Should you activate fingerprint authentication on your new iPhone (or other mobile device?)

Bottom line: if you care about security you should avoid activating fingerprint authentication. Use an alphanumeric password in place of the 4-digit PIN and deal with the inconvenience. If you don’t care much about security but are careless about where you leave your phone or which networks you connect to, you should also probably skip it. For everyone else, it depends on your risk appetite. Good luck.

Fingerprint_picture.svgYesterday, Apple launched two new iPhones. The flagship model, the 5s, is impressive and includes many new features including fingerprint based authentication. It is part of a trend towards using biometrics on mobile devices, e.g., facial recognition on Android and voice recognition on the new Moto X.

The use of fingerprint authentication is not new (a family member has that on their Lenovo notebook), but deployment by Apple usually signals the onset of mainstream adoption. At present the iPhone offers it as an option, so you can still choose to use a traditional password instead. The main benefit of fingerprint technology is slightly faster unlocking than using a PIN code. Also the Apple device is said to be accurate and fast, unlike some earlier consumer-oriented implementations. At present Apple is allowing its use for iTunes and Apps Store purchases but one can imagine third-party applications are around the corner.

Before you activate this system, you should consider several issues. Online forums are abuzz about whether your fingerprint can be spoofed, whether the NSA might be spying on you, and whether you can be legally forced to unlock your device. In turn, Apple has tried to allay fears by stating that your fingerprint only exists in a “secure enclave” on the phone (strictly speaking, it is an electronic description rather than an image of your actual finger). However, there are several issues that I believe need consideration:

1. It is hard to replace your fingerprint.
If your password is compromised, you can just revoke it and create a new one. Replacing your finger can probably be done, but it will involve a bit of pain. If you lose your phone and a hacker gets in, or if they are able to remotely access your fingerprint data, the personal costs may be rather high. We also we have no information about know how cleanly (if at all) the data is erased when you sell your phone or recycle it; can the data be extracted afterwards?

2. The fingerprint encryption scheme will be hacked.
This is not a possibility but a certainty. The only questions are how long before it happens and whether you will get to hear about it. People are worried that the NSA is helping Apple keep a backup copy of the master encryption key (i.e., can you trust them to keep it secret, since they lost thousands of documents to some junior guy without knowing it?). But the problem is more fundamental than that: in order to make use of that encrypted data, your phone must contain the key. This is unlike the case where a password is kept separate from your encrypted fingerprint data, or a design in which a password (or some other security token) is needed in addition to your fingerprint data. Keeping the decryption key on the device makes it vulnerable, since with enough effort the key will be recovered, or some weakness in the encryption software can be found. If you think you have heard this story before, it’s because the same thing happened with DVDs. Any DVD player must contain the decryption key and mechanism for doing so, otherwise you won’t be able to view the movie contained on the disc. When DVDs were launched, manufacturers thought their encryption was sufficient, but were quickly proven wrong. Same thing with BluRay.

3. A magnet for attack
Some are worried about the NSA, but they probably already have your fingerprints. The real threat is elsewhere: encryption is broken and various encryption standards have been compromised (including at an atomic level involving encryption libraries used to build software). Thus, storing the data in encrypted format is just a deterrent. Apart from the NSA, you should worry about the other, possibly more nefarious organizations and governments out there. The fact that we know it is possible implies that others will try to get in, either through the same means or by creating new methods. Nathan Rosenberg calls these “inducement mechanisms” that focus the efforts of others; I have observed it in my own fieldwork on semiconductors. All over the world next week, communities of hackers and spy organisations will probably be posting “do not disturb” signs on their doors and begin working on this new challenge.

4. Large attack surface
The data on the fingerprint chip itself might be fairly secure but IOS, like all operating systems, is complex and has been compromised. Every year we hear of interesting exploits at events like Black Hat. There is no such things as a completely safe program, especially one as elaborate as a modern operating system. Your phone or mobile device is not locked down, unlike the scanning device at your neighborhood immigration counter. You bring it everywhere: to airports, cafes, public places, friends’ homes and to pubs). It is exposed to many angles of attack: physical hacking, software backdoors, security holes, hidden code in apps, and compromised websites that you might visit on the phone’s web browser. Another way in is through your computer that syncs to the phone via iTunes because your phone treats it as a trusted connection. Apple claims that the operating system has no access to the fingerprint data on the chip itself, but you’ll have to go on trust with that one as it is not verifiable (Apple also said it did not store your GPS data!).  The question remains of how separate the fingerprint system really is, since iTunes and the App Store will be able to authenticate using the fingerprint sensor, suggesting there may be some indirect paths available to hijack the authentication process, even if one does not touch the data itself.

