Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

189 comments

Im going to wait..... (2, Insightful)

Anonymous Coward | more than 4 years ago | (#30671202)

I will personally be waiting for the next gen to come around. It will most likely be like the iPhone was. First model was ok but the later were much better...

Re:Im going to wait..... (5, Funny)

stiggle (649614) | more than 4 years ago | (#30671792)

I'm going to wait for the 6th version to come along.
I was to see the video footage it takes of "Attack Ships on fire off the shoulder of Orion" :-)

hmmm... (2, Funny)

Anonymous Coward | more than 4 years ago | (#30671216)

It stacks fairly well but will topple if you stack too many

Re:hmmm... (1)

Suki I (1546431) | more than 4 years ago | (#30671508)

Is double sided tape cheating?

Re:hmmm... (3, Funny)

Anonymous Monkey (795756) | more than 4 years ago | (#30671514)

Yes, Lego still stacks up better than anything else. Therefore Lego should produce all our computer and communications hardware.

I for one welcome our new Mindstorm(tm) overlords having a grammar war over Lego/Legos.

I have my doubts (1, Offtopic)

For a Free Internet (1594621) | more than 4 years ago | (#30671244)

Since it comes from G$$Gle, it will spy on everything you say, hear, or think, and report it to its Italian/CIA double-agent handlers. To protect the privacy of my fellow true patriots, I have been training myself in telepathy and now can successfully communicate with all my pets and my wife with 97.9% accuracy. If you're serious about privacy in Barack Obama's America, I suggest you do the same.

Re:I have my doubts (2, Funny)

shentino (1139071) | more than 4 years ago | (#30671712)

How do we know the government hasn't got some super-secret telepathy interceptor that you are just trying to lead our thoughts right into?

You could very well be a double agent yourself.

Why should we trust you?

Re:I have my doubts (0)

Anonymous Coward | more than 4 years ago | (#30671896)

This is a weakness which I have already considered. Thus, when I think, I always make sure to think the opposite of what I'm really thinking, to confuse the Italian spies and cause errors in G$$Gle's spy computers. -- CFAFI underground commando

Re:I have my doubts (1)

TheGratefulNet (143330) | more than 4 years ago | (#30672882)

click on the TPM(*) icon and verify for yourself.

(*) Trusted Poster Module. standard equipment on some new whitebox pc's.

Re:I have my doubts (1)

shutdown -p now (807394) | more than 4 years ago | (#30672500)

Since it comes from G$$Gle

I'm really curious now. How do you spell "Apple", "Sun", and "IBM"?

Re:I have my doubts (0)

Anonymous Coward | more than 4 years ago | (#30673096)

(h)A$$le, $un, I$M

N1 vs Iphone (4, Informative)

Karganeth (1017580) | more than 4 years ago | (#30671256)

521MB RAM vs 256MB RAM
800x480 vs 480x320
1Ghz vs 600Mhz
5MP vs 3MP
AMOLED vs TFT

To top it off the nexus one is a slimmer device. Need I say anymore? The iPhone is no longer king! Hoorah!

Specs don't matter (5, Insightful)

ThrowAwaySociety (1351793) | more than 4 years ago | (#30671380)

521MB RAM vs 256MB RAM

800x480 vs 480x320

1Ghz vs 600Mhz

5MP vs 3MP

AMOLED vs TFT

To top it off the nexus one is a slimmer device.

Need I say anymore? The iPhone is no longer king! Hoorah!

Pretty sure that the iPhone was never king among the geeks that care about hardware specs. The iPhone is king among the people who care about the number of apps, user experience, and style. The kind of people who base their decision on what they see on TV, or what their friends like, and not what they read on Slashdot.

You know, the vast majority of the population.

Re:Specs don't matter (4, Insightful)

b0bby (201198) | more than 4 years ago | (#30671686)

Pretty sure that the iPhone was never king among the geeks that care about hardware specs.

I'm not so sure, the biggest phone geek I know has switched to an iphone. "User experience" is important for geeks too, and I have to say the iphone seems to deliver a great one (at a price).

Re:Specs don't matter (2)

FlyingBishop (1293238) | more than 4 years ago | (#30673044)

I can't bring myself to purchase a computer that lacks an interpreter I can use to write scripts.

Re:Specs don't matter (0, Troll)

Anonymous Coward | more than 4 years ago | (#30671714)

The iPhone is king among the people who care about the number of apps, user experience, and style.

Why is having 100,000 useless apps better than having 30,000 useless apps?

The kind of people who base their decision on what they see on TV, or what their friends like, and not what they read on Slashdot.

People who value bling & celebrity wow factor over anything else.. we call them chavs around here.

Re:Specs don't matter (1)

furball (2853) | more than 4 years ago | (#30672800)

Why is having 100,000 useless apps better than having 30,000 useless apps?

Choice!

King? iPhone Is The 3rd Place Phone (4, Informative)

MediaStreams (1461187) | more than 4 years ago | (#30671756)

http://www.intomobile.com/2009/11/12/apple-iphone-takes-third-place-in-q3-global-smartphone-sales.html [intomobile.com]

Nokia is the king.
RIM behind them.

And finally Apple in third place. So, no, Apple and iPhone isn't the king of anything in the cellphone market.

Re:King? iPhone Is The 3rd Place Phone (1)

0100010001010011 (652467) | more than 4 years ago | (#30672270)

Nokia is King as a company.
iPhone may be King as a model.

How many 'smart phones' are Nokia's sales spread across? Apple has the iPhone 3G and 3Gs. (And a few more if you split it up memory size).

Nokia's product line reminds me of Apple's in the early 90s. There's the 5530, the 5533a, 5005 WITH camera*. Etc.

* model names made up.

Re:King? iPhone Is The 3rd Place Phone (3, Informative)

Patch86 (1465427) | more than 4 years ago | (#30672560)

And no consumers want choice, right? People much prefer to compromise on what they want from a product because of a limited product line, obviously!

(Nokia sells a range of different devices filling a whole range of price and hardware niches. Seeing as their combined range outsells Apples combined range by a considerable amount, I'd guess it's a strategy which is serving them pretty well).

Re:King? iPhone Is The 3rd Place Phone (0)

Anonymous Coward | more than 4 years ago | (#30672628)

Not sure but "rim behind them" doesn't sound like a place to be.

Re:King? iPhone Is The 3rd Place Phone (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30672808)

Scope. Nobody here, except you and maybe a half dozen other people, gives a shit about what phones are used in mainland Asia.

Re:Specs don't matter (1, Offtopic)

Manip (656104) | more than 4 years ago | (#30671812)

Could you be any more smug and arrogant?

I believe the reason why people like the iPhone/Touch is that the UI is very clean, simple, and responsive. Plus in addition to that you have an insanely good multi-touch interface that with software simulated physics feels "real" somehow. All in all the iPhone/Touch software is a very intuitive piece of kit, which makes people want to create cool applications for it and thus the cycle continues.

I am a geek, I read tech-spec's, but I also know that MOST of what I am buying is a software experience, that's why I buy a branded device at all instead of a Chinese eBay import with generic software that is at least twice as powerful and half the price.

Re:Specs don't matter (4, Funny)

ThrowAwaySociety (1351793) | more than 4 years ago | (#30671988)

Could you be any more smug and arrogant?

I don't think so. I managed to insult both the Slashdot-nerd crowd, and the regular-Joe-Shmoe crowd. I think that makes me the smuggest, most arrogant bastard going.

Thanks for acknowledging that achievement, though!

Fucking Faggot (1, Funny)

Anonymous Coward | more than 4 years ago | (#30672884)

As if the world needed another yet example why everyone despises losers with iPhones...

 

Re:Specs don't matter (1, Troll)

MrHanky (141717) | more than 4 years ago | (#30671940)

"not what they read on Slashdot"? The internet's number ... 5 or 6, probably, iHype generator?

Slashdot hasn't been a tech site ever since the Apple segment of consumerist morons moved in.

At least he avoided using "sheeple" (4, Insightful)

Quiet_Desperation (858215) | more than 4 years ago | (#30671960)

Yeah, a good user experience and plenty of useful applications that just work. What sort of damned fool would ever want that?

Re:Specs don't matter (3, Insightful)

Karganeth (1017580) | more than 4 years ago | (#30672088)

Why do slashdot users insist on perpetuating the myth that the general population is completely clueless about anything hardware? If someone's going to invest $2,580 for a nexus one (or $3780 for an iPhone) chance are they're going to know a decent amount about it. Even if they don't know the particular processor chip inside or what AMOLED means, they'll know that it feels fast and they'll see that the screen is nothing but amazing.

Re:Specs don't matter (2, Insightful)

EvilNTUser (573674) | more than 4 years ago | (#30673084)

I care about hardware specs, and I would probably choose any Android device over iPhone OS. BUT, and this is a big but, staring at raw hardware specs is even more stupid with phones than with computers. They're not even running the same OS.

Just to make a point:

521MB RAM vs 256MB RAM - How much of this is actually free after the OS is loaded? What proportion of apps are statically linked (if the OS has poor libraries)?

1GHz vs 600MHz - a) Is the theoretically faster speed achieved with a pipeline that's too long (see Netburst)? b) Even if it's faster, is it actually noticeable or are most operations I/O-bound? c) What operations are hardware accelerated in each OS?

5MP vs 3MP - And lens quality?

AMOLED vs TFT - Whatever, show me photos with daylight and I'll see what I think.

Re:N1 vs Iphone (0)

Anonymous Coward | more than 4 years ago | (#30671398)

1ghz vs 2 * 600mhz

Re:N1 vs Iphone (0)

Anonymous Coward | more than 4 years ago | (#30671466)

no.

The Old iPhone Is Still King Of Hipster Losers (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#30671668)

The POS iPhone is still king for Hipser Losers no matter how hard they are crying over their Starbuck's coffee all over the planet after the unveiling of the amazing Nexus One yesterday.

Re:N1 vs Iphone (1)

whisper_jeff (680366) | more than 4 years ago | (#30672090)

The iPhone is no longer king! Hoorah!

Ok. Listen closely.

The iPhone wasn't king WHEN IT CAME OUT!

Seriously. There were better phones, hardware-wise, when the iPhone first launched. And there's always been better phones. And I'm willing to bet there will always be better phones, hardware-wise.

It. Does. Not. Matter.

The iPhone's success is not linked to its hardware. When you figure that out - when you realize why the iPhone is actually successful - you might begin to understand what it takes to make the fabled iPhone-killer.

Re:N1 vs Iphone (0)

Anonymous Coward | more than 4 years ago | (#30672528)

521MB RAM vs 256MB RAM

800x480 vs 480x320

1Ghz vs 600Mhz

5MP vs 3MP

AMOLED vs TFT

To top it off the nexus one is a slimmer device.

Need I say anymore? The iPhone is no longer king! Hoorah!

512 MB internal storage + 4GB flash card vs 16GB (32GB with upgrade)

With all the apps/music/videos that people like to carry around with them now days, storage space kind of matters now.

Nexus One vs iPhone 3Gs vs. N900 (4, Informative)

Hurricane78 (562437) | more than 4 years ago | (#30672594)

I’m sure if you ask the Japanese, they will laugh in your face. But a quick comparison:

Nexus One vs iPhone vs. N900

CPU: 1GHz Qualcomm SnapDragon | 600 Mhz ARM Cortex-A8 + PowerVR SGX | 600 MHz ARM Cortex-A8 + PowerVR SGX
RAM: 512MB | 256MB | 1GB
Display: 800x480 AMOLED | 480x320 TFT | 800x480 TFT
Camera: 5 MP, LED flash | 3 MP, no flash | 5 MB + 0.3 MP (dual), LED flash | (All without optical zoom, which in this day and age, is pathetic.)
Storage: 4 GB + unlimited | 16 GB (fixed) | 32 GB + unlimited
Battery: 1400 mAh | 1219 mAh (non-removable) | 1320 mAh | (all 3.7 V li-ion)
Input: capacitive touchscreen + trackball | multi-touch touchscreen | resistive touchscreen + 38-key backlit keyboard
OS: Android | iPhone OS | Maemo Linux
Dimensions: 119 * 59.8 * 11.5 mm | 115.5 * 62.1 * 12.3 mm | 110.9 * 59.8 * 18 mm
Java support: yes | no | yes
GPS: They all got A-GPS and Wi-Fi triangulation is possible with a software. Although from what I heard, the iPhone has that software built-in. (I bought it for 3€ for my Nokia, so not much trouble there.)
Ability to put on it and do with it what you want: likely | locked down | absolutely
FM radio: no | no | yes

That’s about the differences I could make out. I hope this gives a better picture. I tried to stay unbiased. (And I’m sure I will draw hate for this. ;) As always: No guarantees.

Re:Nexus One vs iPhone 3Gs vs. N900 (3, Informative)

jspenguin1 (883588) | more than 4 years ago | (#30672916)

The N900 has 256MB actual RAM, plus 768MB swap on an internal MMC card. It has to have more memory because unlike the iPhone and Android, applications must be explicitly closed (by closing the window) before they are unloaded.

The internal storage card is split into three partitions: 2GiB app storage, 768MiB swap, 25GiB user. The reason the app storage is separate is because it is formatted ext3, but the user storage must be formatted FAT for Windows hosts to access it through USB Mass Storage. Some applications (games, mostly) do install large data files there, though.

Re:Nexus One vs iPhone 3Gs vs. N900 (0)

Anonymous Coward | more than 4 years ago | (#30672992)

Tested by 'Will it blend?': no | yes | no

there!

Re:Nexus One vs iPhone 3Gs vs. N900 (1)

naveenkumar.s (825789) | more than 4 years ago | (#30673026)

Java support: yes | no | yes

Java on Android is Dalvik, right? You get "real" Java with N900 (not J2ME).

Nexus One's TTS seems like a killer feature

Re:N1 vs Iphone (1)

alen (225700) | more than 4 years ago | (#30672764)

4GB vs 16GB or 32GB storage

by the time you add more storage to the N1 it's more expensive. and it pretty much locked down to T-Mo since it can't use AT&T's 3G frequencies. and T-Mo sucks. and with all the corporate/work related apps in the app store Google's limit on the number of apps is dumb.

Re:N1 vs Iphone (1)

Deanalator (806515) | more than 4 years ago | (#30673114)

Nice comparison, between a phone that came out last year and a phone that just came out. You won't be able to judge anything until you look at the 2010 iphone specs. Apple has been working on a delayed timeline, only releasing features when a major competitor enables the feature first. Now that android has finally gotten it's act together, we will see what apple puts in it's new iphone. I think they will be able to keep up (since they did have a 2 year head start), but if they can't, then I will finally be moving over to android (something I thought I would be doing years ago).

Obvious article is obvious (4, Interesting)

nitefallz (221624) | more than 4 years ago | (#30671314)

I don't think the N1 is targeted at the corporate world. Google seems to have larger mobile plans than this, so I would expect some corporate type product in the future.

Re:Obvious article is obvious (2, Interesting)

toastar (573882) | more than 4 years ago | (#30671468)

Wait Wait Wait.... Are you saying the Iphone is targeted at the business world?

I'm not sure the article fully understands androids capabilities, I have a remote wipe app on my g1.
The only real security feature the iphone has is the lack of a SD card.

Re:Obvious article is obvious (0)

Anonymous Coward | more than 4 years ago | (#30672198)

What does any of this have to do with the iphone?

Re:Obvious article is obvious (1)

Changa_MC (827317) | more than 4 years ago | (#30672956)

Have you attached an iPhone to an exchange server, ever? Remote wipe, required passkey locking, ability to disable camera...

Apple gave my corporate overlords huge amounts of power when I hooked my personal phone into the company email/calendar.

From the article (4, Interesting)

Albanach (527650) | more than 4 years ago | (#30671320)

-Operating system: The Android operating system is in its infancy and like any new piece of software is likely to be full of security bugs. Android is also open source, so it is highly susceptible to developers with malicious intent finding those bugs quicker than if the OS was closed like the iPhone or blackberry OS. However, the open source nature of the OS should also become a benefit for its security longer term as coders with good intent scrub Android and find the security holes and patch them. Without the source code this job becomes much harder and takes considerably longer. Bottom line is it’s a mixed bag, less secure in the short term but able to become more secure faster than a close OS can.

Is there any evidence that an open source program is less secure in the short term than a closed source one?

After all, when coding an program they know will be open sourced, programmers are much less likely to add a vulnerable piece of code in the hope it won't be spotted or with the intention to fix it at some later date.

Re:From the article (5, Insightful)

jeffmeden (135043) | more than 4 years ago | (#30671484)

After all, when coding an program they know will be open sourced, programmers are much less likely to add a vulnerable piece of code in the hope it won't be spotted or with the intention to fix it at some later date.

Beg the question much? Your conclusion is just as vague as the one in the article. I don't have any actual data either, but I would venture that accidental bugs are a much much much greater security risk than malicious ones, open source or not. Of course, it's pretty darn hard to spot a cleverly hidden bit of malicious code (and be able to distinguish it from a bug), so we may never know anyway.

Re:From the article (3, Insightful)

jimbobborg (128330) | more than 4 years ago | (#30671544)

Yes, I find this point annoying. But the article is from Network World, by the "Cisco Security Expert." But the Nexus One gets 4 of the 9 phone security requirements, including screen lock, VPN, wireless security, and application sandboxing. The ones missed, besides the OS being open source, include application signing, corporate enforcement of security settings, hardware data encryption, and remote wiping capability. I would hope that the data encryption would be added at some point, and be better than the USB thumb drives from the story yesterday. I'm sure the others can be added later, although one of the nice things about this is not requiring the blessing of Google to run an app.

Re:From the article (3, Insightful)

benro03 (153441) | more than 4 years ago | (#30673156)

The problem I have with the article is that he completely blows his credibility with that one simple statement about it being insecure by the virtue of it being open source. Everything else he's pretty much spot on.

Re:From the article (3, Insightful)

nxtw (866177) | more than 4 years ago | (#30671570)

Is there any evidence that an open source program is less secure in the short term than a closed source one?

There's nothing inherently secure or insecure about open source software. It's not like all open source software is built with different tools or in safer languages.

After all, when coding an program they know will be open sourced, programmers are much less likely to add a vulnerable piece of code in the hope it won't be spotted or with the intention to fix it at some later date.

One could assert that open source programmers (at least those working for free) don't need to care about reliability or security since they aren't getting paid. One could also assert that anyone can create / contribute to an open source project, including those who don't know what they are doing.
However I don't think there's evidence for your assertion or my assertions.

Re:From the article (0)

Anonymous Coward | more than 4 years ago | (#30671590)

Is there any evidence that an open source program is less secure in the short term than a closed source one?

If we assume that Google's engineers have to follow the same code quality standards for open-source projects as for their various closed-source projects, then shouldn't we expect the quality of the code base to be equal, whether or not the source is disclosed to the public or not? If this is indeed the case, I think the statement that errors are more visible in an open-source project has merit.

After all, when coding an program they know will be open sourced, programmers are much less likely to add a vulnerable piece of code in the hope it won't be spotted or with the intention to fix it at some later date.

Why would this be the case? Doesn't Google apply the same quality assurance practices (peer reviews and such) to their internal codebase (i.e. those projects that are critical to Google's operation)? I don't think adding vulnerable code to an internal (closed source) project is any more acceptable than to an open-source project.

Re:From the article (3, Insightful)

TubeSteak (669689) | more than 4 years ago | (#30671634)

They're going to put Flash on the Nexus. [adobe.com]
Unless Adobe/Google's programmers have done the impossible and magically
secured Flash, most of their security isn't going to be worth a damn.

Re:From the article (1)

maxume (22995) | more than 4 years ago | (#30671778)

Have there been any flash exploits that bust out of the IE8 sandboxing in Windows 7?

(Real question...)

Re:From the article (1)

tweek (18111) | more than 4 years ago | (#30671852)

The attack vector for mobile flash on android is going to be insanely hard to get around. The browser is already sandboxed. It's quite likely that the flash plugin will be a separate sandboxed application as well. The ONLY android permissions that flash needs are media related and MAYBE MAYBE MAYBE geolocation information.

Re:From the article (4, Insightful)

nine-times (778537) | more than 4 years ago | (#30671654)

Also I'd question what the article means by Android being "in its infancy". Android is based on a well-tested OS that's been around for a while (Linux), the first phone running Android came out about a year ago, and the OS is past v2 (though version numbers don't necessarily tell you anything). I wouldn't call Android a long-running or well-established OS, but it's not like it was slapped together from scratch 6 months ago.

Re:From the article (1)

ducomputergeek (595742) | more than 4 years ago | (#30672472)

Linux is a kernel. Nothing more. An OS is the kernel + userland. In that respect, Android is indeed still in the infancy.

Re:From the article (1)

TheGratefulNet (143330) | more than 4 years ago | (#30672846)

the first phone running Android came out about a year ago

(HOW old are you?)

a person who considers a year-old product 'mature' -- hmmm -- I have to wonder about how old this person is, themselves.

seriously, a year is no sign of stability.

look at the telco world where standards have been in place for *decades* (some even over a century, now).

"a year" == mature. oh man, you children really crack me up.

Re:From the article (1)

Mr_Silver (213637) | more than 4 years ago | (#30671692)

Is there any evidence that an open source program is less secure in the short term than a closed source one?

Yes there is evidence, but it goes both ways. It is impossible to make generic statements about the security of open source (either for or against) without being ripped to shreds with counter points. Anyone who tries to make such a generic comment is going to be wrong.

What they appear to be saying is that since the code is open source, it's easier for people to find security flaws. Which would seem (to me) to be true. On the flip side, once it's found, it's going to get patched much quicker because you don't have a wait for the only people who can see the code to do something.

Slashdot loves to use Apache and IIS as examples of the security differences in open vs closed source. The problem is that Apache is not indicative of the quality of open source and Microsoft is not indicate of the quality of closed source.

For every good quality closed source vendor, I can equally find an open source project from Freshmeat riddled with security flaws.

Revoke Applications (4, Insightful)

dwandy (907337) | more than 4 years ago | (#30671422)

From TFA: Apple iPhone requires application signing and it issues and revokes the certificates making it a powerful security feature.

This "feature" is a prime reason I didn't buy an iPhone. I guess as a Security Guy he has to be willing to give up all his freedoms in his quest for security...

Get off your high horse (1)

Sockatume (732728) | more than 4 years ago | (#30671674)

He's not endorsing it, he's discussing it, in the specific context of how it changes the phone's security. Given the remit of the article, were you expecting him to go off on an eight-page screed against software signing at that stage, or something? The application sandboxing is going to seriously affect the way you interact with the phone as a programmer, should he have included something about sandboxing and its serious drawbacks for software authors too? Shit, VPN, there's another thing, I'm absolutely horrified that he didn't bring up the sociological impact of working from fucking home in his article about how god-damn secure the device is.

JESUS.

Re:Revoke Applications (1)

FlyingBishop (1293238) | more than 4 years ago | (#30673144)

He's primarily talking about the signing process, and he's quite right. Actually, it's worse than he's letting on. The Android Dev Tool plugin for Eclipse (which is the preferred frontend for signing your Android applications) is itself an unsigned Eclipse package - complete with warning from Eclipse that it's unsigned.

So think about that for a moment: You're signing software using unsigned software. All someone has to do is get a man in the middle on you, and the whole chain of trust is blown wide open. It's absurd. I love my Droid, and knowing what an application can do is nice, but Google needs to look at dealing with these obvious problems.

Also I've never been able to connect to get updates to the SDK over https. The great advice on the Android site is to click "force https sources to be fetched over http." Honestly, we might as well be transmitting this crap over irc for all the attention they're paying to security.

4 real issues (4, Interesting)

Enderandrew (866215) | more than 4 years ago | (#30671448)

We're talking enterprise here, right?

Who cares about touch screens and resolution. I do as a geek, but these are the real issues:

Do you need a separate server to properly sync with Exchange?
How well does it sync with Exchange?
How secure is it, and can it handle encryption? (The iPhone can't be used in many organizations for this very reason)
Is the email app any good? The iPhone mail app for instance is very much lacking in comparison to the Blackberry email app.

Suits care about covering their asses, and checking email. If it can't do that, it won't be used in the enterprise.

Re:4 real issues (1)

essjaytee (141772) | more than 4 years ago | (#30671808)

Sounds like it doesn't correctly, completely, implement ActiveSync Security. Just like all other Android phones.

It'll never be supported here until it really works with ActiveSync.

Re:4 real issues (0)

Anonymous Coward | more than 4 years ago | (#30672260)

Enchange? With or without receipt?

Still using software from the nineties?

Re:4 real issues (1)

Skuld-Chan (302449) | more than 4 years ago | (#30672340)

My friend's HTC droid works just fine with Exchange - I assume the N1 would as well.

Doesn't work with Exchange for many people (1)

OG (15008) | more than 4 years ago | (#30673150)

It depends on how the Exchange server is set up. For industries that demand security, such as healthcare, Exchange servers tend to require that mobile devices support things like encryption and remote wipe. In order for the device to connect, it has to tell the server that it supports any of these capabilities required by the server. Android's default email client doesn't. The Touchdown app does report capabilities back, but it's basically fudging the truth in order to connect (that's my understanding, anyway). Some admins have glommed on to this trick and are refusing to let Android devices connect at all.

So no, Android isn't ready for the enterprise. I have the HTC Eris and love it. I work at a research/teaching hospital, though, and probably wouldn't be able to use it for work. That's fine by me, but anyone who got the phone in order to keep up with work is going to be quite disappointed.

Re:4 real issues (1)

alen (225700) | more than 4 years ago | (#30672826)

the 3GS can handle encryption and if you have exchange 2007 SP1 you can force the phone to encrypt the data which means any pre-3GS devices won't work

Re:4 real issues (2, Informative)

Enderandrew (866215) | more than 4 years ago | (#30672922)

If I recall (and I can be mistaken) the big issue is that the iPhone can only do encryption one-way when syncing. Apple was literally bidding on a government contract for iPhone usage in the military, and the bid got thrown out when that was uncovered.

Oddly enough, Apple has still yet to fix the issue.

RIM's bread and butter (4, Interesting)

ArhcAngel (247594) | more than 4 years ago | (#30671490)

I increasingly hear this question from both my IT peers and users alike "Why does our company stick with Blackberry when phone XYZ is so much better?" The long and the short of it is SECURITY. I mean when India insisted RIM provide them with a back door so they could spy on BB users RIM's response was "We don't even have a back door". I would love to see a smartphone come out with all of the security features RIM has had for years so I could offer it to the Executive VP instead of telling him "I'm sorry but since you receive strictly private emails you are not allowed to use anything but a Blackberry" and having him start making calls and ultimately buying it on his expense account connecting it to the network in rogue fashion.

Re:RIM's bread and butter (5, Funny)

Anonymous Coward | more than 4 years ago | (#30671828)

I was going to Google "India RIM backdoor", but quickly thought against that idea.

Re:RIM's bread and butter (3, Insightful)

gad_zuki! (70830) | more than 4 years ago | (#30671916)

I doubt its because of security soley. Its the BES management features that really sell it. Centralized policies, remote wipes, etc. Security is only part of that. The BB system relies on your pumping your mail to Ontario and BB's getting it from Ontario. Its not a direct connection to the BES server in your enterprise. So any outtage in Ontario means an outtage for you. Not sure how good of an idea that is, especially since Android and other Activesync phones connect straight to your mail server just like any email client, and not through BB's proxies, which can be compromised. Sure they use end to end security but how feasible are MITM attacks?

I could see Google or Microsoft reproducing some of these features for corporate customers. That would pretty much kill the BB. For every thing the BB does well it does 5 other things badly.

Re:RIM's bread and butter (3, Insightful)

ArhcAngel (247594) | more than 4 years ago | (#30672576)

I don't disagree with what you are saying but you are referencing things that have only been viable in the last year or so. Android is in its infancy and Microsoft just recently got their Mobile guys and Exchange guys to talk to each other. Given it takes a large company 3 years to DECIDE on what to implement and another 2 years to actually implement it you begin to understand why those options haven't been introduced into many large scale operations. I still don't know of any other mobile communication device (outside of the NSA) that implements hardware encryption like Blackberries do. Apple introduced encryption on the 3Gs but it was cracked about fifteen minutes after it was announced if memory serves. I fully expect RIM to lose market share this year but I would not count them out just yet.

I doubt this is Google's business offering. They know it will take much more to crack that nut. In the meantime they can sell this to the masses to increase interest in a business class device.

Re:RIM's bread and butter (1, Informative)

Anonymous Coward | more than 4 years ago | (#30672734)

I doubt its because of security soley. Its the BES management features that really sell it. Centralized policies, remote wipes, etc. Security is only part of that.

True.

The BB system relies on your pumping your mail to Ontario and BB's getting it from Ontario.

Not true. RIM does have NOCs around the world.

Its not a direct connection to the BES server in your enterprise. So any outtage in Ontario means an outtage for you.

Not everyone goes through the Ontario NOC, although North America does.

Not sure how good of an idea that is, especially since Android and other Activesync phones connect straight to your mail server just like any email client, and not through BB's proxies, which can be compromised.

The beauty of the Blackberry Enterprise Server platform is that it doesn't matter if RIM's infrastructure is compromised. The encryption keys are located in two places: on the blackberry, and on your Blackberry Enterprise Server, which runs on a server in your office. RIM does not have the keys to decrypt. The cell phone carrier does not have the keys to decrypt.

That is part of the reason the Blackberry Enterprise Server platform has been audited & received so many security certifications: http://na.blackberry.com/eng/ataglance/security/certifications.jsp [blackberry.com]

How many security certifications does the iphone have? Android? Nokia? I strongly suspect the answer is none.

Not everyone needs the level of security offered by Blackberry, but some of us do.

Sure they use end to end security but how feasible are MITM attacks?

Once a blackberry is activated with a Blackberry Enterprise Server, not possible. You can even set up the key exchange between the Blackberry Enterprise Server & the blackberry over a usb cable - hard to spoof that.

Re:RIM's bread and butter (1, Informative)

Anonymous Coward | more than 4 years ago | (#30672474)

Nice try.. As per this post, Blackberry backed-down and allowed Indian Government to snoop BB users.

http://www.engadget.com/2008/05/22/rim-allows-indian-government-to-monitor-blackberry-network/

Re:RIM's bread and butter (3, Informative)

ArhcAngel (247594) | more than 4 years ago | (#30672900)

Thanks, for some reason Google failed me. But it would probably be better to direct to the actual article rather than a tech blog about the article...

http://economictimes.indiatimes.com/RIM_agrees_to_pass_BlackBerry_content_on_condition/rssarticleshow/3056271.cms [indiatimes.com]

from the article:

"The encrypted data packets sent through BlackBerry are password protected and could be deciphered only with the help of "Public Key" and "Private Key" together. The other provision is to build a super computer, which could take nearly three years and the results beyond a certain frequency were not guaranteed.

