Apple has just released their security update which addresses the "OSX.MacDefender.A".
http://support.apple.com/kb/HT4657
Running "Software Update…" will allow you to obtain and install this update.
Regards
-------------
Doug Hamilton, BA, MA, ASP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196 (Ph.)
204-474-7556 (Fax)
http://www.umanitoba.ca/bookstore/
...from:
http://gigaom.com/2011/05/04/what-happens-when-the-cloud-meets-a-bandwidth-…
What Happens When the Cloud Meets a Bandwidth Cap
By Mathew Ingram May. 4, 2011, 4:04pm PT 35 Comments
The cloud is a wonderful thing, as you probably know from reading our coverage on the Structure blog and posts from my colleagues Stacey and Derrick — among other things, it allows us all to keep almost unlimited backup copies of our documents, photos, music and other files on a remote server somewhere, and thanks to services such as Amazon’s AWS suite, such backups are pretty cheap as well — pennies a gigabyte. At least, they’re supposed to be. But when the cloud meets an Internet service provider’s bandwidth cap (something that is unfortunately becoming more and more commonplace) it can be a less than happy experience.
I know this all too well. And while some of what happened is my fault, it’s probably not that unusual, so I thought it might be helpful to tell people about it.
Some readers may recall that I wrote recently about my problems with bandwidth usage, and how I thought I had solved them. In a nutshell, my ISP — a Canadian cable and media conglomerate called Rogers Communications — started warning me that my household was using huge amounts of bandwidth, far more than I had ever used before. One particular day last month, the online bandwidth meter showed that we had consumed 75 gigabytes of data, more than three-quarters of our 95-gigabyte allotment for the month.
As I described in my last post, I wracked my brain to try and figure out where this could be coming from. At first, I (and the Rogers technician I spoke to) thought that it was our wireless network, which was unencrypted. So I locked it down with a 64-bit password — but the downloads continued at huge levels, sometimes 20 or 30 gigabytes a day. I interviewed all three of my daughters, aged 13 to 21, and my niece, who is living with us. All denied downloading huge amounts, but one daughter said she had been using a Bit Torrent program for some Japanese TV shows.
I checked every computer in the house to make sure there were no programs running in the background or viruses or malware — we have seven computers in all, including four desktops and three laptops, as well miscellaneous wireless devices like iPhones and a streaming media box connected to the TV. The download usage didn’t even budge. I even borrowed a network switch to try and see which ports on the network were using all this data.
Then a day or two ago, I got an email from Amazon with the bill for my Amazon AWS service. I have about 25 gigabytes of photos, music and other documents backed up to Amazon’s S3 server cloud, which usually costs me about $3 a month — but this time, the bill said $109. Suddenly, a light bulb went on (one that probably should have gone on before then, I admit): that would explain how we could have been downloading 20 or 30 gigabytes a day without our computers overflowing with data. What if something was backing up all that data multiple times from Amazon’s S3 cloud?
I checked JungleDisk, which is the software from Rackspace that I use to manage the S3 instance I rent, but I didn’t have it set to sync or automatically mirror the data. So what could have happened?
After fishing around on the Internet, I finally found a support forum posting at Amazon’s AWS site that described exactly what had happened to me — except it was the user’s mother, and she had somehow download more than 800 gigabytes in a month without realizing it. The culprit, apparently, was either Windows indexing the files or an anti-virus program scanning them, or both. Since JungleDisk maps the Amazon cloud folder as a network drive, Windows and some other programs simply treat it as a regular drive and download all the files to scan them — even multiple times.
Since the amount of data that Amazon says I consumed in April (a little over 600 gigabytes) is almost exactly the same as the amount of extra bandwidth that my ISP says I used in the month, this seems to be the solution. And luckily for me, Rogers has a maximum bandwidth over-usage charge of $50 per month. If it didn’t have this cap on a cap, I would be liable for almost $1,000 based on the company’s per-gigabyte usage fees. So I have to pay $100 to Rogers for overage charges and $100 to Amazon.
A fairly cheap lesson, comparatively speaking, but a lesson nevertheless. And yet another way in which bandwidth caps threaten to turn us all into network administrators and bandwidth cops, whether we like it or not.
Wayne Billing
Classroom Technology Support
Audio Visual and Classroom Technology Support
130 Machray Hall Building
474-6649
474-7625 (fax)
Wayne_Billing(a)umanitoba.ca
The U of Manitoba is distributing Kaspersky AntiVirus software for university owned machines (both Windows and OS X: more info at: http://umanitoba.ca/computing/ist/security/kaspersky-antivirus.html)
Kaspersky Lab is a privately held, world-wide (North and South America; Western Europe; Eastern Europe, the Middle East and Africa; the Asia-Pacific region; and Japan) anti-malware company with headquarters in Moscow, Russia. Founded in 1997, Kaspersky Lab claims over 2,000 employees working on software protecting over 300 million users around the globe.
Kaspersky Lab's in-house magazine - entitled Secureview - is written by Kaspersky Lab's analysts, journalists, and industry specialists from many different companies. The magazine is designed to appeal to IT and security specialists, technical managers and anyone with an interest in computer security. (Subscriptions at: http://www.secureviewmag.com/subscriptions)
This month's issue of Secureview contains an article entitled "IT Threat Evolution for Q1-2011". That article - at the end of this message - contains an overview of the exploits that were released with the opening of one online application store for mobile devices.
= - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = -
(NOTE: ...from: http://developer.apple.com/appstore/guidelines.html
Apple's App Store Review Guidelines
The app approval process [in Apple's App Stores] is in place to ensure that applications are reliable, perform as expected, and are free of explicit and offensive material. We review every app on the App Store based on a set of technical, content, and design criteria. This review criteria is now available to you in the App Store Review Guidelines. These guidelines are designed to help [developers] prepare iOS and Mac OS X apps for the approval process.)
= - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = - = -
...from:
http://www.securelist.com/en/analysis/204792176/IT_Threat_Evolution_for_Q1_…
Now in a store near you – mobile Trojans!
