Should you activate fingerprint authentication on your new iPhone (or other mobile device?)

Bottom line: if you care about security you should avoid activating fingerprint authentication. Use an alphanumeric password in place of the 4-digit PIN and deal with the inconvenience. If you don’t care much about security but are careless about where you leave your phone or which networks you connect to, you should also probably skip it. For everyone else, it depends on your risk appetite. Good luck.

Fingerprint_picture.svgYesterday, Apple launched two new iPhones. The flagship model, the 5s, is impressive and includes many new features including fingerprint based authentication. It is part of a trend towards using biometrics on mobile devices, e.g., facial recognition on Android and voice recognition on the new Moto X.

The use of fingerprint authentication is not new (a family member has that on their Lenovo notebook), but deployment by Apple usually signals the onset of mainstream adoption. At present the iPhone offers it as an option, so you can still choose to use a traditional password instead. The main benefit of fingerprint technology is slightly faster unlocking than using a PIN code. Also the Apple device is said to be accurate and fast, unlike some earlier consumer-oriented implementations. At present Apple is allowing its use for iTunes and Apps Store purchases but one can imagine third-party applications are around the corner.

Before you activate this system, you should consider several issues. Online forums are abuzz about whether your fingerprint can be spoofed, whether the NSA might be spying on you, and whether you can be legally forced to unlock your device. In turn, Apple has tried to allay fears by stating that your fingerprint only exists in a “secure enclave” on the phone (strictly speaking, it is an electronic description rather than an image of your actual finger). However, there are several issues that I believe need consideration:

1. It is hard to replace your fingerprint.
If your password is compromised, you can just revoke it and create a new one. Replacing your finger can probably be done, but it will involve a bit of pain. If you lose your phone and a hacker gets in, or if they are able to remotely access your fingerprint data, the personal costs may be rather high. We also we have no information about know how cleanly (if at all) the data is erased when you sell your phone or recycle it; can the data be extracted afterwards?

2. The fingerprint encryption scheme will be hacked.
This is not a possibility but a certainty. The only questions are how long before it happens and whether you will get to hear about it. People are worried that the NSA is helping Apple keep a backup copy of the master encryption key (i.e., can you trust them to keep it secret, since they lost thousands of documents to some junior guy without knowing it?). But the problem is more fundamental than that: in order to make use of that encrypted data, your phone must contain the key. This is unlike the case where a password is kept separate from your encrypted fingerprint data, or a design in which a password (or some other security token) is needed in addition to your fingerprint data. Keeping the decryption key on the device makes it vulnerable, since with enough effort the key will be recovered, or some weakness in the encryption software can be found. If you think you have heard this story before, it’s because the same thing happened with DVDs. Any DVD player must contain the decryption key and mechanism for doing so, otherwise you won’t be able to view the movie contained on the disc. When DVDs were launched, manufacturers thought their encryption was sufficient, but were quickly proven wrong. Same thing with BluRay.

3. A magnet for attack
Some are worried about the NSA, but they probably already have your fingerprints. The real threat is elsewhere: encryption is broken and various encryption standards have been compromised (including at an atomic level involving encryption libraries used to build software). Thus, storing the data in encrypted format is just a deterrent. Apart from the NSA, you should worry about the other, possibly more nefarious organizations and governments out there. The fact that we know it is possible implies that others will try to get in, either through the same means or by creating new methods. Nathan Rosenberg calls these “inducement mechanisms” that focus the efforts of others; I have observed it in my own fieldwork on semiconductors. All over the world next week, communities of hackers and spy organisations will probably be posting “do not disturb” signs on their doors and begin working on this new challenge.

4. Large attack surface
The data on the fingerprint chip itself might be fairly secure but IOS, like all operating systems, is complex and has been compromised. Every year we hear of interesting exploits at events like Black Hat. There is no such things as a completely safe program, especially one as elaborate as a modern operating system. Your phone or mobile device is not locked down, unlike the scanning device at your neighborhood immigration counter. You bring it everywhere: to airports, cafes, public places, friends’ homes and to pubs). It is exposed to many angles of attack: physical hacking, software backdoors, security holes, hidden code in apps, and compromised websites that you might visit on the phone’s web browser. Another way in is through your computer that syncs to the phone via iTunes because your phone treats it as a trusted connection. Apple claims that the operating system has no access to the fingerprint data on the chip itself, but you’ll have to go on trust with that one as it is not verifiable (Apple also said it did not store your GPS data!).  The question remains of how separate the fingerprint system really is, since iTunes and the App Store will be able to authenticate using the fingerprint sensor, suggesting there may be some indirect paths available to hijack the authentication process, even if one does not touch the data itself.

