Pages

Saturday, 31 January 2015

Motorola: Why you don't have Android Lollipop yet

Why do Android upgrades take so long?Google
Do you own a Motorola phone and wonder why some of your counterparts have Lollipop and you don't? Motorola is attempting to shed some light on the situation.
In a blog post on Thursday, the company announced that Android 5.0 Lollipop is now available for the Moto G (first and second generations) in India and Brazil. That's good news for Moto users in those countries. But Motorola actually kicked off its Lollipop push last November, shortly after Google officially released updated OS. Why is it taking so long to fan out?
Google's mobile OS is cursed by fragmentation as each new version takes considerable time to arrive on the phones and tablets of all Android users worldwide. A peek at Google's Android Developers Dashboard earlier this month revealed a 39 percent share of the market for KitKat -- the predecessor to Lollipop. Jelly Bean -- the predecessor to KitKit -- was still at the top of the charts with a 46 percent share. And Lollipop wasn't even on the radar yet, meaning it had less than a 0.1 percent share. This situation frustrates not only users but app developers, who must try to design programs that can support multiple versions of Android.
In its blog, Motorola explained the process involved in an Android upgrade and why it takes so long.
After Google creates a new version of its mobile OS, Google performs a "public push," Motorola said. That means the source code for the OS is released to the Android Open Source Project, usually tied to the debut of a new Google Nexus flagship phone.
Following the public push, mobile phone makers then test the new OS with local carriers and other organizations, a process that varies with each region of the world. After completing that testing, Motorola can start pushing out the upgrade to users.
Okay, but why do some users receive the upgrade early and others have to wait weeks or months?
Motorola said that before it can roll out an upgrade to a wide number of users, it performs "soak" tests. Through such tests, the upgrade is deployed to a small group of people so Motorola can monitor its performance and collect user feedback. Such testing is critical because it can reveal any bugs in the software, giving the company a chance to fix them before the upgrade reaches a wider audience.
In some cases, Motorola expands the number of soak test users to catch issues that might pop up in a larger group. After this test is done, the company launches the upgrade for all users in a specific country and for a specific device.
To add to the complexity, testing may be required for different software versions for each device, which further impacts the availability of a new upgrade, both by region and carrier. Finally, mobile carriers get into the act through their own testing to make sure the upgrade meets their requirements.
"These requirements vary from carrier to carrier and across different regions." Motorola said. "They also have lab testing times that can range from weeks to months. In some cases, devices on older or less powerful chipsets may need more work to ensure good performance when running Lollipop."
Motorola did say that Google improved the Android upgrade process with Lollipop by releasing developer previews early enough so manufacturers had more time to test the software. As such, Motorola was able to push Lollipop to its Moto X (second generation) Pure Edition eight days after Google's public push.
And the rollout continues. Last week, Motorola said that Android 5.0 would be "rolling out in phases" to its Moto G (second generation) phone in the United States. Motorola users who haven't yet gotten a taste of Lollipop can check the company's Upgrades page to see if and when your model is slated to receive the upgrade.
With so many manufacturers, carriers, and devices involved, upgrading all Android devices with the latest version is always going to be a long, time-consuming process. Android users, you have two choices: be patient or switch to Apple's iPhone.

