier Foundation and WhatsApp have all backed Apple’s stance; the ACLU says “code is speech, and this would be forced speech, which is against the First Amendment, and perhaps the Fourth and Fifth too”.
link to this extract

Apple versus the FBI, understanding iPhone encryption, the risks for Apple and encryption » Stratechery

Ben Thompson dug into the detail of the encryption that the 5C held by the FBI does and doesn’t have; if it had been a 5S, he explains, things would have been different:

thanks the secure enclave an iPhone 5S or later, running iOS 8 or later, is basically impossible to break into, for Apple or anyone else. The only possible solution from the government’s perspective comes back to the more narrow definition of “backdoor” that I articulated above: a unique key baked into the disk encryption algorithm itself.

This solution is, frankly, unacceptable, and it’s not simply an issue of privacy: it’s one of security. A master key, contrary to conventional wisdom, is not guessable, but it can be stolen; worse, if it is stolen, no one would ever know. It would be a silent failure allowing whoever captured it to break into any device secured by the algorithm in question without those relying on it knowing anything was amiss. I can’t stress enough what a problem this is: World War II, especially in the Pacific, turned on this sort of silent cryptographic failure. And, given the sheer number of law enforcement officials that would want their hands on this key, it landing in the wrong hands would be a matter of when, not if.

This is why I’m just a tiny bit worried about Tim Cook drawing such a stark line in the sand with this case: the PR optics could not possibly be worse for Apple. It’s a case of domestic terrorism with a clear cut bad guy and a warrant that no one could object to, and Apple is capable of fulfilling the request. Would it perhaps be better to cooperate in this case secure in the knowledge that the loophole the FBI is exploiting (the software-based security measures) has already been closed, and then save the rhetorical gun powder for the inevitable request to insert the sort of narrow backdoor into the disk encryption itself I just described?

Then again, I can see the other side: a backdoor is a backdoor, and it is absolutely the case that the FBI is demanding Apple deliberately weaken security.

A couple of other points: the phone actually belongs to the California government; it was issued to a person who turned out to be a killer in the San Bernadino incident. That means it’s probably the government which implemented the Mobile Device Management (MDM) which wipes the phone after 10 failed passcode attempts. But they also can’t get into it. Also of note: the docket mentions that the killer destroyed two other phones ahead of the incident – they seem to have been “burner” phones, intended to destruction. So it’s likely that there’s nothing of interest at all on *this* phone.

The FBI has the iCloud backups up to October 19 (see p17 of the scan, above); the killings were on December 4.
link to this extract

Why the FBI’s request to Apple will affect civil rights for a generation » Macworld

Rich Mogull (a security expert):

Apple has a long history of complying with court orders and assisting law enforcement. Previous to iOS 8, they could extract data off devices. Even today, data in most of their online services (iCloud, excluding iMessage and FaceTime) can be provided upon legal request.

This case is different for multiple reasons:

• Apple is being asked to specifically create new software to circumvent their security controls. They aren’t being asked to use existing capabilities, since those no longer work. The FBI wants a new version of the operating system designed to allow the FBI to brute force attack the phone.

• The FBI is using a highly emotional, nationally infamous terrorism case as justification for the request.

• The request refers to the All Writs Act, which is itself under scrutiny in a case in New York involving Apple. Federal Magistrate Judge James Orenstein of the Eastern District of New York is currently evaluating if the Act applies in these cases.

That’s why this is about far more than a single phone. Apple does not have the existing capability to assist the FBI. The FBI engineered a case where the perpetrators are already dead, but emotions are charged. And the law cited is under active legal debate within the federal courts.

link to this extract

CRN Exclusive: Google terminating Play For Education in a small-scale retreat from Android’s educational market » CRN

Google is retreating from a small segment of its booming education business by ending the life of a product that was developed to encourage adoption of Android tablets in schools, Google partners told CRN on Friday.

Google Play for Education, an extension of the Play software distribution platform, was rolled out around two years ago with the intent of putting more tablets into the hands of students. The app store, curated in close collaboration with educators, enabled solution providers to manage both devices and their specialized content…

…One [reseller] executive who asked not to be named told CRN he learned of the product’s termination after attempting to procure tablets for a customer.

“We noticed something funny a couple weeks ago” when a client requested a quote for a number of Play for Work tablets, the Google partner told CRN. “Basically all manufacturers told us all those devices were end-of-lifed.”

Asus, then Samsung, said they didn’t have replacement devices that were Play-integrated, the reseller said. They told him to look at Chromebook laptops as an alternative.

Google later informed the partner that Play for Education was on its way out, and the company should focus on its Chromebooks practice for serving the educational market.

That partner exec said he believes some capability issues, like a limited number of student profiles that could be loaded onto a single device, coupled with competition from Apple’s iPads, kept the Android tablets from deeply penetrating the education market, and convinced Google to step back from the program.

Google made a big marketing push last year for the educational tablets, the partner exec said, but “I’m not sure it ever clicked.”

This makes it seem as though both Play For Education *and* Play For Work are dead, if those devices were EOL’d. Tablets and Android have never been a good fit.
link to this extract

News discovery » Sqoop

It’s a new Seattle-based startup, which mines US SEC documents and others for current information:

Sqoop saves you time and makes sure you don’t miss the story by giving you one place to search for company information, rather than spending hours each week conducting the same repetitive searches across a variety of public data sites. You can set alerts so that when new documents are filed, we’ll alert you how and when you want.

One to kick the tyres on. (I previously used SECAlerts.com but found it impossible to change settings.) Thanks to David Senior for the pointer.
link to this extract

Errata, corrigenda and ai no corrida:

Filed under: links

Show more