Conclusion
While these risks are real, they do not necessarily imply that you will be hacked. That depends on whether you are a high enough value target. It also depends upon your personal habits and whether these practices expose you to a larger or smaller attack surface. And it depends upon your luck. Even with a regular old password, you could still end up being hacked, but at least you won’t risk losing your fingerprint data along with your other stuff. It is just a question of being aware of the risks. By no means am I dissuading you from buying that shiny new iPhone.

Bottom line: if you care about security you should avoid activating fingerprint authentication. Use an alphanumeric password in place of the 4-digit PIN and deal with the inconvenience. If you don’t care much about security but are careless about where you leave your phone or which networks you connect to, you should also probably skip it. For everyone else, it depends on your risk appetite. Good luck.

Image source: https://commons.wikimedia.org/wiki/File:Fingerprint_picture.svg

LTE is a Game Changer Because of Upload (not Download) Speeds.

What makes LTE a game changer is not its download speed but its upload speed instead. LTE is faster than the internet connection to many homes.

I recently upgraded to a smartphone that supports LTE, a new “pseudo-4G” standard that claims much faster speeds than 3G networks. Around the world, telecommunications operators are just beginning to roll out LTE. My first impression when using LTE was one of incredulity. This thing is smoking fast! The screenshot below shows 2 tests performed on my cellphone within minutes of each other in Melbourne’s CBD. The panel on the left is with my phone connected to 3G, while the one on the right is for the same phone connected via LTE. Download speeds for LTE are in the 21+ Mbps range as compared to 3+ Mbps on 3G. The phone feels noticeably faster when browsing the web or running web-connected apps such as Facebook. 3-dimensional maps appear really quickly on LTE. It is really a pleasure to use, but truth be told the old 3G speeds were already respectable for a mobile device.

What makes LTE a game changer is its upload rather than download speed, which is shown in the photo at around 20Mbps. On 3G, uploads are 16 times slower (at 1.2Mbps), and that is being generous as I am often only able to connect at half or a quarter of that speed around Melbourne. The amazing thing is that 20Mbps is much faster than most residential broadband connections. Many people are connected to the internet at home via ADSL2+ technology, which typically has download speeds of 5-8Mbps (despite what your Telco’s marketing brochure says) and upload speeds limited to a measly 1Mbps. In contrast, at various places around Melbourne’s CBD I have measured LTE upload speeds ranging from 6 to 20 Mbps, but of course this is not a scientific test.

In practical terms, what this means is that on an LTE phone, I can upload photos and videos much faster than many people can from their home networks. Uploading to Youtube, Instagram and Flickr from my cellphone while on the move has become amazingly practical, and no longer feels like a hopeless endeavour. Video conferencing over LTE is quite smooth, e.g., using FaceTime or similar programs. Applications that capture data locally and process it remotely (including Siri and other voice recognition apps) work quite well. This make the end-user experience so much better. While better download speeds are certainly welcome, the new upload speeds have removed a critical bottleneck that existed before. I believe it will open up all sorts of new opportunities for innovation and new applications.

It remains to be seen whether LTE speeds will remain impressive after everyone piles onto the network. I hope it won’t slow down to a crawl. The design of LTE incorporates better traffic handling than earlier networks, plus LTE has theoretical download and upload limits of 300Mbps and 75Mbps respectively, but how well will it cope in practice? Before it gets too congested, I am enjoying the boost in speed, glad to be working and living downtown and bathed in LTE goodness.

speedtest.net: LTE vs 3g
Speedtest.net: LTE vs 3G on Optus Australia’s Network

Improving Wireless Ordering at Restaurants

Last night, we got to order dinner on a wireless touchscreen, actually an iPad in Aluminum body armour. Pretty cool. This was not our first time, but it was a surprise because we were not at some fancy restaurant but instead at a modest place in Chinatown. It just goes to show how widely this technology has diffused. The use of a touchscreen menu was useful in this context for overcoming language barriers as the waiters weren’t the most fluent English speakers and although some of us spoke Chinese it was not the same dialect.