Google's search for sales, profit falls short

Google is trying to figure out how to make more money on mobile ads.Getty Images
For the past few quarters, Google's finances have been the story of same-old, same-old: Desktop search -- its biggest business -- is getting stale, but it still makes billions.
The story stayed true on Thursday when Google reported lagging revenue, as more people find what they want from their smartphones and tablets. And as competitors, including Facebook, draw more of the mobile users that advertisers are trying to court.
For the sixth time in seven quarters, Wall Street analysts still weren't wowed by the company's performance. Google, the world's largest search engine, said sales, excluding traffic acquisition costs, were $14.48 billion. Profit, minus some costs, was $6.88 a share. That fell short of analysts' estimates of $14.7 billion in revenue and earnings of $7.12 per share.
Patrick Pichette, Google's chief financial officer, said on a conference call with analysts that the company faced "a few real challenges" in the fourth quarter, but touted the strength of its core search business.
The company's stock fell more than 2 percent at one point in after-hours trading, but bounced back after Pichette concluded his remarks. At 2:30 p.m. PT, shares were at $521.25, after closing at $510.66 in regular trading.
Google's lower sales during the holiday quarter highlighted CEO Larry Page's inability to grab significant gains outside of its juggernaut search and advertising business for desktop computers, which account for up 90 percent of its revenue. The desktop continues to be the cornerstone of Google's business, concerning analysts and investors who worry about that area becoming outdated.
Google handily wins when it comes to global digital advertising market share overall. The company had more than 31 percent of the market last year, while its closest competitor, Facebook, had almost 8 percent, according to eMarketer.
But Google faces a two-edged problem in mobile advertising. It makes less money from mobile ads and its share of the mobile market is shrinking. It dropped from 46 percent in 2013 to 40 percent last year, according to eMarketer. Meanwhile, Facebook's share climbed 2 percentage points to 18 percent last year. Facebook said Wednesday that mobile revenue accounted for almost 70 percent of its $3.85 billion in ad sales.
Google doesn't break out revenue specifically related to mobile. But the growth of paid clicks -- an important metric for Google because it gets money every time someone clicks on an ad -- has slowed. The metric grew only 14 percent from the year before. In 2013, it grew 31 percent year over year. Cost-per-click, the amount of money Google gets each time you click on its ads, continued its downward trend, falling 3 percent year over year.
Google has been trying to think outside the search box. In October, Page took a step back from day-to-day management duties, ceding much of his control over the company's most important products -- including maps and search -- to Sundar Pichai, a longtime trusted lieutenant. The reason? Page said he wanted to focus on Google's future.
That's why Google has invested so much lately on audacious projects like self-driving cars, smart contact lenses, and Wi-Fi balloons that beam out Internet connectivity. Those initiatives, all developed in the company's secretive Google X lab -- as well as more down-to-earth initiatives like the Google Play marketplace -- fall under a category Google calls "other revenue." That figure made up 11 percent of the company's overall sales last quarter, the same as the quarter before.

Glass and beyond

One of those projects is Google Glass, the company's Web-connected headset. The high-profile device was introduced with much fanfare by Google co-founder Sergey Brin during a conference in San Francisco in 2012.
But since its debut, the gadget has been met with both fascination and scorn. Privacy advocates have cried foul over its included camera; culture critics have coined the term "Glasshole" for overly enthusiastic wearers of the device.
Earlier this month, Google said it was discontinuing sales of the prototype version of the gadget. The company insisted it was continuing to work on the product, but reorganized the team's structure. Google put Tony Fadell, co-founder of the smart-device company Nest and former Apple hardware guru, in charge of the group.
Google acknowledged some of the device's shortcomings on Thursday. "When the teams aren't able to hit hurdles, but we think there's still a lot of promise, we might ask them to take a pause and take the time to reset their strategy," said Pichette. "As we did recently in the case of Glass."
The company also has ever-increasing telecommunications ambitions, with the ultimate goal of expanding its user base and gaining revenue. Earlier this month Google joined with Fidelity to invest $1 billion in Elon Musk's SpaceX, which aims to launch a fleet of lightweight satellites for Internet service. And Google also earlier this week expanded the reach of its Fiber broadband project to 18 more cities. The service, meant to rev up Internet connection speeds, is coming to new places including Atlanta and Nashville.
Google is also reportedly interested in becoming a wireless carrier itself. The company is said to be in talks with Sprint and T-Mobile, the third- and fourth-largest mobile carriers in the country, to sell and manage consumers' mobile data plans.