We start with malware for the Android OS uploaded to the Android Market by cybercriminals. The malicious applications, over fifty of which have been detected, were infected with Trojans and repacked as legitimate programs. The attackers were after mobile phone data, including IMEI and IMSI numbers. The Trojans also included a module that could install additional malicious components on devices without users being aware. This involved gaining full control of the phone by ‘jailbreaking’ it, a process that circumvents protection to provide full access to the file system. In order to gain root privileges, which provide virtually limitless possibilities for manipulating the system, the malware leveraged Android OS vulnerabilities using popular ‘rage against the cage’ exploits, which were distributed in the same package as the Trojans.
It was lucky for users who had Kaspersky Mobile Security 9 installed on their devices that these exploits were used. The Trojans were new and had not been included in antivirus databases, while the exploits bundled with them were successfully detected. Until signatures were created for the Trojans, KMS 9 proactively detected the whole bundle as Exploit.AndroidOS.Lotoor.g and Exploit.AndroidOS.Lotoor.j. Since adding the Trojans to our antivirus databases, we have detected them as Backdoor.AndroidOS.Rooter. It should be noted that they are also called DroidDream in other antivirus vendors’ classifications.
This situation gives rise to two questions:
Is it difficult for cybercriminals to get an Android Market Developer account? Sadly, it is very easy. All a user has to do to get an account is pay US $25. Clearly, Google wants to attract as many developers to its operating system as possible. However, $25 is not nearly enough of a barrier to entry and cybercriminals can afford to create dozens of such accounts. This could result in an endless loop, with Google shutting down accounts used to distribute malware and cybercriminals creating new ones without any problems.
Can more stringent controls be enforced over applications offered on the Android Market? The primary problem is the resources available for this task. Checking all the code in apps available via Android Market, App Store, Samsung Market, plus others, is a difficult task because it is almost impossible to automate. This means that in future we will inevitably face an increase in the amount of malware-infected software in the various app stores.
As mentioned above, the malware detected on Android Market exploited vulnerabilities. Note that vulnerabilities affected devices with Android versions earlier than 2.3 ‘Gingerbread’, which was released on 6 December, 2010. According to Google, three months after its release the number of systems running the new version of the OS was only 2%. It is obvious that users are not in any hurry to upgrade their systems. The main reason for this lack of inertia is that device manufacturers make significant modifications to their operating systems before installing them on mobile devices. After this, upgrading the OS may become impossible or wholly dependent upon the manufacturer’s involvement.
This means that installing patches then becomes manufacturer-dependant and so they share the responsibility for the security of mobile devices. However, they often have no interest in supporting and updating software on existing devices. Since smartphone models become outdated very quickly, updating software on devices that are in effect obsolete results in additional costs with no obvious way to recoup them. All users can hope for is that device manufacturers will take appropriate measures and make it possible to install updates on their devices. Is it possible to seriously discuss security in circumstances such as these?
Importantly, Google can remotely install / remove applications on / from any Android device. This ought to be very helpful when it comes to neutralizing malware on phones which are already infected. However, the incident with Trojans on Android Market has demonstrated several weaknesses in the system.
Firstly, once they got administrator privileges, Trojans made themselves at home on the smartphones and could only be removed by an application that had the same administrator privileges. Google had to release a dedicated program that had such privileges in order to remove these Trojans from infected devices.
Secondly, as cybercriminals further develop mobile malware, they may implement technologies that allow Trojans to disable this remote administration mechanism, a process similar to disabling the Windows Update functionality on PCs.
Thirdly, the current system involves removing Trojans from infected phones, but not the prevention of infections. However, if a Trojan is used by attackers to steal money or important data, its removal will not undo the damage.
Overall, the situation with the Android OS is becoming similar to the current situation with Windows:
There is a plethora of Android devices with outdated software which includes various unpatched vulnerabilities;
In the majority of cases, users ignore security alerts displayed when any application is installed or launched for the first time;
As with Windows, the most infected computers are those on which users have administrator privileges, the greatest risk of infection is faced by those Android systems which have been jailbroken;
Mobile malware communicates with its owners using a method that is widely employed by Windows malware – via command-and-control centers, which will ultimately lead to the emergence of mobile botnets;
Application control systems can be bypassed: applications can be installed on Android devices using means other than Android Market.
Since 2007, the number of new antivirus database records for mobile malware has virtually doubled every year.
The number of new mobile malware signatures added to antivirus databases
Based on our statistics for the first quarter of this year, it can be safely predicted that the number of malicious programs for mobile devices detected in 2011 will be more than double that of 2010.
The situation with mobile malware is particularly disturbing because large amounts of important data are already stored on mobile devices and smartphones are likely to be widely adopted as mobile wallets in the near future. In addition, since employees are increasingly using their personal mobile devices for work-related purposes, so-called consumerization, data leaks from individual smartphones are turning into a real headache for their employers.
Well, first of all, it will be very difficult for someone else to break into your iOS device if you always have it with you. Failing that...
....the article at the end of of this message details a vulnerability you might like to weigh if you don't have the SETTINGS > PASSCODE LOCK enabled and the ERASE DATA option of that setting set to ON on your iOS devices. With these settings enabled, your device will be wiped after 10 failed attempts to unlock your passcode leaving only a 1 in 1,000 chance of the device being unlocked via the passcode lock
OR
...someone attacking your iOS device also has prolonged access to unencrypted data on your personal computer. Perhaps you've already read "How to create a password-protected (encrypted) disk image in Mac OS X 10.3 or later" - http://support.apple.com/kb/ht1578
Finally, don't forget FIND MY IPHONE (http://www.apple.com/mobileme/features/find-my-iphone.html). Enabling this service, in the event of your losing your iPod Touch, iPhone, or iPad (or if it's been stolen) will allow you to:
- Locate your iPhone or iPad on a map
- Display a message or play a sound to help you find it
- Set a passcode lock remotely
- Protect your privacy with Remote Wipe - wipe your device completely
....and you can set up this service for free: Learn how to get Find My iPhone, Find My iPad, or Find My iPod touch free.
.
.
.