Conclusion
While these risks are real, they do not necessarily imply that you will be hacked. That depends on whether you are a high enough value target. It also depends upon your personal habits and whether these practices expose you to a larger or smaller attack surface. And it depends upon your luck. Even with a regular old password, you could still end up being hacked, but at least you won’t risk losing your fingerprint data along with your other stuff. It is just a question of being aware of the risks. By no means am I dissuading you from buying that shiny new iPhone.

Bottom line: if you care about security you should avoid activating fingerprint authentication. Use an alphanumeric password in place of the 4-digit PIN and deal with the inconvenience. If you don’t care much about security but are careless about where you leave your phone or which networks you connect to, you should also probably skip it. For everyone else, it depends on your risk appetite. Good luck.

Image source: https://commons.wikimedia.org/wiki/File:Fingerprint_picture.svg

Apple wins $1bn case against Samsung

The more important aspects of the verdict are that it found Apple’s patents to be valid and that Samsung wilfully and knowingly copied Apple.

Apple has won a massive victory in the latest round of its dispute against Samsung. Part of the case is on patents, and part of it is on “trade dress” (the look and feel of the iPhone).

The $1bn award sounds like a lot, but it isn’t really the most interesting part of the decision. The RIM/Blackberry case was much narrower but saw a $600m+ decision some years back. The more important aspects of the verdict are that it found Apple’s patents to be valid and that Samsung  knowingly copied Apple. The validity of Apple’s patents will probably allow it to earn a healthy stream of licensing revenue from other smartphone companies into the distant future. It will also give a well-needed jolt to the rest of the industry to explore different technological trajectories and to develop smartphones that do not resemble the iPhone as much. The willful nature of Samsung’s copying is why I believe the jury reached a surprisingly quick decision while others had expected it to be a protracted case, i.e., once they decided in their minds that Samsung willfully copied Apple, it was only a step away to reach the conclusion that Samsung infringed across a broad range of its products (see this chart at TheVerge). Very bad news for Samsung.

Some people view this as part of Steve Job’s vendetta against Google, which created the Android operating system running on Samsung’s phones. While this may or may not be true, it is not the whole story. The Android operating system is quite versatile and it is possible to build quite a diverse and novel ecosystem around it without copying the iPhone. An example of this is Sony with its aesthetically elegant Xperia phone and Android-based Walkman. Another is Nikon which has just released an Android camera and is an iteration away from it becoming an actual phone.

No doubt the Samsung/Apple ruling will be appealed, but it will inevitably shape the future of smartphones.

Quick review of IA Writer – a minimalist writing tool

I recently began using a new writing tool, iA writer. It is one of a slew of new programs that are “minimalist” writing tools including Omniwriter and Writeroom. They help you focus on actually writing rather than tinkering with fonts, layouts, hyperlinks, grammar checkers and other distractions. I was led to search for a new writing tool by Redmond’s Law of Large Numbers which states that a large and complex enough document will definitely crash Microsoft Word. I have been revising a paper for a journal and when it began crashing every ten minutes, I realized I was totally distracted by having to restart my word processor and guessing what changes had actually been saved. I was no longer focused on writing.

Initially I was skeptical and thought a minimalist tool was nothing new, just a modern version of Vi/Emacs or any of the LaTeX editors I’ve used. But it turns out to be a different user experience after all. Even compared to any of those, iA Writer is distraction free. There is no way to underline or italicize text. There are no styles, hyperlinks, or colors or fonts. There are no obscure Control/Alt/Esc commands to remember. There are however numbered headings which is useful. The overall effect is that your mind stays focused on paragraph structures, flow and generating interesting content.

