The recent iPhone update (see “iPhone 1.1.1 Adds Features and Updates Security,” 2007-09-07) brought new features and bug fixes, but also caused widespread consternation among those who had unlocked their iPhones: the update “bricks” unlocked iPhones – a newly popular term meaning that the update has turned the iPhone into a worthless hunk o’ glass and plastic. Steve Jobs even warned that this would likely be the case, saying that Apple would continue to fight those who have figured out how to unlock the iPhone. The update also broke at least some of the applications that developers have written and installed on the iPhone via unsupported hacks, but at least in those cases, the only harm
is to the new applications.
So we have two levels of hacking: creating and installing native iPhone applications, and unlocking the iPhone so it can work with other SIM cards and thus other cellular carriers. Apple appears to be ignoring the application hacking while actively fighting the unlocking. Do these strategies make sense for Apple? Is it even legal to prevent unlocking in the United States? Our editors ponder the situation.
Glenn Fleishman — For 20 years, I’ve said to anyone worried about installing software on a computer, “It’s just software. It can’t actually hurt your computer. The hardware will be fine. If you have a problem, make sure you have a backup. You won’t break your computer by installing that.”
Apple has changed that equation with the iPhone’s latest firmware and operating system upgrade. The iPhone is a powerful little computer controlled by powerful interests. Like almost all electronics sold today, it includes a variety of kinds of firmware, the software that controls the hardware. The firmware may be stored in different places, too, with radio cards and separate modules having their own internal firmware. Part of the firmware handles the boot procedure that allows the device to load the operating system; other parts handle upgrading and installing new firmware. Because the iPhone uses non-volatile, electrically erasable memory, there should be no problem with restoring a phone that has had every manner of change applied to
it, as long as the boot routines aren’t affected.
The hacks that unlock an iPhone to work with other carriers write special instructions to the firmware that controls the cellular network association to allow the use of any SIM – the authentication module used on worldwide GSM cellular networks – and not just AT&T’s. This shouldn’t affect the bootstrapping or firmware and operating system restore process one bit.
Gizmodo posted an interview with the iPhone Dev Team, a community effort that resulted in unlocking software. In the interview, the Dev Team makes it clear that Apple could very simply have included in the update a way to check whether the code related to the lock has been modified, and rewrite it. The team says that Apple could also fairly easily restore a default state and then more securely lock the phone down. (The team is also positive they can restore bricked iPhones to a factory default state.)
I’ve always felt that when I buy a piece of hardware, it’s mine to use and modify as I see fit. I won’t go crying to the manufacturer if I engage in some specifically prohibited activity. If I disassemble my computer, install new components, and one of them fries the motherboard, I don’t blame the PC maker. But I also expect most devices to be reasonably robust and to be restorable, sometimes with a lot of effort, even if it’s my job to undertake that effort.
With the iPhone, I’m not hacking hardware, just software. I have few compunctions about making changes that affect only the innards. The fact that average users can install non-supported software should be unrelated to the robustness of the hardware, and its resiliency in coping with a total operating system failure or other modifications. Unlocking an iPhone is just a step beyond installing non-supported apps, but it’s part of the bigger issue: who owns your phone once you’ve purchased it? The carrier? The maker? Or you?
Unlocking a phone is not illegal in the United States (nor in most countries). The Librarian of Congress extended an existing right by carving an exemption out of the Digital Millennium Copyright Act (the awful DMCA, which I hope the Supreme Court strikes down one of these days) that allows individuals to reverse-engineer the encryption in a phone specifically to unlock it. Even though unlocking is allowed, cell carriers aren’t required to make it easy for you. They can use every tool at their disposal to lock the phone.
The FCC has expressed concerns about how hard it is to unlock phones on a number of occasions, and despite its control by an administration that ostensibly supports less regulation, the FCC doesn’t favor locking. In a complaint about the rules for an upcoming auction in the 700 MHz band for future cellular networks, Verizon Wireless proposed that if the FCC prohibited it from locking devices in this new band, that would be tantamount to violating the company’s First Amendment rights.
