iOS Updates

24 06 2014

Apple Inc. implements an adapted version of it’s computer operating system OSX on it’s iPhone. It was called iPhone OS and on March 6, 2008 renamed in iOS.

Until iOS, smartphones either didn’t have a touchscreen or used a resistive touchscreen and a stylus. The iPhone changed that with its capacitive touchscreen, but more importantly Apple carefully wedded that new hardware capability to a new user interaction model that was simultaneously simpler and more powerful than systems that had come before it. Removing all physical buttons, Apple made touch the primary interaction model. Apple also nearly perfected pinch-to-zoom and inertial scrolling to make apps feel more natural and immediate. The speed and “directness” in iOS 1.0 was amazing then and remains amazing now.

Since iOS 5.0 software updates can be installed Over-The-Air (OTA) as an alternative to updates via iTunes. Since June 6, 2011 – the announcement of iOS 5.0 – a USB connection to iTunes is no longer needed to activate iOS devices; data synchronization can happen automatically and wirelessly through Apple’s iCloud service. The most recent major update, iOS 7, sees the addition of many new features, including a new flat theme, AirDrop support, and Control Center.

On March 10, 2014 Apple released it’s first major update for iOS 7. As usual the whole internet was spammed with more or less useful information, mainly saying “It’s there, guys. Download it now!”. It always happens that Apple’s servers are demoted to giant heaters when the world starts downloading what Apple’s software engineers cooked.

With a major update the long way of refinements starts. With this we should always keep in mind that OS developers are responsible for possible crashes all over the world. Trepidation increases to a level unknown to users before the servers are liberated. So let!s be sympathetic if expectations are not satisfied.

It’s better to have a running system than to keep on dreaming.

Heartbeat frequencies near to the frequency of your device’s processor are unhealthy and if your device already supports your daily tasks without crashes you should feel comfortable with it.

Over-The-Air update …

An OTA update can be done by connecting an iOS device to the internet via WiFi.

Unfortunately your device doesn’t remind you that an update is available. You have to open Settings – General – Software Update to let your device look for newer versions of iOS. Also keep in mind that a VPN or proxy connections may prevent your device from contacting Apple’s iOS update servers.

If there is an update the installation procedure can be started. But it’s always a good idea to first backup your device. You never know what can go wrong and Murphy’s law tells us ‘What can go wrong, will go wrong’ although I personally never had a problem since 2010 when buying my first iPhone, a 3GS.

Note

If you have an actual backup you can use it to restore all data even in case of a complete failure of the device. If this happens there is something you can do before the last will becomes true. Run through the RECOVERY procedure to restore iOS, the apps, and the data.

These images show the steps to get an updated version of iOS.

20140317-062139.jpg

During the following steps your device should be connected to a power supply or the remaining battery energy should indicate at least 50%.

20140317-062243.jpg

If your device is short of memory it might happen that a newer version of iOS cannot be downloaded, because it needs enough space to temporarily keep both, the old version and the new components. In this case follow theses advices:

Out of Memory

Notes

  • The download of an update is a background task so you can accept incoming phone calls.
  • Best practice is not to use third-party apps when downloading.
  • If your device doesn’t show an available update it’s likely that it doesn’t fulfill the installation requirements, the update is not yet available for your country, or Apple’s update servers are temporarily overloaded.

If you cannot connect to a WiFi network you have to install an iOS update via iTunes. First backup your device and make sure that the latest version of iTunes is installed. Disconnect all other USB devices. They may cause problems.

It’s not all roses …

To install brand new versions of an OS is always a risk even if it’s made by Apple. Others e.g. Microsoft also had problems if we remember the launch of Windows Vista.
See what happened with the release of iOS 7 in October 2013:

  • People were able to bypass the lockscreen. This flaw was discovered within hours of it becoming publicly available. The exploit is only able to be done on the iPhone 4S and 5 with the 5S and 5C safe from this bug. The access is caused by the ability to use the control center via the lock screen, this feature is able to be turned off.
  • Users complained about dizziness and vertigo-like symptoms when using this operating system (motion sickness).
  • Battery problems with battery draining even though sleeping.
  • Many users were faced with accidental Home Screen crashes occurring every one in a while with different apps.
  • Data security Secure transport failed to validate the authenticity of connection. This issue was addressed by restoring missing validation steps. This may cause an attacker with a privileged network position to capture or modify data in sessions protected by SSL/TLS.

Like with many other major updates it’s always recommended to first read what’s published about a new version before installing it. There is no need to hastily update devices especially if you need them for your daily tasks.

Fragmentation …

In this context we talk about fragmentation as the installation of different versions of an operating system on actually used devices.

Fragmentation comes up if customers don’t take care of new versions, updates cannot be installed on a device because it’s too old or not adapted by manufactures who used to sell their devices with specific adaptions of the OS.

It needs enormous efforts to bring hardware and software engineers together to look into the future and design hardware components usable also for future versions of an OS. And there are the developers who have been taken into account. Compatibility over many generations of devices might be the reason why iOS is still the preferred platform for developers.

Competitors show us that the alternative is to build devices regardless what happens with newer versions of the OS.

It’s up to you to buy low build-quality for just being fashionable and getting virtual added value. It’s a vicious circle to always buy a new device for just getting all the improved features of a newer OS version.

Apple wants a perfect user experience for most of it’s loyal customers even if they use older devices. So there are restrictions for every new OS version and it’s obvious that the company never will get the pole position in market share but in customer satisfaction.

See this concept map which shows us that Apple usually covers up to three models of the iPhone, the actual and two older models. Since the release of iOS 6 even 4 models were ready to install iOS 6 and with iOS 7 and iOS 8 (announced at the WWDC on June 2, 2014) 5 models are ready to install these OS versions.

20140623-211802-76682938.jpg

And this always happens nearly with the speed of light compared to competitors.

Nearly 12 percent of iOS customers in the USA upgraded to iOS 7.1 within 48-hours of its release, the latest data shows.

20140623-212546-77146199.jpg

This can be measured by counting the devices which access the internet and with this transfer the version of their OS.

