FBI says iPhone encryption will help kidnappers

Trevor Timm wrote for The Guardian about the misleading information FBI is disseminating regarding phone encryption.

FBI director James Comey:

I am a huge believer in the rule of law, but I also believe that no one in this country is beyond the law. … What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.

Encrypting your files doesn’t put you beyond the law. Are you beyond the law if you locked your houses to keep out intruders and police?

Comey:

I get that the post-Snowden world has started an understandable pendulum swing. … What I’m worried about is, this is an indication to us as a country and as a people that, boy, maybe that pendulum swung too far.

Timm makes a very good point:

This might be a good time to point out that Congress has not changed surveillance law at all in the the nearly 16 months since Edward Snowden’s disclosures began, mostly because of the vociferous opposition from intelligence agencies and cops. The pendulum is still permanently lodged squarely on law enforcement’s side.

Eric Schmidt: Apple got it wrong, Google is the safest place on the web

CNN reported on Erich Schmidt defending Google’s privacy policies

Tim Cook:

But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy.

Eric Schmidt:

“We have always been the leader in security and encryption,” Eric Schmidt told CNNMoney. “Our systems are far more secure and encrypted than anyone else, including Apple. They’re catching up, which is great.”

“Someone didn’t brief him correctly on Google’s policies,” Schmidt said. “It’s unfortunate for him.”

Unfortunately, someone didn’t brief Schmidt correctly. My customer experience with Google could have been better if Google respected my privacy. Just look at the ads that tries to look like emails in my Gmail inbox.

Samsung says Note 4 screen gap is a feature, not a manufacturing flaw

9to5 Google reported on Samsung saying that the screen Gap on the Galaxy Note 4 is a feature.

Android Central reported that Samsung acknowledged the issue in the Note 4 manual:

A small gap appears around the outside of the device case

  • This gap is a necessary manufacturing feature and some minor rocking or vibration of parts may occur.
  • Over time, friction between parts may cause this gap to expand slightly.

It is appalling to see Samsung trying to wriggle its way out of a manufacturing issue and actually claim that it is a feature. And while the media blew Bendgate out of proportions, they seem to be turning a blind eye to an actual defect in the Note 4. This also highlights the engineering feat that Apple accomplished in making the iPhone 6 and 6 Plus screens blend so seamlessly into the aluminium back.

New Pebble campaign

Pebble launched a new branding campaign but shoots themselves in the foot by taking a swipe at Jony Ive.

I have to agree with John Gruber:

What gives me pause, though, is the “Breathe, Jony” headline. That seems a little petty. Personal, not playful.

Literary lions unite in protest over Amazon’s e-book tactics

The New York Times reported on literary lions uniting in protest over Amazon’s e-book tactics.

“Sons of Wichita” by Daniel Schulman, a writer for Mother Jones magazine, came out in May. Amazon initially discounted the book, a well-received biography of the conservative Koch brothers, by 10 percent, according to a price-tracking service. Now it does not discount it at all. It takes as long as three weeks to ship.

“The Way Forward: Renewing the American Idea” by Representative Paul Ryan has no such constraints, an unusual position these days for a new Hachette book.

Amazon refused to take advance orders for “The Way Forward,” as it does with all new Hachette titles. But once the book was on sale, it was consistently discounted by about 25 percent. There is no shipping delay. Not surprisingly, it has a much higher sales ranking on Amazon than “Sons of Wichita.”

Should we be surprised that Amazon is manipulating sales of books? No, not when we are experiencing the same on Facebook where you are shown what Facebook thinks you want to see. But should we accept such manipulation by big corporations?

BlackBerry: The Endgame

Jean-Louis Gassé wrote about the decline of BlackBerry.

In reality, RIM was much more than three years behind iOS (and, later, Android). Depending on whom we listen to, the 2007 iPhone didn’t just didn’t stand on a modern (if incomplete) OS, it stood on 3 to 5 years of development, of trial and error.

BlackBerry had lost the software battle before it could even be fought.

Another reminder that first doesn’t matter, but the first that matters does. Instead of releasing a phone with an incomplete OS, Apple waited until it was ready and blew away its competition.

Android L will have built-in encryption, just like iOS

Digital Trends reported on built-in encryption for Andriod L.

The next major version of Android is going to come with one feature that will please the security-conscious: built-in encryption. It means anyone who grabs hold of your mobile device—from petty thief to law enforcement officer—will find it much more difficult to extract data from it. The same level of advanced encryption is also available in iOS 8.

Android users have had the option to encrypt their phones and tablets since 2011, but the setup process for Android L will switch it on by default. iOS has always encrypted data on devices automatically — there’s no option to enable it as there is on current versions of Android — but the protection has been reworked and improved in iOS 8.

Let’s not talk about why it’s always on for iOS while Android makes it turned off by default. Given how Android updates are rolled out, it will be years before this is widely adopted.

Third party keyboard in iOS 8 key logging?

Gabe Weatherhead wrote about his concerns about iOS 8 key logging.

This is what I found (quoted from the documentation):

  • All capabilities of a nonnetworked custom keyboard
  • Keyboard can access Location Services and Address Book, with user permission
  • Keyboard and containing app can employ a shared container
  • Keyboard can send keystrokes and other input events for server-side processing
  • Containing app can provide editing interface for keyboard’s custom autocorrect lexicon
  • Via containing app, keyboard can employ iCloud to ensure settings and autocorrect lexicon are up to date on all devices
  • Via containing app, keyboard can participate in Game Center and In-App Purchase
  • If keyboard supports mobile device management (MDM), it can work with managed apps

My interpretation of the documentation is that a keyboard extension can enable network access if it is for the purpose of improving the application. What improvements warrant this, is up to the app developer.

It is a concern I share as well. Why would a keyboard need to send keystrokes?

Google’s Doubleclick ad servers exposed millions to malware

The Verge reported on Google’s Doubleclick serving malware.

The first impressions came in late August, and by now millions of computers have likely been exposed to Zemot, although only those with outdated antivirus protection were actually infected.

That means that millions of computers are on outdated antivirus.

And using an ad-blocker proves to be more effective than having an antivirus.

Need help moving from Android phone to iPhone?

Apple has provided a detailed guide for people who wish to move from Android phone to iPhone.

Why didn’t any other company think of this?