Wednesday, September 10, 2014

Apple's new toys: hidden dangers and a yawn

There's a huge amount of gushing, almost fawning media adulation about Apple's new iPhones, its Watch, and its new payment app, Apple Pay.  I remain less than convinced that they're worth all the hype.

For a start, don't forget the revelation a couple of months ago that Apple has deliberately built security weaknesses into iOS.

Security researcher Jonathan Zdziarski ... reveals Apple’s complex tools inside iOS that would allow Apple to share certain user data at the request of law enforcement without the user knowledge.

More importantly, with or without Apple’s help, spying agencies such as NSA and other third parties that are very familiar with how iOS operates can apparently use these vulnerabilities to grab plenty of data from an iPhone, or to install applications for spying and other malicious purposes without the user’s knowledge.

Zdziarski shared his findings with “a room full of hackers,” explaining how Apple’s iOS has evolved over the years and describing some tools inside iOS that Apple is yet to acknowledge or account for.

. . .

These iOS tools that facilitate spying are not for iTunes or Xcode, the Genius Bar/Apple Support, developers or engineers, and the code discovered in iOS versions isn’t something Apple forgot about as years passed. “Apple has been maintaining and enhancing this code, even with iOS 7; they know it’s there,” the researcher wrote.

There's more at the link.

Would someone please explain to me why anyone in his right mind would run a payment app on top of an operating system that's deliberately designed to allow others to infiltrate the device(s) in question?  I don't care whether it's a law enforcement agency requesting information from Apple, or a third-party app making calls to the same functions, or a hacker who's learned how to access the backdoors Apple's built into iOS.  We know there are deliberate security flaws in iOS.  How can we possibly trust it as a secure payment tool?  As far as I'm concerned, security issues alone mean that no matter how good it may be in other respects, Apple Pay is a non-starter.  Period.  It's intrinsically non-secure;  therefore it can't be trusted.

Second, there are the bigger screens on the iPhone 6 and 6+.  Big fat hairy deal.  Samsung and other manufacturers have been offering them for years.  Sure, the iPhone may have a fancy wrap-around glass surface and other neat-looking bells and whistles, but I don't buy appliances for their looks - I buy them for their functionality.  I don't see anything in the new iPhones that offers compelling advantages over competitors' products.  As for iOS Version 8 that debuts with the new phones, it seems to have leapfrogged the latest version of Android in some (but by no means all) respects, but Android will catch up within six months to a year.  It always does.  A few new software features aren't sufficient reason to switch.

Then there's the Apple Watch.  Many commentators have not made it clear that it's not a stand-alone device.  It requires having an iPhone on your person to make it work.  As Yahoo! News pointed out:

"Syncing Apple Watch capabilities to iPhones ... means that the overall cost of strapping one on could near $1,000."

A thousand dollars?  That's not chump change.  What that figure says to me is that these products are aimed at the affluent.  That's a risky market segment.  It's far more fashion- and trend- and fad-conscious than lower-end consumers.  The latter have to live with what they buy, and are therefore more cautious before putting down their money.  If Apple loses its high-fashion status, or something else comes along to rival it, it'll spell trouble for the company.  (And, of course, if the economy goes south - as I and many others expect it to do in the not too distant future - what will that do to the sale of expensive, high-end products if people can no longer afford them?)

I'm sure Apple will sell a bunch of its new toys to its fanbois - those who are fanatically loyal to the company and have made it a part of their lives.  They're 'Apple-inculturated', if I can put it that way.  Whether there are enough of them to make this the game-changer and corporate earnings revival engine that Apple hopes it will be . . . I have my doubts, just as I did about Amazon's Fire Phone.  I think both companies are trying to dazzle consumers with technology.  Well, this consumer ain't buyin' the hype - or the products.



Kentucky Packrat said...

I paid $150 each for the Moto Gs I bought Milady and the kids. They are crap. Cricket won't update to fix a bug where the volume goes down when you have it set on maximum, and the only work around is to LOWER the volume, and then raise it. Milady left hers outside on the table in the sun, and the little darling phone overheated, and wouldn't work until it had cooled off in the house.

A good smartphone costs you $400 to $600, whether you pay for it out of pocket or finance it as part of your 2 year phone contract.

Now, I happen to think $350 for a overpowered wristwatch is absurd, but I can see some people buying one of them and keeping their iPhone 5/5C/5S for a while. If you don't "need" a new phone, you can use the new gadget to get the new features.

Apple standing in the middle of your bank accounts is more secure than stripe credit cards, since stripe credit cards really are about as secure as the old bank counter checks. It's interesting that Apple's supposedly getting ultra-profitable transaction rates out of both the banks and the vendors by agreeing to absorb all charge-back risk themselves. If that holds, then you keep accounts with time sensitivity out (you don't want to have to ask for a $2000 claw-back so your mortgage payment won't bounce, for example), but otherwise it doesn't seem that dangerous.

However, I think the killer app will be iTunes credit: a parent can either give their kid an iTunes card, or allow a monthly allowance funded through iTunes, and they have access through their phone. Apple just became the trendiest pre-paid debit card provider in the US.

