The Real Revolution

This is also a podcast, from my weekly BBC piece. 

While folks at the annual tech show in Vegas are getting all excited about a glass-encased laptop, the world’s thinnest 55″ TV and a washing machine you can control from your phone, they may be forgiven for missing the quiet sound of a milestone being crossed: there are now more smartphones in the world than there are ordinary phones.

According to New York-based ABI Research, 3G and 4G handsets now account for more than half of the total mobile phone market. Those old ‘dumb phones’ and the so-called feature phones–poor relations to the computer-type iPhone or Android device can–are now officially in decline.

This is, in the words of ABI Research’s Jake Saunders, “an historic moment.” While IDC, another analyst company, noticed that this happened in Western Europe in the second quarter of last year, Saunders points out: “It means not just mobile phone users in Developed Markets but also Emerging Market end-users are purchasing 3G handsets.”

So why is this a big issue? Well, a few years back it would have been hard to convince someone in an emerging market to shell out several hundred bucks for a phone. A phone for these folks was good for talking and sending text messages. That was a lot. And enough for most people–especially when the handset cost $20 and the monthly bill was even less.

Now, with prices falling and connectivity improving in the developing world a cellphone is so much more: It’s a computer. It’s an Internet device. It’s a portable office and shop front. It’s a music player. A TV. A video player. A way to stay in touch via Facebook and Twitter.

And for the industry these people in emerging markets are a life saver. For example: The developed world is pretty much saturated with smartphones. People aren’t buying them in the numbers they used to.

But that’s not to say the feature phone is dead. In fact, for some companies it’s still an important part of their business. Visionmobile, a UK based mobile phone research company, says that Nokia–busy launching its new Windows Lumia phones in Vegas–is still the king of feature phones, accounting for more than a quarter of the market.

And they just bought a small company called, confusingly, Smarterphone, which makes a feature phone interface look more like a smartphone interface. So clearly at least one company sees a future in this non-smartphone world. In a place like Indonesia, where the BlackBerry leads the smartphone pack, nearly 90% of phones sold in the third quarter of last year were feature phones, according to IDC.

So companies see a big chance for growth in these parts of the world. But they also need the spectrum. If you’re a mobile operator your biggest problem now is that smartphone users do a lot of downloading. That means bandwidth. The problem is that one piece of spectrum is for that 3G smartphone, and another is for your old-style 2G phone. The sooner you can get all your customers to upgrade their handset to 3G, the sooner you can switch that part of the spectrum you own to 3G.

So this is a big moment. We’re seeing a tipping point in the world’s use of cellphone use, from a simple, dumb communication device to something vastly more useful, vastly more exciting, vastly more lucrative. All those people moving over to smartphones

ABI Research reckons there’ll be 1.67 billion handsets sold this year. That’s one in four people buying a new device. Forget fancy Vegas. The real revolution just started.

Real Phone Hacking

Interesting glimpse into the real world of phone hacking–not the amateurish stuff we’ve been absored by in the UK–by Sharmine Narwani: In Lebanon, The Plot Thickens « Mideast Shuffle.

First off, there’s the indictment just released by the Special Tribunal for Lebanon which, in the words of Narwani,

appears to be built on a simple premise: the “co-location” of cellular phones — traceable to the accused four — that coincide heavily with Hariri’s whereabouts and crucial parts of the murder plot in the six weeks prior to his death.

Indeed, the case relies heavily on Call Data Record (CDR) analysis. Which sounds kind of sophisticated. Or is it? Narwani contends that this could have been manufactured. Indeed, she says,

there isn’t a literate soul in Lebanon who does not know that the country’s telecommunications networks are highly infiltrated — whether by competing domestic political operatives or by foreign entities.

There is plenty of evidence to support this. The ITU recently issued two resolutions [PDF] basically calling on Israel to stop conducting “piracy, interference and disruption, and sedition”.

And Lebanon has arrested at least two men accused of helping Israel infiltrate the country’s cellular networks. What’s interesting about this from a data war point of view is that one of those arrested has confessed, according to Narwani, to lobbying for the cellular operator he worked for not to install more secure hardware, made by Huawei, which would have presumably made eavesdropping harder. (A Chinese company the good guy? Go figure.)

