Enterprise Mobile Security


Archive for the ‘Uncategorized’ Category

Net Neutrality, Congestion, DRM

Saturday, February 7th, 2015

Videos burn up a lot more bandwidth than written words, per hour of entertainment. The Encyclopedia Britannica is 0.3 GB in size, uncompressed. The movie Despicable Me is 1.2 GB, compressed. Consequently we should not be surprised that most Internet traffic is video traffic:

The main source of the video traffic is Netflix, followed by YouTube:

Internet Service Providers would like to double-dip, charging you for your Internet connection, and also charging Netflix (which already pays a different ISP for its connection) for delivering its content to you. And they do.

To motivate content providers like Netflix to pay extra, ISPs that don’t care about their subscribers could hold them to ransom, using network congestion to make Neflix movies look choppy, blocky and freezy until Neflix coughs up. And they do:

This example illustrates the motivation structure of the industry. Bandwidth demand is continuously growing. The two basic strategies an ISP can use to cope with the growth are either to increase capacity or to ration the existing bandwidth. The Internet core is sufficiently competitive that its capacity grows by leaps and bounds. The last mile to the consumer is far less competitive, so the ISP has little motivation to upgrade its equipment. It can simply prioritize packets from Netflix and whoever else is prepared to pay the toll, and let the rest drop undelivered.

One might expect customers to complain if this was happening in a widespread way. And they do:

Free market competition might be a better answer to this particular issue than regulation, except that this problem isn’t really amenable to competition; you need a physical connection (fiber ideally) for the next generation of awesome immersive Internet. Running a network pipe to the home is expensive, like running a gas pipe, or a water pipe, or a sewer, or an electricity supply cable, or a road; so like all of those instances, it is a natural monopoly. Natural monopolies work best when strongly regulated, and the proposed FCC Title II action on Net Neutrality is a good start.

Digital Rights Management

Unrelated but easily confused with Net Neutrality is the issue of copyright protection. The Stop Online Piracy Act, or SOPA, was defeated by popular outcry for being too expansive. The remedies proposed by SOPA were to take down websites hosting illegal content, and to oblige ISPs to block illegal content from their networks.

You might have noticed in the first graphic above, about 3% of what consumers consume (“Downstream”) online is “filesharing,” a.k.a music and video piracy. It is pretty much incontrovertible that the Internet has devastated the music business. One might debate whether it was piracy or iTunes that did it in, but either way the fact of Internet piracy gave Steve Jobs a lot of leverage in his negotiations with the music industry. What’s to prevent a similar disembowelment of the movie industry, when a consumer in Dallas can watch a movie like “Annie” for free in his home theater before it has even been released?

The studio that distributes the movie would like to make sure you pay for seeing it, and don’t get a pirated copy. I think so too. This is a perfectly reasonable position to take, and if the studio was also your ISP, it might feel justified in blocking suspicious content. In the US it is not unusual for the studio to be your ISP (for example if your ISP is Comcast and the movie is Despicable Me). In a non-net-neutral world an ISP could block content unilaterally. But Net Neutrality says that an ISP can’t discriminate between packets based on content or origin. So in a net-neutral world, an ISP would be obliged to deliver pirated content, even when one of its own corporate divisions was getting ripped off.

This dilemma is analogous to free speech. The civilized world recognizes that in order to be free ourselves, we have to put up with some repulsive speech from other people. The alternative is censorship: empowering some bureaucrat to silence people who say unacceptable things. Enlightened states don’t like to go there, because they don’t trust anybody to define what’s acceptable. Similarly, it would be tough to empower ISPs to suppress content in a non-arbitrary but still timely way, especially when the content is encrypted and the source is obfuscated. Opposing Net Neutrality on the grounds of copyright protection is using the wrong tool for the job. It would be much better to find an alternative solution to piracy.

Actually, maybe we have. The retail world has “shrinkage” of about 1.5%. The credit card industry remains massively profitable even while factoring in a provision for fraud at about 3% of customers compromised.

Total Existing Card Fraud Losses and Incidence Rate by Year. Source: Lexis/Nexis.

“Filesharing” at 3% of download volume seems manageable in that context, especially since it has trended down from 10% in 2011.

Gesture recognition in smartphones

Wednesday, November 13th, 2013

This piece from the Aberdeen Group shows accelerometers and gyroscopes becoming universal in smartphones by 2018.

Accelerometers were exotic in smartphones when the first iPhone came out – used mainly for sensing the orientation of the phone for displaying portrait or landscape mode. Then came the idea of using them for dead-reckoning-assist in location-sensing. iPhones have always had accelerometers; since all current smartphones are basically copies of the original iPhone, it is actually odd that some smartphones lack accelerometers.

Predictably, when supplied with a hardware feature, the app developer community came up with a ton of creative uses for the accelerometer: magic tricks, pedometers, air-mice, and even user authentication based on waving the phone around.

Not all sensor technologies are so fertile. For example the proximity sensor is still pretty much only used to dim the screen and disable the touch sensing when you hold the phone to your ear or put it in your pocket.