Now, I hold no truck with the notion that companies have constitutional rights. That’s part of the erosion of personal liberty in favor of so-called corporate rights that began in earnest in the 20th century. (You can read Peachpit Press founder Ted Nace’s book “Gangs of America” on this topic; it’s a free download.) But you have to admire the chutzpah that lets a cell carrier assert a constitutionally guaranteed right to prevent choice among its consumers as a matter of “speech.”
The FCC replied in its rule-making on the matter, “To the extent that a choice of device or application implicates First Amendment values at all, we think that our requirements promote rather than restrict expressive freedom because they provide consumers with greater choice in the devices and applications they may use to communicate.” Well put – and rather radical in its true conservatism.
All that said, I was an AT&T customer before the iPhone came out, and I have no particular desire to change carriers. I knew that it might be impossible. I also knew that there’s enough dissatisfaction with the state of locked phones that there might be a combination of regulation, legislation, and hacking that would enable my choice in the future. (No matter how much a congressperson hates regulation, just read interviews with them after they’ve personally had problems with a phone company, a cell phone, or an airline. Precepts be damned; laws aplenty!)
I did install third-party applications on my iPhone, and it was neat to activate its underlying functions – stuff built into the iPhone’s version of OS X but not enabled or reachable through the included software. Using SSH (a secure session within a terminal program) was hilariously difficult with all the typing needed; using a program for sending full-resolution photos via email was much more satisfying.
The iPhone 1.1.1 update killed my apps and temporarily bricked my iPhone. I had to perform a restore and lose my apps, and now I need to wait for the next wave of updates for allowing third-party programs to be installed.
But I still believe firmly that I have the right – and now almost the responsibility – to use my iPhone however I choose.
Matt Neuburg — I don’t have an iPhone, but I was at WWDC (Apple’s annual developer conference) in June 2007, and when we were shown a film about how to “develop applications for iPhone,” emotion in the huge, jam-packed room ranged from disappointed to infuriated. It turned out that “applications for iPhone” was a misleading sleight-of-hand: what you were allowed to develop were Web pages, with any functionality being implemented at the server side: the iPhone itself was to be nothing but a Web browser. But these people weren’t Web developers; they were developers. They write programs. With interfaces. For computers. Every single one of them saw the iPhone as a computer,
with a cool interface, and they wanted to program for it. And so did I. So, while I suppose I sympathize with Apple’s position here (which might run something like: “If we let people program the iPhone, they might hack or damage the phone network, and we’ll be left with egg on our faces.”), I sympathize even more strongly with the people who want to write genuine iPhone apps. And I’m sad that when they find ways to do it, they’re “hackers.”
When apps are outlawed, only hackers will write apps.
Jeff Carlson — I own an iPhone, but I haven’t done any hacking to it, mostly because I haven’t had time, but also because only recently was the process made sufficiently easy (alas, I barely speak Unix, so futzing at the command line on my new $600 phone wasn’t appealing). I also was a Cingular customer before AT&T bought them, so I have no reason to unlock my iPhone (and I don’t travel internationally often enough to care).
But I think Apple is being bone-headed about the whole thing. Not necessarily because they’re out to annoy their customers (honestly, there have been times when it seems as if Apple barely notices its customers), but because Apple must know that it’s in for a costly, extended, and ultimately losing fight. The people unlocking the iPhone are doing so because they can, and a software update that bricks (love that term) an iPhone isn’t going to stop the programmers. Sure, it might be a clever game for a while to see if Apple’s engineers can stay ahead of the hackers – I’m using the “hacker” term favorably here, as it’s intended – but that’s time spent away from improving the iPhone. And improving Mac OS X, since Apple has been
reportedly swapping its coders between projects to get them done. The fact that the number of people hacking the iPhone is probably extremely small compared to the number of happy, contract-abiding customers makes it more painful to see Apple throw resources at the situation.
Unfortunately, I suspect that Apple doesn’t have much choice. It entered into its agreement with AT&T, and I would bet there are sections of the legalese that warrant Apple will do its best to make sure people can’t crack the iPhone and make it possible for AT&T to lose its exclusivity. Just as Apple’s hands are continually tied by the record and movie industries over how they can sell music and video, the company is beholden to the outside interest of the cellular companies. We’re getting great features and technologies from a company that wants to give them to us, but each compromise takes a little chunk out of Apple’s corporate soul.
