Rogers tells HTC Dream users to turn off GPS or 911 calls won't go through

On January 15 I received an SMS message from Rogers telling me I'd better disable GPS on my phone or I wouldn't be able to make 911 calls. This is the latest chapter in the unhappy saga of the HTC Dream on Rogers.

Rogers/Fido service message: URGENT 911 Calls: Please disable GPS location on your HTC Dream device to ensure all 911 calls complete. HTC is urgently working on a software upgrade and we will provide details shortly so you can re-enable GPS.

Instructions: Select Menu - Select Settings - Select Location - Uncheck Enable GPS Satellite

Message de Rogers/Fido : URGENT - Appels 911 : Veuillez désactiver la localisation GPS sur votre appareil HTC Dream afin de vous assurer que tous les appels 911 soient acheminés. HTC développe le plus rapidement possible une mise à jour du logiciel et nous vous fournirons les détails sous peu afin que vous puissiez réactiver la fonction GPS.

Instructions : Sélectionner Menu - Sélectionner Paramètres - Sélectionner Location - Désactiver les satellites GPS

First Rogers announces that they're not providing any more upgrades to the software on this platform. Then they announce that they'll upgrade Dream users to the HTC Magic for free (well, with a contract extension). Then the damn thing just doesn't work. Ah, the joys of early adoption...

I just want an Android device with a keyboard. Is that too much to ask?

The cross-species dinosaur team meets to discuss the ideal design for a mammal

Spam now leverages social networks

I've been getting spam lately purporting to be from a former co-worker. Apparently they harvested her MSN Messenger list – it impersonates her hotmail account and sends to my work account.

This was probably due to a virus which hijacked MSN messenger, it's a notoriously problematic service: between the service outages, trojans and viruses, its usefulness is debatable. But even as Microsoft gets its security act together a decade too late, the attack is inevitably shifting someplace else.

With social networking sites asking for email passwords to "import connections", people respond quickly. After all, they say it's safe, and you can always change your password later (but you don't). As it has been pointed out, as an industry we've trained people to type passwords, and that's what they do – whether it's a good idea or not, and that's why phishing is so successful. But once they have your contact list they can keep that forever, and it's a wonderful tool for a spammer.

Facebook and Twitter are unlikely to misuse this data too egregiously, they are connected to real money and companies with reputations to protect. But Pownce, which is going out of business – what about their data? And tacky little utilities like Twitterank which spam your stream, you'd better believe they're warehousing your connections. And your private messages. And everything else. You can put these things together and draw meaningful conclusions about the people involved.

Science fiction has been talking about spambots impersonating your family and friends for years, but now it's happening for real, and expect to see a whole hell of a lot more of it. Expect to start seeing requests from friends and family, asking for money through new and unfamiliar websites (or even familiar websites that have been compromised). Expect increasingly strange and subtle requests: you may not even know what they're really trying to get you to do, or why. In short, this is going to get deeply weird, really fast.

Semantic web startup Twine hard to get wrapped up in

Twine is [yet another] site that offers recommendations for webpages, stories and information based on things that you've read. I've seen demos that are amazing, that pull together disparate threads of data in new and surprising ways. It is powered by some sort of fantastic semantic juju that allows it to create recommendations and connections that simpler probabilistic analyses cannot. Sounds good right?

The problem is that it is just too. damned. much. work. You start with nothing, and have to enter your links, from scratch, one at a time. You don't get any immediate satisfaction. Unlike FriendFeed or SocialMedian, it doesn't just figure stuff out based on your other activity elsewhere on the web. It doesn't even attempt to figure out what you already like. So all of the heavy lifting is left up to the user, and there's no immediate payoff. The new user is left wondering just what the hell this site is supposed to do for them.

So although it probably has good technology, so far it's a failure. If they don't realize that everybody's not suddenly going to start posting everything in their little walled garden with a promise of getting payoff, maybe, someday, they'll be left behind by other sites who have given a great experience out of the gate to new users. Other sites – Facebook, FriendFeed, etc. – can add this semantic hooey to their own sites at their leisure. Sometimes technology really doesn't matter.

Central authentication is coming, and here's a good reason why

Some interesting reading today on OpenID, Facebook Connect, and the dog's breakfast of authentication standards in the market:

Facebook Connect and OpenID Relationship Status: “It’s Complicated” – John McCrea of Plaxo

The authentication landscape appears to be coalescing. I think a lot of vendors will still want to have a "walled garden" ID scheme, but I'm inclined to think their customers will drag them kicking and screaming into a federated identity world.

