Informal Brain

In the past couple of days there has been a sudden outcry around the security issue with the iPhone pass code bypass issue. I loved this comment on iPhone Atlas today:

“The iPhone is a computer, just like a desktop computer, and so it can easily be booted in such a way that one can mount the disk and delete or modify the device’s configuration - including the passcode configuration. Cracking the iPhone’s passcode is about as complex as changing the root password on a desktop machine, given physical access.

[From iPhone Security Flaw Is the Tip of the Iceberg - iPhone Atlas]

This is something I have been pointing out for some time now. The iPhone doesn’t have any kind of storage based encryption so as the author of the above quote so readily points out that mounting the iPhone as a disk allows access to the configuration files. This allows easy editing of the PLIST files allowing a hacker to disable the pass code and steal the data.

For some time now I have been calling on Apple to give us encryption as an enterprise feature. I noted in a previous blog post that device encryption was the missing enterprise feature when the 2.0 software was announced. I was in shock when I watched company after company (including the military) laud the iPhone 2.0 software. Did they miss the point that the device can be compromised so easily putting their mobile exchange push data at risk?

We need to pressure Apple to add encryption to the device while fixing these pass code problems. Only encryption will protect the device from being mounted as a disk. Until then I would not store sensitive data on the device using push email from exchange, LDAP or POP3. I would be very careful with webmail solutions. For example, we are asking lots of tough questions to IBM around iNotes for Lotus Notes and how much data it allows in the browser cache.

Ask the tough questions…. and continue to demand encryption.

I loved this example from Joel on Software:

Before joining Juno, I worked at Microsoft (NASDAQ:MSFT), where my experience had been very different. A bit of Redmond lore: Two software designers got into a debate over how something should be implemented. The question was highly technical. They couldn’t reach agreement, so they went to their boss, a guy named Mike Maples, who was the vice president in charge of the applications division.

“What do I know about this?” he yelled at them. “Of the three people in this room, I’m the one who knows the least. You guys have been hashing this out for hours. I’m the last person who should be deciding. Work it out.”

And so they did.

[From How Hard Could It Be?: How I Learned to Love Middle Managers -- Fog Creek Software -- Small Business Advice]

So often the inclination of middle managers is to try and solve this type of problem by making a decision. What I am seeing is more often is a need to add structure to the debate. For example: The manager captures decisions, action items, risks, and parking lot items on a whiteboard while the technical people work it out. The facilitator gets out of the way and lets the technical people do their job; period.

John Resig - TraceMonkey

If you haven’t yet downloaded a nightly version of Firefox 3.1 go and do it.  Enable the Tracemonkey support by going to about:config and searching for “jit”.  Set both of the jit options to “true” and away you go.  The speed difference is incredible.  It made the Safari 4 developer’s preview look like it was standing still.

“They’ve jumped from Generation One to Generation Four or Five. It just looks better, and feels better.” BW also claims that the new model’s price (currently, $359) will hit $299, “or maybe $249,” and could be announced as early as September.

$249 Kindle 2.0 significantly thinner and Frog stylish? - Engadget.

Amazon has the right idea.  They are following the Apple playbook to the T.  Iteratively improving the Kindle reader and lowering the price.  I would say Amazon has a real winner on its hands.  Especially if it can deeply penetrate the educational crowd.  At $249 dollars it is a drop in the bucket compared to the cost of most text books.  If the price per text book were lowered comparatively to the print version it would be a slam dunk on campus.

KODAK Zi6 Pocket Video Camera

Very interesting, the video camera market is changing radically with a new breed of handheld lightweight cameras which shoot in HD.  Makes my MINI DV camera looks pretty out of date.

So far I have noticed two positive changes with the 2.0.2 update:

1) The keyboard performance is much, much better across the entire device. Lag has been significantly eliminated when typing.

2) Something has been tuned with the 3G network usage. For example I am seeing the device drop to the EDGE network far more often. This is good, in that previously the device would hold on to the 3G connection too aggressively. I would see the device frequently become hot with 1 bar of 3G and then go to no service. Now, the device immediately switches to EDGE. I am going to try and turn on push tomorrow and see how the device battery holds out. The battery life today and yesterday has been very good.

So far 2.0.2 appears to be a turn in the right direction.

I applied the 2.0.2 update last night. Not sure exactly what is fixed but so far I noticed much better keyboard response and faster gps performance in the maps application.

Attached are a couple of pictures from my phone this morning. The problem with an iphone 3g service drop typically begins with the hanging 1 bar. This 1 bar of service translates into the phone not allowing any cellular access. Shortly a “no service” occurs and this is only fixed by pushing the phone in and out of airplane mode.

Here’s hoping for a quick fix from apple.