Sunday, December 5, 2010

Airport Security, take 2

Addendum: I sent the e-mail below a while ago. I sent a reminder but it seems the airport doesn't give a dam'd about its paying customers. Today I was at the same airport again and I refused to take my pants/Belt off and asked politely for a hand search. They refused that option. Well they had no other option than to call the police. After 15 minutes they finally did the handsearch. Something every airport in the world I have encountered is able to do but the Keflavik airport is too stubburn to do it.

To: kefairport@kefairport.is

Dear Keflavik Airport,

You have a very nice country.
You have a very nice looking airport
You have a very clean airport.

Everyone coming to Iceland would go home and report how good his vacations where in Iceland, except, on the way, those visitors will be pissed of so heavily that they will not come again.

I travel like 8 times per year to Iceland due to business. And I never had any issues but since 2010, your security check is just nuts. My way home usually is like this:

- open my bag
- put out my laptop in a box
- put out my ipad in a box
- put my jacket, vallet, keys and phone in a box
- walk through the guard
- hear it beep
- get asked to put my shoes on to the a box which I do for the peace of mind even my shoes are not the issue.
- get asked to put my belt off. Unfortunately my belt is stiched to the pants. I don't want to drop my pants. Explain it to the security guard. twice. Handsearch is ordered
- get my bag back, they can't scan it. Too much electronics.
- Put the bag upside down and put all its content in another box.
- Mood is already ruined
- walk through -BEEP-
- get hand searched extensively
- put all the stuff back in my bag
- feel insulted in my privacy
- go home and never come back
(unfortunately I can't never come back as I have business here)

Usually takes at least 5 minutes. 5 totally wasted minutes.

I travel a lot. I alway fly from Frankfurt to Iceland. In Frankfurt don't beep if I have my shoes and my belt on. And if it beeps they quickly handsearch me without any issues. The personel is nice and not arrogant. They complete their job with the security in mind in a professional way. So if I compare Iceland to Frankfurt, I must say your machines are probably detecting a one euro coin and think its an atomic reactor or such. This was all not the case in 2007-2009. Only in 2010 this nonsense started.

I don't know if you really fear terrorism to blow up an airplane but it's a waste of time. If a terrorist would want to blow up a plane, he would 100% sure not choose Iceland. You have not been to Iraq, nor to Agfanistan. Nor are you an "important size" country. Blowing up a plane from Iceland would have like no impact on the world. Almost nobody would care. So why this insulting security checks? Just because your employees wants to show off? Show off in a sense that they have the power and the traveler coming there has none? You're wrong. That's the wrong signal sent to tourists who just had a wonderful time. Passengers have the same rights as every human. Privacy. And at the end of the day, they are the ones which pay the salaries of all the airport employees.

See also my experiences from last April....

http://a-fink.blogspot.com/2010/04/airport-security.html


By the way I also find it quite annoying to have to pay 490 ISK to send off this e-mail from the business class lounge. Why you have no free wi-fi in a business class lounge?

And its quite amusing that the helpdesk of the business class lounge doesn't even have instructions or forms for feedback or complaints.






Sunday, November 21, 2010

Integrated SIM in iPhone?

Some rumors floating around say that Apple thinks of integrating the SIM card into the phone. Unfortunately the entities distributing this rumor have no clue how GSM works. The SIM card is a vital element in the GSM network. The SIM card represents the subscription. A phone which connects to the network uses the SIM card for authentication. It is thus the key to your phone number and subscription. The interchangeability of the SIM card came from the fact that people want to change phones often. Remove your SIM and put it into a new phone and you are online within seconds. If the SIM card is built into your phone, you are locked down to the opening hours of a operator's store. Also you can only use the phone with the integrated SIM card with the operator your phone supplier wants to cooperate with. This would break all rules of a free market.

Secondly the SIM card represents a vital security key. If you can copy the sim card (assuming its emulated in software in the iPhone and you can jailbreak it), someone could write a "virus" which collects all encryption keys from all iPhones and could make expensive phone calls on the owner's cost. This would be a vital threat and empty your wallets. The SIM card uses an encryption key and encryption algorithm which is controlled by the operator. There's a matching entity in his network which does the same encryption. Most operator use the standard GSM encryption algorithm for authentication but some don't to not be vulnerable if that one gets broken (the older one has been broken, the newer not yet). In addition to that, the SIM card has additional functionality such as prepaid functions which allow you to get your credit limit in a menu, it holds predefined adressbook entries, can authenticate as multiple subscribers (so called proxy-roaming) etc. This means the SIM card is a highly flexible computer with extensions possibly done by every single operator based on their offerings or ideas. This would all no longer work if people would have to use Apple's integrated SIM card.