...from:
http://www.itworld.com/security/168239/russian-company-cracks-ios-4-hardwar…
Russian company cracks iOS 4 hardware encryption
How the company makes the technology available only to law enforcement and government officials remains unknown
By John E. Dunn, IDG News Service | Security Add a new comment
May 25, 2011, 9:46 AM — Having cracked Apple iPhone backups last year, Russian security company ElcomSoft appears to have found a reliable way to beat the layered encryption system used to secure data held on the smartphone itself.
Since the advent of iOS 4 in June 2010, Apple has been able to secure data on compatible devices using a hardware encryption system called Data Protection, which stores a user's passcode key on an internal chip using 256-bit AES encryption. Adding to this, each file stored on an iOS device is secured with an individual key computed from the device's Unique ID (UID).
Apple products containing this security design include all devices from 2009 onwards, including the iPhone 3GS (which can be upgraded to iOS 4), iPhone 4, iPad, iPad 2 and recent iPod Touch models.
ElcomSoft has not explained how it hacked the hardware-stored key system in detail for commercial reasons, but the first point of attack appears to have been the user system passcode itself as all other keys are only vulnerable to attack once the device is in an unlocked state.
The company said it had been aided by subtle weaknesses in the security architecture used by Apple, starting with the default passcode length of 4 digits. This yields only 10,000 possible number variations, which the company said most users would likely use to secure their devices without question.
The only limitation in breaking this key using a bruteforce attack was the need to run through the possible combinations on the iPhone or iOS device itself, which took between 10 and 40 minutes, far longer than would have been the case using a desktop PC.
If the passcode was too long to bruteforce, the company said it was possible to bypass this by hacking what are called "escrow keys," which are created by Apple applications such as iTunes and stored on a user's computer.
Given that the company's hacking of Apple devices began last August with the news that it had found a way to beat the encryption on iPhone backup archives stored on PCs, this could be how the company first spotted the weakness in the iPhone Data Protection system.
"We are responsible citizens, and we don't want this technology to fall into the wrong hands," said ElcomSoft CEO, Vladimir Katalov. "Therefore, we made a firm decision to limit access to this functionality to law enforcement, forensic and intelligence organizations and select government agencies."
The company has updated its Phone Password Breaker software to include the ability to "decrypt iOS 4.x file system images, as well as an optional tools to obtain file system images of the iOS 4.x devices, extract keys required for image decryption, and brute-force passcode," a note on its website said.
A license for this can be purchased for £79 (US$128) with the iOS 4-cracking feature enabled only for customers that meet the stated requirements. How ElcomSoft verifies a customer's credentials is unclear. All buyers of the software have access to the feature that cracks Apple iPhone and BlackBerry backup archives.
ElcomSoft has gained a reputation in the last three years for cracking encryption systems used in a variety of technologies, including the digital camera image verification systems used by Canon and Nikon, WPA2 wireless security, as well as a range of individual applications.
Begin forwarded message:
> From: Doug Hamilton <doug_hamilton(a)umanitoba.ca>
> Date: May 25, 2011 9:08:55 AM CDT
> Subject: [C-REPS] Mac Defender Malware - uninstall.
>
> Hello Everyone:
>
> There is a trojan-horse style malware application in the wild directed at Mac OS X users. The authors of this malware are using the typical social-engineering approach of mislead the user and trick them into installing the malicious application via their web browser, because they've detected a virus on the user's system.
>
> There is Apple knowledge base article on the matter with removal instructions
> http://support.apple.com/kb/HT4650
>
> Write up about Mac Defender by Intego Security
> http://blog.intego.com/2011/05/02/intego-security-memo-macdefender-fake-ant…
>
>
> Regards
> -------------
> Doug Hamilton, BA, MA, ASP
> Senior Apple Computer Consultant
> Computers-on-Campus; Univ. of Manitoba
> 204-474-6196 (Ph.)
> 204-474-7556 (Fax)
> http://www.umanitoba.ca/bookstore/
apologies for the short notice for this but it's just arrived.......
Begin forwarded message:
> To: MacLearning-l(a)maclearning.org
> Subject: [MacLearning-l] May 18 Webcast: Anatomy on the Move
>
> Dear MacLearning Community Member,
>
> Please join us on May 18th starting at 10 am Pacific / 1 pm Eastern for the following webcast:
>
> Anatomy on the Move
> Bringing Human Prosections Tutorials Alive
>
>
>
> Apps and iPads with 3D technology bring clinical anatomy to the cutting edge.
>
> Contemporary anatomical education requires various resources found in the clinic, dissection room and radiology department. These so vary in availability that it is difficult for students to access them all in a time-efficient manner for easy learning. So how to integrate portable, handheld packages providing a method of learning anatomy, outside the conventional academic environment? Forty anatomy videos were designed, using the dissection room tutorial approach with prosecutions, using narrative and visual explanations - these were packaged into apple apps with “spotter” tests and MCQs on each 3-6 minutes video. Audio and on-screen text of anatomical terminology is used in conjunction with digital highlighting to emphasise the clinical relevance. Other anatomy apps of a complete radiology textbook on the iPad provide a widely accessible method for teaching integrated clinical “anatomy on the move”. Furthermore using 3D computing we have digitised our prosection collection and although technology cannot replace traditional learning, these innovations provide a unique educational opportunity for learning “on the move”, even in coffee breaks!
>
> Audience members can participate by submitting their questions during the webcast.
>
> Join us on Wednesday, May 18th at 10am Pacific / 1pm Eastern by pointing your browser to:
>
> URL: http://webcast.training.apple.com/
> Webcast ID: MacHealth
> Passcode: 242572
>
>
>
>
> Cheers,
>
> Chris Brewer
> Co-Chair, MacLearning.org
>
>
> About MacLearning:
>
> MacLearning.org is a community that promotes effective pedagogical use of Apple and related third-party technologies. Our mission is to encourage innovative education through the open exchange of information, solutions, and ideas.
>
> Join us on our new online community at http://MacLearning.org
>
> _______________________________________________
> About MacLearning
>
> MacLearning.org is an open community that promotes effective pedagogical use of Apple and related third-party technologies. Our mission is to encourage innovative education through the open exchange of information, solutions, and ideas.