Delhi victim sues Uber in the US over alleged assault

Uber has been sued in the US over alleged rape.Uber
A woman who says she was assaulted and raped by an Uber driver in New Delhi last month has sued the car-sharing service in the US.
The woman, who remains unidentified, is suing Uber for unspecified damages, saying that the alleged assault stemmed from the company failing to implement basic security features that might have kept her safe, according to Reuters, which obtained a copy of the lawsuit. The woman, who resides in Delhi, also asked for Uber to update its security protocols, arguing that a 24-hour customer support hotline and in-car cameras could prevent attacks from occurring.
"Our deepest sympathies remain with the victim of this horrific crime," an Uber spokeswoman said in a statement. "We are cooperating fully with the authorities to ensure the perpetrator is brought to justice."
Last month, the 26-year-old woman hailed a car from Uber in Delhi after attending a social event. Soon after, the driver allegedly attacked and sexually assaulted her. A few days later, the driver, Shiv Kumar Yadav, 32, was arrested in his hometown 100 miles outside of Delhi.
The arrest called into question Uber's safety protocols. Uber, based in San Francisco, performs background checks on drivers, but the company's drivers have faced a string of allegations over the last several months, including dozens of claims of sexual assaultgropingkidnapping, and physical assault, according to media outlets.
Just days after the woman in Delhi was allegedly assaulted, an Uber driver in Boston, Alejandro Done, was arraigned on charges of rape, assault to rape, kidnapping, and two counts of assault and battery after allegedly attacking a young woman in his Uber car. Done allegedly took the woman to a secluded area and attacked her, the district attorney's office for Massachusetts' Middlesex County said last month.
The alleged attack was the fourth time an Uber customer in the Boston area had reported an assault or inappropriate touching within one month, according to the Boston Globe. Three women had previously reported incidents with car-sharing services, and at least two had used Uber.
Uber has acknowledged that it needs to improve its approach to security. Last month, the company's head of global safety, Phillip Cardenas, said in a blog post that Uber has "more work to do" in safety, adding that his company "is committed to developing new technology tools that improve safety, strengthen and increase the number of cities and countries where background checks are conducted and improve communication with local officials and law enforcement."
Cardenas' comments came a month after Uber started a safety review to identify new technologies, such as biometrics and voice verification, to enhance driver screenings and background checks. Uber also said it is working to make it easier for riders to communicate with the company and is building "Safety Incident Response teams" to provide support to customers during emergencies. Uber did not say when its new programs would roll out.
After the alleged incident in Delhi, Uber's service was banned from the Indian capital territory over claims that it was operating illegally. Last week, Uber announced that it had applied for a radio taxi license and was now operating again in Delhi. The license effectively makes Uber a taxi provider and requires more availability, including a 24/7 on-call center.
In its statement announcing its return to Delhi, Uber said that it has instituted new safety protocols, including reverifying drivers and "implementing independent background checks on all driver partners, plus vehicle documentation reviews."
"Our teams have worked tirelessly to develop new safety features (including an in-app emergency button) nationwide, establish a dedicated incident response team and reverify the full credentials of every driver-partner on the Uber platform in Delhi," Uber wrote in a statement.

Reddit's first transparency report reveals requests for user data

Reddit received 218 requests last year to remove specific content, complying with 68 of them.Reddit
Reddit has joined the likes of Google and Facebook in releasing its first transparency report that details requests for user data and for the removal of content.
In a blog post Thursday, the social news site said it regularly gets requests from government agencies and law enforcement for data on its users, as well as requests to remove certain content. Reddit also sometimes receives such requests from private individuals via subpoenas and legal documents .
In 2014, the site received 55 requests for user information, a small number in comparison to the volume received by Google, Facebook and other tech players. But each request still poses a challenge to Reddit since it must decide whether to comply with it or reject it. Complying represents a potential risk to the privacy of its users, but rejecting a request could put the company into a legal skirmish with the requestor.
Reddit essentially serves as a large community message board, with people posting content to a range of subreddits, or threads, that cover a host of topics. Reddit is also known for its Ask Me Anything (AMAs), live, online events in which people get to ask questions of celebrities and other notable figures.
Facing the 55 requests for user information last year, Reddit said it provided some information in 32 of them and that 78 users accounts were named in the requests. The company also said it successfully challenged two civil subpoenas that were seeking data on more than a dozen anonymous users.
The company also attempts to inform users when their data is requested.
"Many government requests we receive contain demands to withhold notice from users that carry no legal weight," Reddit said in its blog. "We actively disregard these non-binding demands. Our goal is to give users the information they need to seek legal advice before their records are disclosed. As stated in our privacy policy, we provide advance notice to affected users unless prohibited by a court order or where we decide delayed notice is appropriate based on clear criteria."
Last year, Reddit also received 218 requests to remove specific content. Of those, Reddit complied with 68. Most of the requests were for alleged copyright and trademark violations. Many were rejected because they did not contain information required by the Digital Millennium Copyright Act (DMCA).
Some takedown requests called for the removal of entire subreddits, or threads, which Reddit considers too broad. A large volume of the copyright takedown requests pointed to user-submitted URLs linked to content on other sites. Those requests were trickier than others because links don't typically infringe on copyrights. As a result, Reddit had to "exercise extra scrutiny in assessing takedowns for links."
Reddit also added that "real humans" review every request to take down content.

