Apple changes its policy on iOS e-book and subscription sales. If a company has an iOS app and allows users to buy premium content, such as e-books to be displayed by the app, with purchases made via a Web site (and therefore avoiding giving Apple a cut), Apple now requires that the company also allow users to make those purchases in-app (where Apple takes 30% of the price). Magazine or newspaper subscriptions sold through a browser must be available for the same price or less in iTunes as well. And publishers can no longer embed links in their iOS apps to Web sites that sell content. Furthermore, customers must be asked and then agree to release their information to publishers when they buy content through iTunes, so publishers are less likely to get the valuable consumer data they want for targeted advertising.

Google launches subscription payment service. After Apple announced its iOS subscriptions model Google followed with its content payment system, One Pass. One Pass operates across platforms. Customers who purchase content through their Google accounts can access it on their computers, tablets, or smartphones (though presumably not on their iOS devices, though there’s no technical reason this has to be the case). A spectrum of models is available to publishers: they can sell by the article, offer subscriptions, or provide day passes, among other options. Unless a customer opts out, Google shares customer name, zip code, and email address with the publisher. For One Pass service, Google takes 10% of sales revenue.

RIM tablet rumored to run Android apps. RIM may be developing software that would allow its PlayBook tablet to run Android apps. The move would increase the number of apps that can run on PlayBook more than six-fold to over 130,000 apps, making it more attractive to consumers. The tablet, promoted as the company’s answer to the iPad, is slated for release this year.

Facebook and the bright side of human flesh search engines. A woman who found a camera in New York City identified its owner in three hours by posting pictures from its memory card to Facebook and tagging her friends to solicit their help in the search. Web sites designed to reunite owners with their lost property exist, but both the finder and the seeker must know of them and go to the same one. Facebook doesn’t suffer from either problem. Although Facebook is not a fully public forum – most users restrict access to their profiles in some way – in this case it ended up being a big enough network to connect a helpful New Yorker with a grateful French tourist.

Boston promises a pothole-reporting app. It’s probably not something that Apple would have developed on its own initiative: an app that detects and automatically reports potholes using GPS and accelerometer data from the driver’s phone is in the works by the city’s “Office of New Urban Mechanics.” (!) While an unsafe driver may be wary of sending such information to city officials, the app’s developers see it as a new form of civic engagement. Perhaps we’ll see a pothole-filling app next year.

Google adds new security and crowdsourced ranking features. Google has recently added two new features. The first feature lets people with Google accounts add a second password. An account holder generates this additional code every time he wants to login, receiving it on his phone. It expires after a few minutes – giving the user time to log into his Google account – and so dramatically reduces the chance that it will be phished. The second feature is a Chrome extension that allows searchers to block sites that they don’t want to see in their Google search results. The user reduces unhelpful content farm results in her own searches, and Google draws on the information to tweak its rankings to decrease global content farm contamination of results.

Corporate strategies for information security and transparency. As more and more information is stored in the cloud and shared through networks, companies are increasingly susceptible to accidental or intentional disclosure of sensitive information. The Economist reports that corporations are taking a range of approaches to address the problem, from technological restrictions and monitoring (software or hardware that limits or watches what employees do with data) to cultural awareness (explaining to employees how particular acts put data at risk) or openness (sanctioning the release of more information to promote trust). Meanwhile, 40,000 individual Gmail account holders lost their cloud-stored emails and contacts this week because of a bug in a software update. Google is in the process of restoring users’ data to them — from backup copies on tapes.

Android app hacked to repeatedly text premium numbers. Hackers, apparently in China, have inserted code into a legitimate Android app that causes it to continuously text premium numbers. The altered form of the (already free) Steamy Windows app is available on unauthorized app sites. Once a user installs it, the app sends text messages to premium numbers, running up the user’s bill. It also blocks incoming texts from the wireless service provider that would normally alert a user that he has exceeded his text message quota. The hackers get a commission for each text sent to the specified numbers. Unwitting Android owners are at greater risk of attack, because unlike iOS owners, they can download apps from third party sites in addition to the official marketplace.  That makes them more generative — but also less secure, leading to the “generative dilemma.” (cached) [Cached because the cloud-based host for the deep linkable version of the Future of the Internet — And How to Stop It has vanished — ironic (or fitting?), given the book’s warning about the dangers of cloud-based platforms.

