Monthly Archives: May 2018

The S9

I got an S9 from my father as part of a deal. I did not want the phone, but he got it anyway. This is a flagship device costing almost $1,000; not exactly a small step-up from the S4.

I have been trying not to get the phone dirty with my sweaty hands, but too late for that. It appears to be a well-built and well-designed phone, although it looks prone to damage without adequate casing.

I am not particularly fond of two things: materialism, and giving away random information to any app that wants it.

I mention materialism because nothing lasts forever – the S4, at its time, was the pinnacle of technology, but we have somehow advanced even further in five years. It is difficult to imagine what a phone will look like in five more years. One must also remember that the smartphone is an instrument designed to get things done – an integrated PDA and cell phone – although these days it serves more as a game console.

There are also immense privacy risks one is taking simply by using this phone. Android has grown to such tremendous complexity that even I, a programmer, cannot fully comprehend the full design of the Android system. There are also many more apps that grab the location, now that optimizations have been made to prevent battery overuse from obtaining a fine location. And the system has grown to become so tightly integrated that practically anything can access anything (if you allow it to).

The strongest aspect of this phone is its speed – whereas Google Maps takes 6 seconds to cold-start on my S4, it loads in about 1 to 1.5 seconds on the S9; essentially instantly.

Finally, this phone allows me to place “HD Voice,” “VoLTE,” “Wi-Fi,” and “HD Video” calls. All of these things seem to be exclusive to AT&T users, with a supported SIM card, with a supported phone (i.e. not an iPhone), in a supported location, on both sides. In essence, the feature is useless for 90% of calls[citation needed]. How much longer will it take to develop and adopt a high-quality communications infrastructure that is standard across all devices and all carriers, including iPhones? What ever happened to SIP – why didn’t Cingular give everyone a SIP address back in the day? Why do I have to use a cell phone to place a call using my number? Why do we still use numbers – when will we be able to switch to an alphanumeric format like e-mail addresses?

Yes, I understand that we have to maintain compatibility with older phones and landline via the PSTN – whatever that is these days – and we also have to maintain the reliability of 911 calls.

The walled-garden stubbornness of Apple does not help much, either. Apple simply stands back and laughs at the rest of the handset manufacturers and carriers, who are struggling to agree on common communication interfaces and protocols. Will Apple help? Nope. Their business thrives on discordance and failure among the other cell phone manufacturers to develop open standards. And when they finally agree on an open standard ten years later – yoink! – Apple adopts it instantly in response to the competition.

As for other features, I found the S9’s Smart Switch feature to work perfectly: it was able to migrate everything on my S4, even the things on my SD card (I recommend removing the SD card from the original phone before initiating a transfer). It did not ask me about ADB authorization or anything like that, so I wonder how it was able to accomplish a connection to the phone simply by unlocking it.

When Android will finally have a comprehensive backup and restore feature, however, remains beyond my knowledge. This is Android’s Achilles heel by far.

Oh, and I forgot one last thing about the S9: it has a headphone jack 🙂

On Let’s Encrypt

Let’s Encrypt has been operational for about two years now, although the project originally began in 2015. Let’s Encrypt is the saving grace of HTTPS, but exactly because it is the saving grace of HTTPS is the reason that I dislike its endorsement.

Suppose that tomorrow, a security researcher discovers a critical vulnerability to CertBot or some other part of the Let’s Encrypt certificate issuance system, and in a week, almost every Let’s Encrypt cert is going to get tossed into the CRL.

They couldn’t do it. They couldn’t possibly toss 100 million certificates into the fire, because LE has already reached a point where it is too big to fail. You can’t tell your users, who expect their website encryption to come for free, “Hey, your CA got compromised, so you’re going to have to pay $20 or more for a cert from Verisign, GeoTrust, or Comodo, because there are no other free, secure CAs available. Sorry.”

And if it comes to that, two things happen:

  1. Verisign et al. gouge prices and have the biggest cert bonanza ever, because website owners have no other choices.
  2. An HTTPS blackout happens, and half of all HTTPS-enabled websites have no choice but to fall back to regular HTTP. And if this happened with a version of Chrome where insecure browsing is banned, then you can just forget about that website unless you are a website owner and choose (1).

You have to remember the situation before Let’s Encrypt: Browser vendors, most especially Google and Mozilla, were pushing as hard as they could toward eradicating HTTP and enforcing HTTPS everywhere, in light of the Edward Snowden and NSA hysteria-bordering-paranoia. However, SSL/TLS certificate options were limited at the time: existing free certificate services had been founded long before then and were commonly suggested for people who were absolutely desperate for a free certificate, but were nonetheless unpopular among CA maintainers due to rampant abuse. In other words, on the idealistic side, people believed that every site ought to have HTTPS. But on the practical side, they asked if your site really needed HTTPS if you can’t afford a certificate and you are just serving static content.

Today, those old free CAs have been abandoned by CA maintainers in favor for the one CA to rule them all: the ISRG/Let’s Encrypt CA. I mean, we’re obviously not putting all our eggs in one basket here – if something goes wrong, we still have hundreds of CAs to go by, and if an owner really needs their HTTPS, they can just shell out $100 for a cert. That’s right, if you’re a website owner who cares more about their website than the average Stack Overflow user, you should really consider shelling out money, even though we’re sponsoring a cert service that is absolutely free! Oh, and if something goes wrong, you get what you paid for, right? My logic is totally sound!

Let me reiterate: in the case of a future catastrophe, assuming that we are enough time into the future that browsers have placed so much trust in the HTTPS infrastructure that they now put prevent casual connections to insecure HTTP websites, there are two answers based on how much money you have:

  1. You’re f**ed, along with millions of website owners. More news at 11. Maybe the folks at Ars Technica can tell you what to do. Except they’re also too busy panicking about their personal websites.
  2. Buy a cert before they raise their pri– oh, too late, they’re $50 a pop now.

So, I think the problem at hand here is the philosophy behind trust. Trust is such a complicated mechanic in human nature that it cannot be easily automated by a computer. When we make a deal on Craigslist, how do we know we’re not going to end up getting kidnapped by the guy we’re supposed to be meeting with? Is the only reason a bureaucracy trusts me as an individual because I can give them an identification card provided by the government? But how can I, as an individual, trust the bureaucracy or the government? Only because other people trust them, or people trust them with their money?

How does this tie into the Internet? How can I trust PKI, the trust system itself? What happens if I tie a transactional system – specifically the likes of Ethereum – into a web-of-trust system such as PGP? What happens if I tell people, “vote who you trust with your wallets“? What is a trustable identity in a computer network? What remedies does an entity have if their identity is stolen?