>
> This is the MacLearning-l mailing list at MacLearning-l(a)maclearning.org
>
> You can manage your subscription to this list at http://mail.maclearning.org/mailman/listinfo/maclearning-l
...from:
http://www.infoworld.com/d/mobile-technology/anatomy-failure-mobile-flops-r…
APRIL 22, 2011
Anatomy of failure: Mobile flops from RIM, Microsoft, and Nokia
The iPhone and iPad are decimating companies left and right, at a pace even faster than the PC revolution's
Print|21 comments
Research in Motion's BlackBerry PlayBook is so bad that Verizon Wireless may not bother carrying it -- a spokesperson said so the day after the PlayBook debuted to customers.AT&T won't let BlackBerry users download the essential app (BlackBerry Bridge) that brings email and communications apps to the PlayBook. Carriers are arms dealers, selling weapons to anyone for a price, but even they are drawing the line at the PlayBook.
That's a huge fall given that the PlayBook's creator, RIM, is the successful patriarch of the mobile market -- inventing the smartphone category, in fact. And RIM is not alone.
Like RIM, after lots and lots of promises leveraging its Windows savvy and market strength, Microsoft produced its own disastrous mobile platform, Windows Phone 7. It's not as bad as the PlayBook, and if you really want one, a carrier will sell you a unit. Dell too jumped on the Android bandwagon and produced a series of awful tablets, after a failed foray into making its own smartphone. (Remember theAxim?)
The list goes on. Nokia had to kill its signature Symbian OS after a new CEO forced it to admit that the OS was at end of life after several years of self-denial, and the company's efforts to create a successor had all failed. It then jumped from the frying pan into the fire by adopting Windows Phone 7 and delayed new products until 2012. Then there is the parade of successful, largely Asian PC and display makers (original equipment makers, or OEMs) -- such as Acer, Lenovo, and ViewSonic -- who promise and even sometimes ship sloppy, ill-conceived devices in hopes of getting into a growing market. How enticing!
Why are such established technology powerhouses failing so spectacularly in mobile? How can they not see the self-destruction in their approaches? For RIM and Nokia, the failings threaten their medium-term existence. For Microsoft and Dell, the failings prevent them from growing where the market is moving.
There are several reasons, and one of them is not Apple. Sure, Apple worked its design magic on first the smartphone and then the tablet, bringing to market the same zeal, elegance, consistency, and ecosystem advantages that have made the Mac the only PC with a growing market share. But Apple had done that with the original Mac, yet was still beaten by others. The fact that Apple's mobile products are truly the best doesn't explain why the competitors' products are generally so bad.
The answers have to do with an essential flaw found in most companies: They can't easily change gears because doing so means dropping the focus on what has worked and brings in the money now for an unproven, untested, risky shift. Clayton Christensen captured and described this phenomenon wonderfully in "The Innovator's Dilemma," an often-cited business book most businesspeople don't seem to actually follow.
When Apple introduced the iPhone in 2007, it seemed to be a left-field change for the Mac maker, a bet that it could enter and succeed in an alien market. That wager paid off, with Apple now the highest-valued public technology company in the world. But in 1999 or whenever CEO Steve Jobs decided to shift from being a PC maker into a consumer device maker (2001's iPod was the result, which led Apple to the iPhone and now the iPad), that proposition had very long odds. At the time, Apple was in critical condition, so the company had the freedom to take its chances.
RIM, Nokia, Microsoft, and Dell haven't been desperate enough to truly think different. When the iPhone came out, they all pooh-poohed it as a toy that would at best appeal to Mac loyalists. (Never mind the example of the iPod.) Today, iPads already outsell Macs 4 to 3 and iPhones outsell Macs 5 to 1 -- that shows why mobile is so important to computer vendors. In addition, iPads are credited with torpedoing the netbook market and shrinking the PC market.
Why RIM, Nokia, and Microsoft blew themselves up
RIM particularly played up its cozy relationship with security- and control-minded CIOs who would never let such toys into the enterprise. Nokia and Microsoft had the same paternalistic, insular point of view. (Dell's story is more like that of the OEMs -- I'll get to that shortly.)
They were talking to the wrong people. CIOs and IT managers are generally conservative, risk-averse, and traditionalist -- especially at large companies and even moreso at regulated ones. In their worldview, change is bad, and so is user freedom. These Neanderthal IT leaders are a lagging indicator of what's really going on. They dismissed the PC, the Internet, and e-commerce, too. But betting on them -- and the large checks they kept writing -- let RIM, Nokia, and Microsoft blindly traipse into irrelevance.
Meanwhile, individuals -- whether or not in businesses -- were acting on years of HR advice: They were being self-empowered. Now, they had more and more tools to apply that power. The PC was first, then the Internet, then software as a service (Salesforce.com has created a huge business by explictly seeking out these people and avoiding CIOs). In 2007, Apple added mobile to their arsenal, and they picked it up with a vengeance.
Fast-forward three years to 2010, and even CIOs stopped resisting and began embracing iPhones. If RIM, Nokia, and Microsoft had any doubt their world was fast changing and they were soon to be polar bears on shrinking ice floes in a climate-changed world, those questions had to have evaporated last year. However, they had spent so much time resisting the change that they didn't know how to embrace it, and they had almost no time left to figure it out.
Nokia simply flailed. Microsoft jettisoned its existing platform (Windows Mobile) and started over again. That could have worked, except the team decided to pretend the previous four years had never happened, so its new mobile operating system covered a fraction of the iPhone's iOS and Google's Android capabilities. It wasn't even a me-too product; it was a "what's an iPhone?" product. RIM followed a similar trajectory, but it had even less of a clue about what an iPad competitor should be -- in fact, it didn't want to even accept the notion that its tablet would compete with the iPad. All this happened in the year that the iPad became the most quickly adopted enterprise technology ever.
Microsoft and RIM compounded their poor results of their insular, disconnected thinking by deciding to throw away their previous core mobile markets -- businesses -- and aim for 20-something hipster kids. Clearly, both companies' management teams were going through midlife crises and imposed their cracked view of a hipster on their product planning.
