Jeffrey Paul

Those of you who know me realize that there are few things I like more than technology. Be it analog electronics for making basslines, aluminum tubes that you can sit in and transit between continents in hours (“you’re sitting in a chair… IN THE SKY!”), or the latest WiMax-Handheld-Augmented-Reality-Haptic-Gadgetron.

That said, when the iPad came out, nobody was more excited than I. I immediately committed myself mentally to buying one the day it came out.

Those of you who run some variant of Windows or Linux on your netbook were quite likely much less impressed than I. It doesn’t have a built-in USB port, card reader, keyboard, or video output. The screen is small, and relatively low-resolution.

If you’re looking at this thing as a computer, then yes, it falls woefully short. Unfortunately, if you’re saying these things, you (as a computer user) don’t know shit about user experience, or why this thing’s going to change the world. These things are going to replace actual notebooks, not notebook computers. I have a client that thinks that anyone who’d pay $500 for an iPad when you can buy a $300 general-purpose netbook is certifiable. The technologist in me thinks he’s short-sighted and uninspired (to say nothing of the Apple-shareholder-me).

(An aside: This whole debate reminds me very much of a recent thread on a local Berlin discussion board about the Berghain nightclub, started by someone who was butthurt about not being let in after waiting forever in a long line. From the outside, it’s impossible to distinguish something that is actually the best in the world from something that isn’t and just shamelessly exudes pretension instead. The problem is that you actually have to taste the kool-aid, at least one time, to know if it’s the Real Deal or not. Same goes for Apple products, or Berghain. Some try it and finally understand, and some casually dismiss it as wankery. PS: It’s OK to feel sorry for those in the second group.)

Then, as the days wore on, I came to think about the device more and more. All of the reasons I’m in love with it are still there, and that’s why this article is written with a heavy heart— it’s not that I came around to the computer-nerd arguments (which are all still invalid), but additional data points that I hadn’t considered before.

The iPad is powered by a new processor, called the Apple A4. In April of 2008, Apple purchased a chip manufacturer called PA Semiconductor, and, with it, about a hundred battle-hardened CPU design engineers. Presumably, due to the lead times involved in such projects, it was only a few nanoseconds later (propagation delay) that they were all put right to work on this “new, world-changing chip” to be used in the iPad.

Take a moment right now to review the history that Apple’s had with unauthorized use of their software on mobile devices. From iPhone OS 1.0.0, jailbreaking, the unlocks in hardware and software on both the iPhone (1st Generation), iPhone 3G (2nd Generation), and iPhone 3GS (3rd Generation), and the recent developments of things such as Hackulo.us (the nexus of the nascent iPhone warez scene, distributing de-DRMed .ipa applications fresh from the App Store), Apple’s been constantly contending with those that want to use their software and hardware in unauthorized ways.

Of course, Apple wins any-which-way, as they are in the business of selling the hardware on which you’re going to be running this hacked/pirated/homebrew software, so it’s not a total loss, or even a loss at all. But anyone who’s looked at the App Store revenues (as well as the gigantic industry that’s sprung up around iPhone app development in the last few years) can see that they’re not going to be content with “just the hardware” for very long.

Now, to be fair, the majority of these mods (even jailbreaking, the hacking of the iPhone OS to run unauthorized software, was initially only developed to run the unlocker apps) were a result of the iPhone being carrier-locked. People wanted the iPhone OS, so they wanted the iPhone, so they wanted an unlock. Now, though, the cat’s out of the bag, and part-and-parcel with the unlock comes unfettered access to the filesystem and the object code that lives within it.

I’m a technologist, this is what I do, all day, every day.   Take a moment here to go (re?)read about Trusted Computing (sometimes called Treacherous Computing by those in the industry), a not-so-new technology coming down the pipe (like it or not), pushed (at least initially) by the Big Media conglomerates (the movie and music rights-holders) and the platform vendors (Sony (PS3), Microsoft (Xbox and Windows and Windows Mobile), Apple (iPod, iPhone, iPad)) who enable their ability to push their swill into your media center room and/or office and/or daily commute.

(Warning to cryptography nerds – a vast oversimplification is coming.) Basically, TC in a nutshell is this: Your computer has a special cryptographic root certificate inside of it, in hardware, that is consulted by the CPU before executing code. When it boots, before executing the bootloader, it checks to ensure that the cryptographic signature on the bootloader is trusted by the certificate stored in hardware. If not, no go. This bootloader then does the same thing on the OS, and the OS with the drivers and apps, all the way down the chain, ensuring that no unauthorized code (for a simple example, think DeCSS/Handbrake) can run.