If this were the case–if Lebanon’s cellular networks were so deeply penetrated–then it’s evidence of the kind of cyberwar we’re not really equipped to understand, let alone deal with: namely data manipulation.

Narwani asks whether it could be possible that the tribunal has actually been hoodwinked by a clever setup: that all the cellular data was faked, when

a conspiring “entity” had to obtain the deepest access into Lebanese telecommunications networks at one or — more likely — several points along the data logging trail of a mobile phone call. They would have to be able to intercept data and alter or forge it, and then, importantly, remove all traces of the intervention.

After all, she says,

the fact is that Hezbollah is an early adherent to the concept of cyberwarfare. The resistance group have built their own nationwide fiber optics network to block enemy eavesdropping, and have demonstrated their own ability to intercept covert Israeli data communications. To imagine that they then used traceable mobile phones to execute the murder of the century is a real stretch.

Who knows? But Darwani asserts that

Nobody doubts Israel’s capacity to carry out this telecom sleight of hand — technology warfare is an entrenched part of the nation’s military strategies. This task would lie somewhere between the relatively facile telephone hacking of the News of the World reporters and the infinitely more complex Stuxnet attack on Iran’s nuclear facilities, in which Israel is a prime suspect.

In other words, there’s something going on here that is probably a lot more sophisticated than a tribunal can get behind. I’m no Mideast expert, but if only half of this is true it’s clear that cellphones are the weakest link in a communications chain. And that if this kind of thing is going on Lebanon, one has to assume that it’s going on in a lot of places.

Southeast Asia’s Third Mobile Tier

The mobile revolution is moving from second tier countries in Southeast Asia to the third and final tier. Whereas previously Indonesia and the Philippines were seeing the biggest growth in mobile Internet traffic, now it’s Burma (Myanmar) and Cambodia which top the list in terms of user- and usage-growth, according to the Opera State of the Mobile Web report for July:

    • Myanmar and Cambodia lead the top 10 countries of the region in terms of page-view growth (6415.0 % and 470.1 %, respectively).
    • Myanmar and Cambodia lead the top 10 countries of the region in growth of unique users (1207.5 % and 179.1 %, respectively).
    • Myanmar and Cambodia lead the top 10 countries of the region in growth of data transferred (3826.6 % and 353.2 %, respectively)

Of course these figures are from a low base, and the Opera data is not the easiest to trawl through. (The Opera mobile report is always interesting reading, so long as you take into account that the Opera browser is for many people a Symbian browser and so of declining popularity in some quarters. Also their data is never presented in quite the order one would like, so you have to dig. )

Looking at the figures in more detail, and throwing them into a spreadsheet of my own, it’s clear that Burma is definitely an outlier. Cambodia’s growth is impressive, but Burma’s is by far the greatest out of all 27 countries surveyed. Here’s how it looks:

2011-07 Page view growth SEA

So is the Burma usage real, or is this just a jump from nothing to slightly more than nothing? I suspect it may actually be a sizeable jump. Opera are coy about the actual number of users (so we may actually be dealing with a small dataset). But the figures suggest that this is a real spurt in usage: Burmese mobile users are transferring more data per page view than any other of the 27 countries surveyed, and the page views per user is on a par with the Philippines and Thailand.

I’d cautiously suggest that Burma, along with Cambodia and Laos, are beginning to show exhibit some of the signs of what one might pompously call “mobile societies”: using the mobile phone as an Internet device as a regular part of their activities. Take the page views per user, for example, which measures how much they’re using the mobile phone to view the Internet (Brunei seems to be in a league of its own; I don’t know what’s going on there, except that in terms of nightlife, I’d have to say not much):

2010-07 Page views per user SEA

It’s probably too much to conclude that mobile phones as Internet devices are now mainstream in this third tier of the region, but it’s a healthy sign, with lots of interesting implications.

The Mobile Revolution in Social Technology

Media_httpwwwictd2010_hzhhk

An interesting chart from the ICTD conference reflecting the theme of papers submitted in the years 2006-2010 (minus 2008). Mobile has grown massively in the past couple of years–particularly surprising given that in 2007 the number of papers had actually shrunk.

This reflects the impact of the mobile phone on the developing world in the past couple of years, as well as perhaps a slowly dawning realization that for many people in these regions the mobile phone is not only their first telephone, it’s their first computer and first Internet device.

It’s also intriguing that radio has disappeared from the equation. A mistake, in my humble view. It’s still important in a lot of regions. I’m not quite sure what ‘network’ means here, but that seems to have disappeared too. Finally, note how the number of papers mentioning PCs has shrunk as well.

The Phantom Threats We Face

This is a copy of my weekly Loose Wire Service column.

By Jeremy Wagstaff

We fear what we don’t know, even if it’s a guy in Shenzhen trying to make an honest living developing software that changes the background color of your mobile phone display.

Here’s what happened. I’ll save the lessons for the end of this piece.

A guy who prefers to go by the name Jackeey found a  niche for himself developing programs—usually called apps—for the Android cellphone operating system.

They were wallpaper applications—basically changing the background to the display.

That was until an online news site, VentureBeat, reported on July 28 that a security company, Lookout, had told a conference of security geeks that  that some downloadable applications to phones running the Android operating system would “collect a user’s browsing history, their text messages, the phone’s SIM card number and subscriber identification, voicemail phone number password” and send all this data to a website owned by someone in Shenzhen, China.

Yikes! Someone in China is listening to our conversations! Figuring out what we’re doing on our phone! Sending all this info to Shenzhen! Sound the alarum!

Word did indeed spread quickly. About 800 outlets covered the story, including mainstream publications like the Daily Telegraph and Fortune magazine: “Is your smart phone spying on you?” asked one TV station’s website.

Scary stuff.

Only it isn’t true. Firstly, VentureBeat had the story wrong: The applications in question only transmitted a portion of this data. No browsing history was transmitted, no text messages, no voicemail password.

VentureBeat corrected the story—sort of; the incorrect bits are crossed out, but there’s no big CORRECTION message across the top of the story—but the damage was done. Google suspended Jackeey’s apps. Everyone considered Jackeey evil and confirmed suspicions that a) Android was flakey on security and b) stuff from China was dodgy.

All kind of sad. Especially when you find that actually Jackeey himself is not exactly unreachable. A few keyword searches and his email address appears and, voila! he’s around to answer your questions. Very keen to, in fact, given the blogosphere has just ruined his life.

Here’s what he told me: He needed the user’s phone number and subscriber ID because people complained that when they change their phone they lose all their settings.

That’s it. That’s the only stuff that’s saved.

Needless to say he is somewhat miffed that no one tried to contact him before making the report public; nor had most of the bloggers and journalists who dissed his applications.

“I am just an Android developer,” he said. “I love wallpapers and I use different wallpaper every day. All I want is to make the greatest Android apps.”

Now of course he could be lying through his teeth, but I see no evidence in the Lookout report or anything that has appeared subsequently that seems to suggest the developer has done anything underhand. (The developer has posted some screenshots of his app’s download page which show that they do not request permission to access text message content, nor of browsing history.)

In fact, he seemed to be doing a pretty good job: His apps had been downloaded several million times. He declined to give his name, but acknowledged that he was behind both apps provided under the name Jackeey, and under the name iceskysl@1sters.

The story sort of ends happily. After investigating them Google has reinstated the apps to their app store and will issue a statement sometime soon. It told Jackeey in an email that “Our investigation has concluded that there’s no obvious malicious code in your apps, though the implementation accesses data that it doesn’t need to.”

VentureBeat hasn’t written an apology but they have acknowledged that: “The controversy grew in part because we incorrectly reported in our initial post that the app also sent your text messages and browser history to the website.”

For his part Jackeey is redesigning his apps to take into account Google’s suggestions. He points out that to do so will require him to have users set up an account and enter a password, which some users may be reluctant to do. And the Google suggestion is not entirely secure either.

Obviously this is all very unsatisfactory, in several ways.

Firstly, the journalism was a tad sloppy. No attempt was made to contact the developer of the app for comment before publishing—how would you feel if it was your livelihood on the line?—and the correction was no real correction at all.

Secondly, the internet doesn’t have a way to propagate corrections, so all the other websites that happily picked up the story didn’t update theirs to reflect the correction.

Thirdly, Google maybe should have contacted Jackeey before suspending the apps. It would have been kinder, and, given they’ve not found anything suspicious, the right thing to do.

Fourthly, us. We don’t come out of this well. We are somehow more ready to believe a story that includes a) security issues (which we don’t understand well) and b) China, where we’re perhaps used to hearing stories that fit a certain formula. Suspicious?

And lastly, perhaps we should look a little harder at the source of these reports.  We seem very quick to attribute suspicious behavior to someone we don’t know much about, in some scary far-off place, but less to those we do closer to home: Lookout’s main business, after all, is prominently displayed on their homepage: an application to, in its words, “protect yourself from mobile viruses and malware. Stop hackers in their tracks.”

So spare a thought for Jackeey. If you do a keyword search for him, the first hit is the story “’Suspicious’ Android wallpaper app nabs user data”, and links to 863 related articles. Below—a week after the hoo-ha, and after Google has sort of put things right–are headlines like: “Jackeey Wallpaper for Android steals your personal info”, “Your Rotten App, Jackeey Wallpaper” and “Jackeey steeling [sic] info on Android devices”.

In other words, anyone who checks out Jackeey’s wares on Google will find they don’t, well, check out.

I got back in touch with Jackeey to see how he’s holding up, a week after the storm broke. I’m in some pain, he says, “because mass negative press said that I steal users’ text messages, contacts and even passwords.” People have removed his applications from their phone, and people have been blasting him by email and instant messaging, calling him “thief”, “evil person” and other epithets.

“I am afraid that it will destroy my reputation and affect my livelihood forever,” he says.

I’m not surprised. We owe to folk like Jackeey to make apps for our phones, so we should treat him a little better.

Phantom Mobile Threats

How secure is your mobile phone?

This is an old bugaboo that folks who sell antivirus software have tried to get us scared about. But the truth is that for the past decade there’s really not much to lose sleep over.

That hasn’t stopped people getting freaked out about it.

A security conference heard that some downloadable applications to phones running the Android operating system would “collect a user’s browsing history, their text messages, the phone’s SIM card number and subscriber identification” and send all this data to a website owned by someone in Shenzhen, China. Some outlets reported that it also transmitted the user’s passwords to their voicemail.

About 700 outlets covered the story, including mainstream publications like the Telegraph and Fortune magazine: “Is your smart phone spying on you?” asked one TV station’s website.

Scary stuff.

Only it isn’t true. It’s not clear who misreported all this—the journalists and others covering the event, or the company releasing the fruits of their research, but it gradually emerged that the applications—downloadable wallpapers—only transmitted a portion of this data. (See a corrected version of a story here.)

Indeed, the whole thing got less suspicious the more you dig.

This is what the developer told me in a text interview earlier today: “The app [recorded’] the phone number [because] Some people complained that when they change the[ir] phone, they will lose the[ir] favorite [settings]. So I [store] the phone number and subscriber ID to try to make sure that when [they] changed the phone, they have the same favorites.”

Needless to say the developer, based in Shenzhen, is somewhat miffed that no one tried to contact him before making the report public; nor had any of the 700 or so outlets that wrote about his applications tried to contact him before writing their stories.

“I am just an Android developer,” he said. “I love wallpapers and I use different wallpaper every day. All I want is to make the greatest Android apps.”

Now of course he could be lying through his teeth, but I see no evidence in the Lookout report or anything that has appeared subsequently that seems to suggest the developer has done anything underhand. (The developer shared with me some screenshots of his app’s download page which show that they do not request permission to access text message content, nor of browsing history.)

In fact, he seemed to be doing a pretty good job: His apps had been downloaded several million times. He declined to give his name, but acknowledged that he was behind both apps provided under the name Jackeey, and under the name iceskysl@1sters!

Not much longer. One website quoted Lookout as saying “We’ve been working with Google to investigate these apps and they’re on top of it.” They have: Google has now removed the apps from their site. So I guess Jackeey, as he asked me to call him, is going to have to look for other ways to spend his time. (He told me that Lookout had contacted him by email but not, apparently, before going public.) 

Seems a shame. Obviously, there is a mobile threat out there, but I’m not sure this is the way to go about addressing it. And I don’t think a guy in Shenzhen doing wallpaper apps is, frankly, worth so much hysterical column ink.

Let’s keep some perspective guys, and not embark on a witch-hunt without some forethought.

Lookout has since been backtracking a bit from its original dramatic findings. “While this sort of data collection from a wallpaper application is certainly suspicious,” it says on its blog, “there’s no evidence of malicious behavior.”

Suspicious? We seem very quick to attribute suspicious behavior to someone we don’t know much about, in some scary far-off place, but less to those we do closer to home: Lookout’s main business, after all, is prominently displayed on their homepage: an application to, in its words, “protect yourself from mobile viruses and malware. Stop hackers in their tracks.”

Conflict of interest, anyone?

The Shape of Things to Come

This is from my weekly newspaper column, hence the lack of links.

By Jeremy Wagstaff

We’re all touch typists now.

Of course, the definition of touch type has had to change a little, since most of us don’t actually learn touch typing as we’re supposed to. Watch people tapping away at a keyboard and you’ll see all sorts of cobbled-together methods that would make the office secretary of yesteryear blanch.

But for now keyboards are going to be with us for a while as the main way to get our thoughts into a computer, so some sort of touch typing is necessary.

But the mobile phone is different. After ten years most of us have gotten used to entering text using the predictive, or T9, method, where the phone figures out you’re trying to say “hello” rather than “gekko” when you tap the 4,3,5,5,6 keys.

Texting has gotten faster—Portugal’s Pedro Matias, 27, set a new world record in January by typing a 264-character text in less than 2 minutes, shaving 23 seconds off the previous record—but that’s still slower than your average touch typist, who manages 120 words-say 480 characters—in the same amount of time.

Blackberry uses have their QWERTY keyboards, each key the size of a pixie’s fingernail, and while some people seem to be quite happy with these things, I’m not.

And the iPhone has given us, or given back to us, the idea of little virtual keyboards on our screen. I’ll be honest: I’m not a big fan of these either.

The arrival of the Android phone hasn’t really helped matters: The keyboard is usually virtual (some of the earlier phones had physical keyboards, but most have dropped them in favor of onscreen ones) and I really didn’t enjoy typing on them.

To the point that my wife complained that she could tell when I was using the Android phone over my trusty old Nokia because she didn’t feel I was “so reachable.” By which she means my monosyllabic answers weren’t as reassuring as my long rambling Nokia, predictive text ones.

But that has changed with the arrival of software called ShapeWriter. ShapeWriter is software that provides the same virtual keyboard, but lets you swipe your words on it by dragging your fingers over the keys to, well, form a shape.

Typing “hello,” for example, is done by starting your finger on “h”, dragging it northwest to “e”, then to the far east of “l”, lingering there a second, then north a notch to “o.” No lifting of the finger off the keyboard. Your finger instead leaves a red slug-like trail on the keyboard, and, in theory, when you lift your finger off the keys that trail will be converted to the word “Hello.”

And, surprise, surprise, it actually works. Well, unless you’re demonstrating it to a skeptical spouse, in which case instead of “hello” it types “gremio” or “hemp.”

Now this isn’t the first time I’ve used ShapeWriter. It has been around a while—it was first developed by IBM Labs in the early 2000s. It’s gone through quite a few changes in the meantime, not least in the theory behind it.

But the main bit of thinking is the same as that with predictive text (and speech recognition): what is called the redundancy of language. Taking, for example, the whole body of emails written by Enron employees, the most frequent email sender wrote nearly 9,000 emails in two years, totalling about 400,000 words.

That’s a lot of words. But in fact the number of actual words was about 2.5% of that: That email sender only used 10,858 unique words.

Now of course, Enron employees might not be representative of the wider population, but researchers have to work with data, and the Enron case threw up lots of data. The Enron Email Dataset is a 400 megabyte file of about 500,000 emails from about 150 users, mostly senior management of Enron. Making it a goldmine for researchers of language, machine learning and the like.

Learning from the words used—though presumably not their morals—researchers are able to figure out what words we use and what we don’t. Thus, ShapeWriter, and T9, and speech recognition, are able to tune out all the white noise by only having to worry about a small subset of words a user is typing, or saying. Most words we either don’t use because our vocabularies aren’t that great, or because we haven’t invented those words yet.

ShapeWriter has 50,000 words in its lexicon, but it gives preference to those 10,000 or so words it considers most common (presumably

In ShapeWriter’s case, they produce a template of the shape of each word they decide to store in the software, so the shape you’re drawing—left-far right, up, down, along—is recognised.

In its latest incarnation it actually works surprisingly well, and I’d recommend anyone with an Android phone to check it out. (It’s free.) There’s a version for the iPhone too, as well as Windows Mobile and the Windows Tablet PC. Only downside: For now, at least, only five–European–languages are supported.

I am not convinced this kind of thing is going to replace the real keyboard, but it’s the first decent application I’ve come across that has gotten me back into actually enjoying tapping out messages on my device.

My wife, for one, is happy.

Facebook’s Internet of Sharing

(This is a copy of my Loose Wire Sevice column, produced for newspapers and other print publications.)

By Jeremy Wagstaff

Get ready for a world where everything is shared.

Readers of this column will already know that our notions of privacy have changed a lot in the past couple of years.

That has made it possible for Facebook to announce a new initiative this past week, pretty confident it won’t get rebuffed in the same way its Beacon program did a few years back.

Back then we didn’t like the idea of companies having access to the things we were doing on their websites and then posting it to our Facebook feed (“Jeremy’s just bought an Abba CD!”)

Now, with Facebook’s Open Graph, we’ll actually go quite a bit further than that. In effect, every web page will become part of your Facebook world, because whoever runs that web page will have access to your Facebook world—and, in a way, vice versa.

If you “like” something on a music website, then that “like” will be broadcast on your Facebook feed. So your friends will see it. But so will that music website have (at least some) access to your Facebook profile, your Facebook network, as will Facebook have access to your profile on that music website.

In short, Facebook will become a sort of repository of all the breadcrumbs you willingly leave around the Internet—what some are calling your “social metadata”. These are all the bits and pieces you leave on websites about songs, pictures, books, food, hotels that you like.

Instead of all that stuff just being little fragments, all those websites that participate in Facebook’s Open Graph will collect it and create a much more complete picture of you than your Facebook stream currently does.

I’m not going to get into the privacy aspects here. Obviously there’s a lot that’s creepy about this. But then again, we willingly share much of this stuff with our friends, and all the applications that we use on Facebook, so maybe we have already made that choice.

Compare this with Google, which collects similar data but in a different way. Google collects your interests, intentions and preoccupations whenever you do a search, or access your email, or look at a map.

Google may be a search engine, and Facebook may be a social network, but they’re ultimately fighting for the same thing: Targeted advertising.

Facebook will do it through social metadata you intentionally leave behind; Google will do it through data you unintentionally leave behind.

I don’t know whether Facebook will win with this or not. But it’s an interesting move, and, if we continue to inhabit Facebook in the numbers we do, we’ll probably slide effortlessly into this world.

And, of course, as we get more mobile, this only becomes more powerful. A research company called Ground Truth found last week that U.S. mobile subscribers spent nearly 60% of their time on social networking sites; the next biggest category was less than 14%.

In other words, social networking is actually more compelling on a mobile phone than it is on a laptop or desktop. Kind of obvious really.

If you want to get futuristic about it, it’s possible to see how this coupling of mobile device and social networking is likely to give a big push to a new kind of device: wearable computing.

Expect to see more of the likes of Ping: a garment that its inventors say allows you to connect to your Facebook account wirelessly and update your status simply by lifting up the Ping’s hood, or tying a bow, or zipping up.

Heaven knows what our Facebook page is going to look like in the future. But it’s a natural succession to the basic principle of something like Facebook, which is that a life not shared is not worth living.

I know I have developed that instinct to share the absurdities of my day on Facebook, and I appreciate it when others do. I’m not talking about the average “my boss sucks” update, but ones which are funny, thoughtful, or both.

One day we’ll look back, as we did at email, and wonder how we lived without status updates.

By then we’ll be swishing our arms or doing up a button to update our page—nothing as archaic as actually tapping it out on a keypad.

I’m not quite sure how I feel about all this. Maybe I’ll update my Facebook status to reflect that.