So yeah they "helped" the Indian government snoop but hardly gave them a master key.

Well, by definition it has to be Human (0)

Anonymous Coward | more than 4 years ago | (#30671496)

It is the Nexus One, after all. That makes it by definition More Human Than Human, as per Messr. Zombie.

Re:Well, by definition it has to be Human (1)

NotBornYesterday (1093817) | more than 4 years ago | (#30672564)

as per Messr. Zombie?

Turn in your geek card, and don't come back until you've watched Blade Runner.

I saw a tv 'news' report on the n1 today... (0, Offtopic)

distantbody (852269) | more than 4 years ago | (#30671592)

...I found it interesting that after the 2-second blurb by the anchor on channel 9 (aus) the only other commentary was from some standard and poors 'analyst' saying 'we are confident that the iphone is superior to the n1 in every way' followed by footage of the iphone. It seems they'll put any spin on for the right price.

Good prediction (3, Funny)

YourExperiment (1081089) | more than 4 years ago | (#30671632)

I particularly loved this line from the article: -

But for now, I don't expect to see any corporations handing out the Nexus One to their employees.

I guess he didn't hear about a little corporation named "Google".

Re:Good prediction (0)

Anonymous Coward | more than 4 years ago | (#30671700)

He meant real corporations....

Re:Good prediction (1)

zullnero (833754) | more than 4 years ago | (#30672016)

The only thing funny about this statement is how it seems to totally not get the entire point of the article.

The point being, of course, that just because it's made by Google doesn't instantly mean that its perfectly secure.

Until security becomes a primary feature, it generally will take a backseat to features leading up to an initial release, in my own experience. Then again, this article is chock full of assumptions, and a security assessment based on assumptions is pretty much useless, so who knows.

Re:Good prediction (1)

YourExperiment (1081089) | more than 4 years ago | (#30672082)

The only thing funny about this post is how it seems to totally not get the point of my post. :)

Re:Good prediction (2, Insightful)

alen (225700) | more than 4 years ago | (#30672794)

and google probably has an email system where everything is stored in Gmail in the cloud. for the rest of us, we have exchange and people store a lot of data on phones

Remote data wipe? (5, Interesting)

ducomputergeek (595742) | more than 4 years ago | (#30671650)

Phones are easy to loose or get nicked. One of the features enterprises like about the Blackbery is the ability to do a remote datawipe. On my iPhone I can set a password. If it's entered incorrectly 10 times, the device automatically wipes itself. I can also do a remote datawipe as well. I've tried googling about this feature on the N1 and so far have found nothing.

Ability to do a remote data wipe is key for the enterprise market.

Re:Remote data wipe? (2, Insightful)

Qubit (100461) | more than 4 years ago | (#30671770)

On my iPhone I can set a password. If it's entered incorrectly 10 times, the device automatically wipes itself.

I take it you have no small children or friends with an impish sense of humor, do you?

Re:Remote data wipe? (1)

natehoy (1608657) | more than 4 years ago | (#30672226)

Despite the inconvenience, remote wipe and "bad password attempt" wipe are critical features in a corporate environment. If my company email is on my phone, I don't want to be the one that allowed someone else to read it.

The default configuration at my company is:
  - I have to set a password on my Blackberry. It has to be at least 6 characters long, and contain at least one number and one character.
  - The password must be changed every 60 days.
  - The phone will lock itself requiring the password to unlock it after 15 minutes.
  - All data on the phone is encrypted, including anything written to a Secure Digital chip. The SD card is unreadable outside the phone.
  - Ten bad password attempts will wipe the device clean, including nuking the decryption key for any SD card that may be associated with the phone. The company can also remote-wipe it if I tell them it's lost.

With that sort of security arrangement there is always the risk that someone could do a denial of service attack by simply entering a bad password as many times as it takes to wipe the device. That's why corporate smartphones rarely contain original copies of any important information and can be reloaded remotely as easily as they can be nuked. If my seven-year-old nuked my phone, it could be reloaded with all of my data in about an hour or two, and all I have to do is call my company helpdesk (on the same phone) and have them initiate the reload. If I dropped it down a storm drain, my company can reissue an identical phone with all of my corporate data on it in a few hours.

I have to reinstall my non-corporate apps (Google Maps, my RSS reader, etc), but even those use server-side data and all I need to do is log into them. No real data of value is lost unless I'm dumb enough not to have backed up some pictures of value to me or something.

Re:Remote data wipe? (1)

nxtw (866177) | more than 4 years ago | (#30671790)

On my iPhone I can set a password. If it's entered incorrectly 10 times, the device automatically wipes itself.

Only the iPhone 3G S can do this quickly, and only if device encryption is enabled. With encryption, the device just erases the key. Without encryption, the wipe must overwrite the entire memory area.

Re:Remote data wipe? (1)

DJRumpy (1345787) | more than 4 years ago | (#30671810)

You can't disable encryption on a 3GS. It's built in.