The biggest advantage of having SIM cards are:
1. I buy a new phone today and pop in my old sim card and can make a call a few seconds later. Operator doesn't have to do anything for that. It just works.

2. I can put in a new SIM card from another operator into my phone at any time and be online with the new subscription within seconds. This comes handy if you travel to other countries and want to use a prepaid lcoal number in that country. Imagine you would have to buy an iPhone for that every time you travel to another place.

3. Network operator can extend the functionality based on his offering and can choose another authentication method.

Integrated SIM card would ruin all those advantages. That's why I think it will never happen. Apple would lock themselves down to very few operators as the mainstream would not adopt it for sure.

What's more likely the source of this story is the fact that Apple works on a iPhone which does not have a SIM card at all. The logical reason why this could be the case is a CDMA iPhone. In CDMA there are no SIM cards. If a CDMA subscriber wants to buy a new phone, he has to buy it from his operator and have his subscription programmed into it. But programming the subscription into the phone was seen last in C networks in europe (analog networks with digital signaling) and has been abandoned long ago when GSM came online in the early 90ies.

The SIM has been invented for good reasons. Apple changing that is just not going to happen. It would open too many doors to security treats and cause massive compatibility issues and limits the market.



Wednesday, November 17, 2010

To XServe or not to XServe...

Apple has announced to stop producing the XServe by end of January 2011. As a reason, Steve Jobs said it wasn't terribly selling well. To be honest, it doesn't surprise me. If you look at the rackmount server market, you can see two groups of customers.

Customer Group #1 is the corprorate market who don't care about the price and pay whatever it takes to get the job done. The XServe doesn't serve those guy's well as there's not a lot of corprorate software from Apple besides fileserving, webserving. The XSan and video editing market is probably all where Apple is really good at. But corporates want to run big clusters of Oracle databases (or MySQL or Postgres... etc). The XServe and MacOS X is not really well supported there by the vendors. Telecommunications market is (or was at least) in the hands of Solaris. MacOS X with its lack of SCTP has no future there. The corporate server market needs availability, uptime and guarantees. The first XServe's (still PPC) had a lot of missing things which are vital in the server market such as lights out management, remote console, redundant power supplies, RAID etc. The newest ones have a lot of that fixed, althought a remote console is still missing and sometimes even lights out management fails to work (seen that once or twice in last 5 years). So for the corporate market the XServe's price is "ok" but its feature set is limited. You can't run your 200GB database in memory as you can't put enough memory in it. There's no path to the high end.

Customer Group #2 is the hosting market. Those are the guys who buy 10'000's of servers at the time. The guys who host websites for millions of people and who run datacenters which take 8megawatts of power and the like. For those folks, offering MacOS X Server hosting would be an option as it can offer the small and medium enterprises options to use MacOS X Server features. Even if its only in a virtual machine but that's good enough for a lot of small to medium size customers. However when I look around what those folks are doing you immediately understand why they don't buy DELL, HP, IBM, SUN or Apple's XServe. They pile 100'000's of machines. Price DOES matter to those folks. So if you look at those guy's datacenter's you find a lot of noname boxes. They are inexpensive, can be ordered by the palette and if it fails, throw away and buy a new one. Its affordable. They are happy with the "limited" functionality of MacOS X but they would go for a Linux as it's not giving them an advantage to run MacOS X Server for 99.999% of their customers.

Customer Group #3 are the folks who develop under MacOS X and want to run their software as service for their clients. They buy XServes as it suits well into their datacenter. they are ready to pay the premium (+30% or so more compared to a normal Rackmount PC of same specs) because they use MacOS X's features which Linux can't give them. They use Cocoa, CoreData etc. etc. Those guys just love MacOS X and promote MacOS X heavily. They don't really need MacOS X Server, normal MacOS X will do. Some of them live of this exclusively. Those are the guys which Apple has just slapped into their face.

Conclusion: for corporate, apple's hardware is not good enough yet, for hosting its not cheap enough yet and the remaining market is too small for Apple to care about.

What Apple however forgets is that that "small" market very heavily promote MacOS X. Thats why the desktop is increasing because those guys make great software for it. This is what's making MacOS X unique. Its objectiveC, Cocoa and the whole environment. Apple now killed the opportunity to have its development environment enter the server market. Using MacMini's or MacPro's in the datacenter is just a joke. No serious business will depend on that kind of solution.