In theory, it’s awesome, because it’s the ultimate end-game for viruses, spyware, trojans, and the like, as they’d never be properly signed, and they’d never get to run in the first place.  In practice, though, the cryptographic authority is rarely held by the owner of the hardware, but instead by the hardware manufacturer (who are puppets of the Big Content rights-holders, or, in the case of Sony, the same organization).

Anyone want to place any bets on whether or not the Apple code-signing CA certificate is in the iPad’s ROM? (I’m willing to put my money on the fact that the A4 will contain, on-die, the sha256sum of Steve’s pancreas XOR’d with the DNA from Clarus the dogcow.)   Do you really think that Apple, with all of their adherence to DRM and closed software ecosystems is going to let even one byte of unsigned code run on any iPad, ever? They’ve custom-built the silicon, and, for the very first time, the Trusted Computing dream is about to be realized in practice, on a grand scale.

DRM absolutely doesn’t work without a trusted computing base to work on, which every single DRM vendor has found out, in practice, in the last four or five years. As general-purpose computing devices (such as your laptop) are now integral in the media stream, they can’t be excluded without hurting content sales. (Thus, things like PlayFair, a program that strips iTunes DRM.) The solution is to control the whole system, so that programs like this aren’t allowed to run in the first place. The problem with that, though, is that anyone who made a default-deny Trusted Computing laptop that wouldn’t run existing unsigned programs would find themselves with a warehouse full of laptops.

However, Apple’s building an ecosystem in which your computer arguably doesn’t have anything to do with the movies or TV or music you buy and consume. As has been pointed out over and over again, the iPad is not a laptop.

Normally, this wouldn’t bother me, as I’m not so much a freedom-fighter as I am a practical user. Unfortunately, Apple’s not just a Benevolent Overlord who uses their (currently partial, soon total and absolute) control of their app ecosystem to stamp-out piracy, but also uses it (in ways that may eventually turn out to be illegal) to stamp-out competition and immoral content.

I was a user of GV Mobile, the GrandCentral/Google Voice interface app written by Sean Kovacs, before Apple deleted it from the App store. One day, it stopped working, and I could no longer get updates through Apple, as they’d deleted it due to it infringing upon their (and AT&T’s) revenue stream by sending and receiving SMS over IP through Google, effectively for free, though they gave some other reason. It was so blatant that Google got the FCC involved.

Fortunately, the iPhone OS has been jailbroken (at least on that hardware), and I was able to load the updated version of GV Mobile via an unauthorized method (it’s in one of the Cydia/Icy repositories). If this hadn’t been possible, I’d have switched to a phone that sucks more, just to get the functionality that I want. Thankfully, the latest iPhone is still hackable – I can write a program, right now, and run it on my hardware.

Today, I saw this article:

http://www.intomobile.com/2010/02/18/is-apple-nipple-clamping-down-on-sexual-content.html

Basically, this guy sold an app via the App store that had boobs in it. (With the proper content rating, of course.) Now, as someone who generally appreciates boobs (although I’ve never used his app), I think this is a good thing. Apple has other ideas, changed their mind about the implications of boobs, and removed his application.

It’s one thing when your closed-ecosystem exists to protect your defined profit centers. When it’s used to keep me from looking at nipples… well, this means war.

My prediction is this: Apple will use their experiences with the iPhone OS and three full generations of iPhone hardware to ensure that the iPad is, for all intents and purposes, unhackable. Doing the Trusted Computing thing isn’t hard, in theory – it’s just that nobody would buy a computer that wouldn’t run apps. Apple, in their infinite wisdom, has done an end-run around the entire computing industry, both by creating a huge library of apps within their walled garden (get the eyeballs, and the devs will follow), and then by inventing a computer-that-is-not-a-computer. Nobody’s going to bitch that you can’t run Photoshop on the iPad.

If there are jailbreaks for the iPad, they will take a long time to come out, and even then they may not be wholly effective at running unauthorized apps. When you own the hardware (in the ‘0wnz0red‘ sense, not the property rights sense) that much, locking it down completely is a relatively trivial engineering matter.

I’m the kind of person who believes that I should be able to run whatever apps (or even OSes) that I want on my computing devices. The iPad is one of the most revolutionary computing devices ever conceived, and I was an immediate convert when I realized what this thing’s going to be capable of doing. After thinking about Apple’s history with DRM and the closed-loop of app distribution, I realized that I probably won’t be able to do the things with this device that I really want to. (Examples: syncing via WiFi or Bluetooth, mounting SMB shares to play music from, FLAC playback, streaming music via 3G from an internet server, etc.) As a result, until it’s been jailbroken (which, depending on the diligence of Apple’s engineering team, may be never), I won’t be buying one.

The problem is that as long as Apple wants total control over the platform, innovation will suffer.

Even if only in the realm of “apps that let me play with boobs”, that should be enough, y’think?

-jp