Re:Remote data wipe? (1)

Duradin (1261418) | more than 4 years ago | (#30671900)

How well does remote wiping work with SD cards? Steal the phone, pop out SD card, profit?

Re:Remote data wipe? (1)

nxtw (866177) | more than 4 years ago | (#30671956)

How well does remote wiping work with SD cards? Steal the phone, pop out SD card, profit?

Windows Mobile can encrypt content on SD cards which would make the content unreadable after a remote wipe deletes the key. I would assume that BlackBerry devices can encrypt SD card contents too or at least disable the SD slot.

Re:Remote data wipe? (1)

natehoy (1608657) | more than 4 years ago | (#30672324)

Sounds like WinMo and BB use the same basic idea.

Blackberry devices can encrypt the entire SD card, or part of the SD card (my company allows the /music, /ringtones, /videos, and /pictures folders to be unencrypted, everything else gets encrypted). The encryption key is on the phone, and in the event of a wipe that encryption key is deleted from the phone and all the encrypted data on the SD chip is now useless, even on the original handset.

For those who don't want to skim TFA (4, Informative)

DJRumpy (1345787) | more than 4 years ago | (#30671746)

Screen Lock (including gestures to unlock in addition to alphanumeric codes)
VPN support
Standard Wireless Support (Wireless-N as well which is nice)
Application Sandboxing
Lacks Corporate Policy Enforcement (fail for enterprise)
Application Signing - Doesn't require trusted signers which defeats the purpose
No hardware encryption (fail for enterprise)
No Remote Wipe (fail for enterprise)

IMO, the phone definitely seems ready for the home user, but is very lacking for enterprise

Re:For those who don't want to skim TFA (1)

landoltjp (676315) | more than 4 years ago | (#30672186)

Good quick summary. Please mod Parent up. A few points, though:
  • it's a new device, so it's possible (probable) that many / all of these features are coming ('cept for hardware encryption which may be limited to HW upgrades)
  • Have application signing with self-signed certs as an enforceable policy.

Remote datawipe does exist on Android. (4, Insightful)

tweek (18111) | more than 4 years ago | (#30671796)

While the default Exchange integration on Android 2.0 doesn't support all of the Exchange security features, Touchdown ( http://www.nitrodesk.com/dk_touchdownFeatures.aspx [nitrodesk.com] ) DOES. I used it initially on my DROID and am currently testing the native stuff now that Motorola released a corporate directory app on the app store. Remote wipe *IS* supported by the native android ActiveSync implementation but not PIN security IIRC.

Re:Remote datawipe does exist on Android. (1)

essjaytee (141772) | more than 4 years ago | (#30672034)

I believe the main issue is that it doesn't respond correctly to the Exchange ActiveSync server. So while the device may be implementing correction password policy, etc, the Exchange server doesn't know it.

There is an option in Exchange for "Allow Unsupported Devices." Turning this on bypasses the security requirements, but you're nuts if you think you can enable this at any legitimate enterprise.

Re:Remote datawipe does exist on Android. (1)

tweek (18111) | more than 4 years ago | (#30673194)

I'm not suggesting that enterprises disable "Allow Unsupported Devices" but my understanding of Touchdown is that it DOES implement ActiveSync properly. What's really annoying about the whole argument is that all it takes is for the security to be bypassed is for the activesync client to lie about capabilities.

SMIME (0)

Anonymous Coward | more than 4 years ago | (#30672002)

No SMIME?

Application signing is worthless? (2, Interesting)

tibman (623933) | more than 4 years ago | (#30672302)

The application signing is worthless because they are self-signed certs? WTF is this guy smoking. Just because someone pays a CA to sign their cert doesn't make it magically more secure. I'll be honest, i think CAs should die off (in their current forms).

Re:Application signing is worthless? (1, Interesting)

Anonymous Coward | more than 4 years ago | (#30672622)

You need to do some research on self-signed certs, they are worthless. PKI is built on a trusted source framework with Certificate authorities being that trusted source. Like he points out in the article apple controls the CA for their apps so if an app writter does a trojan horse in their app then apple can pull the cert and destroy the app. Google needs to do the same. Also certs are used in android to verify what applications are related to each other and become part of the same process. So if a hacker can duplicate your self-signed cert then they can have their trojan app merge in the same process as your real app.

Re:Application signing is worthless? (1)

tibman (623933) | more than 4 years ago | (#30673016)

You need to do some research. All a CA is.. is a Self-Signed Certifcate company that signs other people's certificates for money. That does not make the signed certificates any stronger.

PKI is strong not because CAs exist. A-symmetric keys allow you to distribute your public key so that anyone can encrypt messages sent to you. But you keep the private key and only you can decrypt them. This also allows you to sign a file/document/text and prove that you are the key-holder. PKI not only describes the typical CA type but also web of trust and lots of other systems. Anyone can become a CA, including you. If you are the security manager for a company, you can generate your top-level key and self sign it. Any other key not signed by your key isn't authorized.. get it?

If a business wants signed certificates, all they have to do is Generate a certificate, self-sign it, and use that as the master key to sign allowed apps/packages.

In short: a CA = a top-level Self-Signed certificate.

Fp nIgga (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#30673170)

the deal wioth you
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...