There is however a way out for Apple. Apple has to admit it is good at making software and laptops and desktops but not really good at making servers. Others do better servers such as Supermicro, IBM, HP, Dell, Sun and even Cisco with its UCS. For every type of workload, you find the perfect workhorse and you can run Windows, Linux, Solaris, FreeBSD etc on it. But you can't run MacOS X or MacOS X Server on it. The solution to Apple's disaster would be to license MacOS X/MacOS X Sever to hardware vendors who are doing a very good job in producing servers. As Apple can't serve that market (otherwise the XServe would not be pulled), others can very well and instead of loosing everything in that market, they could gain more market than they had before. Market they where not able to address before. So Apple could only win.

But as they fear their MacOS X would leak out to John Doe's Desktop that way and everyone would just steal MacOS X instead, hell has to freeze before Job's would allow this to happen.


Result:

Customer Group #1 will never even consider MacOS X for their corporation.
Customer Group #2 will never consider MacOS X neither
Customer Group #3 will be pissed off heavily and move away from Apple towards Linux
Result #4: Desktop sales of MacOS X will be reduced. This might not happen over night but a couple of years later.

I'm myself in Group #2 and #3. We now move our 500'000 lines of server code over to Linux. I wish I wouldn't have to do that. I started to love Cocoa over the last few years due to the fact it made me lots of things simpler which are a pain to do in C.

You might want to consider looking at http://www.savethexserve.com/ if you where thinking of buying an XServe.




Tuesday, November 2, 2010

Apple Pricing


Today on Apple Insider I read mac mini have dropped in price internationally. Sounds good but somehow I can not agree.

The same MacMini is offered in USA for USD 999 and in Switzerland for 1249 CHF. Today: 1 CHF = 1.02 USD. If you remove the VAT (7.6%) you end up in Switzerland on a price of 1183 USD for exactly the same product. That's 18.5% more expensive. Or in other words, if I have a MacMini shipped from USA with the fastest express service, I still pay more than 100$ less getting it from USA.

Why does Apple punish us for the weak dollar?

Wednesday, October 20, 2010

Rumours about CDMA iPhone? not really...

There are rumours about a CDMA iPhone since many years. Everyone seems to have the magic crystal ball to predict the future. Verizon most likely would like to see a CDMA iPhone so they can be part of the hype. Fact is that outside USA, there are only very few countries using CDMA at all. So in the eyes of a global player like Apple, it doesn't make too much sense to support CDMA as they would limit their market. More likely would be a dual standard phone (technically complex to deal with) or a next generation phone supporting LTE which basically replaces GSM/UMTS/3G and CDMA. But the LTE networks are not quite ready yet so thats a far reach.

Some bloggers however think they can fool the people and create a hype. They try to show off that they are first in line to know all the facts but in fact they are simply guessing and making up stories. I can show you an typical example:

Boy Genious shows the so famous iPhone CDMA here:


However if you look at


you find highres pictures of exactly the same hand and iPhone. If you put both pictures on top of each other and create a difference, you can see what has been changed:



























As you can see, the only change was a change of resolution, the removal of the screwdriver (however the front piece of it is still seen) and the addition of a MEID-HEX sticker. This looks like the IMEI sticker on GSM phones. As I never had a CDMA phone (useless in europe) I can only guess this MEID is the mobile phone device id which is programmed into the device versus the SIM card.

Fact is, the picture is 100% fabricated. Fact is that website has no clue if there will be a CDMA iPhone or not.

PS: a small note about Richy Rich's post


showing some pictures about a debug version of the device apparently being "proof" of the first post by boygenious which is as stated above a fake. So proving something which is obviously fake by showing serious looking debug log pictures is ridiculous. Here's why:

If its a late stage debug unit it would for sure be seamless without a debug console
Even the iPhone first generation had a built in GSM debug menu which can be enabled by some *...# from the keyboard (many phones have that). Given the iPhone has no terminal application or "console" visible to the end user, it would make a lot of sense to put such debug information into a normal iPhone application. The GSM debug menu did show things like signal strenth, celltower Id and the like. This stuff is shown in a normal iPhone table view. Why in hell would any apple engineer for a CDMA phone go off and create an ugly terminal window to show similar CDMA stuff while there's already a built in viewer for such things. Doesn't make any sense to me. Early stage units which could have booting issues maybe could have such a console view but after all the iOS part of a possible CDMA iPhone would be 99% the same as the GSM counterpart as the CDMA or GSM modem parts run in their own respective CPU. In other words the only difference in iOS would be it would download a CDMA firmware instead of a GSM firmware and it would maybe use a few different AT command when talking to the baseband CPU. Debug logs (in case of crashes of the GSM modem) usually appear when synching but never would appear in such a weird terminal window. It just does not make sense to me.