Finally a pro-children Vine

Vine goes child-friendly with Vine Kids app

img6754.png
Vine Kids features looping 6-second child-friendly videos.Screenshot by Michelle Meyers/CNET
Kids are known for having short attention spans and it appears Vine is banking on that with a new app that should also help put parents at ease.
The Twitter-owned video-sharing company rolled out Vine Kids on Friday to let children watch looping 6-second Vine videos that have been screened for child-appropriateness.
"Kids love Vine," Vine head of communications and marketing Carolyn Penner wrote in a blog post. "So, we built Vine Kids, a simple new app that gives young children a fun way to watch Vines."
Since launching in 2012 Vine has steadily grown its audience to at least 40 million. The video app is known for users who upload and share videos that show people doing goofy stunts, playing sports and other high jinks. In 2013, Vine had a dustup after a plethora of porn videos appeared on the site, which led Twitter to give the app a NC-17 rating. This newest Vine app, however, could easily be G rated.
Vine Kids features animations, Sesame Street characters like Elmo and videos with cute animals like hedgehogs and puppies. Vine's goal is to have a collection of videos for a young audience that are safe to watch.
The company picks the kids videos by choosing from its millions of daily uploads in its regular Vine app. Once a child tires of looking at one clip, they can swipe left or right to get a new video. By making Vine Kids a completely separate app, Vine has ensured that kids won't happen upon adult videos.
Vine Kids is only available on iOS.

Broadband internet? Maybe not!

The Federal Communications Commission on Thursday rewrote the definition of high-speed Internet, and chances are, your connection isn't up to snuff.
The FCC commissioners voted 3 to 2 in support of the change. They are (left to right): Ajit Pai, Mignon Clyburn, Tom Wheeler (chairman), Jessica Rosenworcel, and Michael O'Rielly.FCC
The FCC, tasked with overseeing the rules that govern the Internet, raised the standard for broadband to 25 megabits per second from 4 Mbps, while raising the upload speed to 3 Mbps from 1 Mbps. The commissioners voted 3 to 2 in support of the change, though the dissenting Republican commissioners blasted the move as "overreaching." The change came as the FCC published its 2015 Broadband Progress Report, which is what Congress uses to assess the US broadband market.
The new definition effectively means that millions of Americans subscribing to Internet service that clocks in at less than 25 Mbps are no longer considered "broadband" subscribers. The average speed of service delivered in the US is 10 Mbps. Using this new threshold, the agency determined in its report that true broadband speeds are not being delivered in a timely fashion.
The agency's report found that 55 million Americans, or 17 percent of the population, lack access to advanced broadband services. The bulk of Americans who do not have access to such speeds are in rural areas. The report indicates that 53 percent of rural Americans lack broadband with download speeds of 25 Mbps. This is compared to 8 percent of Americans living in urban areas. The report also indicates that 20 percent of rural Americans don't even have access to the previous standard of 4 Mbps downloads.

A contentious decision

The move has once again pitted Chairman Tom Wheeler, a Democrat appointed by President Barack Obama, against the two Republicans on the commission, Ajit Pai and Michael O'Rielly, selected by the Republican-controlled Congress. Wheeler says the change in definition is an aspirational target that makes sense given the marketing claims of broadband providers that profess higher speeds are necessary for the ever increasing demands of consumers.
"Our challenge is not to hide behind self-serving lobbying statements, but to recognize reality," Wheeler said at the meeting. "And our challenge is to help make that reality available to all."
But the two dissenters on the FCC called the move an overreach of the agency's authority and argued that the new standard is arbitrary. Pai said that a better judge of what is considered broadband is to look at the services that consumers actually purchase.
"Seventy-one percent of consumers who can purchase fixed 25 Mbps service -- over 70 million households -- choose not to," he said.
The FCC noted in the Broadband Progress Report that the previous definition for broadband at 4 Mbps for downloads and 1 Mbps for uploads, adopted in 2010, was "inadequate."