Microsoft came out with the "social" Kin, aimed explicitly at kids, who reacted the way all kids do when a 40-something parent tries to act cool: They quietly laughed and went elsewhere. Microsoft then did the same with Windows Phone 7, but with a little less explicit hipster pretension. The result was an elegant UI, but the rest of the product was unusable by its business and adult customers: no security or management capabilities, awkward Office implementations (virtually unchanged from the iffy Windows Mobile 6 version), no copy and paste, no support for HTML5, no multitasking. There was nothing, in other words, that the iPhone platform (followed by Android) hadn't made table stakes two years earlier.
RIM was even worse than Microsoft in this regard. The PlayBook has no manageability and almost no security capabilities, yet it relies on the user having the most conservative smartphone there is: a BlackBerry. The pairing makes no sense, and it's inconceivable why RIM would throw away its history and come out with a device that is less secure than any competing product.
Plus, despite the word "play" in its name, it had nothing truly playful or cool. No apps stand out (despite having hired away much of DataViz's mobile apps team), and a 35-year-old title (Tetris) is its hallmark game. If RIM was comfortable trashing its security history, it didn't seem to know what to bring to the mix instead.
The error was even more foolhardy given the "consumerization of IT" trend that CIOs have been talking about all year, in which employees bring in their own devices and apps, requiring those devices and apps to work in both business and personal contexts becausethe line separating the two is rapidly disappearing. In that world, Microsoft and RIM should have kept their business strengths in devices that delivered newfound appeal to personal needs as well.
IT conferences and the blogosphere have been replete with this theme -- so how could the people at Microsoft, Nokia, and RIM not aim to satisfy it? Because they often don't accept that the change is even happening, and they don't know how to think that way even if they agree it is happening.
RIM is most egregious in this denial: Its executives, from the two CEOs down to product managers, keep saying publicly that apps are a fad, the iPhone is a fad, bring-your-own-device and consumerization trends are fads -- that the world will wake up from its madness and re-embrace the BlackBerry as it was. I've also heard stories of RIM managers saying they can always retreat to Latin America, a RIM stronghold that somehow is immune from the changes in mobile technology. If you don't believe in the future, you can't move into it, much less succeed in it. RIM believes one thing and goes through the motions of another. The result is unsatisfying to everyone. To be fair, I've heard through the grapevine that there are people within RIM really do see the new world and want to succeed in it -- no company is a monolith, but for now, those with their heads in the sand are prevailing.
Although these vendors have all brought in outsiders and even bought companies with modern technology, their leadership and their staffs remain immersed in the old way. Breaking out of that box is not easy even for creative, "imagineering" people, and executing outside that box is even harder. It's impossible if you don't honestly try.
That's why most companies don't survive fundamental transitions such as the one we're going through now. The PC killed off Digital Equipment, Silicon Graphics, and dozens of other midframe and workstation companies; only IBM and Hewlett-Packard made the shift. IBM wisely sold off its PC business to Lenovo just before the PC market got too commoditized, which is why Dell is in trouble and HP is looking beyond today's Windows PC. E-commerce killed off scores of retailers, such as bookstores. The Internet has been killing off large segments of the music, video, and publishing industries.
It's a rare company that can pull off the vision, execution, and timing to thrive in such transition. Apple did it, aided by its desperate circumstances and a peculiar culture that honored and encouraged out-of-the-box thinking. The time for RIM, Microsoft, and Nokia to make a real bet on mobile would have been in 2007 (as Google knew and did), when Apple showed the way but before it set the standard -- not in 2010 and 2011, when Apple has defined the direction and Google has sopped up the rest of the market.
That's why any company depending on RIM, Microsoft, or Nokia mobile technology should be working fast and furiously on an exit strategy. Already, large companies are finding it hard to hire young people when a BlackBerry is the only option. I've met several CIOs who've allowed iPhones and iPads in for that very reason, only to find that it was no big risk after all.
Websites, cloud services, e-commerce, and games are all clustering on iOS and Android, and the best mobile business apps are also on those platforms. This coalescence threatens to orphan businesses that are based on the "legacy" mobile technologies such as BlackBerry (in North America), Symbian (in Europe), and Windows Mobile (in government).
Why Dell, ViewSonic, and the OEM crowd won't matter -- but Motorola may
The success of the iPhone got Google to buy Android and put its considerable financial and intellectual muscle behind it. The result is that Android smartphones are now the top-selling devices (depending on which surveys you believe). They're not as good as iPhones, but for users familiar with only regular cell phones, they are revelatory.
In any event, only Apple may make iPhones and iPads; it's a one-sheriff town. Android, however, is available to all, so anyone who wants a piece of the mobile pie could at very little cost join in. Many OEMs were already making cell phones, and adapting them to run Android was a fairly small investment -- they jumped in. The problem is that these companies typically have no sense of design or user experience. They don't really think about users, so all they'd do is have some engineers get a Linux booter, an Android version (any would do), and an existing (often Windows Mobile) device in a lab, then make them all work together. These are Frankenphones, but in an industry where the typical cell phone has a sales life of 6 to 12 weeks, Frankenphones were the norm.
Dell also got into the Frankenphone business, treating its Streak tablets with the same "make them cheap, make them fast, don't worry about the result" approach that has destroyed its reputation for quality in the PC market.
Never mind that Apple made obsolete the Frankenphone model -- when all you make are Frankenphones, there's nothing else. Any OEM who treats Android as an ingredient in a generic stew will fail. They'll announce and even ship products, but they're all about short-term, low-investment opportunities. They'll fool some people, but they won't last because they won't gain loyalty and entusiasm. Google seems to be getting a clue that these OEMs are destructive parasites, not allies, and is rethinking how open it really needs to be.
The error was even more foolhardy given the "consumerization of IT" trend that CIOs have been talking about all year, in which employees bring in their own devices and apps, requiring those devices and apps to work in both business and personal contexts becausethe line separating the two is rapidly disappearing. In that world, Microsoft and RIM should have kept their business strengths in devices that delivered newfound appeal to personal needs as well.
IT conferences and the blogosphere have been replete with this theme -- so how could the people at Microsoft, Nokia, and RIM not aim to satisfy it? Because they often don't accept that the change is even happening, and they don't know how to think that way even if they agree it is happening.
RIM is most egregious in this denial: Its executives, from the two CEOs down to product managers, keep saying publicly that apps are a fad, the iPhone is a fad, bring-your-own-device and consumerization trends are fads -- that the world will wake up from its madness and re-embrace the BlackBerry as it was. I've also heard stories of RIM managers saying they can always retreat to Latin America, a RIM stronghold that somehow is immune from the changes in mobile technology. If you don't believe in the future, you can't move into it, much less succeed in it. RIM believes one thing and goes through the motions of another. The result is unsatisfying to everyone. To be fair, I've heard through the grapevine that there are people within RIM really do see the new world and want to succeed in it -- no company is a monolith, but for now, those with their heads in the sand are prevailing.
Although these vendors have all brought in outsiders and even bought companies with modern technology, their leadership and their staffs remain immersed in the old way. Breaking out of that box is not easy even for creative, "imagineering" people, and executing outside that box is even harder. It's impossible if you don't honestly try.
That's why most companies don't survive fundamental transitions such as the one we're going through now. The PC killed off Digital Equipment, Silicon Graphics, and dozens of other midframe and workstation companies; only IBM and Hewlett-Packard made the shift. IBM wisely sold off its PC business to Lenovo just before the PC market got too commoditized, which is why Dell is in trouble and HP is looking beyond today's Windows PC. E-commerce killed off scores of retailers, such as bookstores. The Internet has been killing off large segments of the music, video, and publishing industries.
It's a rare company that can pull off the vision, execution, and timing to thrive in such transition. Apple did it, aided by its desperate circumstances and a peculiar culture that honored and encouraged out-of-the-box thinking. The time for RIM, Microsoft, and Nokia to make a real bet on mobile would have been in 2007 (as Google knew and did), when Apple showed the way but before it set the standard -- not in 2010 and 2011, when Apple has defined the direction and Google has sopped up the rest of the market.
That's why any company depending on RIM, Microsoft, or Nokia mobile technology should be working fast and furiously on an exit strategy. Already, large companies are finding it hard to hire young people when a BlackBerry is the only option. I've met several CIOs who've allowed iPhones and iPads in for that very reason, only to find that it was no big risk after all.
Websites, cloud services, e-commerce, and games are all clustering on iOS and Android, and the best mobile business apps are also on those platforms. This coalescence threatens to orphan businesses that are based on the "legacy" mobile technologies such as BlackBerry (in North America), Symbian (in Europe), and Windows Mobile (in government).
Why Dell, ViewSonic, and the OEM crowd won't matter -- but Motorola may
The success of the iPhone got Google to buy Android and put its considerable financial and intellectual muscle behind it. The result is that Android smartphones are now the top-selling devices (depending on which surveys you believe). They're not as good as iPhones, but for users familiar with only regular cell phones, they are revelatory.
In any event, only Apple may make iPhones and iPads; it's a one-sheriff town. Android, however, is available to all, so anyone who wants a piece of the mobile pie could at very little cost join in. Many OEMs were already making cell phones, and adapting them to run Android was a fairly small investment -- they jumped in. The problem is that these companies typically have no sense of design or user experience. They don't really think about users, so all they'd do is have some engineers get a Linux booter, an Android version (any would do), and an existing (often Windows Mobile) device in a lab, then make them all work together. These are Frankenphones, but in an industry where the typical cell phone has a sales life of 6 to 12 weeks, Frankenphones were the norm.
Dell also got into the Frankenphone business, treating its Streak tablets with the same "make them cheap, make them fast, don't worry about the result" approach that has destroyed its reputation for quality in the PC market.
Never mind that Apple made obsolete the Frankenphone model -- when all you make are Frankenphones, there's nothing else. Any OEM who treats Android as an ingredient in a generic stew will fail. They'll announce and even ship products, but they're all about short-term, low-investment opportunities. They'll fool some people, but they won't last because they won't gain loyalty and entusiasm. Google seems to be getting a clue that these OEMs are destructive parasites, not allies, and is rethinking how open it really needs to be.
A few OEMs understood the need to add real value as well. Thus, HTC's second Android smartphone, the Droid Eris, had an innovative UI that masked some of that generation of Android's defects. The Eris gave HTC a position in the Android market it never would have enjoyed otherwise. Unfortunately, HTC has't really followed up and has fallen back into the sea of "who cares?" OEMs.
Samsung traced a similar path with its Galaxy S smartphone line, which boasted more cutting-edge components and a sleeker design than in competitors' models; it gained a big following last summer. But quality problems began to appear, and it released the Galaxy Tab, a so-so tablet using a nontablet form of the Android OS that ended up looking dowright dowdy compared to an iPad; it also diminished a lot of the company's luster.
Then there's Motorola, a company that has had execution and insular vision problems for years. Like Apple in 1999, it has been in serious crisis, recently splitting into two companies. Before that split, it decided to truly bet the farm on Android and to add its own value to the mix rather than just slap Android onto a Razr. Its Droid series has been successful, even with its unloved MotoBlur interface.
Motorola also shipped the first (and still only) real Android tablet, the Xoom, which compared decently to the iPad. It's a second-class tablet to be sure, but at least it belongs on the train. The Atrix smartphone and its companion Lapdock are really interesting innovations, the only recent Android developments that show the same kind of direction-defining potential as the first iPhone.
But whether Motorola can keep itself together to develop that potential is an open question: Each of its products suffers from inconsistencies that make no sense, given the same company developed them all. These problems suggest insularity and balkanization are still issues at Motorola Mobility.
It really is down to Apple, Google, and maybe the WebOS wild card
Still, it's possible that Motorola could pull an Apple and be the comeback darling we all celebrate four or five years from now. HP could also be in that position. It's realized that making generic PCs is a dead-end business, as would making generic smartphones. Instead, it bought Palm for its WebOS and now plans to bring WebOS to smartphones, tablets, and PCs, in a bold move to unify the three types of computing devices. It's the kind of move that Microsoft could and probably should have tried. It'll be a stretch for HP, and what HP showed recently for the forthcoming WebOS didn't inspire me, but at least it's taking a run at breaking from the past.