Joe Kissell — I’m still waiting for iPhones to become officially available in France. I want one badly, but I have to wait and see whether the pricing and contract commitments make sense for me. I’d use the Internet features frequently, I’m sure, but I can count on one hand the number of actual phone calls I make on my cell phone in a typical month, and I hate to pay a lot of money for something that provides no value for me. For years I paid cell phone carriers far more than I should have just for the privilege of being able to use a certain number of calling minutes. Since I’ve been living in France, I’ve been getting along nicely with a prepaid SIM card that I recharge for 25 euros every two months – and
even at that, I use only a fraction of the minutes I’ve paid for.
My point is: if it is legal and technologically possible for me to hack an iPhone in such a way that I can use another SIM card (and thus don’t have to pay many tens of euros every month for service that I won’t use), I may very well do exactly that. But even then, I’ll do it only if I’m certain I can unbrick it should the need arise. It’s not that I’m cheap, but I don’t believe in wasting money – on either excessive service charges or a device that no longer functions.
On the other hand, hacking to enable third-party applications is a no-brainer for me. That will happen within the first half hour of getting an iPhone. The reason is that the availability of some of these apps (I’m thinking especially of the SSH client) adds tremendous value to the product for me. In fact, I might go so far as to say I’d have a hard time justifying the cost of an iPhone unless I can run third-party software on it. Surely I can’t be alone in thinking this way. Would you still buy a Mac if it could only run the software Apple included with it?
Adam Engst — As Guy Kawasaki noted pithily on Twitter, “Apple’s gonna lose this battle.” At least in the short term, unlocking the iPhone will remain the exciting challenge for hackers, and as soon as Apple blocks one hole, I expect the hackers will find another. I’m uncertain if there are additional legalities involved in the iPhone contract, but given the DMCA exemption for unlocking cell phones, any legal recourse would focus on the technicality that the exemption doesn’t apply to software or distributors.
In the long term, I anticipate one of two things happening. Either Apple will negotiate contracts with other cell carriers, thus eliminating much of the desire to unlock the iPhone, or the hackers will simply tire of the cat-and-mouse game. I recently spent some time updating the security audit section of “Take Control of Your Wi-Fi Security,” and I was struck by the number of cracking tools that hadn’t been updated in a year or two. Apparently, many of the developers simply lost interest in keeping such tools up to date.
Regardless, I find myself agreeing with my colleagues that Apple is making a mistake here, particularly with respect to breaking the native iPhone applications. I can understand why they’re doing it – Steve Jobs is notorious for wanting complete control over a platform, and there have been only minimal cracks in the iPod platform’s armor so far. But the iPod, at least until the iPod touch, simply wasn’t a powerful general-purpose computer under the hood, whereas the iPhone and iPod touch (and Apple TV) really can do nearly anything. Mac OS X makes it easier for Apple to add features to these devices; the company had to expect that existing Mac developers were going to want to write real applications for them too.
I can’t see Apple negotiating contracts with competing cell carriers in a given market soon, if only because the current AT&T contract prohibits it (AT&T has boasted about five years of exclusivity with Apple). But Apple does have a duty to customers to do no harm to their iPhones – an iPhone update should never prevent a factory reset from being possible. Whatever the iPhone’s lengthy contract may say in dense legalese, I believe it’s unreasonable to assume that users who aren’t familiar with the cell phone industry would understand the ramifications of unlocking an iPhone, particularly given that the act itself is legal.
Similarly, although Apple apparently attaches no importance to enabling independent applications, users (like Glenn and Joe, and many others) disagree. Apple needs to understand that the iPhone will be a platform whether or not Apple likes it, and managing that process will prove more effective and lucrative than ignoring it (or fighting it, which will just generate bad press). Perhaps Apple should learn from Microsoft, which listened to its customers and will be selling Windows XP for six months longer than previously announced, due to anemic uptake of Windows Vista.