Tuesday, January 27, 2009

Malware on Android: It has begun

No, it's not going to be yet-another I told you so post. Though I did. :) You might have heard of the spreading of MemoryUp virus on Android-powered devices. There are numerous articles mentioning it (like this one ;), let me cite one of them from phoneArena:

"As strange as it may seem, a lot of users have complained of the MemorUp app..."

What is so strange in this? Android's security model is an open invitation to malware authors: anyone can write an application and distribute it freely on Android Market. The secret is that although every application must be signed, it's not mandatory that the certificate used for signing be certified by a Certificate Authority. In other words, you can self-sign your own application. Accountability is lost.

"We’re more worried about the fact that such a harmful application has found its way to Android Market and has stayed unnoticed until now."

That's exactly how Android Market works. I'm surprised that you're surprised. Anyone can write and freely distribute their own programs that may even be a malware. Signing ought to prevent from mass virus distribution - as long as signing certificates are certified by CAs (authors can be traced back and prevented from continuing malicious activity). Which is sadly not the case, see above.

"If it has managed to creep inside, wouldn’t there be a chance for others?"

It's not a question, I'm sure there will be more. Even though self-signed applications are limited as to what they're allowed to do, MemoryUp has showed us that this restriction is not enough.

The question is rather what could be done against this phenomenon? One option is that Google leaves it untouched: it will turn out very quickly if a program is malware or not (well, unless if it's a timed bomb). Another alternative is be stricter on what a self-signed app can do and allow only properly (i.e. CA) signed programs to act freely (after user's confirmation, of course). The strictest option would, of course, be if self-signing was not allowed at all. I'm sure you've noticed that the last two options mean that developers would need to pay for (CA) signing. Which is against the principles of Android development.

Looking forward to Google's reaction,

Tote

Thursday, January 22, 2009

MicroWeather for S60 goes Open Source


I usually don't write about specific mobile software, but this time it's a bit different. You know, it's one thing that one of my colleagues, Jouni Miettunen, became a Forum Nokia Champion last time thanks to his active participation in Python for S60 community. I'm really proud of him, he really deserved the honour.

But it seems that the spirit of open source software has "infected" another colleague of mine. Gabor Fetter, author of MicroPool (a bestseller in its category), MicroPinball and MicroWeather has now decided to make his last piece of software open source. I'm not going into praising MicroWeather, let it be enough that I use it daily. For more information, you can check out the official page at http://sourceforge.net/projects/microweathers60/. But you can do more than being in read-only mode: why not contribute to it? Any ideas, contribution are welcome!



I'm happy to see that we're that agile! ;-)

Tote

Monday, January 19, 2009

What is the world's most recognized song?

Thanks to the Carnival of Mobilists and more importantly the great analysis from Tomi Ahonen I learnt where the original Nokia tune is from. I'm not a tune-addict, still I can't stop listening to this one. Enjoy!




Tote

Wednesday, January 14, 2009

Thoughts on Palm Pre

Of course, I've seen Palm's keynote from CES 2009. I've also read quite a few blogs, comments on the topic and now would like to share my impressions about it.


First of all, I liked the device! It looks great, the addition of a QWERTY-keyboard makes it even more complete. The UI looks intuitive, I pretty much liked the introduced card system, where you could switch between running applications. In general it's a fancy device with a high WOW-factor.

Then, what else? Well, my first impression was that it's a copy device, an iClone. It's just a better iPhone, not as if it was not a remarkable thing alone. Nevertheless, I have a few questions on copying a bestselling device in general:
  • Is that allowed to sell a very similar device with some enhancements? I'm pretty sure that Apple patented a lot of things and I'm surprised to see the same multi-touch functionality to be present in Palm Pre, for example.
  • Is that nice? Does it make good to Palm's reputation that everyone knows that "iPhone was the first"? I'm pretty sure, though, that Palm will not feel sorry if it's profitable and legally okay.
  • Will this strategy work at all? As Michael Mace greatly puts it: "... Pre is a better e-mail device than the iPhone and a better consumer device than a Blackberry ... [but] it's probably a worse entertainment device than the iPhone (because it doesn't have iTunes) and probably a worse e-mail device than RIM (because it doesn't have RIM's server infrastructure)." The thing is that we don't know too much other than a technical specification. How much will it cost? What services will be available for the user? In general, why users will want to buy Pre instead of other competing products? And lots of other questions, partly covered below.
I wonder how it will work out that Palm is fighting against such competitors who have existing products in their portfolio. Pre is said to be available in H1/2009 in Sprint's network, but no news about pricing policy, international availability, etc. yet. If Palm will be able to ship this product with such a great technical parameters, their top-priority will (have to) be to build an ecosystem around it. That most importantly means services that 1: give Palm post-sales revenue and 2: tempt users to choose rather Palm's device than any other competitor's. In addition to that, developers must be inspired to make great applications that boost 3rd-party business, too.