John Balog said...

I'm always hearing about these fanatical Apple people, but I've never really met one in the wild.

A phone is a phone, and they all work pretty well these days. I think that judging yourself worth because of the kind of phone you carry is silly, just as I think assuming that people use Device X for Reason Y is silly.

I'm in the position of having access to both an older iPhone and Android phone through personal and a work cell with a very generous personal use policy. I could use either, but I frequently choose the idevice because it accomplishes the tasks I regularly perform in a superior way.

Richard Blaine said...

It's sad really, Apple used to be amongst the more secure phones, and had as near as we can tell, not sold out to big brother. History.

Android has long been a security risk, and I've never really considered a Microsoft phone - although given the unpopularity of the unit, I'm not sure why - maybe i've moved out of my underdog phase and more into the mainstream. Not that I think MS has any fewer security issues that iOS8.

While I've got a plethora of apple products, I'm not a fanboy although I've known a few. And I can say this with a straight face while owning 2 iPads, 1 iPhone, 2 MacBook Pro's, 1 Mac Pro, and 3 iPods. Yep, sure looks like a fanboy... Yet, when asked "Should I buy a Mac?" my usual response is: "Why? what do you think it will do for you that your current computer won't?" The fact is, if you do what most folks do, a little email, and some web browsing, there's only a small advantage to a Mac - you don't need to keep spending money on antivirus software. You do have to pay up front for the hardware.

I'm not a big fan of Windows 8, 7 I though was pretty good, maybe their best so far - maybe server 2012 - I haven't tried that yet.

Linux is an excellent system for those who have the determination or the years of experience it takes to make it a workable system for daily use. Sadly, many of the applications I value are not available for the platform. I may eventually get there, as I'm pretty burned out on Adobe PS - CS6 is my last update of that seriously overpriced bundle of pain. I'll probably upgrade lightroom a few more times - we'll see

I know for a fact that OS/X is more stable than Win7 or Win8. I know it's a much smaller target for virus makers, and there's limited malware, the hardware is rock solid, exceptionally functional, and painfully expensive. I keep a windows machine for games and I'll be adding a raw drive bay to enable easy swapping of boot devices for various flavors of linux.

I've still got my 3GS, it still works, although I may need to put a new battery in it - if that doesn't work out, I might upgrade to a 6 with the big screen If that looks too costly, I'll probably replace it with a DUMB phone.

Richard Blaine said...

Oh - I'm getting rid of my iPods, as i've finally sprung for a portable player that handles high resolution audio and has a fantastic DAC. Sadly it's android OS based, but since i don't let it connect to anything except firmware downloads and my mac for transferring files...

I'm debating the idea of selling my iPad retina and moving to something smaller - while I have a few apps I'm not going to let that make the decision - the problem is android is Google and I am not a Google fan. Once again - it' stuck with iOS or Android or Windows - none of which are great alternatives. I can get linux to run on a Galaxy Tab but then I'll have to write my own eBook reader ..... hmm that's a thought...

I sure wish the tech companies would climb out of the Big Brother, authoritarian cloud they've descended into.

Liam said...

Hi Peter

I'm not a watch wearer, but I found this observation interesting:

Apparently $350 isn't expensive for watch wearers to spend on something that is just a watch - who knew? :-)

On the 'fanboi' pejorative. I work in IT, and amongst the 200 or so people in my building a bunch have Apple products, a bunch have Android product, a bunch have Windows products. I know of 2 that make their decision based on 'this is the one true way' .

Everyone else makes a choice based on the value equation. If I can buy product A for $250, and product B for 600 and product C for 700 then do I get $450 value from product C over product A etc.

I can't personally can't afford to buy something that doesn't provide me with good value for my money. Sometimes that means buying the cheapest option and sometimes that means waiting and saving to buy a more expensive option. I have learnt that automatically buying the cheapest option without doing due diligence can cost me more in the long run with failures, or having to replace something early due to lack of functionality.

Some of that may depend on what the rest of your environment is - if you use linux everywhere then a Apple phone if probably not as convenient as an Android. If one uses Macs as a desktop then maybe the integration Apple provides is of value. If you have all your data and services with google then an Android will provide the most seamless experience. And so on through the options.

What I have never personally met is someone who bought a phone, be it Apple, Samsung, HTC or otherwise because they think it makes them look cool. I guess we just run in different circles.

You have written a number of times on assessing the true value of a purchase, be it guns or shelves or other items and have on a number of occasions expressed why you felt that, for you, the value given by a more expensive option was worth the price premium.

I am curious as to why you feel that making value assessments doesn't apply to purchases in the IT realm. Or is your view that some one who buys a, for example, 'Smith & Wesson' when there is a equivalent device at 1/3 the price from the Philippines is just a 'Smith & Wesson fanboi'?

Cheers, Liam

Peter said...

@Liam: I used the term 'fanboi' to describe the fanatically loyal followers of the Apple brand. It really is a cultural phenomenon, widely discussed on the Internet - the 'true believer' thing. It's not so much a pejorative term as a realistic description, as the Urban Dictionary definition of the word (to which I linked) points out.