Saturday, August 22, 2009

Apple responds to FCC enquiry about rejection of Google Voice

The Apple iPhone is such a popular device that it has encouraged a huge number of 3rd party developers to write applications for the iPhone, and Apple makes a large number of them available on the iTunes store (Apple claims that around 20% of the 500 apps that it receives per week are not approved - either directly rejected, or they need some modifications). However, it is apparent that one area where Apple is most concerned about is apps that either affect Apple's or AT&T's data plans or the money they make from voice calls. There was a lot of controversy in the month of July when Apple rejected the Google Voice (learn more) application, a software that could enable people to save money in making calls (even if Google Voice is not a VOIP application). The FCC was concerned about this apparent rejection, since it would seem that customers were being denied an alternative, and asked Apple for an explanation.
Apple has finally replied to the FCC, giving multiple reasons for the rejection, including privacy issues, and an apparent change of the basic call making flow inside the app (link to article):

"The application has not been approved because, as submitted for review, it appears to alter the iPhone's distinctive user experience by replacing the iPhone's core mobile telephone functionality and Apple user interface with its own user interface for telephone calls, text messaging and voicemail," Apple said in a statement posted on its Web site. Apple also said Google Voice's importation of the Contacts database represented a privacy concern. "[T]he iPhone user's entire Contacts database is transferred to Google's servers, and we have yet to obtain any assurances from Google that this data will only be used in appropriate ways," Apple said.
Separately, Apple acknowledged that its agreement with AT&T obligates it "not to include functionality in any Apple phone that enables a customer to use AT&T's cellular network service to originate or terminate a VoIP session without obtaining AT&T's permission.

However, Apple is stating that the application is still under review, and not rejected; an apparent subterfuge to ensure more time, and maybe hope that back-channel contacts ensure that the issue goes away.
At some time in the future however, Apple will find that the platform that it has built in the form of the iPhone and the app store will be broken open, that Apple will find that the rights it has to deny an application will need more openness. This could happen through a mix of consumer reaction and pressure from regulators.

Friday, August 7, 2009

Twitter shuts down for some time due to attack

The fragile nature of many of the important destinations of the internet was visible once again. Social networkers of the world, suddenly found that they were not getting their fix from the highly popular Twitter site, and that the site had stopped responding on Thursday, the 6th of August. And it was not only Twitter that was affected, other sites such as Facebook were affected as well. However, Twitter was the site that was most affected.
When sites start going down to attacks, this is mostly due to something called a DDOS (Distributed Denial of Service), and is mostly done through the use of requests for service from many different machines (many could mean hundreds of thousands or millions). In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. One way to do these attacks is through the use of botnets (wikipedia), machines all over the internet that have been taken over.
However, this attack was somewhat different. This was carried out through the use of spams, and was actually part of an attack against the accounts of a person called Cyxymu (wikipedia), a blogger who supports the country of Georgia against Russia. People were sent spam messages with links to his accounts on different social networking sites, and a huge number of them clicked on these links (link to article):

The messages were designed to discredit Cyxymu by associating him with a spam run. Other security researchers, such as Patrik Runald at F-Secure (here) and Graham Cluley at Sophos, are sceptical about this Joe Job-style theory for the attack.
Twitter’s two NTT hosted address blocks were moved in response to the attack, Arbor adds. Twitter's reliance on just one service provider, and apparent lack of back up and redundancy, much less a comprehensive disaster recovery plan, goes a long way towards explaining why it was hit so badly.

One such attack normally causes the attacked entity to place a much higher emphasis on trying to prevent such attacks in the future, and one can expect Twitter to do the same.