Conclusion: Richy Rich simply wrote a small application to display nice looking text on a iPhone to say what he wants to say and made a picture of it. Now this strange SIM card slot on a pseudo CDMA device makes sense again, isn't it?

What worries more is that everyone seems to take it for granted if some nobody publishes something which all Verizon customers would love to see.


Wednesday, June 16, 2010

Unparalelled Support.

Addendum 2:
Even though most issues had been solved. Our virtual mailservers running CentOS 5.5 and Kerio Mailserver and nothing else still dissapear from time to time. You can't ping the virtual machine, you can't run the Parallels Management Console (Can't connect) and only a reboot of the host system (a XServe running MacOS X 10.6.4) fixes it. The system log doesn't show anything obvious. *sight*.

Addendum:

Parallel's has addressed the major issues in Parallel's Server for MacOS X Version 4. There are only a few graphical GUI glitches left which are by far not critical. So if you run version 3 and have issues. Upgrade to 4. It will make your life a lot easier.

The Linux variant runs like a charm on our IBM blade server but still has issues on the other machine I used. I've given up on that one and write it off under "bad motherboard".

---------------
As we are building a large virtualized datacenter, we are testing virtualisation solutions. As we want to offer MacOS X Server hosting and want to do "real stuff" we looked closer into Parallels Server for Mac OS X. About 2 years ago I tried this before and it failed. It crashed, freezed etc. But as time has passed and Parallels Desktop usually is working fine, I thought I give it another try. But big problems arised.

1. You configure 8 virtual machines on a XServe with 20GB of ram and big fat harddisks. All looks great until you reboot the machine. The virtual machines won't start. So you check the box to autostart and save. But oh'oh, it is not starting neither. The settings don't get stored. You get prompted with weird error messages sometimes pointing to some "credentials issue" but if you simply do it again it doesn't happen. And some virtual machines look like "stating" but they arent. So you can't stop or start them. Rebooting the server is the only option.

2. Ok so let's try it on a Linux machine with the Parallels Bare metal server. Sounds like "kernel and app and nothing else" should be slim and working. After doing this on a big fat PC with many disks it all looks great until you reboot the machine a few times and your boot disk gets totally corrupted. Ok sounds like a SATA disk issue, new controller, different disk, same problem. But now the box is in a datacenter 3000km away from home.

3. Contact support. Well go to the webpage and try to contact them. Contact us requires registration. Well I am registered but I can't login. Password recovery works but logging in is still bringing you back to the login screen. What now? theres no way to contact support.

Doing the same with Firefox instead of Safari reveals that they have a buggy web designer. Well, ok now you are there. You can do a life chat. But oh, theres no product Parallels server there. So I have to choose Desktop. And then you are #1 on the list for the next 30 minutes. My patience is not so long...

4. Next thing the app crashed once so it created an automated submission and now I have a ticket on their RT system. Great. Finally I can explain my issues to someone. Its a priority #1 case as everything stops after a reboot so its a mission critical issue. You get an answer saying you get a reply within 24h. A day later nothing happened. After writing 5 additional add-on's to the support case, I get some lousy answers which gives a script (which isn't attached of course) to start the servers to be installed as a LaunchDaemon. While this is a ugly workaround at least for the not starting stuff, its no option for the hanging processes at start.

5. there's a nice checkbox in the config tool saying "iPhone support". if you check it, it says its not implemented. WTF. Why have a checkbox at all if its not supported??

6. You can't install CentOS 5.5 on the virtual machine due to some graphics driver issue. As this is a server, there's no graphics needed. plain old text mode however doesn't work neither. But why does it work then on the desktop system?

7. Parallel tools on a Ubuntu 9.10 server systems you can't install them.

8. You open a priority 1 mission critical ticket which they define as:

  • Severity 1 (Urgent): A customer is unable to install and run the software because of problems with a license key, the computer (server) fails to start, or the software crashes and corrupts data. No workaround or immediate solution is available.
The next day (more than 13 h later) you still have not a single reaction while you sent like 10 mails and logs and reports and screenshoots. After 16 hours, the first reaction was, well it will probably be fixed in 2 weeks in the next release (maybe). If you operate a datacenter with thousands of servers as we plan it, you don't want to get into the situation that your servers reboot, get stuck and you have to wait 2 weeks until someone makes a working product.