Strong opinions on both sides

Consumer groups hailed the report's findings.
"The FCC's re-evaluation of the broadband marketplace is long overdue," Edyael Casaperalta, Internet rights fellow at Public Knowledge, said in a statement. "For too long, the FCC has gotten by with an outdated standard for broadband, and as a result its analysis of the marketplace grew increasingly antiquated."
The Communications Workers of America union also applauded the effort, arguing that the updated standard will create more jobs.
"Our nation's economic strength and social welfare -- as well as the future of good jobs in the telecom sector -- requires world leadership in the quality and capacity of our communications networks, and today's action by the FCC will move us forward toward regaining that leadership," the labor union said in a statement.
But conservative groups derided the move.
"The FCC has been playing political games with the '706 report' since 2010, when it suddenly declared deployment inadequate in order to justify its Net neutrality regulations," said Berin Szoka, president of TechFreedom, a Washington, D.C.-based think tank that generally backs the efforts of broadband providers.

Foundation for Net neutrality battle?

The FCC's Republican commissioners believe the broadband vote is just a setup for the agency's intent to settle the Net neutrality fight with new regulations and to push local municipalities to go around state laws and build their own Internet networks. (Net neutrality is the principle of treating all Internet traffic the same.) They believe the stricter speed guidelines paint the broadband industry as less competitive, justifying the FCC's moves.
"The ultimate goal is to seize new, virtually limitless authority to regulate the broadband marketplace," Pai said during the agency's meeting Thursday. "A thriving marketplace must be found to have failed so that the agency can regulate it back to health."
At the heart of the Net neutrality debate is a provision in the new rules that would reclassify broadband as a Title II service under the Telecommunications Act. This reclassification would essentially allow the FCC to apply regulation originally established for the traditional telephone network to broadband infrastructure. While Net neutrality supporters hail the reclassification as a way to put the new rules on firmer legal ground, opponents including large Internet service providers and conservative Republicans say it would stifle investment in networks.
The FCC is also set to rule on two petitions that will override state laws in North Carolina and Tennessee that prohibit municipalities from building or expanding broadband networks.
The agency will vote on both the Net neutrality proposal and the municipal broadband initiative at its February 26 meeting.

Friday, 30 January 2015

Amazon surprises investors with a gift of profit

One of Amazon's fulfillment centers on the eve of Cyber Monday.James Martin/CNET
Looks like Amazon got its happy holidays after all.
The company on Thursday reported a profit of $214 million, or 45 cents a share, on revenue of $29.33 billion, exceeding some analysts' estimates of 17 cents a share on $29.68 billion in revenue.
The results show that Amazon learned from the mistakes it made last year when its delivery partners FedEx and UPS ended up with a backlog of packages that caused some shipments to arrive at customers' doorsteps after Christmas. This year, the world's largest online retailer revised its delivery plans and even extended its Christmas delivery cutoff date, getting packages to customers on time, said Scot Wingo, CEO of ChannelAdvisor, which provides analytics and other services to online retailers.
For the current quarter, the company said it expects sales to rise to between $20.9 billion and $22.9 billion, growing 6 percent to 16 percent compared with the first quarter last year. It also forecast that operating income would range from a loss of $450 million to a profit of $50 million. Amazon last year reported $146 million in operating income.
Last quarter's profit comes after two consecutive quarters of losses, and investors are buying into the results. Shares surged more than 13 percent in after-hours trading. The stock closed at $311.78, up $7.87, or more than 2 percent.
"They did a really good job of extending the holidays and not repeating the debacle of last year," Wingo said.
Like other retailers, Amazon sees a spike in activity during the season, with big shopping days likeBlack Friday and, in more recent years, Cyber Monday, driving orders.
The holidays also tend to bump up the company's Prime membership, as people take advantage of the program's free, two-day shipping for last-minute shopping. The company in March hiked the price of Prime membership to $99, up from $79.
"When we raised the price of Prime membership last year, we were confident that customers would continue to find it the best bargain in the history of shopping," Amazon CEO Jeff Bezos said in a statement. "The data is in and customers agree -- on a base of tens of millions, worldwide paid membership grew 53 percent last year -- 50 percent in the U.S. and even a bit faster outside the U.S.
Amazon did not release specific numbers for Prime. Wingo estimated that Prime membership has grown to roughly 40 million.
Prime is a key component of Amazon's strategy. A subscription service that gives members access to e-books, videos and music in addition to two-day shipping, it keeps customer -- and their dollars -- inside Amazon's vast ecosystem. One study of 2014's fourth quarter found that Prime customers spend hundreds more on Amazon than non-Prime shoppers.
"When a customer becomes a Prime member, they do step up their purchases very considerably," Chief Financial Officer Tom Szkutak said during a call with journalists following the report. He would not say how much more Prime members spend or whether they're watching more streaming videos than other consumers. Amazon has heavily invested in its Prime Instant Video service, which Szkutak said is driving more consumers to Prime.
The real star of Amazon's earnings continues to be its cloud-computing arm, Amazon Web Services. The company said that 1 million people use the service now and that it will start breaking out the service's financials this year, an indication of AWS' growth. Amazon has expanded the service considerably since it launched in 2006. It is a major provider of data storage and computing for several consumer brands, including video-streaming service Netflix, and even government entities like the CIA and NASA.
In the past, AWS sales were included in a miscellaneous category for North America sales called "Other," which saw $1.67 billion in sales in the last quarter.