See what the Apple evangelist Jonny Evans wrote on Computerworld:

These figures compare well with Android activity levels. As recently as March 4, Google reported that its latest KitKat operating system has only a 2.5 percent adoption rate. Fragmentation within Apple’s biggest OS competitor is visible:

  • 62 % of Android users are using Jelly Bean (4.1-4.3, which began to hit devices from July 2012 and was last updated in July 2013)
  • 15.2 % use Ice Cream Sandwich (4.0.3-4.0.4, versions began shipping October 2011)
  • 19.0 % are stuck with Gingerbread (2.3.3-2.3.7, first began appearing December 2010)
  • 1.2 percent unfortunately still have Froyo (2.2, shipped May 2010)

The inference here is that while around 12 percent of iOS device owners already run the latest version of the OS, an insignificant 2.5 percent of Android device owners can claim to be fully up-to-date. Most Android devices run veteran operating systems.

The cohesive nature of Apple’s ecosystem is also good news for developers because as most iOS devices run current iOS versions it is easier to create consistent experiences for large numbers of potential customers.

But there is also a risk.

Although Apple forwards Beta-versions of a new update to developers not all of them take care about necessary changes of their apps. So it might happen that an app gets buggy after installing a newer version of iOS. So it’s always a good idea to install apps from reliable companies and you usually can identify them by looking at the version history of an app in the AppStore before buying it.

Summary …

It just works and even users of older devices benefit from minor or major improvements of features and security of the operating system.

Related links …

Apple: iOS updating

Apple: iOS update errors in iTunes

Recovery

Troubleshooting

The Verge: The history of iOS

Thanks for visiting iNotes4You.





iOS 8 Beta

9 06 2014

When introducing iCloud services on June 6, 2011, the roadmap for Apple’s vision about device connectivity was already quite clear.

  • Seamlessly connect all devices.
  • Use standardized data structures to support syncing between computers and mobile devices.
  • Assimilate the UIs of computers and mobile devices to seamlessly work on either of them.

Connectivity only makes sense if people use more than one device.

This is the case in businesses, families, and it’s also valid for many single users purchasing both kinds of mobile devices, smartphones and tablets.

iCloud is the global hub of Apple’s powerful services.

If you remove all iCloud related features Apple devices are demoted to phones and data processing machines for which the old-fashioned tasks of syncing, transferring files, and backing up have to be done manually.

The WWDC 2014 …

With the WWDC 2014 (June 2, San Francisco, Moscone Center) further essential steps to a unique user experience were made and Apple set the milestones for the future usage of their electronic devices.

20140606-165017.jpg

The device you use doesn’t matter, it’s just the task which matters.

WWDC 2014 is the 25th event which began in 1990 with 1,300 developers. Tim Cook presented some stats showing us that there are over 9 million registered Apple developers in 2014 – that’s up 47 percent since 2013 – and the youngest developer at WWDC was just 13 years old.

Apple’s developer conference again unveiled the power of the company in offering vertically integrated and seamless to use devices and services as well as a perfect infrastructure for partners, the developers.

iOS is one of the two most dominant platforms for mobile devices with Android in the pole position if you just look on market shares.

Regarding a product line-up which includes computers AND mobiles it can be said that

iOS and OSX together are the leading software technologies for processor-based devices regardless of any stats.

Apple’s sophisticated ecosystem including all the powerful apps will be massively improved by the new features announced for iOS 8. This all can be called a disruptive concept for using processor-based technology and device connectivity via cloud services.

Seoul, start your photocopiers

But copying won’t help because there never was a vision running like a golden thread through all the activities and technological developments of Apple’s competitors. Neither Google nor Samsung can compete with Apple because most of their services are based on stand-alone developments which require deep-sea diving into countless help articles to successfully administrate them all.

As an Apple user just go to Settings and turn on iCloud.
That’s it.

Fandroids again may argue: It’s all copied.

Let me tell you the truth about just one example which could be brought forward from people just looking on the screen layout:

Desktop widgets (commonly just called widgets) are interactive virtual tools that provide single-purpose services such as showing the user the latest news, the current weather, the time, a calendar, a dictionary, a map program, a calculator, desktop notes, photo viewers, or even a language translator, among other things.

Everybody should know that these tools were already introduced decades ago on Apple’s Macintosh computers, are available in the notification center of iOS 7 and iOS 8 now provides APIs for third-party widgets.

iOS 8 features …

I summarized what Apple published on its websites shortly after the event in San Francisco.

20140606-165200.jpg

Feel free to download this map from my Box account.

The alternative file formats have been created with iThoughts for iOS (.ITMZ file format). Compatibility to other tools is limited. The DOCX file format is suggested for those who don’t use a mind mapping tool. The file contains the image as well as a detailed outline of all topics.

Application File format
Adobe Reader PDF
Apple iWork/Microsoft Office DOCX
iThoughts ITMZ
MindManager MMAP
XMind XMIND

See this magnified part of map and a preview of what you get when you download the DOCX file format.

Note

If you don’t use a mind mapping tool it’s recommended to download the DOCx file format which immediately can be opened with Apple’s Pages. The document contains the map as an image, textual information, and referred hyperlinks. Just tap on a link from within Pages to open the article.

iCloud …

iCloud already got a significant improvement in October 2013 when Apple introduced iWork for iCloud.

The new iCloud Drive will be a unified file system bridging iOS and OSX.

20140606-165941.jpg

At the time Apple gives you 5GB free storage and this will not be changed. It’s for storing documents, photos, device backups, and application data. 5 GB is a little on the paltry side if you extensively use iCloud e.g. on an iPhone and an iPad. I use an iPhone (23.8 GB used) and an iPad (30.9 GB used) and had to update my storage plan with additional 10 GB to save device backups on iCloud.
Cormorant space eaters on my devices are photos (2.5 GB), Keynote presentations (2.3 GB; mainly collages for my blog), mind maps (1.5 GB), and PDFs stored in iBooks (2.8 GB).

How much will it cost if more storage is needed?