In fact, development on Palm is a big question mark to me. You know, I've never been into Palm development, but what I've read from others on this topic was that 1: WebOS is a completely new software architecture, 2: with no backward compatibility. In other words, old applications will not run on the new device. I mean, it's not only that you have to make some tweaking on your existing software and then it will run in the new environment (think of the introduction of Platform Security in Symbian and what that meant to old software), but you have to completely re-write it and even then it's not guaranteed that it will work. Why? Because the keyword for the new SDK is that it's about web-development. Palm toed the line by supporting WebKit (their browser is based on it) and it's great that there's a common platform available on most smartphones by now. Well, Microsoft still resists and I bet that they will always do. In general that means that the boundary between mobile- and full web becomes more and more blurred, but that alone doesn't give you the promise of "Mobile development Paradise". Why? Because you simply can't solve everything with the HTML/CSS/JavaScript trinity. How will you develop your own VoIP, image processing, gaming, etc. application with this technology stack, for example? It's simply not the right tool for a lot of things in software development as in fact no one technology stack can be. But if you limit yourself to one then you eventually shrink your software market. I'm not saying that it will be the only way for development in the future, however, at least it was the message that I got from the keynote.

Finally, two features that captured my attention for different reasons:
  • Multi-tasking, i.e. being able to run more than one application in parallel. Everybody is keen on that and points out that how great it is compared to the iPhone. And then what? I think it's not an innovation at all - I would say that what's the innovation in the 21st century of NOT being able to do that. Damn, Apple was better again in doing that. :)
  • Card-system. Everyone who's seen the keynote or any preview can tell that it's about accessing simultaneously running applications: different apps are shown in a list as playing cards and can be manipulated in a very intuitive way. No doubt, it's a great idea and I'd be happy to use it on other phones, too.
Comments are welcome,

Tote

Update: this post has been included in Carnival of the Mobilists 157. Check it out for other interesting articles about mobile topics!

Friday, January 2, 2009

Predictions for 2009

I'm only a little bit more experienced in predicting future trends than I was last year, still I'd like to continue what I started a year ago. Who knows, maybe I'll be at least as right as I was last year?


Let's start with reviewing what I wrote previously and what really happened in 2008:
  • I commented on ad-driven content and how much e.g. Google depends on operators in allowing their users to use the Internet at a fair price on their mobile. Well, it was only a concern that I raised, but Google's (and Apple's) move was brilliant: they showed that it is not impossible to change the rules. What I really mean is that both companies have their phones offered by network operators with a flat-rate data tariff (it's according to the agreement between the handset vendors and operators), which is really the way for free Internet usage.
  • As to NFC, I disagreed with the statement of one of my fellow champions, Paul Coulton, that 2008 would be the year for the rise of this technology. I now think that I was right in this question: this technology had so many challenges (let it be technical or political between banks and operators, for example) that 2008 would have been too early for the rise.
  • Touch - I have only seen the hype around Apple's new phone at the time of writing my previous prediction, but even the early signs were enough to predict that other manufacturers will try to copy Apple's success. I was right in this, but of course, having only this new feature is not enough for success, though obviously is a mandatory component in the recipe of success.
  • As for Java and that it would be becoming more popular again on mobile platforms, to be honest I can't see any measurable change today. Okay, Android development environment requires mostly this knowledge (not to mention Brew), however, this platform is yet too young to have significant influence on Java's success.
  • Awakening of North-America to smartphones: it DID happen. People on that continent has finally realized that there are other features that a mobile phone can offer, there are other services that they can use with their favourite gadget, and in general there is much more that they can do with their cell phone that they could ever imagine. And since North-America is in a very strong position when it comes to technology, the awakening of people living there will surely give a boost to innovation and further spread of smartphones.
  • Finally, I wrote that manufacturers who really think in big will not only sell phones, but also provide Internet services to users. This has also become true, although this will be a never-ending process currently with two-kinds of players: one that has already proven on service-front (e.g. Apple, Google) and the other which is already a recognized brand in mobile (e.g. Nokia).
What will happen in 2009?
  • Most importantly: the trend will continue for smartphones to become a commodity. Despite the financial crisis more and more people buy smartphones as they become more affordable (mostly due to binding contracts, though prices get lower, too) and once users get used to advanced features they'll be reluctant to give up using them.
  • As to advanced smartphones with binding contracts, the two newcomers, Apple and Google, managed to achieve that their devices are sold in a contract with flat-rate data tariff. The obvious effect of this is that users will use the internet much more and will be online for much longer.
  • More services will become available, their integration is a key factor for handset vendors (Nokia: Life Tools, Comes With Music, Mobile e-mail and mail on Ovi, etc.; iTunes & MobileMe for Apple; Zune for Microsoft; GMail, Calendar, Docs, etc. for Android-powered phones, etc.). Thanks to these services network operators will be in a worse position to fight for users who not only purchase phones and pay monthly subscription-fee, but also willing to pay for additional services.
  • Touch still rules with such innovative ideas as gloves, multiple devices to share their resources, etc. Even more, touch display will not remain a smartphone-only feature, but other devices in the lower-segments will also be equipped with it (e.g. Nokia's first feature phone on Chinese market: http://www.mobilemonday.net/news/nokia-announces-shows-chinese-touchscreen-phone).
  • 3rd-party apps and app stores: we'll see the introduction of new and re-newed application stores with client integration. Commercial software can be downloaded as well as freeware, revenue share will be more advantageous for developers than it's been so far. The fact that handset vendors are providing their application stores, too, will cause hard times for such independent players as Handango, for example. On the other hand, the obvious advantage of these regular providers will not really disappear: the variety of mobile handsets for which they offer content is much bigger than the coverage of any of the new stores will ever be.
  • NFC - it seems the time has come for this buzzword to become more popular. In last November, GSM Association called for Pay-Buy-Mobile handsets so that NFC technology be built into commercially available mobile handsets from mid-2009.
  • Android phones spread all over the world: we have already heard about the second handset that Kogan, an Australian company will ship this January, but rumours have been told about HTC, Huawei and other companies, too, that there will be other phones based on this platform.
  • Nokia finally to gain more market share in North-America thanks to AT&T for seeing lots of potential in Symbian to become the main smartphone OS in their portfolio
  • Use of mobile phones in new areas: Nokia Life Tools for users at the bottom of the pyramid (mid-range, low-end phones mainly), Nokia Home Control Center for advanced users who wish their smart home to be controlled by their smartphone, etc.
  • Transforming smartphone market shares: Motorola, Palm getting weaker (former betting on Android, latter introducing yet another proprietary system), RIM, Sony Ericsson "to survive" (RIM closed a surprisingly good 3th quarter in 2008; Sony Ericsson is also giving a try to Android), Apple getting strong (iPhone Nano in the queue), Samsung remaining strong (very innovative company challenging Nokia, the leader, all the time), although Nokia's position gets slightly weaker, it still remains the most dominant player (one of the most versatile players in this arena with lots of innovation in different areas of mobile space), Microsoft to struggle (has any one of you heard anything about them lately?).
  • Open-source model to gain ground - license-free handsets, free development environments, high inspiration for developers & tech companies to help each other, etc.
  • LTE - let's return to 4G and LTE next year, okay?
  • WiMAX - don't expect mass adoption of this technology in mobile phones yet (though pioneers have already appeared in 2008)
  • Mobile TV - the future is still foggy: which standard to follow (DVB-H or DVB-T?), will people buy this service at all, etc.
Did I miss something? Sure. Can you correct me in anything I wrote? Anything to add? Please do! Thanks!

Tote