Start up: Asus’s router screwup, slower smartphones, Ek speaks, the FBI’s other iPhones, hi – it’s Sony, and more

What if you reduced novels to their punctuation? How would they look? Photo by Jilligan86 on Flickr.

You mean you signed up to receive each day’s Start Up post by email? Nice one.

A selection of 11 links for you. Calorie-free. I’m charlesarthur on Twitter. Observations and links welcome.

ASUS settles FTC charges that insecure home routers and “cloud” services put consumers’ privacy at risk » Federal Trade Commission

»Taiwan-based computer hardware maker ASUSTeK Computer, Inc. has agreed to settle Federal Trade Commission charges that critical security flaws in its routers put the home networks of hundreds of thousands of consumers at risk. The administrative complaint also charges that the routers’ insecure “cloud” services led to the compromise of thousands of consumers’ connected storage devices, exposing their sensitive personal information on the internet…

…ASUS marketed its routers as including numerous security features that the company claimed could “protect computers from any unauthorized access, hacking, and virus attacks” and “protect [the] local network against attacks from hackers.” Despite these claims, the FTC’s complaint alleges that ASUS didn’t take reasonable steps to secure the software on its routers.

For instance, according to the complaint, hackers could exploit pervasive security bugs in the router’s web-based control panel to change any of the router’s security settings without the consumer’s knowledge…

…In February 2014, hackers used readily available tools to locate vulnerable ASUS routers and exploited these security flaws to gain unauthorized access to over 12,900 consumers’ connected storage devices.

«

Swingeing fine? No – just “a comprehensive security program subject to independent audits for the next 20 years.” Pfft.
link to this extract

 


Session with Daniel Ek / Feb 16, 2016 » Quora

Lots of questions and answers from Spotify’s founder/chief. I found this one interesting:

»

Q: How will you compete as Amazon, Google (incl. YouTube), Apple, etc. strengthen and expand the scope of their respective lock-in?

A: I believe in focus. All of the companies you mention have music as a hobby, a very small part of their overall business. We do one thing and try to do it really well. This means we have a company 100% dedicated to finding the right content, personalizing it for you and serving it up with partners who are specialized in what they do. The big platform companies don’t generally like partnering. We do. This opens up lots of doors. To put it another way, we are really focused on delivering the best possible music experience you can find. I’m not saying we don’t think about the competition – of course we do, it would be crazy not to. But we think about them more in terms of how to make Spotfy so easy, so fun, and so relevant for our users that whether you wait on lines for every new Apple device, get your groceries from Amazon Prime, or use every Google mail and workplace app, you still want to listen to music on Spotify because it’s the best experience there is.

«

link to this extract

 


Pirated App Store client for iOS found on Apple’s App Store » HelpNet Security

Zeljka Zorz:

»The app hasn’t been flagged as potentially dangerous by Apple’s strict code reviewers, most likely because the app was made to look like a simple app for learning English if a reviewer (or user) accessed the app from anywhere outside China, and showed its true face only for those located in China.

Also, it’s coded in the Lua programming language, and this allows the developers to update the app remotely and repeatedly without triggering Apple’s app review process.

The app was available for download in the App Store for over three and a half months (since October 30, 2015 to the end of last week), but has now been removed.

The researchers haven’t discovered any actual malicious functionality in the app, but given its capabilities, it should definitely be considered risky to use. They dubbed it ZergHelper, and discovered over 50 enterprise-signed versions of the app being distributed in the wild through alternative channels.

«

Enterprise certificates are still the biggest weak point for getting apps onto iPhones. This one was clever too in using geolocation, and Lua.
link to this extract

 


Justice Department seeks to force Apple to extract data from about 12 other iPhones » WSJ

Devlin Barrett:

»The letter, written last week from an Apple lawyer to a federal judge, lists the locations of those phone cases: Four in Illinois, three in New York, two in California, two in Ohio, and one in Massachusetts.

The letter doesn’t describe the specific types of criminal investigations related to those phones, but people familiar with them said they don’t involve terrorism cases. The 12 cases remain in a kind of limbo amid the bigger, more confrontational legal duel between the government and the company over an iPhone seized in the terror case in California, these people said.

