David Adams Archive

The recent news of a savvy UAE-based activist thwarting an attempt to compromise his iPhone raises the important issue of state-based surveillance actors and their private sector contractors having sophisticated and effective ways of intercepting communication and using their targets' own devices against them. One problem with modern mobile computing technology is that it's been built around expansive and convenient features, with security and privacy as an afterthought. On the same day I learned about the iPhone exploit, I happened to listen to a re-run of a 2014 Planet Money podcast in which an NPR journalist volunteered to fall victim to his unencrypted internet traffic being captured and analyzed by experts, and what they were able to learn about him, and specifically about the sources and topics of a story he was working on, was alarming.

As the podcast mentions, mobile OS vendors and online services are getting a lot better at encrypting traffic and obscuring metadata, and one of the primary reasons for this was Edward Snowden's revelations about the ubiquity and sophistication of the NSA's surveillance, and by extension, the dangers of surveillance from other state agencies, black hat hackers, and legions of scammers. The Snowden revelations hit Silicon Valley right in the pocketbook, so that did impel a vast new rollout of encryption and bug fixing, but there's still a long way to go.

As a way of both highlighting and trying to fix some of the inherent vulnerabilities of smartphones in particular, Ed Snowden teamed up with famed hardware hacker Bunny Huang have been working on a hardware tool, specifically, a mobile phone case, that monitors the radio signals from a device and reports to the user what's really being transmitted. They explain their project in a fascinating article at PubPub.

Mobile phones provide a wide attack surface, since their multitude of apps are sharing data with the network at all times, and even if the core data is encrypted, a lot can be gleaned from metadata and snippets of unencrypted data that leak through. Journalists and activists generally know this, and often use Airplane Mode when they're worried their location may be tracked. Problem is, when agencies are using spearphishing attacks to remotely jailbreak iPhones and install tracking software, and there are even fears that OS vendors themselves might be cooperating with authorities, Snowden and Huang set out to allow users to monitor their devices in a way that doesn't implicitly trust the device's user interface, which may be hiding the fact that it's transmitting data when it says it's not. The article goes into great detail about the options they considered, and the specific design they've worked down to, and it looks terrific.

Woz sat down with an interviewer from the Australian publication, The Conversation, recently, and discussed various issues around technology and current events. There's a video of the interview, and also a summary. If you're interested in learning more about Wozniak, there's a great interview with him from a few years ago on the Founders at Work site.

The average selling price of a smartphone in India is just $132, half that of China, so the market for low-end smartphones is brisk. On top of that, there are many languages spoken in india, and support for them in Google's Android and iOS is limited. This created an opening for an Indus OS, which has its own app store with 30,000 Android apps, most available in two or more local languages. Its installed based is currently around 4 million.

The release of the iPhone SE is emblematic of the "boringness" of the smartphone landscape. For the last few years, the only thing exciting about new smartphone releases was that they kept getting bigger. Now the tide has turned. An article at the Atlantic makes an interesting parallel: the codex, or the innovation now known as "the book" hasn't seen many innovations in centuries, but that doesn't mean that books are boring. It just means that the innovation is at the edges. The article points at the release of the Caterpillar S60 smartphone, designed for industrial use and featuring a thermal imaging camera, as indicative of a new trend of specialization that might make the mobile computing market interesting as it extends into ever more narrow niches.

Andrew “bunnie” Huang & Sean Cross tell, in great detail, how they created the Novena laptop, using solely open source software and hardware. For anyone familiar with or even interested in how computers really work, it's quite a gripping tale. I believe their work could have lasting beneficial effects on the hobbyist computing and open source communities. Even though it's published in a trade journal for professional electrical engineers, the article is accessible, even rudimentary at times. They faced some considerable obstacles, such as a lack of driver support for their GPU. Fortunately, "the user community behind Novena is trying to create, through reverse engineering, open-source drivers that would allow the built-in GPU on the i.MX6 chip to render graphics directly." Most interesting feature: "a field-programmable gate array (FPGA), a type of processor chip that can be reconfigured by its user to change the chip’s specs and capabilities. Basically, this reconfigurability allows the chip to do things in hardware that would otherwise have to be done in software." Also, two ethernet ports.

Jordan Hubbard spoke recently at the Bay Area FreeBSD Users Group to discuss NextBSD, a "spork" of FreeBSD. He "covers why mach ports are extremely useful in some cases and no UNIX IPC primitive is an adequate substitute." There's a video of the BAFUG talk and copies of the original slide deck that goes into some detail about NextBSD.

BoingBoing posted a short movie by The MIT Media Lab's Knotty Objects group and noted hardware hacker Bunny Huang ask the question, "What if phones were designed to please their owners, rather than corporations?" In Southern China, where the majority of the world's mobile phones are made, there's a vibrant market for phones designed for all conceivable niches, where carrier subsidies, marketing campaigns, patents, trademarks, and other corporate-serving restrictions are ignored. If there's a possible market demand for a particular design, then someone makes a phone to meet that demand. It's a brief video, but worth a watch.

The Computer History Museum in Mountain View, CA is holding a two day event celebrating the Amiga, and other events will be held around the world. The museum's event will include exhibits of Amiga machines and other computers of the era from Commodore, Apple and Atari, speakers, rare artifacts and art, and a special showing of a new Amiga documentary.

As Jolla hinted earlier this month, it announced the first Sailfish licensee at Mobile World Congress Asia as being Intex. Intex is claimed by Jolla to be India's second largest smartphone manufacturer, and manufactures in both India and China, and has a range of Android phones sold under the Aqua brand. The phone should appear by the end of the year.

Harvey is an effort to get the Plan 9 code working with gcc and clang. According to the team: "Our aim is to provide a modern, distributed, 64 bit operating system that does away with Unix's wrinkles and allows for new ways of working. At this point we have an AMD 64 bit kernel with many changes and improvements. For example, a new modern, simplified syscall system. We use gdb to investigate problems and we can compile in Linux or OSX using Harvey's headers and libs; no need to change anything else. It's fast compiling the whole system and boots quickly. Though we are working in many other features, all Plan 9 traditional userland is available. At this moment, we are working to move console and mouse out of kernel, ttyfs file server in user space, and improved ANSI/POSIX environment where gcc or clang can live, and we plan to add X11 with rio-like multiplexing, bash and other shells and many other well known things that people want in their machines. We are focusing in server set up for now, but keeping in mind end-user. All of this, of course, keeping classic and beautiful distributed features of old Plan 9."

"Security researchers at Trend Micro's Trend Labs have uncovered a trick in a sample of a fake news application for Android created by the network exploitation tool provider Hacking Team that may have allowed the company's customers to sneak spyware through the Google Play store's code review. While the application in question may have only been downloaded fewer than 50 times from Google Play, the technique may have been used in other Android apps developed for Hacking Team customers--and may now be copied by others trying to get malware onto Android devices." OSNews readers would have never fallen for this ruse, since the name of the app was BeNews. Once we noticed there was nothing about BeOS in these, we discern its nefarious intent.

For one year, Microsoft is allowing consumers and some businesses with systems running Genuine Windows 7 and Windows 8.1 a free upgrade to Windows 10. But when we asked: Once you upgrade for free to Windows 10, is it possible to downgrade back to Windows 8 or 7 without having to buy a new OS license? Microsoft said those who upgrade to Windows 10 for free will have one month to revert back to the old OS on their device.