Conclusion: There's no working product for the DataCenter from Parallels. If you thought about it, forget it. At least for the next 2 years. This looks like some russian cpu cracks who had fun writing a (probably pretty good) virtual machine but have forgotten what software quality means. If your business depends on it, you are better off with more expensive solutions like VMWare. The only problem there is that they have no solution for virtualizing MacOS X Server. Someone might shout, "what about Fusion?". Yes thats true but that's a desktop application. Its built for users sitting in front of a computer. You can not virtualize 100's of servers on a big fat CPU with many gigabytes of ram and disk that way (ever thought how 100 windows look like on your screen?). I'm sure VMWare could make a product that way which would even work but they don't see the commercial market for it yet.

So whats the only other option? Piling up MacMini's. One for every customer. Thousands of wires. Ugly cabling. Reliability questionable. Or piling up XServes. One for every customer. Reliable but expensive.

I'm dreaming of a working virtualisation solutions working on big iron's like seamicro running MacOS X Server. But there are obstacles:

- One is called Steve which doesn't want MacOS X Server to run on anybody else's hardware than his
- The other is Apple who doesn't produce big enough fat servers
- Tnd the third is Paralells which is unable to produce serious products
or VMWare who see's no market.

No wonder MacOS X Server is not common at all in the hosting compared to Linux. Even though its a very stable server system with a nice guy which adds a lot of ease of use for many people who are not day in, day out working on the command line.

Folks. Give us an option! There's business to grab here...

Friday, June 4, 2010

Adobe and Case Sensitive Filesystems


There was a time where Photoshop was the workhorse for Apple to show off how good their hardware was. Adobe was doing good things to the Mac platform. But those times are long gone. Photoshop was an example on how good MacApp was (a C++ framework at its time). The user interface was easy to use and intuitive.

I purchased Photoshop 7 at the time because it had the features I needed to work on certain pictures. I'm by far not a photographer or graphics professional so Photoshop is for sure having more power than I need but it had the few features I wanted which other tools did not have at the time. So I paid a fortune for Photoshop while only using a little.

Since Photoshop 7 has been out, things got really worse at Adobe. While having always been at the forefront of technology, they became lazy. They spent more time trying to lock their professional customers to their products instead of making the product better so more people would use it in the semi professional area and producing more revenue. Photoshop is probably the most expensive software I have ever bought but I was willing to pay it. Today I can't use it anymore. Carbon is gone with 10.6 and Photoshop 7 doesn't run anymore. Now the times of MacOS 9 are now 10 years ago, so you think they for sure have a replacement in that time. But only this year they introduced their creative suite 5 which is no longer depending on Carbon. Come on Adobe, it took you 10 years to do this transition?

Well did it bring other new stuff at least? Well they made it difficult to use Photoshop on your laptop and your office computer without paying twic. They install all kind of crap with it. Even Adobe Acrobat installs Adobe Air. Something I really don't want to have because its lame and useless. Where have been the times where you had one application icon which you dragged from your install media to your applications folder? Photoshop is a typical Application which absolutely should't require any installer of any sort because it doesn't have to modify the system. But it still does. It installs some background updater and what else I don't know. A lot of useless crap which blows your disk up. This is why PC's are so hard to maintain because no one knows what the hell an installer has done to your system. Adobe adopted this bad habit and made it worse.

Now back to my Photoshop installation. As I prefer to have Photoshop running on Intel 64bit and not in Rosetta emulation on Carbon, I wanted to check out if I can use the CS4 version on my Mac. But no you can't. My mac has a case sensitive HFS+ filesystem. This for a very good reason. Its a Unix system under the hood and there are unix based applications who get into trouble if they look for "Makefile" and "makefile" in the same folder. For example the Android development SDK requires a case sensitive filesystem. All applications which use files will find their stuff anyway as if they created File_X at some time, they will not look for file_x out of a sudden. So it was safe to assume that a case sensitive Filesystem should not give any application any problem. Well I was wrong. Adobe has won this trophy. They manage to screw things up that it doesn't run on a case sensitive filesystem. With CS4, you couldn't install it. With CS5 I hoped this was fixed as large parts of Photoshop where rewritten but today I got this:

Installation to case-sensitive drives is not supported. Please choose a different drive location to install.

Now, to tell you the truth, I have CS4 running on a case sensitive filesystem. It took me many hours to get it working but it does work. Why do they claim it doesn't? The answer is simple. Their programmers are lazy. Yes. That's the whole problem. Photoshop consists of the application and a lot of filter and import export plugins which are files by their own.