PCs as an endangered species. As the evolution of computing devices marches forward, PCs may be headed for extinction. Smartphones and tablets are increasingly marketed as PC replacements. These mobile devices can be used on their own, but also connect to a range of peripherals — laptop shells, monitors, keyboards, mice, even docks that turbo-charge performance with extra CPUs — for a more PC-like experience. For example, Motorola’s Android-based Atrix smartphone can run the desktop version of the Firefox browser when docked, giving the user access to cloud-based services like Google Docs in addition to the apps installed on the phone. But Firefox doesn’t run off the Atrix, it runs off a minimal Linux machine in the dock. And the Android app ecosystem doesn’t yet match the diversity of PC applications. Still, as mobile devices and the Web 2.0 apps and services (cached) they support become more sophisticated, it’s likely that they will expand out of their niche and invade the habitat currently occupied by PCs.

—Jennifer Halbleib

I’m having similar difficulty understanding Research In Motion’s statement in response to the news cascade following threats by the UAE and other countries to terminate its license to sell Blackberrys unless it’s more cooperative with government requests for surveillance.

Part of the confusion arises from the fact that we’re only seeing a small slice of a government-to-company negotiation — the public threat part — so exactly what’s being asked hasn’t been disclosed, and neither the government nor RIM have much incentive to say more.  And it’s hard to infer what’s on the table since the Blackberry is a Swiss army knife-style digital appliance — it makes phone calls, supports instant messaging, texts, and email — in communication both with other Internet users (including those without Blackberrys) and within a corporate environment.  When trying to figure out what RIM could share if it wanted (or were pressured) to, it helps to consider each service and environment separately.

So how does RIM’s public statement fit in?  Here’s the intro:

Due to recent media reports, Research In Motion (RIM) recognizes that some customers are curious about the discussions that occur between RIM and certain governments regarding the use of encryption in BlackBerry products. RIM also understands that the confidential nature of these discussions has consequently given rise to speculation and misinterpretation.

RIM respects both the regulatory requirements of government and the security and privacy needs of corporations and consumers. While RIM does not disclose confidential regulatory discussions that take place with any government, RIM assures its customers that it is committed to continue delivering highly secure and innovative products that satisfy the needs of both customers and governments.

Strong but vague so far — there’s a compromise to be struck, and RIM hopes to make the right one, bearing in mind the needs and interests of both its customers and its regulators.  It’s how the statement continues that’s puzzling, and to understand requires going from forest to trees for a bit:

Many public facts about the BlackBerry Enterprise Server security architecture have been well established over the years and remain unchanged. A recap of these facts, along with other general industry facts, should help our customers maintain confidence about the security of their information. …

• The BlackBerry security architecture was specifically designed to provide corporate customers with the ability to transmit information wirelessly while also providing them with the necessary confidence that no one, including RIM, could access their data. …

• The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby the customer creates their own key and only the customer ever possesses a copy of their encryption key. RIM does not possess a “master key”, nor does any “back door” exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data.

At last some specifics.  But they appear extremely selective.  The first bullet point above talks about the encryption of data between a handheld Blackberry and the server operated by RIM — a way station until the data finds its ultimate recipient.  (People intend to email each other, not RIM; the RIM server is just a way to route data from one person to another.)  So the first bullet point offers the assurance that the data can’t readily be accessed between the Blackberry user and the RIM way station.  Fair enough — such encryption is routine.  For example, those who use gmail in “secure” mode — these days it defaults to that — enjoy a similar protection.  No stethoscope gathering radio waves in between can easily decipher what’s going on.

OK, on to the next quoted bullet point, which suggests that once the data is in repose at the way station, even then RIM couldn’t access it.  But here there’s a qualifier: it’s the Blackberry “security architecture for enterprise customers.”  Enterprise customers is a term of art that means customers brought en masse under the umbrella of a corporate enterprise.  If Consolidated Widgets had previously had all its internal correspondence routed through a server in its own basement and wanted to farm that out, RIM could offer an “enterprise solution” where Consolidated Widgets would become its customer, and all of Widgets’s employees could be issued Blackberrys and corresponding email accounts.  In that case, promises RIM, email sitting on RIM’s server would still be inaccessible to RIM.  It’d be private between one sender and one recipient.

Why limit this feature to enterprise customers?  In part because encryption standards haven’t been widely enough deployed to support ready encryption between users without regard to the devices and platforms they’re using.  For me to send you an encrypted email that not even our respective email providers can access requires us to coordinate ahead of time on a standard.  For example, you might establish a key using the Philip Zimmerman’s legendary PGP (“pretty good privacy”) standard, and I could then use it to send you an email that only you can read.  But if you haven’t gone to that trouble, I’m stumped.