The experience isn’t like using Notepad (Windows) or TextEdit(Mac) either. On iA Writer, one interesting feature — probably its only feature — is the “focus mode” which highlights the currently edited sentence and fades everything else into grey. This keeps your attention squarely on clarifying exactly what you are trying to express in the current sentence. I like that a lot. Oh and it does look great on screen, a bit like the typerwiters from days gone by.

iA Writer syncs to Apple’s iCloud, so you can edit on your Mac, iPhone or iPad and not worry about backups. You can roll back to different versions using iCloud’s built-in features. If you use Windows, the options include Darkroom, Focuswriter and Writemonkey but I haven’t tried any of those.

Because of its lack of features, a minimalist writing tool isn’t for everything, certainly not equation-laden articles. But it is great for a first draft and if you are primarily writing text. I am currently keeping iA Writer as part of my workflow, using it to draft things, then pasting the results into a word processor or other application for layout and finishing. If you have used such a tool, do share your experiences (good and bad) below.

ps: this blog post was written in iA Writer.

Apple’s Final Cut Pro is part of a broader strategic change

Apple’s new final cut pro is causing unhappiness. But it is only part of two broader changes: a shift in Apple’s strategy towards consumers and a broader change in the demand for videos.

Last week Apple launched the new version of their movie-editing software, Final Cut Pro X (FCPX). This led to a firestorm of criticism by professional video editors (see here, here, and here). Even Conan O’Brien decided decided to chip in :-). The main complain is that it lacks sophisticated features used by broadcasters and video professionals and that are available in earlier versions of the software. FCPX doesn’t even open projects built using earlier versions! On the positive side it is slick and easy to use.

Apple is consolidating its strategy

I suspect that two things are happening. The first is that Apple is consolidating their strategy around mobile computing, the iCloud and end-customers. The price tag for the new FCPX is an indication (US$299.99 versus around $1000 for the earlier version). The move by Apple away from “professional” markets has been happening for some time now and across multiple products. It happened with Aperture, which is now basically an upgrade for those using iPhoto, and a nice one at that, but distinct from Lightroom+Photoshop. Earlier this year Apple decided to discontinue its professional xserve rack mounted server. This year’s Macbook Pro notebook was the first to receive several new high-end features (Thunderbolt and 6Gb/s SATA) that have yet to appear in Apple’s high-end Mac Pro desktop aimed at professionals. This is not a surprise as Apple is now selling 2.4 times more notebooks than desktops.

Focusing on the consumer market makes good business sense for Apple because (a) it fits with their capabilities, which are about making complicated things simple to use, whereas a lot of professional software is by nature complicated and intricate, (b) they can cross-sell many more copies of the software to people upgrading from iMovie or iPhoto than they can to a niche audience of professionals, and (c) it fits well with their major strategic thrust on the iphone/ipad/icloud platform, which is consumer focused rather than enterprise focused.

Video consumption is changing

While video professionals are blaming Apple for not listening to their needs, there is a bigger trend that is happening here. Apple is responding to anticipated changes in the marketplace. Just as with the newspaper and book publishing industries, there are big changes happening with video production and broadcasting. An increasing number of videos are being made by “advanced amateurs”. This is driven by the proliferation of inexpensive video cameras, as well as new platforms for online video distribution. When I think about my own personal consumption of video, I am amazed how little television I watch anymore. I do watch the occasional movie, but an increasing amount of my video consumption is on Youtube, Vimeo and other sites sent to me via Facebook, twitter and email. Are these videos as well-made as those by professional broadcasters? No. But are they good enough for the general public? Often, yes. For these people, the new Final Cut Pro X is a terrific tool for the most part.

Beyond traditional video, there are other interesting developments, such as animoto that takes the pain out of making simple music videos. There is software like Toontastic that lets you make animated skits and apparently even the Gans family is now into it. Each minute of our free time we spend watching these things is probably a minute less spent watching professionally-produced video content.

I’m not saying this to defend Apple. As David Pogue pointed out, in the case of FCPX, Apple Blew It. Some of my friends are in this business and I can’t help feeling concerned for them. As one of them wrote to me, “the industry has gone nuts over this ‘upgrade’. it’s really bad and sad”. I think Apple should have launched FCPX as a different product, instead of discontinuing Final Cut Pro. But the knee-jerk reaction among video professionals right now is leading them to be angry about some some video editing tool. Fair enough. But they need to assess the bigger question: where will their industry be in 5 years, and where do they want to be in their careers?

e-books are overtaking printed books

Australia Radio National recently did a radio program on e-books at the Brisbane Writers Festival. Of the 4 panelists, only one actually owned an electronic book reader. A number of benefits were cited of e-books, including convenience of purchase, lower book prices (especially compared to the prices of printed books in Australia), and better access from rural locations. However, the overall the impression was that printed books and traditional bookstores will continue to exist for some time. One of the panelists stated that printed books will still constitute 70% of the market within a decade. Another panelist felt that bookshops will continue to exist because they are a nexus of social activity.