Be warned: Google enlists Chrome in push for encrypted Web

Google has added a feature to Chrome that can alert users about unencrypted network connections common on many parts of the Web. The feature isn't on by default.
Google has added a feature to Chrome that can alert users about unencrypted network connections common on many parts of the Web. The feature isn't on by default.Screenshot by Stephen Shankland/CNET
Google just gave Chrome something of an insecurity complex.
That's because the company has enlisted Chrome -- the No. 2 desktop browser worldwide -- in its effort to make secure, encrypted connections on the Web the rule rather than the exception. Encryption scrambles data during transmission to protect users from identity thieves and prying governments. This week, Google built a feature into a test version of Chrome to explicitly warn people about Web pages that are delivered without encryption.
As the feature spreads to mainstream versions of Chrome, it could alarm people who thought Web pages were working fine and could impose new costs on Web site operators who don't want their users fretting that something is wrong. But in Google's view, the problem needs fixing.
"We know that active tampering and surveillance attacks, as well as passive surveillance attacks, are not theoretical but are in fact commonplace on the Web," Chris Palmer, a security programmer on Google's Chrome team, said last month in a mailing list post explaining the plan.
Moving toward encryption by default is a profound, monumental change for the Web. With unencrypted pages, somebody like an Internet service provider, taxi or airport Wi-Fi operator, or malicious hacker offering a "free Wi-Fi" hot spot can read all the data sent to and from a computer. A hacker can also modify a Web page, and an ISP can insert its own advertising. To block against that kind of eavesdropping and tampering, Google encrypted its Gmail connections and search site in 2010, and Yahoo and Microsoft have followed suit.
But countless Web pages aren't offered over a secure connection, including Wikipedia, Instagram, Craigslist, Imgur, China Daily, CNN and Amazon product pages. Indeed, 55 percent of the Web's top million sites don't offer encryption, according to 2014 analysis. 
Google has been pushing for an encrypted Web for years, but former National Security Agency contractor Edward Snowden's revelations about NSA surveillance has lent new urgency to the cause. In 2013, Snowden showed the massive extent of government surveillance both through official channels like subpoenas and the interception of communications traffic.
The first step in bringing the encryption plan to fruition came this week with a small first step that will directly affect almost nobody. The bleeding-edge Canary version of Chrome -- not stable or tested enough for ordinary users -- now offers a manual setting that enables the warning about unencrypted pages. A person visiting an unencrypted page will see in Chrome's address bar a padlock with a red X over it. As the year progresses, expect the change to spread to mainstream Chrome.
To enable the feature, a person has to install Chrome Canary and activate the "mark non-secure origins as non-secure" option in Chrome's chrome://flags interface.
Google's Chrome Canary, an early test version of the browser, can be configured to show the warning about unencrypted HTTP connections.
Google's Chrome Canary, an early test version of the browser, can be configured to show the warning about unencrypted HTTP connections.Screenshot by Stephen Shankland/CNET
Google suggests a phased transition to the warnings, but in the long run, the company expects a reversal in browser behavior. Today, green lock icons denote secure pages while unencrypted pages are plain. In the future, as encrypted pages become the norm, they could get the plain pages while unencrypted sites could sport a red warning sign.