That’s not RIM’s fault, but it might make misleading a statement intended to address the overall surveillance controversy — a statement that on a quick read suggests that Blackberry email users enjoy utter secrecy, when in fact it’s necessarily only talking about “enterprise” users who are emailing each other under a single corporate umbrella.  With that understood, the last line of the RIM statement offers much less assurance than it might seem to the average Blackberry user:

RIM assures customers that it will not compromise the integrity and security of the BlackBerry Enterprise Solution.

If the BlackBerry Enterprise Solution is but a subset of what we think of when we think about Blackberrys — namely, intra-corporate stuff — then the fact that it’s assured it both little threat to a government like UAE, which is no doubt concerned about communications and organizing among citizens outside a single corporate environment, and little solace to those very citizens.  And that’s why our questions to RIM should stick to apples in cheeks rather than changing the subject to balls in hands: what assurances can be made about cooperation with government surveillance requests outside corporate intranets?  The assurances need not be without exception to be reasonable — but the parameters of whatever accommodation is reached should be made public.

I welcome correction if I’m misunderstanding RIM’s attempt to dispel misunderstandings.  …JZ

UPDATE 8/5/10: Bruce Schneier has written on the topic here.

Canadian Android Carrier Forcing Firmware Update. A Canadian carrier wanted users to download a firmware upgrade that fixed a glitch prohibiting users from dialing 911, so it made the upgrade mandatory. Seems reasonable. But it bundled in an update that “prevent[ed] users from ever gaining root access to their phones.” Sneaky—one more way that contingent generativity really is contingent, even for savvy users.

Biggest Mobile Operators Join Forces On App Store Project. A few dozen mobile operators have come together to try to create a mobile developer’s dream: a set of standards for applications that would work across phones and mobile OSes, and a single app store (with a single approval process) in which to sell those apps. This could be a good thing if it worked—developers might have more say in big-picture application development, and single carriers or hardware manufacturers would have less ability to be a development chokepoint. (It would also be nice for consumers, generally making the smartphone world look more like the PC world.) I’d be more excited if efforts to create uniform mobile standards weren’t so difficult and historically so unsuccessful.

Demand for Android Phones Makes “Monstrous” 250% Jump. Another developer’s dream (perhaps), Android, is seeing significant growth. “Android has finally caught consumer interest,” according to a research firm. Also, Android users are almost as happy as iPhone users with their phone (72% to 77%).

Big Brother Is Here, Families Say. This story is so bizarre, I don’t know what to make of it. A school in Philadelphia gave out laptops without telling the students or their families that the cameras could be remotely activated. The idea was to use the cameras if the laptops were stolen, but one family claims a camera was used to spy on a student. If true (details are cloudy), that would (a) be mind-bogglingly dumb on the school’s part, and (b) reminiscent of this (ubiquitous cameras) and this (remote activation) in the book. Check out the Onion’s take here.

Microsoft takes the StopBadware Approach Further. Last week, MS obtained a restraining order to deactivate 277 domain names it had linked to the Waledec botnet. Severing the connection between drones and the mothership goes beyond tactics employed by the Google/StopBadware Project.  It effectively makes the targeted websites invisible, instead of slapping a prominent warning label on them. Although MS attempted to cut off only addresses used exclusively for spam, it appears that the single U.S.-based target may be a legitimate site, if a hapless drone.  While owners have the opportunity to reclaim their addresses, MS’s actions raise questions of proportionality and whether cooperation and information-sharing between prominent Internet denizens, such as MS and Google, if possible, would result in more efficient and just solutions. Their approach also highlights the tension between the need for secrecy to effectively attack the spam network and the notice usually required prior to legal action.

One step behind. Thesixtyone.com, a site that allows the public to listen to, rate, and buy largely indie music, is looking for a hacker that can break up the bot-powered voting rings seeking to game their democratic rating system.  A laudable goal, but one spammers have already begun to circumvent by using real people instead of bots.

Passing through the cloud. Katherine Boehret recently reviewed Pogoplug, a device that makes files web-accessible without actually storing them in the cloud.  While this type of solution doesn’t address data-portability concerns surrounding extraction of personal data in usable form – to allow seamless transition between social networking sites, for example – it does let the user to maintain more control over data instead of entrusting it entirely to the cloud.  This control prevents third parties from holding data hostage and from losing, allowing government access to, selling, or mining personal information; but users can still access their files from almost anywhere.

Please think twice. A website launched last week illustrates the risk of publicly sharing information online.  Pleaserobme.com aggregates Twitter posts that contain location-sharing information from Foursquare in a chronological list to show the potential for exploitation by Internet users with malicious intentions.  While it’s probable that only a small set of burglars will take advantage of this information, the site is an example of a grassroots campaign to raise awareness of potential problems for users who don’t recognize how the information they freely give can be mined.  Whether this awareness leads them to alter their behavior or simply “get over it” is up to the individual.

