You are here

Owning versus controlling hardware

The Register recently wrote about how the latest firmware in Android phones tries to un-jailbreak them. Most smart phones contain built-in features to restrict the types of software they run. The built-in iPhone software restricts it to AT&T and to apps sold by Apple's own store. Blackberry and Android has similar restrictions."Jailbreaking" bypasses these protections to allow the phone's owner to install un-approved software. Android is fighting back in real time.

AT&T system logoSo the battle is on: who really controls a phone, or any other computer-based device? Most of us assume we control our personal computers. But phones are ambiguous. We want them to work reliably as phones, so we're willing to give up some control to the phone company. Back when US phones were an AT&T monopoly, we rented everything: from the network to the wiring to the indestructible desktop handsets.

On the other hand, we buy our cell phones. In AT&T's glory days, the Bell System never sold telephones, they only rented them. As owners, shouldn't we be able to choose the software to run, or the phone company to use?

"Jailbreaking" is a technique to bypass these mechanisms, usually by installing new and different firmware. This allows the phone's owners to install any software they want, approved or unapproved. Some such iPhone software also "unlocks" the phone to allow its use on non-AT&T networks.

In general, the jailbreak depends on tricking the phone to install new and unapproved firmware. Apple tries to make this difficult, and increases the difficulty with each new release of the iPhone OS. Android has upped the ante by building in a mechanism to revert a jailbroken phone back to its earler configuration.

This is a security issue.

On one hand, I think that a legitimate owner should have full control over their device.

On the other hand, a cell phone is part of a larger network that relies on the integrity of its individual endpoints - the phones themselves. Cell phone companies provide these devices at a discount in exchange for a service agreement. That agreement limits what we may do to the phone.

Personally, I love the fact that I can do anything to my computer. I'm willing to face the virus risks and such. I would feel more comfortable with my phone if there was less that might happen to it. I'd like to reserve my phone to be the more restricted - and more secure - software platform I own.

Post category: 

Comments

But you're a Mac user, aren't you? Unfortunately that leaves your last two paragraphs a little bit up in the clouds. You can't really do just "anything" with your computer---in fact, you're bound by a restrictive combination of technical (closed source, proprietary software) and legal limitations to your freedom.

I wonder if you've read the License Agreement for Snow Leopard (http://www.apple.com/legal/sla/) that by your use of it you signify you have agreed to? For example Part 1, which explains that the "Apple software (including Boot ROM code), any third party software, documentation, interfaces, content, fonts and any data...***are licensed, not sold, to you*** by Apple Inc. (“Apple”) for use only under the terms of this License". So you don't really own all of your computer, and you can't use it for anything you like. Or Part 2I, which explains that you aren't even allowed to poke about under the hood to see what's going on: "You may not and you agree not to, or to enable others to, copy (except as expressly permitted by this License), decompile, reverse engineer, disassemble, attempt to derive the source code of, decrypt, modify, or create derivative works of the Apple Software or any services provided by the Apple Software, or any part thereof..."

Naturally you can't share any of the Apple-provided software with anyone (apart from a generous "one-time permanent transfer" which requires you to give *all* of it away and destroy your copy) or even install it more than one computer at a time without buying extra licenses. And you're only allowed one personal backup copy!

Then there's Part 4A, which reminds you that Big Brother will be checking up to make sure you're not doing anything they wouldn't approve of with their (*THEIR*) software: "You agree that Apple and its subsidiaries and agents may collect, maintain, process and use diagnostic, technical and related information, including but not limited to information about your computer, system and application software, and peripherals, that is gathered periodically to facilitate the provision of software updates, product support and other services to you (if any) related to the Apple Software, and ***to verify compliance with the terms of this License***". And don't forget Part 5F, where Apple reserves the right to cut off your access to their Services (iTunes Store, etc.) at any time and for any reason: "Apple and its licensors reserve the right to change, suspend, remove, or disable access to any Services at any time without notice. In no event will Apple be liable for the removal of or disabling of access to any such Services. Apple may also impose limits on the use of or access to certain Services, in any case and without notice or liability."

Now reread your penultimate paragraph, replacing "cell phone" with "operating system" and "cell phone companies" with "Apple, Inc." Yep, it fits. In this light, the final few lines are a little bamboozling. First, as we've seen, you don't have full control over your 'puter, so the first sentence is out. Then you make the argument that more restriction = more security. Well, I agree with that, except from the other side: more restriction *by* the user (in other words, restrictions knowingly and deliberately imposed by the user or a trusted agency [e.g. sysadmin]---for example, passwords, firewalls, etc.) would mean more security, but more restrictions *on* the user by a profit-driven corporate entity that doesn't actually give a shit about his or her privacy/freedom/wellbeing? "*This* is a security issue"!

Actually, I'm not necessarily disagreeing with your argument that cell phone use should be restricted (in certain situations). But I think contrasting it with your computer is in this instance not a particularly workable way to present it.

I rarely read software license agreements. I'm not surprised that Apple basically claims the right to approve - or disapprove - of what I do with my own computer. I suspect similar wordage exists in the Windows SLA.

No doubt this is heavily tied to "digital rights management" - by including this verbiage they can in theory veto the use of DVD ripping software.

Meanwhile, it's not really practical for them to remotely detect "unapproved" software and try to enforce such license provisions automatically. False positives, or even claims of false positives, would produce the same type of PR disaster as the Sony/BMG rootkit debacle.

Also, a lot of this goes back to the traditions of personal computers as opposed to phones. We expect to be able to install anything we want, without waiting for some third party's approval.

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer