With Apologies to Steve Jobs

I’ve been pretty harsh to Steve Jobs lately, regarding the lack of an SDK for the iPhone. Jobs is well known for being something of a control freak. The iPod and iTunes have both always been pretty heavily locked down. Hell, if someone else would put out an Open-Firmware, Upgradeable MP3 player, I’d look at replacing my old Neuros Audio Computer. Yeah, I know there is Rockbox, but the existence of Rockbox does not make buying an iPod anymore appealing to me. It’s still a closed platform, as far as Apple is concerned.

But then, Apple has become a lot more open to developers in recent years. Mac OS X ships with XCode, and all the tools needed to write software for the Macintosh. Microsoft only offers their SDKs in a separate large download, and even then only provides a neutered development environment for folks who haven’t paid for it. Still, the landscape is a lot better than it used to be. Still, though Apple and Jobs encouraged development for the Mac, they seemed to be heavily against it for their embedded devices, seeming to be more interested in heavily controlling the user experience than giving users the freedom to do what they want with their toys.

The DRM embedded in MP4 and iTunes downloads, both video and audio, which is heavily integrated into the iPod and iPhone is just one sign that Apple doesn’t want you to own the Media they’re selling you. Okay, so maybe this was due to pressure from the Recording Industry, and Apple has made strides in adding DRM-Free music (which is now even the same price as the DRM-laden stuff), but by embracing technology which restricts the user’s freedom, Apple showed that they were more interested in exercising control, than promoting freedom.

Remember, this is the company that once encouraged us to “Think Different”. Now, the company has placed itself as the embodiment of what is chic and cool in Geek today, and in so doing did they give up that attitude of revolution? Steve Wozniak seems to think so.

Still, Steve Jobs announced today that Apple plans to release an iPhone SDK in February, allowing developers to write iPhone Apps. I had said many, many times since the iPhone’s release that Jobs was never going to do it, that he didn’t want anyone else to play in his platform. Vehemently fighting off the Apple Apologists who were denouncing AT&T as the culprit here. I was wrong. Jobs is releasing and iPhone, and I apologize to him for saying otherwise.

But is it enough? The new SDK will still require that all applications be digitally signed before they can run on the iPhone. How easy will it be for a hobbyist developer to get a key to sign their own applications? Or will it cost hundreds of dollars to get the right to have your application ‘certified’ by Apple? Apple says that they’re worried about the possibility of malware, viruses, spyware, etc. on the iPhone and protecting user rights. I’ll agree with Jobs, there have been some viruses which self-propagated for Cell Phones. Yes, they were all Trojan Horses, since no Phone I know of will auto-install anything, but social engineering is a well understood threat.

I suppose the crimes come down to that of the User. If the User is comfortable being locked into a sandbox, where all their toys are approved by the mysterious shadowy overlords on the other side of the fence before being supplied to them, then the state of things is the fault of the User for accepting this as the status quo.

In 1759, Benjamin Franklin published “An Historical Review of the Constitution and Government of Pennsylvania”, by an author unknown, which held the motto “Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.” I’ve no doubt you’ve heard this quote, and while the context of the quote may not be quite the same, I feel the message still applies. If you don’t have full access to it, you don’t own it. For me, it is not worth trading in my ability to tinker in order to gain whatever amount of security the vendor chooses to supply me with. Even today, no Cell Phone Virus has been able to propagate without user influence. Users need to be educated, not hamstrung, to prevent the spread of malware.

Even today, deception is the primary method of spreading malware, and it’s proven to be highly effective. Users apply the same level of trust to a contacts e-mail address, phone number, and SMS Address that they would to the person themselves. Users share enormous amounts of personal data online (browse Facebook and MySpace for a sickening number of examples), without any concern for whom might be looking. If a complete stranger were to approach you on the street and give you a package, you’d be suspicious (I hope), even if they seemed otherwise respectable. The same suspicion needs to apply to all digital communications. Unless you’re using high-grade encryption, using verified keys (and even then, you should be mindful of the consequences of what you’re being asked), you can’t verify that the person you’re talking to is who they say they are. On the Internet, all people are strangers, and should be treated as such. Like with anything in life, we need to be mindful of the risks, but ultimately the decision to take that risk should be our own.