For just $1 a month, you’ll get additional 20GB and for $4 per month you’ll get 200GB. As a point of comparison, that $48 a year is just slightly more than the $40 a year you currently pay for 20GB. Apple says it will have tiers all the way up to 1TB of storage.

iCloud’s new pricing plans compete with …

Provider GB $/year
Dropbox 2 free
100 100
200 200
OneDrive 7 free
100 50
200 100
Google Drive 15 free
100 24
1000 120
iDriveSync 5 free
150 49.50
500 149.50
Box 10 free
100 60
unlimited 180

And here is the ranking …

20140607-071519.jpg

What should be mentioned is that costs are just one criterion. Please note that iDriveSync is the only provider offering client-side encryption during transit (sending and receiving data) and at rest (saved data on servers of the provider).

Swift for yield hedging …

iOS is still the preferred platform for developers offering mobile apps. Apple’s App Store is a heavy weight champion when it comes to quality and quantity of apps for mobile devices.

To keep the quality and acquire even more creative young developers Apple is apparently offering a much faster and more effective means of building software applications with an “interactive playground,” significantly improving on its own Objective-C.
The new programming language Swift will use the same LLVM (Low Level Virtual Machine) compiler and runtime as Apple’s Objective-C implementation, and its simplified syntax gives it an easier learning curve. The reason behind introducing Swift was to make it easier for developers to create apps for Apple’s mobile platform. Apple Developers write codes line after line and then compile those results to see output, but using Swift language they can see results in real time instantly while writing their codes.

My suggestion for the developers of the official Google+ app:

Try out Swift.
Maybe it helps to bring some stability into an app crashing daily since months.

Some tidbits …

  • Per App Battery Usage
    Another feature that has been part of Android since its inception and extremely useful at that, will finally make its way to iOS 8. Apple did not mention this during their keynote but it will be part of the iOS when it is released. Users will be able to see which app is draining the battery and take relevant action.
  • AirPlay
    won’t need Wi-Fi in iOS 8, it can use a form of peer-to-peer networking. This means an Apple TV should be able to connect to your iPhone even when both devices aren’t on the same wireless network.

20140606-170401.jpg

  • AirDrop
    will now work between iOS devices and Macs, meaning you can exchange files on an ad hoc basis between the two, without the need for an Internet connection or even being on the same local network. Need to get a photo to your Mac from your iPhone or want to send a PDF from your Mac to your iPad? Just fire up AirDrop.

Apple’s move …

Let’s dispense with the preliminaries. The WWDC 2014 confirmed a move in Apple’s strategy of controlling what’s going on if a device is in use.

I found this excellent article published by the well-known Apple evangelist Jonny Evans on Computerworld.com.

It’s not about ‘Made in Cupertino’ any more:
the new Apple is all about PARTNERSHIP.

… here’s a few ways in which today’s Apple conceded it doesn’t want to control every aspect of your experience – it just wants to ensure it secures the environment to make sure it’s platforms are platforms you can use:

  • CarPlay
  • Third party app support in iCloud Drive
  • Massively improved integration between iOS and OS X
  • Support for third party Widgets for Notification Center
  • Support for non-Apple apps in iCloud
  • DuckDuckGo support in Safari (OK, that just accentuates how much more secure Apple is than its troublesome mobile foe)
  • Third-party keyboard support
  • Health app, which works with third party devices
  • Support for third party devices for the smart home (HomeKit)
  • added by me
    API to access functionalities of Touch ID ( Apple’s implementation of a fingerprint scanner)

All of these moves are explicit moves that mean Apple is answering critics who call it “too controlling” by permitting users a hitherto unprecedented environment in which they can work with the devices they choose. It’s also a shot in the arm for developers, who can now work to develop their own solutions and have these underpinned by the secure power of Apple’s ecosystem.

Note
Jonny Evans is an independent journalist/blogger who first got online in 1993 and began writing about Apple in 1999. He’s author of Computerworld’s AppleHolic blog and writes on numerous tech topics here in the US and UK. Jonny has no shares in any technology company, enjoys new and disruptive technology and likes music almost as much as he likes his large and shiny dog.

20140606-203037.jpg

Stay tuned and join Jonny’s Appleholics Kool Aid Corner on Google+.

Summary …

Since WWDC 2014 Apple is turning over a new leaf when it comes to developer relationships. MacWorld’s headline ‘A love letter from Apple to developers’ hits the nail right on the head. It’s seems to be a win-win-win situation for Apple, developers, and customers. The WWDC 2014, iOS 8, and OSX were the biggest steps forward since the opening of the App Store on July 10, 2008. The gap to competing platforms – operating systems and stores – approximates to the depth of the Mariana Trench.

Related links …

iCloud, a paradigm shift

Apple’s Ecosystem

App Development + Marketing

WWDC 2014 Apple puts its fighting boots on

About my preferred mind mapping tool …

iThoughts, …

Thanks for visiting iNotes4You.





2-Step Verification

7 05 2014

Strong efforts have to be undertaken to secure data in the digital world. Even your identity can be countermined if you think about a hacked social media account where a bad guy publishes using your name.

Sometimes hackers behave like terrorists and try to destroy everything they are able to. A victim could suffer humiliation, identity theft, and lifetime suspension from services and social networks.