«

How surprising that the other cases where the Department wants to do exactly the same aren’t about a high-profile mass shooting that has been framed as “terrorism”.

On another note, this story has prompted some excellent reporting. Such as the next one…
link to this extract

 


Secret memo details US’s broader strategy to crack phones » Bloomberg Business

Terrific scoop by Michael Riley and Jordan Robertson:

»In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.’s iPhone, the marquee product of one of America’s most valuable companies, according to two people familiar with the decision.

The approach was formalized in a confidential National Security Council “decision memo,” tasking government agencies with developing encryption workarounds, estimating additional budgets and identifying laws that may need to be changed to counter what FBI Director James Comey calls the “going dark” problem: investigators being unable to access the contents of encrypted data stored on mobile devices or traveling across the Internet. Details of the memo reveal that, in private, the government was honing a sharper edge to its relationship with Silicon Valley alongside more public signs of rapprochement.

«

link to this extract

 


Bitcoin miners back proposed timeline for 2017 hard fork » CoinDesk

Stan Higgins:

»A group of bitcoin miners constituting close to 80% of the network hashrate, as well representatives from exchanges, service providers and contributors to the Bitcoin Core development project, have proposed a development timeline for scaling the bitcoin network.

The statement’s release comes after a more than 18 hour-long meeting in Hong Kong that drew participants from China’s bitcoin mining community and members of the Bitcoin Core team.

Some of the letter’s signatories were party to a previous statement that voiced opposition to any “contentious hard fork” to the bitcoin network.

According the proposed timeline, Bitcoin Core contributors Matt Corallo, Luke Dashjr, Cory Fields, Johnson Lau and Peter Todd will produce and recommend code for a hard fork to the bitcoin network that would feature a block size increase. The code for this proposal is expected to be made available by July.

«

The picture accompanying the article shows that the group comprises 21 people. So much for bitcoin being decentralised: this group decides which way everything moves.
link to this extract

 


Punctuation in novels » Medium

Adam Calhoun:

»When we think of novels, of newspapers and blogs, we think of words. We easily forget the little suggestions pushed in between: the punctuation. But how can we be so cruel to such a fundamental part of writing?

Inspired by a series of posters, I wondered what did my favorite books look like without words.

Here’s Blood Meridian by Cormac McCarthy (left) and Absalom, Absalom! by William Faulkner.

«

A lovely idea. Hemingway turns out to be a radical.
link to this extract

 


Sony worms way into Ear with Xperia headset-cum-virtual assistant » Ars Technica UK

Mark Walton:

»As it dawns on smartphone makers that—after years of healthy upgrades—consumers are perfectly happy with their existing phone, they’ve started to pile on the features instead. LG has its wacky upgradable G5, Samsung has its Gear VR headset, and Sony… well, it’s got the Xperia Ear, a Bluetooth headset-cum-virtual assistant that it hopes will take away the need for everyone to keep pulling their smartphones out of their pockets.

You can take calls with Xperia Ear, send messages, get the latest traffic updates, and it’ll even send you directions using GPS (via the phone it’s paired with). None of that is particularly innovative as such, but the Ear’s USP is the way its packaged up into a neat, and arguably more reliable package that your traditional virtual assistant along the lines of Siri or Google Now. For instance, when a call comes in and you pick up the Ear, it has a proximity sensor that automatically answers the call and flings it to your earlobe.

If you’re stuck for the perfect cupcake recipe or want to know who invented the Burrito (sorry, I have the MWC hunger), the Ear can find that stuff out too via voice activated Internet searches. Again, this is functionality most people already have access to via their phone, but Sony hopes that by removing the need to pull out their phones altogether, and instead reach for the Ear, people will won’t be quite as shut out from the outside world.

OK, so the concept is clearly a strange one, and there’s evidence to suggest that such devices—like the similar Motorola hint—have struggled to find a market.

«

Can’t imagine why. You make it sound so… useful.
link to this extract

 


Google to shut down Google Compare products in US and UK on March 23 » Search Engine Land

Ginny Marvin:

»The company only recently began rebuilding the Compare product from the ashes of the Advisor program in the US. The single piece left standing from that initial effort was the credit card offering — savings accounts, CDs and mortgages had all discontinued. Compare for Auto Insurance launched just last March, starting in California. Then Google relaunched Compare for Mortgage quotes in November with Zillow and Lending Tree among the launch partners. Both of those relaunches had limited roll outs. In the UK, Google Compare has been running since 2012 for car insurance, mortgage rates, credit cards and travel insurance.

A Google spokesperson told Search Engine Land that while searches on these queries remained high, the product didn’t get the traction it hoped for and revenue was minimal. That’s in part due to the limited availability of the products in both the US and the UK.

«

Another one for the graveyard.
link to this extract

 


Double-digit smartphone market growth is over » Kantar Worldpanel

»Feature phone owners across markets are challenged in finding smartphones that offer what they consider a good value for money spent. They are unlikely to upgrade to a smartphone until they can no longer rely on their current device. While looking year over year might not be enough to see a clear trend, examining the past three years makes it clear that smartphone life cycles are getting longer.

In mature markets, the profitable high end of the market is saturated. In the US, the high-end segment, devices with an unsubsidized price of more than $500 represented 48% of sales in 2015, growing a mere 9% over 2014. In the EU5, where the high-end segment represented just 27% of sales, growth was commensurately lower than in the US, coming in at 6%.

What should the industry expect for 2016? According to Milanesi, 48% of smartphone owners in the EU5 are currently planning to upgrade their smartphone over the next 12 months. This number decreases to 46% in the US, and 28% in urban China. Consumer brand preference for their next device varies a little by region, but two brand names that remain prominent are Apple and Samsung.

«

link to this extract

 


Google + GSMA announcement on RCS is no gamechanger » Disruptive Wireless

Dean Bubley:

»From the announcement: “Operators have agreed to transition toward a common, universal profile based on the GSMA’s RCS specifications and an Android RCS client provided by Google.”

It’s belatedly throwing various independent RCS app providers under the bus, trying to make disparate RCS implementations actually work together. As with VoLTE, RCS has suffered a wide range of non-interoperable versions to date, which is rather embarrassing for an application that was mainly standardised for the purpose of interoperability, rather than user-utility.

That it’s failed to actually be interoperable, as well as failed to be useful & well-designed, is just another eaten brain in the 8-year zombie catastrophe of RCS.

What’s interesting is what’s not in the statement:

– No mention of messaging-as-a-platform, despite that being hinted at previously in RCS presentations I’ve seen. Given that WeChat, Facebook Messenger, WhatsApp and others are shifting to commerce/advertising “streams”, that’s a surprising omission.
– No current usage numbers for RCS. There’s vague pronouncements about “towards a billion users”, but no baseline of current DAUs/MAUs for “proper” RCS usage, not just SMS-replacement texting.
– It doesn’t mention the new RCS client being made mandatory in future Android builds. It just says it’s available. The PR is very operator-centric, which doesn’t seem to suggest that all OEMs will automatically implement it in new devices, especially where they’re sold through open-market channels.
– No reference to whether the client will be appearing on WiFi-only tablets, or other Android devices (cars, watches, Chromebooks etc)
– No mention of AT&T or Verizon in the press release, although there’s an AT&T speaker at MWC on stage with them apparently (link)
– No clear timelines or wholehearted commitment by Google “an important step forward in bringing a better messaging experience for Android users everywhere”
– No mention of Samsung, which also happened to have Mark Zuckerberg from Facebook keynoting its big press conference yesterday. Given Google is trying to wrest back control of Android from its OEMs’ influence, that’s not a good sign for Samsung+RCS
– No reference to the South Korean operators ditching Joyn recently.

It’s also still unclear exactly what the future RCS business/revenue model might look like. Although it references the Jibe platform for MNOs, it doesn’t rule out my previous hypothesis of “Android iMessage” either.

«

link to this extract

 


Errata, corrigenda and ai no corrida: none notified.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s