Photoshop , as many others app's makes use of plugins. Those are parts of a code which is separated in a shared library for maintainability. Filter plug ins for example remain in
/Applications/Adobe Photoshop CS4/Plug-Ins/Filters/
so you can install 3rd party filters there and you can use them in Photoshop.

A plugin is a MacOS X bundle.
Those Bundles should have the following structure

PluginName.plugin/
Contents/
Info.plist the description
MacOS/
PluginName the binary
PkgInfo
Resources/
....


But with Adobe, it was sometimes named "contents" instead of "Contents".

Similar things happened to frameworks Photoshop is using.
This is how it should be:

./Adobe Photoshop CS4.app/Contents/Frameworks/registration.framework/Versions/A/registration

And this is how it sometimes was:
./Adobe Photoshop CS4.app/Contents/Frameworks/registration.framework/versions/a/registration

To fix this issue, you had to rename all the files by hand to the correct writing and it started working. Sometimes a plugin was accessed with a lowercase name but had a uppercase name in the filesystem or vice versa so launching photoshop and looking at the console to see what breaks told me which one it is. Around 50 files had to be changed in CS4.

Now why is this a problem for Adobe to fix? Because you have to look at the code and files and make sure they are always properly named the same way. You can not create file X and then access file x and thinking it works. But if you always use the same name X it will work. It would take Adobe less than a day to fix this once for all times but they rather spend their time introducing more anti theft copy protection into their product which makes it impossible to install without giving away your identity etc. And if you change your laptop (which I do like every 1-2 years) you are screwed again because the software is so much locked to your hardware that restoring a backup wont work.

This will make people go away. This is not what's called user friendly. If I would have to install CS5 today, it would probably take me another 5 days to get it right and for all this hand work i should pay Adobe something like 1000$ price tag for their product?

I rather spend that amount of money finding a replacement tool. Steve Job's is right if he think's the time of Flash is over. However I have the feeling its the time of Adobe which is over.



PS: There is another software which makes the same mistake.
The gaming engine Steam also refuses to run on case sensitive filesystems.
But those are the only two I encountered in my life.

Thursday, May 27, 2010

No more MobileSubstrate

My company operates SMS deliver solutions for the massmarket. As part of that it has access to low priced SMS delivery around the Globe. Compared to end user prices its a real bargain. In 2009, we decided to start to offer this to iPhone and iPod Touch users so they can send and also receive SMS at much lower rates than going through their traditional operators. Global.AQ was born.

In its current release it supports sending and receiving SMS. And by receiving I mean receiving from most GSM operators around the world. It also supports free SMS between Global.AQ users.

It seemed to be that we where very successful with this idea. We have over 250'000 subscribers after less than a year of launch. So we should be making a hell of a lot of money and be in the top rankings but we aren't. AppStore shows we have sold the app 185'000 times (this includes the free Lite version). So how comes the difference of 35%? One reason is because people purchase the application once but use it on two devices. That's a legitimate use but it still doesn't explain that much of a difference.

The reason are the jailbreakers. Now I'm not going to rant about jailbreaking. If you want to do it to experiment with your phone, fine. But don't come back whining if you screw up your phone. Happens many many times. When we developed Global.AQ initially we even made sure that jailbroken iPhone users can use Global.AQ in all cases and spent a lot of testing on it. However we did get strange support cases which we had to scratch our head on.

Some examples of what we encountered:

- Login crashes due to the fact that a language setting came back nil. This should never happen as there's always a language configured. I could never figure out how to get into such a situation but it happened to quite some customers. The fix was one line of code. It only happened on jailbroken phones or phones which where updated from a jailbroken to a non jailbroken phone. Never to new phones.

- People complained they couldn't purchase SMS but instead get an error saying something about "sandbox". In fact the in-app-purchase was believing it was running in developer testing mode and failed to work. This was caused by AppSync. AppSync patches MobileInstallation file on iPhone OS 3.x which is needed in order to install .ipa files manually without using iTunes.

- Push notification didn't work because of the certificate being destroyed due to the hacktivation. We made a popup explaining this at start but people still complained about it.

And many other simple crashes which we where always blamed off even though it was simply the phone's software crashing. This was in 90% of the cases due to MobileSubstrate a library which allows tools to redirect system calls and mess with all kinds of things. We have seen screenshots from customers with fonts being replaced, colors being wild etc. If you mess with such things on a system call level, you should not be surprised with frequent crashes, especially not if Apps and the iPhone OS are being updated with new system calls but the tools who patch them are only supported older outdated calls.