See this article to understand what I mean

How Apple and Amazon Security Flaws Led to My Epic Hacking

There are many different approaches to secure accounts …

  • 1 Using strong passwords
    that means passwords consisting of characters, special characters, and numbers.
    Apps like 1Password by AgileBits Inc., USA, are able to randomly generate complex passwords up to a length of 30 characters. Good idea but from then on you are bound to access accounts via the integrated browser of this app if you don’t want to write the password down on a sheet of paper. If you temporarily do not have access to your device there is no chance to access your account.
  • 2 2-Step Verification
    Your personal device is needed to receive a code with which you then identify yourself.
  • 3 Additional hardware
    to generate a code which has to be entered on a website. A transaction authentication number (TAN) is used by some online banking services as a form of single use one-time passwords to authorize financial transactions. TANs are a second layer of security and are used in different kinds

    • Classical TAN
      numbers generated by a bank and printed on a sheet of paper
    • Indexed TAN
      called iTAN where the user is not asked to use an arbitrary TAN from the list but to enter a specific TAN as identified by a sequence number (index). As the index is randomly chosen by the bank, an arbitrary TAN acquired by an attacker is usually worthless.
    • iTAN with CAPTCHA
      Prior to entering the iTAN, the user is presented a CAPTCHA, which in the background also shows the transaction data and data deemed unknown to a potential attacker, such as the user’s birthdate. This is intended to make it hard (but not impossible) for an attacker to forge the CAPTCHA.
      This variant of the iTAN is method used by some German banks adds a CAPTCHA to reduce the risk of man-in-the-middle attacks. Some Chinese banks have also deployed a TAN method similar to iTANplus. A recent study shows that these CAPTCHA-based TAN schemes are not secure against more advanced automated attacks.
    • Mobile TAN
      mTANs are used by banks in many countries. When the user initiates a transaction, a TAN is generated by the bank and sent to the user’s mobile phone by SMS. The SMS may also include transaction data, allowing the user to verify that the transaction has not been modified in transmission to the bank.
    • Simple TAN generators
      The risk of compromising the whole TAN list can be reduced by using security tokens that generate TANs on-the-fly, based on a secret known by the bank and stored in the token or a smart card inserted into the token.
    • ChipTAN
      is a TAN scheme used by many German banks. It uses a TAN generator which only works if the bank card for the account is inserted into it. The TAN generated is specific to the current transaction. There are two variants: In the older variant, the transaction details (at least amount and account number) must be entered manually. In the modern variant, the user enters the transaction online, then the TAN generator reads the transaction details via a flickering field on the computer screen (using a photodetector). It then shows the transaction details to the user for confirmation before generating a TAN.
  • Smart Card
    An example for a smart card you all know is the SIM card (subscriber identity module).

or this suggestion, using a complex password and a simple trick to not forget it

20140130-205135.jpg

If you are lucky and have just one bank account you just need one additional device to identify yourself or to verify a transaction. All these more sophisticated methods are not used by companies engaged in eCommerce. Instead, some companies still allow to buy with an eMail address and the password 1234.

Apple and passwords …

Ronald Carlson published interesting stats on tapscape.com (Jan 25, 2014) about how companies handle security:

Dashlane, a company that sells a password manager of the same name, has assessed the world’s top 100 websites for password security and published the results (pdf) for all to see. Unsurprisingly, Apple comes out on top with a perfect password security score of 100, while a long list of “trusted” companies, like Amazon, do less well:

The roundup assesses the password policies of the top 100 e-commerce sites in the US by examining 24 different password criteria that Dashlane has identified as important to online security, and awarding or docking points depending upon whether a site meets a criterion or not. Each criterion is given a +/- point value, leading to a possible total score between -100 and 100 for each site — Dashlane.

  • 55 % still accept notoriously weak passwords, such as “123456” or “password”
  • 51 % of websites, including Amazon, Dell and Best Buy, make no attempt to block entry after 10 incorrect password entries
  • 64 % have highly questionable password practices
  • 61 % do not provide any advice on how to create a strong password during signup and 93 percent do not provide an on-screen password strength assessment
  • 10 % scored above the threshold for good password policies (i.e. 45 points or more in the roundup)
  • 8 sites, including Toys “R” Us, J.Crew and 1-800-Flowers.com, send passwords in plain text via email

The research study puts Apple on #1 with a score of 100, Microsoft on #3 with 65, Nike on #10 with 45, Toys R Us got a score of -60, and MLB -75 which means that this e-commerce offer was the leader of the bottom 10.

Thanks to Ronald Carlson for sharing Web Password Security, Apple Protects Users Best, Amazon Less So on Google+.

Securing web-based services …

It’s indispensable to secure access to web-based services to increase reliance. This must be an integral part when building up customer relationships.

My article describes two ways to securely access accounts offered by Apple and Google. While Apple’s solution is limited to account access and purchases within Apple’s ecosystem Google’s solution supports 2-Step Verification for a whole range of services even from other vendors like Dropbox, Facebook, or WordPress.

Today companies make it easy to register for services.

Usually you need an E-Mail address (as a username) and a password. Instead of separating username, password, and email address for communication purposes nearly all companies reduce these three properties to just two which makes it easier to use their services but it goes along with less security.

To increase security the so-called 2-Step Verification was developed.
The basic idea is that apart from a password a second input is required to successfully access an account. Additionally access is limited to so-called trusted devices, devices you personally own and have access to.

2-Step Verification means “something you know” (like a password) and “something you have” (like a smartphone). Once you activated 2-Step Verification you have to use both, your password and an authorized device to sign in. To increase usability Apple as well as Google let you authorize a device to not asking for an authentication code again.

With 2-Step Verification security is drastically increased but not perfect at all. The only way to further increase the level is to use biometric identifiers (like a fingerprint) which are actually not supported for mobile devices. A standardized solution implemented in all operating systems would be a great step forward.

Many authentication processes could be made much more easier if “something you are” (fingerprint, iris) would replace “something you know” and it would increase security drastically if all these three methods are combined to identify yourself.

Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are often categorized as physiological versus behavioral characteristics. A physiological biometric would identify by iris scan, DNA or fingerprint. Behavioral biometrics are related to the behavior of a person, including but not limited to: typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics to describe the latter class of biometrics.
More traditional means of access control include token-based identification systems, such as a driver’s license or passport, and knowledge-based identification systems, such as a password or personal identification number. Since biometric identifiers are unique to individuals, they are more reliable in verifying identity than token and knowledge-based methods; however, the collection of biometric identifiers raises privacy concerns about the ultimate use of this information.
(Wikipedia)

Apple did a first step with a fingerprint scanner implemented in it’s flagship iPhone 5S, released in October 2013.

Apple’s solution …

For a comprehensive description of the 2-Step Verification process visit:

Frequently asked questions about 2-Step Verification for Apple ID

or see this concept map which contains all information in a visualized layout.

20140507-082044.jpg

On your iOS device 2-Step Verification will look like this:

20140130-205257.jpg

Unsurprisingly Apple did not follow the open standard Google, Microsoft, and many others use. So this optional security feature is just made for Apple services and devices that means for Apple’s ecosystem. It requires you to verify your identity using one of your devices before you can:

  • Sign in to My Apple ID to manage your account
  • Make an iTunes, App Store, or iBookstore purchase from a new device
  • Get Apple ID-related support from Apple

The complete process …

I published a How To for the complete activation process on Snapguide com.

http://snapguide.com/guides/activate-and-use-apples-2-step-verification/

Note
You can view this public guide via Safari but I suggest to download the app Snapguide from Apple’s App Store (universal, free). The iPad version enjoys all the advantages of a perfect user experience.

Google’s solution …

Sorry. But as usual Google spreads information about the internet and it’s hard to find out a simple description which contains all the information a normal user needs to understand this additional layer of security. So here is a description I found on MacWorld for configuring 2-Step Authentication:

2-Step Verification by Google

My opinion: This is not the way to let users accept the efforts made by the company. It seems to be quite difficult to explain this approach to more security to a broad number of unexperienced users.

The flaws …

Apple …

  • Access to iCloud is not secured by 2-Step Verification. So your data are without the additional layer of security.
  • 2-Step Verification is still not available in all countries.

Google …

  • After you turn on 2-Step Verification, non-browser applications and devices that use your Google account (such as the Gmail app on your phone), will be unable to connect to your account. Google solves this by generating application-specific passwords to allow these applications to connect to your account. Although this must be done only once for each device and application it’s an additional hassle to manage these settings.

Common flaws …

  • What will users do to keep usability on an acceptable level.
    They first declare their device as a trusted device. That means this device has direct access to all services because the apps generating security codes are fully accessible. Furthermore Google’s authentication provokes to grant access to all the installed applications by using application-specific passwords and setting the option “Remember Password”.
  • Security is still bound to the unlock code of your device.
    The progress coming up with 2-Step Verification is limited because it doesn’t secure your device but only reduces the chance to successfully hack an account.

Some FAQs …

01 What to do if the phone doesn’t have a carrier signal but is on WiFi?

Google
You can install a standalone app called Google Authenticator (it’s also available in the App Store), so your cell phone doesn’t need a signal.
Apple
You can use the app Find My iPhone to get a verification code.

02 What to do if the phone runs out of power, is broken, or is stolen?

Google
You can print out 10 one-time backup codes and put them in your wallet. Use those one-time codes to log in even without your phone.
Go to your 2-step verification settings page. Under the “Advanced” section, you’ll have the choice to remove a device. The device will automatically sign out of your account, and you’ll be prompted for a verification code next time you try to sign in from them.

Apple
While activating 2-Step Verification you will get a so-called Recovery Key which has to be printed out. This code can be used in the event that none of your trusted devices are available. You have to sign in to My Apple ID and remove the stolen or sold device from the trusted devices. Access from this device to your Apple ID (Settings – iTunes+App Stores – Apple ID) or purchases from Apple’s stores are no longer possible.

03 What to do if an authentication within an app like Apple Mail fails?

Google
For apps you can create so-called ‘application-specific passwords’ (ASPs) that your app can use instead of your regular password. You can revoke ASPs at any time.
Apple
Not applicable

The worst case …

If you lost two or more of the required sign-in items (your Apple ID password, access to one of your trusted devices, your Recovery Key) you cannot regain access to your Apple account. You will need to create a new Apple ID. You can do so on one of your devices or on the web at My Apple ID.

Costs …

If you use SMS as the transmission service for verification codes you will be charged by your provider. The sender of the SMS is located in UK (+44).

To clarify costs you should ask your provider. Best practice is to activate Find My iPhone. The app is ready for receiving verification codes. It’s obvious that this transmission only works if you are connected to the internet.

The main features …

These are the main features of Apple’s 2-Step Verification

  • 2-Step Verification is bound to your Apple ID.
  • You can use any device capable of receiving SMS.
  • If you loose two or more sign-in items you cannot regain access to your account.
  • If you sell your device or if it’s stolen immediately go to My Apple ID and remove this device from the list of trusted devices.

Summary …

Use 2-Step Verification to improve security and to avoid compromising your identity which can cause severe problems with law if it’s obvious that you did not follow well-known security advices.

The digital world offers great benefits but increased security always goes along with decreased usability. That’s the price we have to pay. Be sure it’s a good investment.

The solution of both companies, Apple and Google, do not meet the requirements of their users. You cannot keep a recovery key or up to 10 backup codes in mind but your biometric identifiers are always with you. So let’s wait for the next step of a more innovative technological progress where you have access to all your accounts just with ‘something you are’.

Related links …

Apple …

Security made by Apple

Emergency Guide

The Apple ID

Apple ID: Frequently asked questions about 2-step Verification for Apple ID

Apple ID: Can’t sign in with 2-Step Verification

Google …

Google: 2-Step Verification

Google: Install Google Authenticator

Google: Sign in using Backup Code

Overview …

Overview about 2-Step Verification of other companies

Thanks for dropping by.





Jailbreak

9 04 2014

Many people are talking about restrictions in Apple’s operating system iOS for their mobile devices.

They obviously miss the point that these restrictions are well-considered and part of Apple’s strategy of seamless usage and a perfect user experience within an ecosystem which is developed for serving people.

20131228-135804.jpg

What does ‘Jailbreaking’ mean?

iOS jailbreaking is the process of removing the limitations on Apple’s iOS devices through the use of software and hardware exploits; such devices include the iPhone, iPod touch, iPad, and second-generation Apple TV. Jailbreaking permits root access to the iOS operating system, allowing the download of additional applications, extensions, and themes that are unavailable through the official Apple App Store.