Let me be the first to say I love bookshops and have a large library of printed books. That said, these people clearly did not get the memo from Jeff Bezos that the number of e-books sold by Amazon has already overtaken hardcover books and it will overtake paperbacks by next year. The recent launch of the ipad, multimedia e-books, and this week’s launch of the third generation Kindle (only US$139) are going to accelerate the process. Having used both e-books and printed books for some time, all I can say is that many of the complaints people mentioned in the podcast have been addressed, or are being addressed, in the newer ebook readers. Change is happening faster than many people think. This week alone I bought 7 books on Kindle for a course I’m teaching, and I have no complaints.

One way to address the gap between perception and reality is to allow more customers to get their hands on an e-book reader, such as at retail outlets and other public places. From personal experience, people who complain about e-books are often surprised by how usable they are after I’ve put an actual device into their hands for the first time. I’ve also noticed that at a lot of places where e-book readers are sold, they are displayed all wrapped up or inside glass cabinets, rather than in a way that invites people to experience them. This is is something e-book retailers such as Amazon and B&N should address, maybe taking a page out of Apple‘s book to make the shopping experience much more hands-on.

NTP Sues Apple, Google, Motorola, HTC, LG, Microsoft

Last year David Weston and I wrote a teaching case on how in 2000, NTP sued Research in Motion (makers of the popular BlackBerry device) for infringing its patents that cover the wireless delivery of email (free download from WIPO). Well, NTP is at it again, and has just sued a number of firms including Apple, Google, LG, Motorola, HTC and Microsoft that make smartphones. The Washington Post has a brief description of the patents. The earlier case ended with a $600+ million settlement, but that large amount was partly the result of (a) RIM was found to have willfully infringed NTP’s patents and attempted to deceive the court when presenting evidence of “prior art” in 2002, and (b) as the case escalated, RIM faced the very real threat of having its US operations closed down in 2005. A number of the original patent claims were subsequently revoked, but I imagine that NTP is hoping that the larger base of email users these days will give it enough licensing revenue from each of the mobile operators. If you haven’t heard of NTP, that is because the company is sometimes thought of as a patent troll and is not well-loved. In my opinion, the lawsuit also highlights a more subtle problem with the patent system. When successful firms like RIM and Nokia choose to settle with companies like NTP, it gives NTP an incentive and the financial resources to then attack a broader group of other firms. A precedence is also set. It would be better if such firms fought back, e.g., by establishing prior art that invalidates such patents or by pushing back on the claims.

Is Secrecy Always A Good Thing? The Tale of Apple Aperture vs Adobe Lightroom

Apple is known for its penchant for secrecy. Products are developed as top-secret projects and unveiled to the public with great fanfare. This has brought it tremendous benefit, for example with during the dramatic launch of the iphone by Steve Jobs (http://www.youtube.com/watch?v=vZYlhShD2oQ#t=2m20s). However secrecy carries costs, and in some cases the costs outweigh the benefits. Yet Apple retains this approach across a whole range of its products; secrecy is apparently “baked into the corporate culture” (http://www.nytimes.com/2009/06/23/technology/23apple.html). Consider Aperture 3.0, the newly updated photo-management product by Apple aimed at professional photographers. It was launched last week following Apple’s usual “secret till the last minute” approach. It is instructive to compare Aperture to Lightroom, a very similar product by Apple’s rival Adobe which has taken a very different approach.

There have been two effects of the secrecy surrounding Apple’s Aperture 3.0. First, the direct effect of launching poorly-tested software. Twitter and the Apple forums are full of complaints by anguished customers who have been unable to upgrade older photo libraries (e.g., http://discussions.apple.com/thread.jspa?threadID=2331026). No doubt there is a selection bias and users with a trouble-free experience are less likely to visit these forums and complain. But this is hardly the “awesome” and polished experience that is expected from Apple, a company that uses “it just works” as a tagline. Among the reports are complaints by customers whose computers have totally frozen during the upgrade, those who succeeded in upgrading but then found it unstable, and those who gave up but were unable to reinstall earlier versions of that software. It is clear from these reports that Aperture 3 was insufficiently tested before being sold, especially against real-world photo libraries in use by existing users.

A second effect of secrecy is that professionals have been increasingly adopting Adobe Lightroom. While the buzz of unveiling a new product may matter for consumer-oriented products like the iphone or ipad, Aperture is aimed at professional photographers, design companies and media organisations. For this audience, surprise may be less important and even counterproductive. Instead , advance knowledge of upcoming features and a stable product at launch time are probably more important. These allow the client to anticipate changes and plan for its integration into existing workflows and business processes.

In contrast to Apple, Adobe has taken a different approach with Lightroom. In October last year it launched the new version as a public beta, available for anyone to download and try for free (the software expires automatically at the launch of the actual product). The public beta gives Adobe precious information from real-world customers on a massive scale. In addition, customers are able to experiment with features likely to be included in the final version, rather than being kept in the dark with no way to anticipate and plan their own businesses around Adobe’s roadmap. Lightroom has its share of detractors, but generally the response online has been positive. The important thing to point out is that Adobe isn’t one of these “open source” players. Lightroom is commercial software that is quite expensive and the guts of the software are heavily protected. However, by being less secretive than Apple, Adobe is able to engage better with its customers. This applies not just to the public beta: in earlier versions of Lightroom, Adobe took a more open stance towards allowing third-party plugins and introducing user-created presets.

Looking more broadly, my sense is that Apple’s secrecy is costing it not just with Aperture but also with other recent product launches. For example, iPad developers are in a scramble to develop software for the new device which ships in about 2 months. Apparently even Apple’s close allies were introduced to the iPad just weeks before it was publicly announced. Even Apple’s new Snow Leopard operating system had its share of bad surprises after it was launched, causing some cases of data corruption. To this day, none of my colleagues are able to print from it to our enterprise-quality printer down the hallway using the Safari web browser or the Preview tool without causing the software to crash. The lesson to be learnt is that while secrecy may be useful for some products, firms (including Apple) should revisit the question as to whether they need to be secretive across all their products.

Do share your thoughts and comments on our discussion board.

—- update on 17 March 2010

A quick update – after writing this article I received a surprising number of emails. Quite a few photographers and media professionals wrote to say they agreed with my perspective. A few disagreed, including some folks who said Adobe also had its share of problems. A few people also wrote to complain that I am biased and “anti-Apple”; I contend this is untrue seeing that I personally own a lot of Apple products.

A couple of people asked what the benefits were of secrecy, and to give a quick answer, it generates greater consumer buzz when the product is launched (as mentioned). In addition, secrecy is one of the mechanisms by which firms attempt to protect intellectual property (e.g., the oft-told story of Coca Cola’s secret recipe). Keeping something secret may also help prevent competitors from hiring the relevant people to develop similar products, although this is controversial as it depends on how scarce the relevant skills are. I hope this helps give my article some balance. I’m not saying secrecy is bad in general, but that it should be used when appropriate. It may be somewhat less effective for professional rather than consumer products, especially software which involves network effects and benefits from a cohesive developer community.

A spokesperson from Apple wrote to me to say that a number of photographers did work with Apple on the beta prior to launch (but as I understand it from people in the industry, this was a private beta and a non-disclosure agreement was involved). Apple also said many of the issues have been addressed in a recent upgrade to the software, and they dispute the market share data used by John Nack which I linked to in my article. They also made a few other points. I am sharing this so that their view is represented and they are welcome to post a reply too, however I don’t think it takes away from the main points of my article. Subsequent to my post, I learnt that Apple’s secrecy was also a concern raised by various photography blogs (e.g., http://photofocus.com/2010/02/17/aperture-3-0-very-cool-but-not-ready-for-prime-time/). Moreover, the extensive fixes that were made soon after Aperture’s release shouldn’t have been needed in the first place if the software had been properly field-tested. Fundamentally, secrecy means missing out on engaging with the professional community and developers in an extensive way prior to the product’s launch. That is the price to pay, and while in some cases this is worthwhile, in other cases its not always a net benefit.