So what about the user-facing camera? Is it a one-trick pony like the proximity sensor, or a springboard to innovation like the accelerometer? Although videophoning has been a perennial bust, I would argue for the latter: the you-facing camera is pregnant with possibilities as a sensor.

Looking at the Aberdeen report, I was curious to see “gesture recognition” on a list of features that will appear on 60% of phones by 2018. The others on the list are hardware features, but once you have a camera, gesture recognition is just a matter of software. (The Kinect is a sidetrack to this, provoked by lack of compute power.)

In a phone, compute power means battery-drain, so that’s a limitation to using the camera as a sensor. But each generation of chips becomes more power-efficient as well as more powerful, and as phone makers add more and more GPU cores, the developer community delivers new useful uses for them that max them out.

Gesture recognition is already here with Samsung, and soon every Android device. The industry is gearing up for innovation in phone based computer vision with OpenVX from Khronos. When always-on computer vision becomes feasible from a power-drain point of view, gesture recognition and face tracking will look like baby-steps. Smart developers will come up with killer applications that are currently unimaginable. For example, how about a library implementation of Paul Ekman’s emotion recognition algorithms to let you know how you are really feeling right now? Or, in concert with Google Glass, so you will never again be oblivious to your spouse’s emotional temperature.
Update November 19th: Here‘s some news and a little bit of technology background on this topic…
Update November 22:It looks like a company is already engaged on the emotion-recognition technology.

Multipath ambiguity

Monday, September 30th, 2013

In Wi-Fi multi path used to mean the way that signals traversing different spatial paths arrive at different times. Before MIMO this was considered an impairment to the signal, but with multiple antennas this ‘spatial diversity’ is used to deliver the huge speed increases of 802.11n over 802.11g.

This week has seen a big PR push on a different “multipath,” embodied in IETF RFC 6824, “TCP Extensions for Multipath Operation with Multiple Addresses,” (MPTCP). Of course you know that one of the robustness features of IP is that it delivers packets over different routes, but RFC 6824 takes it to another level, as described in this article in Ars Technica, and this one at MIT Technology Review.

Caller ID arms race

Thursday, June 11th, 2009

Keeping your phone number or even your email address secret kind of defeats the object of having a phone or an email service, which is to communicate with people. From this perspective your phone number should be easily available to anybody who might want to call you. Hence phone books.

But the phone book has taken a beating in recent years. Most numbers are not listed because they are cellular numbers and the mobile service providers don’t publish phone books. Plus many consumers keep their land line numbers unlisted. I don’t know why mobile numbers don’t appear in directories – I presume some form of laziness on the part of the providers. But I believe that the reason people request unlisted numbers is for privacy. Paris Hilton or Brad Pitt could legitimately expect tiresome intrusions if their numbers were published. Less famous people may affect similar concerns.

A new service avaliable in England takes the issue one step further. Now to avoid intrusive phone calls you have to keep your name secret, too. An article in the London Times on June 9th described a new service from a company called Connectivity Ltd.

It will function along the lines of an old-fashioned telephone operator: users will call the service and ask to be connected to the mobile phone of a person. The service calls that mobile phone and asks for permission to connect the call.

My point about keeping your name secret was hyperbolic. You don’t need to keep your name secret because you can opt out of the directory. But this solution shows that you don’t really need to keep your number secret either, and could get a similar degree of privacy protection without giving up the benefit of reachability. Your service provider could keep a list of numbers that have called you, and a call from a number not appearing on that list could offer you the options of accept, reject, whitelist, blacklist. Blacklisted numbers would never ring again, whitelisted numbers would ring through without asking. I don’t know who currently offers such a service, but in the teeming world of VoIP services I presume somebody does.

Another manifestation of the idea of privacy through secrecy is Caller ID blocking. It has always been my policy to reject calls with blocked caller ID, because it seems kind of rude to block it. The caller knows who they are calling, so why shouldn’t the answerer know who is calling? The caller blocking his ID seems to be saying “I know your number, but I don’t want you to know mine.”

To defeat such rudeness, the call recipient may turn to a service called Trapcall, which purports to unmask blocked Caller IDs.

Trapcall seems like a nice way to render symmetrical the information of the caller and callee, but it becomes problematical in cases where call anonymity is essential. An example of this is a battered wife shelter, where a resident may need to call her husband, but does not want him to discover where she is.

In the spirit of an arms dealer supplying weapons to both sides in a conflict, the people behind Trapcall offer a service to defeat it.

Both Trapcall and Spoofcard rely on the fact that PRI subscribers have greater access to the signaling information than do regular POTS subscribers. In particular, the number of the calling party can be conveyed to the called party by two different methods: ANI and Caller ID. Even when Caller ID is blocked, calls to an 800 number disclose the ANI. As I understand it the rationale here is that the person paying for the call is entitled to all the information associated with it. This seems like weak reasoning to me, especially if the caller is paying for Caller ID blocking, and consequently has a reasonable expectation that their number will not be disclosed. Caller ID contains whatever the originating switch happens to put in it. For POTS lines the service provider puts the originating subscriber’s number unless he subscribes to Caller ID blocking. PRI subscribers like Spoofcard can program their PBX to put whatever they want in this field.