Jailbreaking is a form of privilege escalation. The name refers to breaking the device out of its “jail”. Jailbroken devices can still use the App Store, iTunes, and other normal functions, such as making telephone calls. Many other built-in features are no longer available.
Restoring a device with iTunes or iCloud removes the jailbreak.

Jailbreaks (JB) are not supported by Apple, quite the contrary, Apple fights against it and people jailbreaking a device violate Apple’s iOS End-User License Agreement (EULA). JB can make your device less secure and you may loose the warranty. If people do not accept the original operating system with its limitations it might be better for them to move over to an other platform like Android. Additionally JB is illegitimate in some countries because DRM (Digital Rights Management) can be affected.

The main part of the agreement is

“2 c. You may not, and you agree not to or enable others to, copy (except as expressly permitted by this License), decompile, reverse engineer, disassemble, attempt to derive the source code of, decrypt, modify, or create derivative works of the iOS Software or any services provided by the iOS Software or any part thereof (except as and only to the extent any foregoing restriction is prohibited by applicable law or by licensing terms governing use of open-source components that may be included with the iOS Software).”

Jailbreaking a device is a kind of ‘reverse engineering’.

Reverse Engineering
Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation. It often involves disassembling something and analyzing its components and workings in detail – for either purposes of maintenance or to support creation of a new device or program that does the same thing, without using or simply duplicating (without understanding) the original.
Jailbreaking is a kind of reverse engineering and users jailbreaking their iOS devices infringe Apple’s EULA which they already accepted when setting up the device.

Fair use seems to be safe ground for reverse engineers, almost always using it as a defense. However:

An EULA is a legally binding contract.

If a user agrees to terms which are in conflict with fair use, the user has effectively waved their rights to fair use.

Legal Aspects of Reverse Engineering

The Digital Millennium Copyright Act …

The Digital Millennium Copyright Act was put into place in 1998 in order to make any service or device with purpose of undermining or removing DRM (Digital Rights Management) copyright infringement. The act forbids any service or device from being designed to circumvent, or even being marketed to circumvent any DRM.
There is, however, an exception in the DMCA stating that reverse engineering can be done under the purposes of inter-operability between software components. It states the following:

  • Notwithstanding the provisions of subsection (a)(1)(A), a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been readily available to the person engaging in the circumvention, to the extent any such acts of identification and analysis do not constitute infringement under this title.
  • Notwithstanding the provisions of subsections (a)(2) and (b), a person may develop and employ technological means to circumvent a technological measure, or to circumvent protection afforded by a technological measure, in order to enable the identification and analysis under paragraph (1), or for the purpose of enabling interoperability of an independently created computer program with other programs, if such means are necessary to achieve such interoperability, to the extent that doing so does not constitute infringement under this title.
  • The information acquired through the acts permitted under paragraph (1), and the means permitted under paragraph (2), may be made available to others if the person referred to in paragraph (1) or (2), as the case may be, provides such information or means solely for the purpose of enabling interoperability of an independently created computer program with other programs, and to the extent that doing so does not constitute infringement under this title or violate applicable law other than this section.

    For purposes of this subsection, the term ‘interoperability’ means the ability of computer programs to exchange information, and of such programs mutually to use the information which has been exchanged.

Fair use does still apply. However, it is not fair use to gain unauthorized access to copyrighted work.

Further information …

Apple wants iOS to remain secure on the whole, and jailbreaking can threaten that. Apple identifies these concerns:

  • Security
    Jailbreaking removes the security layers on iOS devices.
  • Instability
    Jailbreaking causes an iPhone to behave erratically.
  • Shortened battery life
    Jailbreaking apps and services may not run correctly which may drain your battery.
  • Unreliable voice and data
  • Disruption of services
    Services such as Visual Voicemail, Weather and Stocks have been disrupted. iCloud, Exchange and Apple Push notification all suffer (according to Apple) on jailbroken devices.
  • Inability to update
    Because Apple frequently removes jailbroken software in its updates, many jailbroken phones do not update. This can result in running an out-of-date phone.

20131228-131048.jpg

Evad3r …

Shortly before Christmas 2013 some Jailbreak fans got an early gift of a Jailbreak for iOS 7.
See what McMurmor wrote about this “Christmas present“:

This allowed users of their new iPhone 5S/C, iPad mini Retina Display and iPad Air users unlock their device for tweaks outside Apple’s community.

However, after the crack was released, major controversy with Evad3rs grew with the Chinese store called Taig which also included mass amounts of pirated content, with no reason as to why Taig was included and not an official Cydia.

After a horrific response from the public, the Evad3r team worked frantically to remove Taig. They claim Taig installed themselves with their cracked version, and didn’t have permission nor source code. (How upon release, is still remaining as the big question.)

Yet, how would Taig be able to get their app store version in the Evad3r jailbreak so easy, still baffles users and has created a lot of disappointment towards to jailbreak community. The team touched on the mistake in multiple open letters, but the damage had already been done.

Apple has taken a silent approach aimed at the consumer who bothered to crack their device. Apple has internal software that can see not only how many times your device has been restored, what software version and even if your iOS device was jailbroken.

Once you jailbreak your device, you can kiss your warranty/Apple Care goodbye.

Jailbreaking is a direct violation of Apple’s intended use of the product, so they will treat it with the exact same respect as the person who has jailbroken the device has shown.

This means Apple will refuse all help that would be given to a non-jailbroken iOS user, but Apple’s forums will also refuse help on the matter.

What can be done with a jailbroken iPhone?

The main reason people jailbreak their phones is to run pirated (copied) software and install it without paying for the privilege. We’re not here to moralize: whether you pay for software is up to you. Although given the amount of free software on the app store, and the sheer hassle it is to jailbreak an iPhone, we do rather wonder why people bother.

20140407-195552.jpg

The other – perhaps more viable – area is to run apps and services that are not allowed by Apple. Jailbreaking installed a rival to the Apple Store called Cydia. This features apps in areas that Apple bans, such as pornography. But there are also apps that allow you to perform blocked tasks such as tethering; apps that have been removed from the store such as Sparrow. You can also change the default apps replacing Maps with Google Maps and the default keyboard with a version called Octopus. It’s perfect for tinkerers.