Unfortunately, like at many other places, we found that the restaurant was using a smart tablet in the same old “non-smart” way. i.e., just as an electronic version of their printed menu but with ordering capability built-in. I suspect that we’ll be seeing smarter devices soon. For instance, the computer should make customised recommendations based on your dining preferences, group composition and the chef’s knowledge of which dishes and beverages go well together. It should be more interactive, adapting the menu recommendations as you progress through a meal based on whether you liked a particular dish. This could change the dining experience from being a static one, where you order at the start and cannot make changes, to one that is more interesting and dynamic.

At a basic level, many restaurants are using the wrong device: instead of investing in their own tablets they should be offering a software application that downloads directly to your own smartphone/tablet as soon as you sit down at a table. This would allow you to make more personalised selections, for example using your own (private) dining history and food restrictions to help find suitable matches in the menu as well as making recommendations based on reviews posted by others online, or maybe even via a transitory peer-to-peer network of other diners.

ps: now that I’ve put these ideas out, they become “prior art” so hopefully this prevents companies from patenting them and filing frivolous lawsuits, thus ruining my future dining experiences.

Ordering on a Tablet
Ordering on a Tablet

 

Apple wins $1bn case against Samsung

The more important aspects of the verdict are that it found Apple’s patents to be valid and that Samsung wilfully and knowingly copied Apple.

Apple has won a massive victory in the latest round of its dispute against Samsung. Part of the case is on patents, and part of it is on “trade dress” (the look and feel of the iPhone).

The $1bn award sounds like a lot, but it isn’t really the most interesting part of the decision. The RIM/Blackberry case was much narrower but saw a $600m+ decision some years back. The more important aspects of the verdict are that it found Apple’s patents to be valid and that Samsung  knowingly copied Apple. The validity of Apple’s patents will probably allow it to earn a healthy stream of licensing revenue from other smartphone companies into the distant future. It will also give a well-needed jolt to the rest of the industry to explore different technological trajectories and to develop smartphones that do not resemble the iPhone as much. The willful nature of Samsung’s copying is why I believe the jury reached a surprisingly quick decision while others had expected it to be a protracted case, i.e., once they decided in their minds that Samsung willfully copied Apple, it was only a step away to reach the conclusion that Samsung infringed across a broad range of its products (see this chart at TheVerge). Very bad news for Samsung.

Some people view this as part of Steve Job’s vendetta against Google, which created the Android operating system running on Samsung’s phones. While this may or may not be true, it is not the whole story. The Android operating system is quite versatile and it is possible to build quite a diverse and novel ecosystem around it without copying the iPhone. An example of this is Sony with its aesthetically elegant Xperia phone and Android-based Walkman. Another is Nikon which has just released an Android camera and is an iteration away from it becoming an actual phone.

No doubt the Samsung/Apple ruling will be appealed, but it will inevitably shape the future of smartphones.

Quick review of IA Writer – a minimalist writing tool

I recently began using a new writing tool, iA writer. It is one of a slew of new programs that are “minimalist” writing tools including Omniwriter and Writeroom. They help you focus on actually writing rather than tinkering with fonts, layouts, hyperlinks, grammar checkers and other distractions. I was led to search for a new writing tool by Redmond’s Law of Large Numbers which states that a large and complex enough document will definitely crash Microsoft Word. I have been revising a paper for a journal and when it began crashing every ten minutes, I realized I was totally distracted by having to restart my word processor and guessing what changes had actually been saved. I was no longer focused on writing.

Initially I was skeptical and thought a minimalist tool was nothing new, just a modern version of Vi/Emacs or any of the LaTeX editors I’ve used. But it turns out to be a different user experience after all. Even compared to any of those, iA Writer is distraction free. There is no way to underline or italicize text. There are no styles, hyperlinks, or colors or fonts. There are no obscure Control/Alt/Esc commands to remember. There are however numbered headings which is useful. The overall effect is that your mind stays focused on paragraph structures, flow and generating interesting content.

The experience isn’t like using Notepad (Windows) or TextEdit(Mac) either. On iA Writer, one interesting feature — probably its only feature — is the “focus mode” which highlights the currently edited sentence and fades everything else into grey. This keeps your attention squarely on clarifying exactly what you are trying to express in the current sentence. I like that a lot. Oh and it does look great on screen, a bit like the typerwiters from days gone by.

iA Writer syncs to Apple’s iCloud, so you can edit on your Mac, iPhone or iPad and not worry about backups. You can roll back to different versions using iCloud’s built-in features. If you use Windows, the options include Darkroom, Focuswriter and Writemonkey but I haven’t tried any of those.