Apple is clearly going to be the idea and profit powerhouse in mobile, even if Google has more market share. Google, which seems to be realizing its fully open model could hurt Android, could also be more of a driving force if it figures out how to lead an alliance of strong OEMs (such as Motorola and perhaps Samsung and/or HTC) rather than let the OEMs damage its brand with their "slap it together" mentality. HP may have a shot of being the third engine.
The rest are history. RIM, Microsoft, Nokia, and Dell are all toast in the mobile market -- the walking dead who should be looking for burial plots. Mourn them if you must, but it's time to move on. Don't get buried along with them.
This article, "Anatomy of failure: Mobile flops from RIM, Microsoft, and Nokia," was originally published at InfoWorld.com. Read more of Galen Gruman's Mobile Edge blogand follow the latest developments in mobile technology at InfoWorld.com. Follow Galen's mobile musings on Twitter at MobileGalen. For the latest business technology news, followInfoWorld.com on Twitter.
In the wake of the hullabaloo about iPhone ('n such) knowing the whereabouts of their owners (http://www.apple.com/pr/library/2011/04/27location_qa.html), here's an article that explains how those devices and the "crowd-source" databases, the main focus of the hullabaloo, actually work....
...from:
http://www.macworld.com/article/159528/2011/04/how_iphone_location_works.ht…
How the iPhone knows where you are
Apple uses GPS, Wi-Fi, and cell towers to get (and map) location data
by Glenn Fleishman, Macworld.com Apr 28, 2011 9:00 am
iPhone users' experience with GPS is so quick, so instant-on, that Apple's Wednesday response about location tracking on iOS might almost seem baffling:
Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites.
Several minutes? Doesn't my iPhone take just seconds to figure out where I am?
Well, yes… but only when it engages in a set of tricks to avoid a lengthy process that was de rigueur when GPS receivers first appeared. In simplifying matters, Apple’s not being entirely accurate about how this all works and what it's doing. So let me explain where Wi-Fi and cell phone towers fit into the equation.
12.5 minutes to locate
Early GPS receivers took 12.5 minutes from a cold start to obtain a lock; later locks in the same region could still take minutes. If you turned a GPS receiver off for a few weeks or moved it more than a few hundred miles, a cold start might be required again.
GPS relies on two factors to create a set of accurate coordinates for where you’re standing: time and space. GPS satellites broadcast precise time signals using a built-in atomic clock along with their current location. They also broadcast the location of all other satellites in the sky, called the almanac.
Every 30 seconds, a GPS satellite broadcasts a time stamp, its current location and some less precise location information for other GPS satellites. It takes 25 of these broadcasts (thus, 12.5 minutes) to obtain the full list of satellite locations. This information has to be decoded for a receiver to then properly interpret signals from the satellites that are within range.
If you know the position of four satellites and the time at which each sent their position information, you—or, rather, your GPS receiver—can calculate to within 10 meters the latitude, longitude, and elevation of your current location along with the exact current time. With three satellites, you lose elevation, but a device can still track movement fairly accurately. Standalone GPS receivers can lock in simultaneously on multiple satellites, and track more than four. Other techniques can improve accuracy, too.
But, heck, I don’t have 12.5 minutes. I’m a busy man! Give me that location faster!
Giving GPS an assist
So GPS chip and gear makers came up with a host of ways to shorten the wait, called Assisted GPS (AGPS). Instead of relying on live downloads of position data from satellites, future locations can be estimated accurately enough to figure out rough satellite positions, and get a fix at which point even more up-to-date information is retrieved. These estimates can be downloaded via a network connection in seconds or even calculated right on a device.
The current time can also be used as a clue. With a precise current time, fragmentary satellite data can be decoded to gain a faster lock or figure out the appropriate information to use. In CDMA networks, such as that used by Verizon, GPS-synchronized atomic time is required for the network’s basic operations, making it a simple matter to have such information available. (In fact, CDMA cell towers have GPS units built in to maintain better atomic time synchronization.)
You can see your iOS device get a location fix when you open Maps.These extras are what makes GPS into AGPS. Though a lot of people misunderstand AGPS and think it’s some faux GPS system, that’s not the case: AGPS requires a GPS receiver to work. Apple’s iPhone and 3G iPad models include AGPS, as do nearly all competing devices with GPS chips, notably Android phones. (AGPS allows the use of much cheaper and simpler GPS circuits in phones, reducing cost and battery drain.)
This is where Apple’s statement on Wednesday deviates from full accuracy. Apple uses AGPS for native GPS-lock improvements, and Wi-Fi network and cell tower locations are additional factors in providing a fast initial connection along with improving GPS accuracy.
Cellular carriers have extremely precise GPS measurements of the locations of all their towers. With a database of such towers, you can take measurements of the signal strength of those within range—which may be dozens—and trilaterate to find an area that overlaps among them. (Trilateration involves overlapping regions to find an intersecting area; triangulation uses the measurement of angles to find a center point.)
But cell towers are too far away from one another to provide GPS-like precision, and they don’t work well in less-populated areas, even suburbs, where less coverage is necessary than in an urban environment.
Looking for Wi-Fi
Apple, Google, and others turn to Wi-Fi positioning for that. Wi-Fi positioning, originated by Skyhook Wireless, originally required specially equipped trucks with Wi-Fi antennas and highly sensitive GPS receivers that drove around cities to capture network identifiers (the unique hardware address broadcast by Wi-Fi base stations) and relative signal strengths at billions of points. As with cell towers, if you have enough networks and enough signal strength information, you can approximate a position.
It’s trivial for a networked device like a smartphone to take a snapshot of nearby Wi-Fi and cellular sources and pass it to a server that replies with an approximate set of coordinates. According to Apple’s Q&A, the company takes it a step further by caching subsets of data about nearby networks and towers to reduce network activity and speed up such lookups. This also shifts some computation to the phone or tablet and away from location services. And it means if there’s no cell or Wi-Fi connection available, such location information can still be useful. (This explains a mystery I’ve seen in which a Wi-Fi-only iPad or an iPod touch can seemingly calculate a fix when it’s off the network.)
Apple first unveiled Wi-Fi and cell-tower positioning with the original iPhone in an update to iPhone OS in early 2008. This was Apple’s sop to the fact that the original iPhone lacked a GPS receiver, which didn’t debut until the iPhone 3G.