Cydia …

Wikipedia explains …

Cydia is a software application for iOS that enables a user to find and install software packages on jailbroken iOS Apple devices such as the iPhone. It also refers to digital distribution platform for software on iOS accessed through Cydia software. Some of the software packages available through Cydia are free, and some require purchasing.
Cydia is developed by Jay Freeman (also called “Saurik”) and his company, SaurikIT. The name “Cydia” is an allusion to the Codling Moth, with a scientific name of Cydia pomonella, which is the proverbial “worm in the apple.”

Cydia provides a graphical user interface to jailbroken users using Advanced Packaging Tool (APT) repositories to install software unavailable on the App Store. Cydia is based on APT, ported to iOS as part of Freeman’s Telesphoreo project.
Software packages are downloaded directly to an iOS device, to the same location as Apple’s pre-installed applications, the /Applications directory. Jailbroken devices can also still buy and download apps normally from the official App Store.
Cydia can be installed during the process of jailbreaking an iOS device. Some Jailbreaking tools (each of them supporting a specific set of devices and iOS versions) install Cydia automatically, while others provide a choice to the user.

Summary …

Jailbreaking an iOS device might be interesting for tech freaks but it’s definitely not useful and a customization of a device without limits is not what Apple intends with it’s strategy of seamless usage, focusing on essentials, and security. It’s a kind of error in motivation to jailbreak an Apple devices. It seems to be clear that it’s primarily not the meaningful usage but the demand of getting more control over a technical product which let people jailbreak their device. In my humble opinion they should better move over to an other platform like Android.

Enough reasons to not jailbreak an iOS device and instead focus on useful things which can be done with the original?

Jailbreakers cannot claim to be Apple fans. It’s a blatant ignorance of all the hard work of Apple’s software technicians which is expressed in this statement:

True simplicity is so much more than just the absence of clutter or the removal of decoration. It’s about offering up the right things, in the right place, right when you need them. It’s about bringing order to complexity.
(Sir Jonathan Ive)

The internet era supports criminal activities and the main reason is that people mostly remain anonymous when violating clearly defined rules. Look at my blog posts and see what can be done with an original device to improve communication, knowledge, creativity, and personality. JB doesn’t pay. All you need is already implemented in Apple’s operating system and the many excellent apps supporting your daily tasks or your creativity. Changing a theme, a wallpaper, or downloading apps from more or less dubious companies might be funny but in whole it’s pointless.

Some tech nerds may forward many arguments to extract advantages from jailbreaking but they never will convince me. It ‘s simply a question of priority in regard to a meaningful usage of a mobile device.

Related links …

Apple’s Focusing

Apple’s Ecosystem

Security made by Apple

Thanks for visiting iNotes4You.





Multitasking

31 01 2014

Multitasking is the simultaneous execution of more than one task (also named as process).

In the case of a electronic devices with a single CPU and human beings only one task is said to be running at any point in time, meaning that the CPU or the brain is actively executing instructions for that task.

But there are sophisticated techniques which let you think it’s multitasking.

Intelligent scheduling is the key to powerful devices.

This is a wide field where innovation within the operating system can save memory, reduce drain of battery energy, and increase performance of tasks which have to be executed by ‘temporarily sleeping’ apps.

Human beings …

People can drive a car while using a phone for a call or they can write an E-Mail while looking on a TV.

Studies validate that people show severe interference when even very simple tasks are performed at the same time. Because the brain cannot fully focus when multitasking, people take longer to complete tasks and are predisposed to error compared to sequential completion.
The brain always restarts and refocuses when switching between tasks and in the interim between each exchange there is no progress whatsoever.

So multitasking of human beings is just a rapid toggling among tasks rather than simultaneous processing. Although the brain is complex and can perform a myriad of tasks, it cannot multitask efficiently.

Electronic devices …

In computing, multitasking is a method where multiple tasks are performed during the same period of time. The tasks share common resources, such as a CPU (Central Processing Unit) and main memory.
With single CPU only one task is said to be running at any point in time, meaning that the CPU is actively executing instructions for that task.

The multitasking feature of operating systems solves the problem by scheduling each task and assigning priorities.

Like human beings the CPU has to ‘restart and refocus’ every time one task is replaced by another task. This is called context switching and modern CPUs can do this hellish fast.

If context switching is done frequently enough the illusion of parallelism of task fulfillments is achieved. Real multitasking can only be done by more than one human being or more than one CPU.

Operating systems follow these strategies for scheduling tasks:

  • Multiprogramming systems
    In multiprogramming systems, the running task keeps running until it performs an operation that requires waiting for an external event (e.g. getting a push notification) or until the computer’s scheduler forcibly swaps the running task out of the CPU. Multiprogramming systems are designed to maximize CPU usage.
  • Time-sharing systems
    In time-sharing systems, the running task is required to relinquish the CPU, either voluntarily or by an external event such as a hardware interrupt. Time sharing systems are designed to allow several programs to execute apparently simultaneously.
  • Real-time systems
    In real-time systems, some waiting tasks are guaranteed to be given the CPU when an external event occurs. Real time systems are designed to control mechanical devices such as industrial robots, which require timely processing.

Over time sophisticated techniques were developed to use CPU and memory efficiently. All the developments in multitasking techniques for mobile devices like the iPad or the iPhone are have to consider that there is not only a CPU and limited memory but also a battery which should keep the device alive at least for one day.

Apple’s iOS devices …

Apple’s operating system iOS 7 provides improved Multitasking although the basic system behavior remained the same compared to the predecessor iOS 6.

20131105-192332.jpg

Regarding iOS apps we can distinguish between 5 states of execution an app can take on:

  • Active
    The normal state of “in use” for an app.
  • Inactive
    The app is in the foreground but does not receiving any event
    This happens e.g. if the user has locked the device with the app active.
  • Not Running
    The app has been terminated or has not been launched yet.
  • Background
    The app is no longer on-screen but still visible in the multitasking view and executes tasks.
  • Suspended
    The app is still resident in memory but is not executing tasks.

