Re: iPhone can phone home and kill apps? - says yes

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Bob Frankston" <Bob19-0501 () bobf frankston com>
Date: August 8, 2008 3:33:02 PM EDT
To: <dave () farber net>, "'ip'" <ip () v2 listbox com>
Cc: "'Eugene H. Spafford'" <spaf () mac com>
Subject: RE: [IP] Re:       iPhone can phone home and kill apps? -  
says yes

Note I did not accuse them of being stupid or clueless. My main point  
is that designing solutions inside the network and the devices isn’t  
the only option. There is an alternative of not putting us in the  
position of depending upon the network being so smart.

In the case of the iPhone we have two issues. We have a network that  
is not resilient and relies on the devices being well-behaved and  
adhering to policies such as the problematic funding/billing model.  
Second we have a complex device that has its own vulnerabilities due  
to the design point and design tradeoffs. Each such design makes sense  
in its own right given the constraints.

We need to have systems and architectures that are tolerant of values  
in order to make it save to invent and to reinvent what know too well.  
In a sense I’m accusing people of acting too smart on my behalf.


-----Original Message-----
From: David Farber [mailto:dave () farber net]
Sent: Friday, August 08, 2008 14:41
To: ip
Subject: [IP] Re: iPhone can phone home and kill apps? - says yes



Begin forwarded message:

From: "Eugene H. Spafford" <spaf () mac com>
Date: August 8, 2008 12:44:33 PM EDT
To: dave () farber net
Subject: Re: [IP] Re:     iPhone can phone home and kill apps? - says
yes

> From: Bob Frankston [Bob19-0501 () bobf frankston com]
> Sent: Friday, August 08, 2008 11:06 AM
>
> The question is why is OS/X on the iPhone so vulnerable and, for
> that matter, why are the cellular protocols so vulnerable.

Well, the answer applies to lots of other areas, too.  We have trade-
offs among, risk, security, quality, cost, agility, etc.   There are
always engineering decisions to be made.   Want something that is
highly secure and also allows lots of freedom for innovation?  Well,
it can be done, but it would be so expensive per unit that only a
small number of people would want to buy it -- and it might be against
the law in many countries.   Want something that is stable and fast
and affordable? Well, that may require sacrificing openness and
committing to legacy issues.  Apple, as a company, doesn't do design
for design's sake -- there is a goal to make money, and so their
designs strike a particular balance among all the various constraints.

There are some scientific constraints (e.g., speed of signal in a
medium), engineering constraints (e.g., power density in batteries),
legal constraints (e.g., privacy laws), economic constraints (e.g.,
must be less than $x per unit), and even cultural/international issues
(e.g., must allow SMS with Cyrillic characters).   The whole process
of engineering and marketing has to take these into account and try to
optimize.   Sometimes there are engineering breakthroughs, or even
scientific breakthroughs, that allow a major shift.  Other times,
there are shifts in economics or regulation.   Major change is not
always possible, and is seldom simple.

Consider the iPhone.  Part of its allure, perhaps, is that it can be
used (and sold) internationally.  That means it needs to adhere to
standards for communications in many countries, and also support laws
& regulations in major markets around the world.  It must be designed
so it isn't simple for anyone to change the internals so as to
circumvent those laws and regulations.  It needs to have features to
attract new (premium) customers at a certain level, yet be relatively
stable.   It has to work with existing technology. All the various
engineering decisions come into play.

Yes, we can complain about openness or choice or alleged
(mis)features.  However, unless we dive into some of the deeper issues
(including portability across borders and legal operation in many
jurisdictions), and unless we understand some of the economic and risk
analyses, we might not be making a fully informed criticism. That
isn't to say that Apple made all the correct decisions, but our
definition of "better" and "best" may be based on different
assumptions.    That is why there are other brands and other models --
each crafted to fit regulations and match some set of criteria.  The
ones that do a good job matching important criteria for enough people
will sell, and the ones that don't, won't.

That doesn't mean we shouldn't question or complain, but we should
also keep in mind that the design and sales issues are more complex
than most of us might initially consider.  And cellphones aren't being
designed and marketed for the elite few who subscribe to IP, for for a
market in the tens of millions around the world.

Of course, one area where Apple might do better is transparency --
making clear what some of those design decisions were, and why they
were made.  However, there we have another balance, where Apple is in
a competitive marketplace and the resources and ability to make those
design decisions to maximize sales is (at least partly) proprietary.


Back to the original question about cellular vulnerabilities -- the
system evolved that way, within certain constraints on cost, power,
reach, etc.  More comprehensive security and privacy issues could be
designed in, but then the cost goes up, the reliability might do down,
and other factors come into play (ease of service, law enforcement
needs, etc).   Want to make a change?  Possible, but it requires a lot
of industry consensus, and a promise of some benefit to offset the
massive cost of making the changes.   Do something that adds 10 cents
to every handset, and maybe it would be okay.  Add $10 to every
handset, and you might cut the market -- and utility -- of cell phones
in dozens of third world countries.  That's not only an economic cost,
but a social one.

Your basic question ("Why?") is a good one, Bob, and we should always
continue to ask it.  However, we should also realize that the people
behind many (if not "most") of the decisions we question are (usually)
not stupid or evil or clueless -- they are trying to optimize over a
complex set of variables and make a profit in doing so.   We shouldn't
lose sight of the fact that those are difficult choices, and sometimes
lead to more limited choices in the future.




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com