HTTPS advocacy

Encrypted Web pages are sent using the HTTPS (Secure Hypertext Transfer Protocol) technology. HTTPS arrived not long after unencrypted HTTP helped begin the Web revolution 25 years ago; the main incentive for adding HTTPS was preventing password eavesdropping on login pages and keeping credit card numbers secret for e-commerce.
Google has worked to counter one perception standing in the way of HTTPS: that HTTPS requires more powerful and therefore expensive hardware for Web site operators. But SSL/TLS, the encryption standard underlying HTTPS, "is not computationally expensive any more," Google security expert Adam Langley argued back in 2010. "Ten years ago it might have been true, but it's just not the case any more. You too can afford to enable HTTPS for your users."
Snowden's revelations helped marshal more allies to Google's cause.
For example, the Electronic Frontier Foundation (EFF), an advocate of personal freedoms on the Net and outspoken critic of government snooping, has advocated HTTPS for years. But it increased its efforts after Snowden's leaks.
The EFF and partners including Firefox developer Mozilla, network equipment maker Cisco Systems, and content distributor Akamai Technologies launched a project late last year called Let's Encrypt to make it easier for Web site operators to move to HTTPS. Specifically, Let's Encrypt will offers free certificates, the electronic credentials required to encrypt a Web site connection.

Mozilla support

Another ally for Google's HTTPS plan is Mozilla.
"In general, this proposal seems like a good idea," said Richard Barnes, the nonprofit organization's cryptographic engineering manager. "Adding security to the Web is a core part of our mission...We strongly support the deployment of HTTPS as widely as possible."
He specifically supports one facet of Google's proposal: that warnings be shown starting when HTTPS-encrypted Web pages become more ordinary. Being more aggressive could cause confusion and other undesirable side effects.
"We wouldn't want to turn on a warning light that's on all the time -- that just trains users to ignore it," Barnes said. "An indicator of HTTP being insecure should be thought of as a way to move the state of HTTPS from 'dominant' to 'universal,' not from 'bare majority' to 'universal.'"

Speed bumps and stop signs

Yandex, a Russian search rival to Google that now also offers a Web browser, sees user privacy and security benefits to Google's plan, but it has its own ideas about warning users about unencrypted Web connections.
The Internet industry isn't ready to deliver HTTPS connections at the scale they deliver HTTP connections today, said Anton Karpov, Yandex's head of information security. Web site operators have to worry that HTTPS connections are sometimes blocked in areas like airports and that, contrary to Google's position, HTTPS does require beefier hardware to handle the encryption calculations.
Another hitch is the content delivery network (CDN) business, in which companies armed with global network capacity and servers help Web site operators distribute their content the world over. CDNs can offer HTTPS connections -- but they often charge a premium.
Outside the tech industry, there's another kind of opposition. For example, in January, UK Prime Minister David Cameron pledged to ban encrypted communication software that's unbreakable by the government in order to more effectively combat terrorism.
Web encryption could help thwart legislative ambitions to ban smartphone apps whose encryption comes with a government-accessible back door. For example, a person could point a browser at an encrypted online chat site in a different country.
Overall, the momentum toward encryption is powerful, as seen in Apple's decision to encrypt data stored on iPhones and iPads and Google's parallel move with its Android mobile operating system. New network technologies, including Google's SPDY and its related standard HTTP/2, will in practicerequire encryption in some common instances.
Moving to an encrypted Web won't happen quickly, but Google has momentum on its side.

