About a year ago I designed and ordered a batch of 300 dog collars with matching leashes, with the purpose of learning various marketing and brand-building skills while selling them. I’ve been really procrastinating on creating a nice landing page for them, (by way of over-designing).
They’re a lot higher quality than typical overseas-manufactured goods. I’ve spent a lot of time iterating on them to make sure they have a good, high-end feel to them similar to designer handbags.
The author overstates his case, IMO.
Preventing SQL injection and bad passwords are completely within the realm of software quality – even making your application easy to visually identify, in a way that uniquely identifies to the user that they’re using the authentic site, can be considered a function of software quality which reduces the likelihood of successful phishing attacks.
That’s why you have an iPhone, which can get hacked, instead of a 1980s era feature-phone that can do little more than make phone calls – you find the added risk worth the tradeoffs.
This example seems quite heavy-handed. There are more nuanced tradeoffs – even sticking to the iPhone, one could talk about the PIN-based lock screens as a tradeoff in convenience vs actual security – that would make the case more cogently.
It seems to me that the author was reaching for a slam dunk against CyberUL, when the case is actually more subtle than that.
It’s… slightly disconcerting to keep seeing people writing on the premise that cell phones existed in the 1980s. I see this fairly frequently, so I’m going to write a bit.
Having lived through the 80s, I can tell you that there were cell towers in rural locations but there was nothing hand-held (except satellite phones, which were as rare as they are today, ie only useful for wilderness exploration). The cell towers existed for the benefit of car phones, which were permanently wired into the electrical system of the car. Off the top of my head, 1980s state of the art was insufficient for hand-held cell phones at least with regard to portable battery technology, portable antennas, and inexpensive microcontrollers (which are needed to handle the network protocol, even on a feature phone). Also, a service plan for a car phone would run you hundreds of dollars a month. My rich uncle, an archetypical early adopter, had one in about 1990.
I think some of the confusion is that people hear about “wireless phones”, which were demonstrated at the 1967 World’s Fair, but unavailable to the general public due to exorbitant cost until the 1990s. These were using short-distance analog radio connected to a base station plugged into a land line, elsewhere in your home. The battery would hold about half an hour of charge, so you’d leave it on the base station when you weren’t using it, but it was still substantially nicer than trailing a cord everywhere you walked. Early ones didn’t use microcontrollers, and none of them used encryption until significantly after they were on their way to obsolescence; there were several news items involving people accidentally or intentionally listening to conversations meant to be private to their neighbors or to politicians. My uncle had installed several of these, as well, and I did have one from about 1996 on, by which time they were the inexpensive option.
Cell phones came into wide use in the late 90s, when the technology became affordable. I remember that there were a few years, maybe 1998 to 2002, during which there was a divisive culture line between people who appreciated the convenience they offered and people who didn’t. Similar to the clash between feature phone and smartphone users that seems to have finally ended. :)
Also, the author is talking about security risk, but phone networks in general were extremely insecure in the 1980s. The intelligence didn’t live in the handset, it lived in the phone company’s router, and for a while there was no planning around security at all. Go ahead and search for historical descriptions of phreaking to get an idea. That’s a little bit tangential to the author’s point, but I wanted to bring it up to say that security risks aren’t new.
And it’s not really accurate, anyway, to describe feature phones as less hackable; they just weren’t sufficiently tempting targets because one didn’t keep such valuable data on them. The quality of their firmware was far less than it is today. Its attack surface was smaller, since the apps were a closed ecosystem, but it was trivial to root these things with physical access to the sync port - which is not true of iOS or Android.
I enjoyed this story time, Auntie Irene. I was born in the early 1980’s, but I definitely remember a time when having a mobile phone was seen as a mark of conspicuous consumption.
Lol, thank you. It’s just… people born in the 90s have pushed back and argued with me about it. So I thought I’d at least get the past as I remember it written down somewhere. :)
I’m reading Release It!
I’ve read some reviews on Amazon and they sound positive, but I can’t get a sense for what’s actually in the book. Have you found it useful? What does it actually cover?
It’s definitely insightful. The book goes through a lot of the things can go wrong with your code when you deploy it in a production environment. It also covers some of the patterns that help you avoid those problems. Definitely wish I read it a year ago :)