Because of its lack of features, a minimalist writing tool isn’t for everything, certainly not equation-laden articles. But it is great for a first draft and if you are primarily writing text. I am currently keeping iA Writer as part of my workflow, using it to draft things, then pasting the results into a word processor or other application for layout and finishing. If you have used such a tool, do share your experiences (good and bad) below.

ps: this blog post was written in iA Writer.

Game classifications and sensible implementation

There is some discussion at the moment that the Australian government might move to require mobile application games to be classified according to content. This is a move that is consistent with requirements on other computer games and, on the face of it, if classification is policy there it would seem that it should be policy for mobile games. (Note to commentators: it may well be that classification of games is silly but I’m not looking to discuss that here.)

What I want to discuss is the implementation of this. Here is what the concern is:

The government is now making plans to require developers to submit their game apps to the Classification Board before they are released. This would cost developers between $470 to $2040 per game.

This would cause several things. First, literally thousands of overseas developed games would be removed from the various mobile application stores in Australia. Most of these do not cover the developer costs and even those that may have in the past may not do so in the future. Not to mention the cost of applying for classification. The effect on Australian consumers would be immediate. Second, this would have an impact on local developers. Fortunately, with regard to games, most of their sales are elsewhere. But we will see a headline within a year: “Australian teenager has hit mobile game but her friends cannot play it.” Nonetheless, there will be a disproportionately negative impact on developers who are trying to tailor games to the local market. Third, this will end up including educational games and books. For instance, Dr Seuss books on the iPad have little games in them. I assume that means they require classification. Maybe popular children’s books won’t be impacted but there will be many other educational apps that will be and this will spark further headlines. Fourth, apps that use Apple’s iAds will be impacted as these ads may include games in them. Finally, all of this will cause Australians to either pirate games in droves — indeed, they may do so just to get games that are actually free elsewhere! — or move to overseas app stores. My guess is that rules imposed internally by Apple and co that prevent purchases by Australians from say, New Zealand will be relaxed. This will alleviate the harm of all this but it will be a very bad look. Need I say, that this is as much a problem for Apple and Google as it is for developers and consumers. In other words, the doom and gloom forecasted may well occur.

The good news is that there is an easy solution to this. First, raise the fines for selling games in Australia with the incorrect classification; including on application stores themselves. Second, allow developers to self-classify their games. That’s it. The vast majority of games can be classified easily and, indeed, Apple already does this. There seems little reason to add another layer of review prior to an app’s launch. Instead, the onus would be on developers and publishers/platforms to review applications and make sure their content is rated properly. If they fail to do so and there are complaints — which there inevitably are — then the Government can prosecute. Anticipation of that and a large fine will keep this in check.

My point is that all of the dire consequences for the industry arise because Classification requires pre-evaluation. If it was made a self-evaluation process plus a later process to deal with infractions that would alleviate almost all concerns without sacrificing whatever public policy goals there are from the classification policy. And if developers are still concerned about taking that risk, then they can pay a fee and be pre-classified. See, this is one area where everyone can be happy so long as a little bit of common sense is applied. I guess we will have to see what occurs.

NTP Sues Apple, Google, Motorola, HTC, LG, Microsoft

Last year David Weston and I wrote a teaching case on how in 2000, NTP sued Research in Motion (makers of the popular BlackBerry device) for infringing its patents that cover the wireless delivery of email (free download from WIPO). Well, NTP is at it again, and has just sued a number of firms including Apple, Google, LG, Motorola, HTC and Microsoft that make smartphones. The Washington Post has a brief description of the patents. The earlier case ended with a $600+ million settlement, but that large amount was partly the result of (a) RIM was found to have willfully infringed NTP’s patents and attempted to deceive the court when presenting evidence of “prior art” in 2002, and (b) as the case escalated, RIM faced the very real threat of having its US operations closed down in 2005. A number of the original patent claims were subsequently revoked, but I imagine that NTP is hoping that the larger base of email users these days will give it enough licensing revenue from each of the mobile operators. If you haven’t heard of NTP, that is because the company is sometimes thought of as a patent troll and is not well-loved. In my opinion, the lawsuit also highlights a more subtle problem with the patent system. When successful firms like RIM and Nokia choose to settle with companies like NTP, it gives NTP an incentive and the financial resources to then attack a broader group of other firms. A precedence is also set. It would be better if such firms fought back, e.g., by establishing prior art that invalidates such patents or by pushing back on the claims.