Anyway. Be it as it is, jailbreaking per-se is not the problem. Its what people do after that. Install all kind of old crap which modifies about everything but is totally unsupported. So I was feeling like Don Quichote fighting against windmills. You can never predict what people install next.

So the solution was: we can't fix your iPhone if you mess with it.

Anyway, coming back to the discrepancy of subscriptions versus sales. During our research for crashes, we figured out that a lot of users where using a cracked version of Global.AQ. Now out of 100% of users, about 10% have jailbroken iPhones. This would mean a whooping 25% where pirating our software? If you read this you will realize that it can't be true. 25% is too much.
The reason is a different one. Its UDID Faker. This is a tool which allows you to change your iPhone's unique device identity number (UDID). There where people out there who downloaded Global.AQ (cracked or purchased), used up the included SMS and instead of buying additional credits, just made our system fool this is a new device it has never seen before by presenting a new UDID with the help of UDID Faker. Result: a new signup shows up in our log on a magically new device.

My original intention towards pirated apps was like: Let it be. it will make our app popular and it will advertise. When people like it, they will buy it. And the ones who won't buy, they wouldn't buy anyway so the loss is none. But with Global.AQ there's a slight difference. Global.AQ is a piece of software and a service. If someone pirates the software, so be it. I have better things to do than chasing them. But we provide a service. And the service is not free to us. By people presenting a new device every time, they where creating real costs on our end. And those costs had reached the 6 digit euro figures. This is a hell of a lot of cash out of the window for our small company.

So we had to do something about it.
Here's what we did
a) we made sure our server was detecting tampering with the UDID properly log and block it.
b) we took the old version off the store. This means whom ever tried to sign up after that date was using UDID Fixer to get around paying as legitimate users would simply use their existing account if they reinstall Global.AQ. After about a month, we had 18'000 e-mail addresses from users who tried to sign up after the application was taken of the store. So there it was our difference! We have seen people who had signed up over 100 times in the past.
c) we released a new version with iPad support which doesn't run on jailbroken iPads and doesn't run on jailbroken iPhones/iPodTouch's which have MobileSubstrate installed.

The result of this is stunning. We have zero crash reports at Apple now. No more weird crashes (well some where our own faults). No more sandbox errors. Our daily new signup rate went down from around 500 users per day to about 50 per dayon the day we blocked new signups for pirated versions. Our sales figures where however stable.We got tons of bad reviews because of MobileSubstrate not working on the lite version (which is free). But we got good reviews for the Pro version which is paying.

What does it tell us?

1. Whatever you do to make jailbreakers happy, they will still rant. You give them free SMS as a promotion, they want more. If you take away free SMS they will be mad at you. Whatever gift you gave them, it will never be enough. They don't value your work. Otherwise they would not pirate your software. Nobody can tell me they can't afford the 1.99$/1.59€ of the standard version.

2. Legitimate users who paid for the software and got the service are happy. You offer them new features, they clap their hands. They buy more from you. They fill your bank account at the end of the day.

Now as a developer, for which of the two customer groups is it more fun to develop? What will pay off more in the long term? You can bet, it will be 2. Even we now have 10% of the new customers per day compared to before, those 10% represent 100% of the financial earnings. So thats what we are concentrating on.

This experience has shown us that kicking out MobileSubstrate is the right thing to do.
I was very close to even close down jailbreakers totally. But some users have no other choice than to jailbreak to get rid of the sim lock or network lock. That's why we left it in for the iPhone but not for the iPad.

Conclusion: It pays off to not run on jailbroken iPhones with MobileSubstrate. It will give you the ride of the lifetime as your reviews go to hell but at the end of the day, you will not loose anything. You gain more time as you need to spend less time on support. Your customers will be more happy. YOU will be more happy.

Same product, same vendor, different price?









Today I was trying out the Genius feature of iTunes. It was proposing me a song from YES which I have bought and even somewhere have the vinyl version of. But it was playing an extended version. So I searched for the standard version which was not in my iTunes library. So I searched for it in iTunes Store. And guess what, you can buy it multiple times at different prices. No I'm not talking about the expanded edition. I'm talking about exactly the same song from exactly the same album. Once at Fr. 1.60 and once at Fr. 2.20. Weird.

Now if you look at the two albums:
http://itunes.apple.com/ch/album/city-of-love/id627355?i=627351
http://itunes.apple.com/ch/album/city-of-love/id220159598?i=220159820

You can see that one Album has 9 songs of Fr. 2.20 each but the album all together costs Fr. 13.
And the other album has 9 songs of Fr. 1.60 each but the album all together costs Fr. 14.40 which is exactly the same as 9 x Fr. 1.60

How can the same product from the same shop be sold at two different prices??