You can see either or both of these in action whenever you bring up the Maps app. Typically, you see a large blue circle appear nearly instantly, a result of what must be a consultation of the local database. The circle becomes smaller as more information is used, still from cellular and Wi-Fi sources, to create a better trilateration. This data is also used to provide more clues into decoding the best GPS satellite information, allowing the use of quite small fragments of data or even raw signals to get a better lock. Finally, the circle becomes a single dot when iOS is confident it has a solid GPS lock.
Out of the trucks, into the cloud
Apple switched from using Skyhook Wireless as a data supplier starting in iOS 4.0 for the iPhone and iPod touch, and with the iPad-only 3.2 release. There’s a reason for that. When your iOS device uses Wi-Fi positioning, it sends a snapshot of the current signal landscape to Apple, which says in the Q&A that this information is used anonymously to crowdsource better data. But this is incredibly useful market intelligence, too, about how often users are relying on location updates, and where those users are clustered. It can be used for ad targeting and other purposes beyond those in apps that look for location data.
Of course, the Apple Q&A makes it clear that not every Wi-Fi snapshot is sent to Apple; clearly some algorithm drives which are sent to improve the database. By crowdsourcing, Apple avoids having to send trucks around. Google has apparently engaged the same approach, using its Street View trucks to supplement Android-based crowdsourcing. (It’s gotten in trouble two ways about this. First, for apparently accidentally recording unencrypted Wi-Fi network data, which resulted in fines, settlements, and halting such scanning in many countries. Second, for allegedly strongarming two major handset makers into changing their deals to rely on Google’s data.)
GPS is, in fact, rocket science at many levels. But the way in which Apple combines and supplements information from multiple sources to create a fast and accurate lock explains why to us as users it’s all “GPS” and just works.
[Glenn Fleishman is a senior contributor to Macworld, and writes regularly about wireless data. His latest book is Take Control of iPhone and iPod touch Networking & Security for iOS 4 (Take Control books).]
Naturally, there are other brands of devices which would do this kind of thing......
...from:
http://www.macworld.com/article/159494/2011/04/apple_versus_auto_dealer.htm…
How Apple devices saved me thousands on my new car
by Jason Snell, Macworld.com Apr 27, 2011 1:00 pm
Late last year we bought a new car. And in doing so, I realized that the auto industry is undoubtedly one of the industries that has been severely disrupted by Apple in the past decade.
HandBrake 0.9.4
Complete Coverage »
4.5 out of 5 Mice Mar 2, 2010
Best current price: $0.00
NAVIGON MobileNavigator USA
Complete Coverage »
4.0 out of 5 Mice Jan 14, 2011
Latest Price: $34.99
Get it
Yes, every new car in existence seems to offer a USB port with iPod connectivity, and my family’s new minivan is no exception. I plugged in my old hard-drive-based iPod and all of a sudden, our car has my entire music collection on tap. It’s got Bluetooth, too, so I can answer my iPhone from the dashboard and talk over built-in speakers and microphones, and even listen to music streamed wirelessly from the iPhone in my pocket.
(This car is basically the shuttlecraft from the USS Enterprise. Especially when compared to our other car, a 1994 Honda Civic.)
But the changes Apple has wrought had their biggest impact when it came time to decide if we wanted to pony up for the add-on navigation and in-car entertainment systems. As you might expect, automakers charge huge amounts of money for items such as these. As I recall, the entertainment option cost $1500. For a single fold-down video screen and a DVD player!
We don't have this. (Image courtesy Honda.)For a few years, I dreamed of buying a car with a snazzy nav and movie-playing system. But when it came time for us to buy, we didn’t get either the navigation system or the entertainment system. And Apple was the reason.
My wife and I both have iPhone 4’s, and we own a copy of Navigon’s MobileNavigator GPS app. Rather than spend hundreds of dollars for in-car navigation, we bought Kensington’s $30 Windshield/Vent Car Mount for Smartphones and stuck it on the center passenger-side air vent. When we go on a trip that requires navigation, we plug in an iPhone and let it talk to us. Problem solved.
When it came to entertainment, we also opted out. Yes, we want our kids to be entertained on long trips. But there are already two iPads in our family, and during those trips we adults are happy to cede them to the small people who ride in the rear of the compartment. Each of our children can choose what they want to watch, view it on a bright 10-inch screen that's right in front of them (rather than mounted on the ceiling), and listen to it on a set of headphones so as not to disturb anyone else in the car. They can also opt to get a bit more interactive and play games or even use educational apps. (During Spring Break, I was amazed to look back while riding through the California desert and discover my kids were busy playing Math Bingo.)
There’s another benefit, too. One of our neighbors has a minivan with an in-car DVD player. Their kids demand videos whenever they’re in the car, even for a short ride. It’s maddening. We only stock those iPads when we’re going to be trapped in the car for five-plus hours. Our kids never beg for a TV show on a short drive because it’s simply not an option.
I’m not going to argue the merits of kids using iPads on long car trips—I’m in favor of it, obviously, but I understand if you’re opposed. But if you’re going to choose between a couple of iPads and a factory-installed in-car entertainment system, I’m not sure why any tech-savvy person would choose the latter. (I admit lots of people have DVD collections and don’t know how to use HandBrake… though they should.) The iPads offer more control, more variety, and are cheaper. And thus, my local car dealership missed out on a couple thousand bucks in extras, because Apple’s technology simply does more, is cheaper, and our family’s already got it.
iPhone (iOS) Location Tracking
You may have recently read articles about Apple tracking you via your iPhone, this is patently false. Some researchers discovered on their iPhones, a file containing GPS locations of where an iPhone they had been; or so they had thought. The locations were of the cellular towers and WiFi hotspot in their vicinity and not the phone tracking them personally. All cellular phones cache these files to improve network performance. What is of a minor concern is that this file wasn't encrypted. This issue will be resolved in a soon to be related iOS update.
Here is a link to Apple's Press Release.
http://www.apple.com/pr/library/2011/04/27location_qa.html
Regards
-------------
Doug Hamilton, BA, MA, ASP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196 (Ph.)
204-474-7556 (Fax)
http://www.umanitoba.ca/bookstore/