Thursday, 29 January 2015

iPhone's double-edged sword: Big sales, big risk for Apple


The release of the iPhone 6 and 6 Plus smartphones pushed Apple to record revenue and profits.CNET
The iPhone continues to be Apple's biggest seller. That's both good news and bad news.
Apple's flagship smartphone drove record sales and profits for the Cupertino, Calif., electronics maker in the final quarter of 2014. However, the heavy mix of iPhone sales again highlighted the company's dependence on a single product line, putting it at risk down the line.
Former Apple CEO Steve Jobs long talked about his company's strategy of having three strong products -- a "three-legged stool." Years back, it was the Macintosh computer, iPod music player and iPhone. After that, it was the iPhone, iPad andMac. But lately, that stool has been standing on just one leg: the iPhone. That's not a concern as long as the iPhone sells well, like it did in the holiday quarter, but one iPhone whiff and Apple's profits could tumble.
"All I can say is: Wow, this was quite an impressive quarter," said Michael Obuchowski, an Apple shareholder and portfolio manager at Concert Wealth Management. But "of course I am worried. Once again, we are back to the situation where iPhone...completely drives the company's future."
Apple's fiscal first quarter, which ended December 27, was an absolute blowout. Its earnings, revenue and margins smashed Wall Street expectations, and it posted its highest quarter ever for Mac and App Store revenue. But the iPhone far and away drove the results.
About 69 percent of Apple's $74.6 billion revenue came from its smartphone, far more than its typical level closer to 50 percent. iPhone sales, for example, made up 56 percent of revenue in the year-earlier period and in its fiscal fourth quarter that ended in September.
"This volume is hard to comprehend," Apple CEO Tim Cook said Tuesday during a conference call with analysts. "On average, we sold over 34,000 iPhones every hour, 24 hours a day, every day of the quarter."The huge bump in iPhone sales came from the company's newest products, the 4.7-inch iPhone 6 and the 5.5-inch 6 Plus. Consumers have scooped up the devices -- which sport bigger screens than 2013's 4-inch iPhone 5S -- in record numbers. Unit shipments for the smartphone jumped 46 percent to 74.5 million from the same quarter a year ago, its former record high. At the same time, revenue soared 57 percent to $51.2 billion.
Apple's other stool legs didn't come anywhere near iPhone sales. The Mac business has been doing well in recent quarters, rising to its all-time highest market share and sales. But it made up only 9.3 percent of total revenue in the most recent period, down from 11 percent a year ago. And the iPad's contribution declined for the fourth consecutive quarter, with its chunk of revenue falling to 12 percent from 20 percent a year ago.
Of course, many companies would love to be in the same position as Apple, even if it means most of their sales come from one product. And Apple will benefit from iPhone sales for a long time. The majority of people who buy an iPhone stick with the Apple ecosystem when they upgrade, and Cook noted Apple "had the highest number of customers new to iPhone last quarter than in any prior launch."
But Apple's increasing reliance on the iPhone is part of what's driven it to develop the Apple Watch. The company unveiled the device, which starts at $349, in September and said Tuesday that the smartwatch will hit store shelves in April.
"I don't think Apple has ever felt they could put all their eggs in the iPhone basket," said Tim Bajarin, a longtime tech analyst at firm Creative Strategies. "The reason the Apple Watch is coming is because it's another product with growth potential."
He estimates Apple will sell 22 million to 23 million Apple Watches in the first year. Katy Huberty, an analyst with Morgan Stanley, believes Apple will sell 30 million. That's a good start, but neither estimate hits anywhere close to iPhone or even iPad sales. In the most recent period alone, Apple shipped 74.5 million iPhones and 21.4 million iPads.
Even if Apple Watch volumes start to rise, Apple likely won't make as much from each device as it does from the iPhone and iPad. Bajarin estimates the average Apple Watch price will range from $449 to $549, while Apple on Tuesday said the average iPhone selling price in the first quarter was $687.
Apple isn't relying solely on the Apple Watch as a new growth area, though. It's also counting on Apple Pay, Beats and other new services to boost its results, and Cook has said Apple is developing new products no one has heard about yet.
"I've called Apple a one-device wonder in the past," Obuchowski said. "They pulled a rabbit out of a hat at that time. I hope they can pull another one, but I am skeptical that Apple Watch will be that device. I am waiting for more new ideas."
Until Apple's new businesses gain traction, the company will have to hope the iPhone doesn't slow