Facebook messaging glitch. A subset of Facebook users experienced firsthand the risk of entrusting control of personal messages to third parties.  Last Wednesday, FB accidentally sent the private messages of a “small number” of users to strangers instead of the intended recipients.  Unlike well-publicized security breaches of credit card companies and banks, the misdirected messages were largely personal in nature and contained little identifying information, so the risk of actual injury is low.  But that may not be very comforting to those who had intimate details divulged to strangers.  Some of the accounts indeed provoke a gut-level enquiry as to how privacy violation should be measured.  On the flip-side, the occasional misrouting of a letter by the Post Office doesn’t give rise to much concern – and in that case the sender is usually clearly identifiable – so why should electronic mail be afforded greater scrutiny?

—By Jennifer Halbleib and Elisabeth Oppenheimer

The Month of Apple Bugs. For one month, researchers released information every day on different bugs that infect Apple products (OS X, Safari, apps for Macs, etc.). They say they’ve found public release gets quicker results than “responsible disclosure” (i.e., just telling the vendor). That’s one model for cybersecurity…

There’s lots of coverage out there about the Supernova conference, “a forum to examine all of the opportunities and challenges created in the Network Age.” Here’s JZ’s talk (starting around minute 29) and a good text summary, along with some reactions:

Pondering a Rogue Cloud wonders what government and industry pressures cloud computing providers will face.

Beware the Rise of Closed Platforms “But further, Vogels [Amazon CTO] said that users should feel comfortable trusting Amazon because the company’s mission is to be a ‘customer-centric company.’ Which seemed to be exactly Zittrain’s point.”

Cloud Computing an Option for Disaster Recovery Vogels discusses one of the big upsides of cloud computing—your data might be safer. We’ve discussed this topic here.

And bonus JZ links: a talk at Singularity University on Civic Technologies and the Internet, and an interview with Amanda Congdon on cloud computing (with spooky music).

—By Elisabeth Oppenheimer

Generative Irrelevancy. Tim Sturgill considers Google’s video touting Chrome OS. He worries that it may be the “final nail…in the generative coffin,” but he also sees the virtue of moving beyond traditional OSes. See also JZ’s take on Chrome OS.

iDroid App Rejcted by Apple. Well, duh. Apple rejects an app that essentially just displays an ad for the Droid smartphone. “I kinda have to side with Apple on this one, although I think it would have been smarter for them to let the app through.”

iPhone or Droid. xkcd on the debate between the iPhone and the Droid.

iPhone upgrades – A One-way Control-Freak If you don’t like an update to the iPhone OS and want to revert to an earlier version, it’s going to be tricky. “We’re being told that such control is for our own good … [B]ut there are many of us who would prefer the freedom to take our own chances.”

App Rejections iPhone app developer starts a blog chronicling reasons for app rejections or slow acceptances, with the reasons for the decisions, in the hopes of helping people figure out “what you can (and can’t!) get away with.”

—By Elisabeth Oppenheimer

As the team explains:

[W]e always encourage people to ask these three questions before starting to use a product that will store their data:

1. Can I get my data out at all?
2. How much is it going to cost to get my data out?
3. How much of my time is it going to take to get my data out?

The ideal answers to these questions are:

1. Yes.
2. Nothing more than I’m already paying.
3. As little as possible.

The Data Liberation Front explains the motivation for doing this in the usual Google manner: Don’t be evil. Don’t trap consumers into products they don’t want to be using.

This is a great step, and a real benefit to the users who want to have choices. Kudos to Google.

One thing to pay attention to, though: the DLF has made it possible to liberate ad-campaign data on AdWords by exporting it in a CSV file. Ben Edelman, a Harvard Business School professor (and sometime Zittrain co-author) who’s been studying online advertising, is skeptical of how well the “liberation” product works for AdWords. He thinks that CSV exports are clumsy, time-consuming, and error prone, whereas an API-based export could be powerful tool for advertisers. API-based export is technically possible, but apparently prohibited by Google’s terms and conditions. Without a good way of syncing data across platforms, he argues, advertisers tend to stick solely with Google. In short, he says, “I credit Google’s efforts to facilitate data portability in its ancillary businesses, like document sharing and image hosting. But when it comes to the one business where Google makes billions of dollars—and where Google has 70%+ market share—Google’s actions reveal the company’s willingness to put its own bottom line before advertisers’ interests and, for that matter, fair competition.” Google argues in reply that CSV export is perfectly workable, and that, in fact, many advertisers do use the AdWords editor to run campaigns for multiple platforms.