I have a good reason to think so. People already use a dangerous form of single sign in: they use the same user ID and password across multiple sites. Some day soon an enterprising young script kiddie from Yemen is going to sit down and write a Distributed Identity Theft Attack that will plunder the databases of weak sites (like some forum that you don't even remember signing up for) to take possession of more valuable sites (like Facebook and LinkedIn) and then finally the holy grail (your email account, used to unlock everything else). Nobody, not even Bruce Schneier (by his own admission), has a different password for every site: at best, we have low, medium, and high-security passwords. But if you're using the same password everywhere, you're only as secure as the weakest site you visit, which means gold bars for the putative Yemeni banks.

Also, über-paranoid password complexity and periodic forced password change rules actually encourage people to use a password formula across different sites, and to change only the last character in a preset sequence. They're virtually assured to do so, because security training has taught people to never, under any circumstances, write down their passwords. So a dictionary attack will still work in most cases for the DITA outlined above – forty-seven variants isn't a lot to try, and most sites don't lock accounts for password failure.

So go change your online banking password right now, I'll wait. Don't forget PayPal, too. And Amazon, which holds your credit card info, as does iTunes.

So, we'll stumble along with our user ID (which is, often as not, the email address) and password (same everywhere) until the Russian Business Network strings together some Perl code and causes a smart-spam and bank fraud wave big enough to shake consumer confidence in the web. At the very least, consumers will learn not to trust websites with homegrown authentication. They'll pick one or two big-name vendors they trust.

Why I don't recommend the iPhone 3G

^{backup battery}

I've had the iPhone 3G for a couple of weeks, and although I think it's revolutionary, fantastic, useful, blah-blah-blah, poor battery life is its fatal flaw. For most people, a phone is a phone first and foremost, and other uses are secondary. I know I'm tethered to the internet in general, and email in particular, but a phone has to function as a phone, or it fails. To function as a phone, it has to hold a charge for at least 24 hours under light usage, and the iPhone does not.

This is fixable through software. By being extremely careful about how I turn on 3G and WiFi functionality I can make it work reliably through the day without charging more than once. But I shouldn't have to exercise extreme caution and constantly massage settings to make sure the battery doesn't discharge in bare hours: it is a computer and it should take care of it for me. This is not the traveling salesman problem, it's easy: if the screen is off I'm not using it and I don't need the 3G network, so stop trying to nuke my balls.

I don't know when Apple is going to clean up this mess, but I hope it will be within a few months. Without this fix the iPhone cannot be successful, and I totally want the iPhone to succeed. I've helpfully supplied Apple with a bug report on this just in case they haven't read a newspaper, blog, or spoken to a single sentient being who's used the device. Those of us who have it are doing everything short of implanting a car battery to keep these things running: extra charging cables everywhere, car chargers, and even expensive portable battery packs. Without a fix, this is a failed phone.

Solutions to the iPhone 3G energy crisis

I have the new iPhone 3G, and it is wonderful in so many ways: fast Internet, great mail integration, revolutionary app store, global reach of distribution, amazing polish... but. But.

This has been said a jazillion trillion quadrillion times already on every blog, tweet, IM, and stone engraving in the past forty days, but I've got to say it too: the iPhone 3G's battery performance sucks. It really, really does. Activating the 3G network means that the battery drains in a matter of hours, and even without it turned on it barely makes it through a 24-hour period without running out of juice. It is a power hog, 3G or no 3G, plain and simple. A single charging cable is not enough, because if you leave it at home, you'll need it at work, and vice-versa.

But I'm not just bitching, no, I'm a man of action, and I'm proposing real solutions for the energy crisis with the iPhone 3G. Below are my practical proposals for powering your iPhone 3G while you're on the go.

Miniature nuclear reactor small hydroelectric facility space-based solar array with microwave power transmission

mule team and hand-wired dynamo coal-burning steam turbine diet Coke and Mentos

Yes, someday soon Apple will release a firmware update that lets you turn 3G on and off in less than eight steps. Heck, they might even go buck wild and have it automatically switch to 3G when the bandwidth is needed, and back to Edge when not. (Crazy talk, I know!) But until that fine day, use the handy hints above to keep your iPhone running during that extended period while you walk from your house to your car.

PayPal iPhone app fails

PayPal iPhone fail
Originally uploaded by celeduc

I tried to install the PayPal iPhone application on my iPhone 3G, and it failed. An unknown error occurred (0xE8000022). Whoops!

This seems to work for other people. Maybe it doesn't like Canadians? I would think even PayPal could come up with a better way of snubbing us, if that's the case.

---

Update: as much as I'd like to blame PayPal for this, it appears to be a common problem with iTunes synchronization. So then I have a question for Apple: if this is happening so much, why is it an unknown error?

Mac OSX is way better than Windows, but unfortunately Microsoft sets the bar pretty low. OSX winning against Windows is like a drunken Björn Borg winning at tennis against a comatose chimp.