Wednesday, May 12, 2010

The iPad 3G and WiFi hotspots

Imagine you have a brand new iPad 3G and you are running around airports. Gladly there's WiFi everywhere so you don't have to pay expensive 3G roaming data. Your mobile operator even offers you some WiFi minutes included. So you go and put a dedicated data sim card in your iPad 3G which has corresponding WiFi hotspot options included. Sounds great. In theory yes.

Now what happens. You end up on your favorite airport and you log on to the WiFi. Well to authorize yourself to the WiFi you have to key in your mobile number and you receive an SMS as verification code. But wait, where does it end up on your iPad's sim card? According to delivery reports, the SMS gets send, billed and accepted on the iPad but there's no way to see it. Bummer.

Ok then you take out the SIM card, put it temporarly into your iPhone and authorize that way? Ehm, the iPad has microsim's. If you put it into your larger iPhone slot, you risk of loosing it somewhere inside the case and never get it out. Fail.

Ok then you authorize using your iPhone's built-in sim card. Works, but then your iPhone sim card get's charged instead of the one from the iPad which you just added the "big huge data subscription".

In my case, I had to use my iPhone' sim card already for 400MB abroad last month and that's the biggest subscription you can get. So I wanted to have this solved and called Orange Switzerland. And guess what, their techies where able to solve the issue by allocating a fixed password. Bravo for their flexibility!




Sunday, April 11, 2010

Airport Security

This morning at the Kevlavik Airport in Icleand:

Take your shoes off, take your belt off, take your jacket off, take your laptop out, take your watch off. So far I have seen all of that before and its annoying. But here they enforce all of it and more!

The next thing they asked is to take all charger and cables out of the laptop bag. Now this is too much. My laptop bag is full of such stuff. It contained 2 iPhones (one for use, one for development), so 3 chargers, USB cables, Ethernet cables, Emergency Boot CD's and USB Sticks, Electronic smart pen, ebanking key, car keys etc. A digital nomade travels with a bag full of electronics these days. So I got upset and to not waste precious time, I put my bag upside down and shaked everything out while already starting to get nasty. I don't think they have seen more that way than if the stuff would have remained in the bag.

And because I got mad at them, they of course had to punish me by doing a hand touch scan even though the body scanner did not beep.

Millions of people are passing through Airport Security every day. Millions get punished and harassed through the security checks. Just because some security guy wants to show off his power doesn't make flying more secure. full body scanners don't make flying more secure but it makes flying a lot more hassle for the millions who travel without bombs and just want to go home or on vacation. Is it really worth it?

Flying is always a risk. Driving to the airport however is the much higher risk. Do you have to do a full body scan before taking the train, riding a bicycle or boarding a cruise ship? Frankly airport security got out of its hands. The security check level compared to the benefit for the community of all the fliers is in heavy misbalance. But why does nobody do anything about it? Politics want to do something to prove they are not useless. So the reaction of a caught bomber is "more security more security". However the result is that normal people get punished, the public takes up the bill and the bad guys find easy ways around it. And the politicians think they did something good. Now think again.

We are used to live in free countries. A few years back, taking out the laptop wasn't necessary. A few years back they did not think of full body scanners. And carrying a swiss army knife or scissors for your fingernails where never a problem. Have you ever seen anyone being killed by fingernail scissors? If one can do that, you can kill with a pen too. You can kill with hands. So why not forbid hands on board?

This is just another episode showing how our freedom gets destroyed by politicians. Wake up voters and claim your freedom back. More laws is less freedom. Life is always a risk, laws don't make them go away. Use your brain wisely instead instead of letting idiotic politicians do what they think is good for them.

Enough for today...

Sunday, February 21, 2010

Microsoft Pirates...


For what its worth. I forced myself to install Windows 7 on to my MacBook Pro. Of course into a boot camp partition. But as I like MacOS but once in a while have to use a Windows software, I usually boot it with VMWare. So I went through all the activation rubbish back and forth and so far it looked ok.







Now I'm on travel on a aiprort, fired up VMWare to do something and, there you go. Microsoft distrust its honest customers. The customers who paid like 700US$ for the full blown software. They get punished because they buy their crap.

I should really sue Microsoft for slander! They have still not learned that people can use a Mac and boot from disk or via VMWare (which makes the hardware look to be changed all the time).