When you press the home button, the app moves from Active to Background. Most apps usually then go from Background to Suspended within some seconds.

Suspended apps remain in the device’s memory to let them resume mode quickly if you choose them from the Multitasking View. Suspended apps do not use CPU time and energy from the battery.

20131105-192437.jpg

Notes

1 People saying that you should close apps because they slow down the device, fill the memory, and drain the battery are simply wrong.
The concept of iOS ensures optimized memory and energy management. Launching a memory-intensive app will force iOS to suspend other apps and move them into the ‘Not Running’ state, that means, remove them completely from memory. Maybe you have noticed this behavior when looking at the time an app needs to relaunch. Sometimes it needs less time because the app launched before didn’t use much memory and so the relaunched app wasn’t removed from memory.

2 iOS doesn’t show the state of an app in the Multitasking View. You cannot see whether it’s suspended or executes background tasks. The Multitasking View only shows you the recently used apps. Apple again made it simple but in the Multitasking View it would be nice to see at least which app is running in the background.

Background App Refresh

Some apps can continue to run for a short period of time and are then set to a suspended state so they are not actively in use, open, or taking up system resources (CPU, battery). They will instantly launch when you tap on their icon within the Multitasking View.

Certain tasks or services can continue to run in the background. To lessen the affect on battery life, normal app background refreshing is scheduled for efficient times, such as when your device is connected to Wi-Fi, plugged into a power source, or being actively used.

You can adjust background activity of apps by going to Settings – General – Background App Refresh.

20131105-192622.jpg

When Background App Refresh is on, apps that take advantage of this feature can refresh themselves in the background. For example, an app can check if new content is available and download the updates, or retrieve the updated content in the background when it receives a push notification, so the new content is ready for viewing when you launch the app. Apps can also schedule background refreshing based on your location.

iOS learns patterns based on your use of the device and tries to predict when an app should be updated in the background. It also learns when the device is typically inactive, such as during the night, to reduce update frequency when the device is not used.

If you turn off Background App Refresh (in total or for a specific app), data of all apps resp. specific apps are no longer updated. If you close an app via the Multitasking View, it won’t be able to refresh in the background.

A little helper …

With the release of the iPhone 5S and the iPad Air in fall 2013, Apple introduced the A7 64-Bit processor and the M7 Motion processor which is an innovative step in mobile technology because mobiles are always in motion. The M7 Motion processor is a co-processor to the A7 main processor to offload work from it.

Think of it like this:
Every time the CEO (the A7) is focused on a task and needs help from his assistant (the M7) because the proud owner again jumps for joy while viewing Apple’s Keynote he sends a request to get motion data. Then he can refocus on actions depending on the devices motion.

20131105-192720.jpg

Indicators …

In relevant cases users should know about the device’s background activity to understand why the device responds with slightly slower performance.

Location Services
When in use, the location icon appears in the status bar. You may also see a blue, double-height status bar if an app has turn-by-turn navigation on. If an app is using Location Services, such as geofence or turn-by-turn navigation, you can pause the service within the app.

Note
You can view a list of apps that recently used location services in Settings – Location Services.

20131105-192844.jpg

Voice over IP (VoIP)
A double-height status bar will appear when you leave the primary VoIP app, such as Skype, while still on a call. If you’re logged in to a VoIP service, the apps can still receive calls while on background, but won’t display the double-height status bar.

iTunes syncing
When the syncing icon appears in the status bar, the device is tethered or wirelessly syncing with iTunes.

Network activity
When the network-activity icon appears in the status bar, network activity is occurring in the current app. The network-activity indicator will appear only for the following features or activities, when you’re using the corresponding app:

  • Photo Stream uploads and downloads
  • Regular application downloads and updates from App Store
  • Automatic downloads (music, books, and applications)
  • iTunes Match downloads
  • Checking E-Mail
  • iCloud restores

Third-party apps also use the icon to indicate network activity.

Behind the scenes …

Apps, not visible on your screen and running in the background do this usually for about 5 seconds before they are moved to the Suspended state. In some cases, e.g. when downloading a large file with FTP Client Pro, the download process would be interrupted.

To prevent these ‘task crashes’ developers can declare processes as so-called ‘background tasks’. This allows an app to get an extra timeframe to successfully complete it’s task within about 10 minutes.

Some apps are allowed to run indefinitely in the background. They can be categorized as follows:

  • 1 Apps that play audio while in the background, e.g. Apple’s built-in Music or Podcast apps.
  • 2 Apps that track your location, e.g. Apple’s built-in app Maps if you use it for turn-by-turn GPS navigation
  • 3 Apps that listen for incoming Voice-Over-IP (VOIP) calls like Skype
  • 4 Apps that listen to new incoming content and download it, e.g. Apple’s Mail or Newsstand app. These apps not only get a push notification but also download new content immediately.

It’s obvious that battery draining as well as CPU performance is reduced when using these apps. So in contrast to all other apps they should be killed from the Multitasking View if their services are no longer needed.

It would be a useful improvement in later versions of iOS 7 to show users which app is running indefinitely in the background so that the main reason for energy consumption can easily be identified.

Multi-core processors …

The multi-core processors in most current computers and mobile devices enable true multitasking because each core can be performing a separate task at any given time. An example of multitasking is the processing of an email while streaming a video.

In single-core processors, multitasking is actually accomplished by time-sharing processor resources – tasks aren’t actually simultaneous but the operating system shifts quickly between tasks, ideally transparently to the user. The operating system monitors where the user is in these tasks and goes from one to the other without losing information.

Summary …

Real multitasking with one brain or one processor is not possible. iOS is optimized for keeping your device alive by killing processes, cleaning up the memory, and reducing drain of energy to a minimum. You must not take care of app management except apps are intended to run in the background indefinitely.

Related links …

Location-based Services

iGPS

Sensitiveness

Thanks for stopping by.








Follow

Get every new post delivered to your Inbox.

Join 178 other followers

%d bloggers like this: