|Home » Learning Curve » Red Hat Diaries
The Failure of the iPhone's Success
A line in the sand?
The iPhone - known everywhere as the 'iPhone' except in Sweden where it's known as the 'Iphone' because journalists can't stop using MS Word's autocorrect features - is a brave technological achievement. And it's also a runaway success. But it's also a terrible failure.
The January 2007 announcement was really something. A handset with no keyboard. A 'perceptive pixel' screen. A device that was positionally sensitive. And a system built with Darwin FreeBSD and derivates of the incomparable NeXT classes.
There's no contest: this device would not have been possible without the NeXT heritage and without fantastic brainstorming on the part of Apple's hardware engineers. No one can touch it. Even today.
What a disappointment then to see this fabulous device wrapped in a security blanket that can only be described as 'typically Apple'. And the longer things have gone on, the worse it's become. And therein the failure.
Not So Stable, Somewhat Flaky
Initial releases of the device suffered frequent software crashes. And the crash logs revealed dirty secrets. Most processes were owned by root and had the set user ID bit set, meaning they also ran as root and had full access to everything on the device.
It didn't take long to uncover the system passwords either. For both the root account and the user account. Today those passwords are universally known.
The self-appointed Bumblebore for Apple remarked about the growing concerns that if anyone thought the supremely wise Apple system engineers hadn't given considerable thought to these issues then they were [choose an expletive]. But that's the point: they probably did give it considerable thought - but in the end came up with an expected and 'typically Apple' solution.
Think about it: a device ultimately used by millions upon millions worldwide with a substantial Unix underbody yet where the root password is known potentially by billions - that was a design decision.
The first iPhones were wide open. Anyone could walk in and own them. Charlie Miller did - and in so doing exposed yet another critical weakness: Apple's refusal to keep software components up to date. Charlie studied the exposed interfaces of the device, enumerated the components used in those interfaces, and then checked the change logs. A regular expression component was criminally out of date. The first iPhone hack was a fact.
And it was about now Apple introduced the next phase in their iPhone system development. Screw anyone who'd used the device up to that point; starting now all software would be 'signed' much as Microsoft do today with their device drivers.
There's only one snag with that design decision again arrived at after 'considerable thought' - the OS kernel has to insist on a root certificate from Apple, Apple are the only ones who can apply that certificate, all software must in the future pass through Apple's offices to get that certificate.
Voilà - the iPhone App Store.
It must have been a wet dream come true for Steve Jobs. Jobs has always wanted hermetically sealed gadgets. The iPod was sealed and only for the Neistat brothers got a battery replacement programme. Jobs tried to seal his NeXT boxes but in the end was forced to relent as everyone wanted the software but no one wanted the hardware. That must have really hurt 'Mr Whole Banana'.
But now he had something he could work with and it didn't matter if his engineers had backed into the situation with consummate clumsiness. Starting now he had complete control over everything happening on his device.
But it gets better. Third party software has to pass through Apple hands; Apple are therefore able to exact a feudal fee for putting the software on the device. The way Apple studiously put it, third party vendors get to keep 70% of their revenues. Gee thanks. What's really happened is Steve Jobs got the cheapest work force in the world.
He doesn't have to pay for their medical care, or their dental plans, or their holidays. He doesn't have to pay for their doing research - or even working on projects that eventually come to nought. He only pays them for what he likes. And only 70%.
Traditional software end user licence agreements aren't just to intimidate users - they're also to guarantee things for users. Typical EULAs guarantee that the vendor will take care of bugs and fix them and/or provide workarounds within 90 days. And that's a model users need. But that model can't be used with the iPhone.
Software vendors are no longer capable of fulfilling their responsibilities to their customers. They can be made aware certain features don't work correctly; they can even fix the bugs; but they cannot by definition get those fixes to people who have the right to them. The App Store gets in the way.
Customers flock to the iPhone; to them the App Store is wonderful. But they might as well be purchasing their software from a sweat shop in a third world country. No one has to develop software for the device and the rewards are not that great anyway - so the developers who don't abstain are also helping make matters worse. In fact they're the reason things are so bad today.
Given the constricting environment, the crippled software distribution model, and the lack of features found on other smartphones, it's not surprising hundreds of thousands (if not millions) of iPhone owners decide to 'jailbreak' their devices.
But most of them forget one important fact: without that all too thin veneer of 'certificated' security the iPhone, despite being based on the 'rock solid foundation' of Unix, has no security at all. The iPhone can't be both a free and a secure platform at the same time - a patently ludicrous situation.
Google have their Android - which is built properly, with a correct security design - and yes, the Google engineers probably gave some thought to security. But odds are they didn't need as much time. Partly because they're more accomplished in this regard and partly because the answer is so simple.
Although it's not likely anyone will ever match the hardware design of the iPhone, it's a shame the device can't be used in a saner and more humane way like the Android systems.
The iPhone may be a dazzling technical achievement but the dazzle only applies to the actual hardware and base software. In all other respects the iPhone is today the bane of the industry. As many have already noted, the pipe dream bubble that Apple are somehow the 'good guys' doing everything for the common good has long ago burst. Microsoft may still have the buggiest software platform on the planet but Apple have hands down the nastiest.
All kudos to the brilliant teams who actually created the device - but tar and feathers to those who today manage it. Third party vendors should boycott the platform until both the security and the openness are completely remedied.