Home page logo

interesting-people logo Interesting People mailing list archives

Re: iPhone can phone home and kill apps? - says yes
From: David Farber <dave () farber net>
Date: Fri, 8 Aug 2008 14:40:45 -0400

Begin forwarded message:

From: "Eugene H. Spafford" <spaf () mac com>
Date: August 8, 2008 12:44:33 PM EDT
To: dave () farber net
Subject: Re: [IP] Re: iPhone can phone home and kill apps? - says yes

From: Bob Frankston [Bob19-0501 () bobf frankston com]
Sent: Friday, August 08, 2008 11:06 AM

The question is why is OS/X on the iPhone so vulnerable and, for that matter, why are the cellular protocols so vulnerable.

Well, the answer applies to lots of other areas, too. We have trade- offs among, risk, security, quality, cost, agility, etc. There are always engineering decisions to be made. Want something that is highly secure and also allows lots of freedom for innovation? Well, it can be done, but it would be so expensive per unit that only a small number of people would want to buy it -- and it might be against the law in many countries. Want something that is stable and fast and affordable? Well, that may require sacrificing openness and committing to legacy issues. Apple, as a company, doesn't do design for design's sake -- there is a goal to make money, and so their designs strike a particular balance among all the various constraints.

There are some scientific constraints (e.g., speed of signal in a medium), engineering constraints (e.g., power density in batteries), legal constraints (e.g., privacy laws), economic constraints (e.g., must be less than $x per unit), and even cultural/international issues (e.g., must allow SMS with Cyrillic characters). The whole process of engineering and marketing has to take these into account and try to optimize. Sometimes there are engineering breakthroughs, or even scientific breakthroughs, that allow a major shift. Other times, there are shifts in economics or regulation. Major change is not always possible, and is seldom simple.

Consider the iPhone. Part of its allure, perhaps, is that it can be used (and sold) internationally. That means it needs to adhere to standards for communications in many countries, and also support laws & regulations in major markets around the world. It must be designed so it isn't simple for anyone to change the internals so as to circumvent those laws and regulations. It needs to have features to attract new (premium) customers at a certain level, yet be relatively stable. It has to work with existing technology. All the various engineering decisions come into play.

Yes, we can complain about openness or choice or alleged (mis)features. However, unless we dive into some of the deeper issues (including portability across borders and legal operation in many jurisdictions), and unless we understand some of the economic and risk analyses, we might not be making a fully informed criticism. That isn't to say that Apple made all the correct decisions, but our definition of "better" and "best" may be based on different assumptions. That is why there are other brands and other models -- each crafted to fit regulations and match some set of criteria. The ones that do a good job matching important criteria for enough people will sell, and the ones that don't, won't.

That doesn't mean we shouldn't question or complain, but we should also keep in mind that the design and sales issues are more complex than most of us might initially consider. And cellphones aren't being designed and marketed for the elite few who subscribe to IP, for for a market in the tens of millions around the world.

Of course, one area where Apple might do better is transparency -- making clear what some of those design decisions were, and why they were made. However, there we have another balance, where Apple is in a competitive marketplace and the resources and ability to make those design decisions to maximize sales is (at least partly) proprietary.

Back to the original question about cellular vulnerabilities -- the system evolved that way, within certain constraints on cost, power, reach, etc. More comprehensive security and privacy issues could be designed in, but then the cost goes up, the reliability might do down, and other factors come into play (ease of service, law enforcement needs, etc). Want to make a change? Possible, but it requires a lot of industry consensus, and a promise of some benefit to offset the massive cost of making the changes. Do something that adds 10 cents to every handset, and maybe it would be okay. Add $10 to every handset, and you might cut the market -- and utility -- of cell phones in dozens of third world countries. That's not only an economic cost, but a social one.

Your basic question ("Why?") is a good one, Bob, and we should always continue to ask it. However, we should also realize that the people behind many (if not "most") of the decisions we question are (usually) not stupid or evil or clueless -- they are trying to optimize over a complex set of variables and make a profit in doing so. We shouldn't lose sight of the fact that those are difficult choices, and sometimes lead to more limited choices in the future.

Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]