The disagreement points out that data portability isn’t an on/off issue—it’s a spectrum, and it bears watching how Google and its competitors fall out along that spectrum.

—By Elisabeth Oppenheimer

There are a few definitions out there – not surprising, since “cloud” is a metaphor that could work for several phenomena.  One, known in Internet engineering circles, refers to the “middle” of the Internet – that place amidst the hops data can take from sender to receiver that is remote from both of them. A second definition thinks of cloud as “swarm” – so distributed computing or data storage, where lots of computers might host a bit of code (think SETI@home and Harvard’s IIC) or data (think Tribler). (Interestingly, this is the opposite of the first definition: it contemplates everything but the middle.)

A third definition, more in use in discussions of the cloud today, speaks to an asymmetry between sender and receiver: one is a client – the “user” of a service – and the other is the service itself.  Examples are you and your gmail (your mail is stored in “the cloud,” in that case at Google); an online Flash game at sites like FlashArcade; and Microsoft’s “Office Live,” where your documents and spreadsheets are both stored and used online with Microsoft.  The latter is sometimes called software-as-a-service (awkwardly, “SaaS”), denoting that the code for it is running in a central place – where a vendor can shape and update it at any moment – rather than on your own PC or other device.

This idea of cloud computing is increasingly prominent because it’s finally attainable. For many people Internet access is ubiquitous and continuous. With Net access a constant – often achieved through smartphones, where an absence of a wi-fi signal need not mean no access, since the cellular network can still be used – there’s less of a need to have a PC or other device be self-sufficient.  Data and code can be accessed and run far away, with the user barely noticing the difference, and there are lots of pluses to doing things this way, even as I’ve made the case that this shift carries risks that should be dealt with.

But there’s another factor at work that pushes outward the definition of “cloud computing.” It arises from the adoption of what I call “tethered appliances.” These are devices where the code and data may well remain near the user, so they do not at first glance fit into any of the definitions of the cloud. Think Amazon Kindles, where your books can be kept on the device (and thus accessed on an airplane without Net access); iPhones, where you download “apps” to run on your phone; and TiVos, where your recorded shows are stored on a hard drive inside the box.

But in a key respect – that of your freedom to control your code and data – these devices act like cloud services.  That’s because the vendors have privilege to say how they will operate long after you’ve brought the devices home, updating the way the devices work, and their contents, over the Internet or a cellular network. Sometimes that control is total. For example, no outside code is permitted on a Kindle or TiVo.  Sometimes it is partial: Apple allows outsiders to code for the iPhone, but code must be vetted by Apple and distributed exclusively through the iPhone apps store.  For all of these devices, it’s more like allowing Amazon and TiVo and Apple to set up a beachhead in your home (or pocket), a little server of their own that’s a cloud service that happens to be near you:

[W]e need to rethink our vision of the network itself. “Middle” and “endpoint” are no longer subtle enough to capture the important emerging features of the Internet/PC landscape. It remains correct that, from a network standpoint, protocol designs and the ISPs that implement them are the “middle” of the network, as distinct from PCs that are “endpoints.” But the true import of this vernacular of “middle” and “endpoint” for policy purposes has lost its usefulness in a climate in which computing environments are becoming services, either because individuals no longer have the power to exercise meaningful control over their PC endpoints, or because their computing activities are hosted elsewhere on the network, thanks to “Web services.” By ceding decision-making control to government, to a Web 2.0 service, to a corporate authority such as an OS maker, or to a handful of security vendors, individuals permit their PCs to be driven by an entity in the middle of the network, causing their identities as endpoints to diminish. The resulting picture is one in which there is no longer such a clean separation between “middle” and “endpoint.” In some places, the labels have begun to reverse.

So when I say I’m troubled about the cloud, it’s a shorthand for being troubled about consigning some of our longstanding technological freedoms to others. They can affect (for their own reasons or by government order) our digital environment in real time. This is comparatively new in the public’s experience of technology, even as we’ve seen forms of cloud computing within firms for years – places where we might naturally not care as much about personal freedom, since the computers (and most of the activity taking place on them) belong to the company. I don’t begrudge operators of cloud-based services from rejecting this expansion of the definition. For their purposes, it can make sense to distinguish between stuff stored at home and far away, whether or not a home device is controlled remotely by a vendor. But for the areas many of us should be caring and thinking about, a tethered appliance is tantamount to being in the cloud, and the sea change this represents has to be dealt with, especially since it’s appealing for so many other reasons – such as security and convenience.