On my work, technology and related stuff....

3 comments

Like the million plus who pre-ordered their iPhone4S, I anxiously waited for my shiny new phone.  And like most of them, I was most curious about  Siri- The smart new voice recognition system unique to the iPhone4S. I’ve not had much luck with voice recognition/voice activation systems in the past- Even the rudimentary voice-control systems like a voice-activated dialer have been quite frustrating to say the least. I was interested in how well Siri would fare with my accent (quite frankly, I don’t know what accent I have- It’s a blend) and how fast Siri would respond to my commands.   Also, if Siri cares about bad (English) grammar (not that I have it!).
Voice and Natural Language processing is highly resource-intensive and the voice recognition features found on resource constrained devices rely on servers in the cloud to do the processing. This means that there is network latency to be factored into the response times. So I was curious to see if Siri works in offline mode for if it did, that would be stupendous!!
 
So when my phone arrived today, the Siri was pretty much the first feature I checked out.
OK- So not surprisingly, Siri requires an Internet connection. It sends your commands to servers in the cloud (iCloud?) to do the processing. That said, depending on the speed of the connection, the response times can vary.
 
And it responds in a woman's voice. I'm not sure why thats the case, but most voice command systems , including my GPS do. (Update: I recently found this article that might have some answers on this topic- http://edition.cnn.com/2011/10/21/tech/innovation/female-computer-voices/)

 
First, I started off with the “typical” questions. Here are a few of them  –
 
Me: “I am thinking of lunch at 12:00 today
Siri: I found 16 restaurants whose reviews mention lunch. …14 of them are fairly close to you.
 
Me: “I have to remember to pick up my daughter at 5:30PM today”
Siri: What time shall I remind you?
Me: 5:30 PM
Siri: Shall I set the reminder for 5:30 today?

Me: What are new movie releases in the US?
Siri:  I found a number of movie theaters in Washington
 
And it provided me with a list of movie theaters. But why Washington??That’s no where  close to where I live!
 
Overall, it did a decent job of understanding my accent. In fact, it did something which most of my American friends never do- pronounce my husband's last name (17 letters long) correctly!! It won brownie points right there!
 
It was not perfect- it didn’t accurately recognize words a couple of times but still understood the intent which is probably the more important part.
The Artificial Intelligence system relies on certain keywords to accomplish its tasks- For instance, “Remind” or “Remember” for setting up reminders . So a command like “Ihave to pick up my daughter at 5:30 today” does not evoke a response to set up the reminder. Instead, it responds “I don’t know want you mean by “pick up my daughter at 5:30 today’”.  Since it leverages the information about your contacts, location , address books etc to do the processing and customize the results, the accuracy of responses may vary.
 
Then as any normal person would do, for the fun of it, I decided test a slew of ambiguous or weird questions –
Me: Are you my friend?
Siri: No comment!
 
Me: I am bored. What should I do?
Siri: I’ll see what I can do to entertain you.
 
I then eagerly waited expecting it to for instance, provide me a list of movies or something- It didn’t do anything.
 
Me: I am sleepy
Siri:  I hope you are not driving!
 
Siri is funny too!
 
My initial reaction is that I am quite impressed with Siri. It handles the routine commands very well. Unlike previous voice command systems, I will be using it often. Over time, I’ll find out if it learns and responds better. Not sure if it’s a good thing, but long term, I can see this becoming a companion to a loner or a sounding board of sorts. When the APIs to Siri go public, this can open up a whole range of new possibilities to the developer community. For example, an app that takes images of you in your new dress and responds to the question- “Does this dress make me look fat?” and pat response is  “Yes Siree!!

32 comments

Earlier this week, I jailbroke my iPhone4 iOS4.3.5 device. The jailbreak solution that is currently available for iOS4.3.5 is tethered jailbreak. If you are not familiar with “Tethered Jailbreak”, it essentially means that rebooting the jailbroken device would require it to be connected /tethered to the PC/MAC. This is of course not ideal but under the circumstances, this was my only option (And no-I couldn’t downgrade to iOS 4.3.3 for various reasons which are not directly relevant to this post).
 

Installing the jailbreak Software

I used Redsn0w V0.9.8b3 jailbreak tool. Follow the instructions provided here. The process is very straightforward.
 

Cydia Crashing Issue

Although the jailbreak completed successfully, the Cydia icon was white and it crashed as soon as I clicked on it. To get around it, I rebooted the device by running Redsn0w in tethered mode. Be sure to check the “Just boot tethered right now” option on Redsn0w . Once the device rebooted, the Cydia app started working. No more crashes. I was able to download and install apps.  Unfortunately, some of them required a reboot and I had to go through the tethered reboot process again
The  MobileTerminal, OpenSSH and Aptupdate for SBSettings were among the packages that I installed. These packages will come in handy as you will see below.
 

Installing third party apps directly

Next, I wanted to install a third party app directly to the phone. The third party app was not available through Cydia sources or the AppStore.
For this, I copied the .app file corresponding to my app into the /Applications folder on the iPhone , created the /var/mobile/Documents folder and updated the file permissions by running the commands listed below from a terminal window on my MAC. Ofcourse,  I substituted "IPhoneIPAddress" with the IPAddress of my jailbroken phone while executing the commands

Note: Creation of the Documents folder is required only the first time (unless you delete it between installations)
I rebooted the device in tethered mode. When the device rebooted, the app was ready. I could launch it and run it.
So far, so good until..

I tried to launch Cydia app, it crashed. All the other apps on the phone worked as normal.
 

Cydia Crashing Issue..Again.

So I rebooted the phone again in tethered mode.  This time the reboot had no effect. The other option was to re-jailbreak but I did not want to do that just yet.
Instead, I uninstalled and re-install the Cydia app by running the following commands from the terminal window of my MAC.  I substituted "IPhoneIPAddress" with the IPAddress of my jailbroken phone while executing the commands
 

 
Note: The AptUpdate for SBSettings that I installed earlier automatically installed the apt tools .
Once I did that, cydia was back up and running again. I currently have version 1.1.1 of Cydia on the phone. Everything else continues to work as expected.
Now, its appears that installing the third party app caused Cydia to crash but it is unclear to me why that was the case because Cydia started working again after re-installation and the third party app continues to work as well. In any case, now I know what I should do to resolve the problem should it resurface but its less than ideal.
 

In Conclusion..

With the number of reboots that I had to do, the tethering is especially tedious. If you are considering jailbreaking your iOS device, I would recommend that you refrain from updating it to 3.4.5. for now and wait for an untethered release of jailbreaking software if possible.
 
 
 

No comments

The SQLite engine is a lightweight library optimized for managing relational databases in embedded environments. It is supported on the iOS platform. Described below is a set of basic SQLite queries that will come in handy if you need /choose to use the C-style SQLite APIs to directly manipulate your database tables. It is intended for folks who are noobs to the database world. Direct manipulation using SQLite APIs is an alternative to using the high-level Object Oriented Core Data wrapper framework.

Note: The sample code snippets are intended for reference purposes. You should include appropriate error handling and any relevant synchronization support depending on the needs of your application. If you are interested in the details of the routines, please refer to the sqlite3.h header file.

Adding SQLite Support

SQLite libraries is available as part of the iOS SDK.  Include the libsqlite3.0.dylib to your project using the usual procedure, and add
#import <sqlite3.h>  to the relevant header files.
Note: The following code snippets assume an ivar named “dbHandle” corresponding to the database Handle defined in your header file as follows-
sqlite3* dbHandle;

Opening the connection to the database

The following code snippet creates a database file named “AddressBook.sqlite” within the Documents folder of the application. If the database exists, it opens a connection to the database.

Creating a table

The following code snippet creates a table named “Contacts” in the “AddressBook.sqlite” database. Every row in the table corresponds to a “Contact” and has the following columns-

FirstName

VARCHAR (non-null)

LastName

VARCHAR (null)

Email

VARCHAR (null)

Telephone

VARCHAR (null)

 

Common queries on a table

Query execution follows the following basic sequence –

  • Prepare” the SQL query for executing using the sqlite3_prepare_v2() call. A SQL query can be comprised of multiple SQL statements, That said, the “preparation” routines only compile the first SQL statement in the query so I typically specify only one statement within a query.
  • Optionally,“Bind” SQL query arguments with values using the sqlite3_bind_*() commands. Binding would be required only if there are arguments specified in the SQL query statement.
  • Evaluate” the compiled SQL query (that was output from the sqlite3_prepare_v2() command ) using the sqlite3_step() command.
  • Optionally, “Retrieve” the results of the SQL query evaluation using the sqlite3_column_*() commands.You can access the value of every column of the resulting row using these routines. The leftmost column begins at index 0.
  • Reset” the compiled SQL query so it can be evaluated again. You can execute the query again using the sqlite3_bind() and sqlite3_step() commands
  • Destroy” the query object once you are done with the query using the sqlite3_finalize() command

Fetch total number of entries in the table

The code snippet returns the number of rows in the Contacts table

Add a row entry to the table

The code snippet adds a new Contact entry to the Contacts table

Select a row entry from the table

The code snippet selects an entry in the Contacts table with FirstName = “Foo” . It also retrieves the rowId corresponding to the entry.

 

Update a row entry in the table

The code snippet updates the Telephone number associated with an entry in the Contacts table with FirstName = “Foo” to “555-7777”

Delete a row entry from the table

The code snippet deletes an entry in the Contacts table with FirstName = “Foo” .

Closing connection to the database

The following code snippet closes the connection to the database. All resources must have been “finalized” before you invoke this routine.

Testing

You can use the freely available plugin “SQLite Manager” (https://addons.mozilla.org/en-US/firefox/addon/sqlite-manager/) for Mozilla Firefox to examine/verify the contents of your sqlite database.

2 comments

Let me start out by saying that the weekend at the first Cocoaconf  was thoroughly inspiring and very well worth my time. It lived up to its reputation as a technical conference – hands-on tutorials, code walkthrough of various concepts and even the keynote address by Daniel Steinberg   was a very entertaining spin on Objective-C.  It was a community where people were eager to share their knowledge and to learn from each other.  Bill Dudney spent time reviewing a pesky bug that I was facing and gave me some useful pointers – how great is that!

And now to the curious subject of this blog:-

In this congregation of approximately 80 techies, I noticed that there were only four women (including myself) attending the conference.  Of course this wouldn’t be the first time that there was a stark disparity in the number of women and men at a technical conference.  Attendees of the recent Apple WWDC 2011 mentioned to me that there were probably a dozen or so women among several thousand attendees!  Conferences aside, the number of men in development related roles have significantly outnumbered women in all the companies that I’ve worked for.  I’m generally the lone woman in a technical meeting. To be clear, I’m talking specifically about roles that involve programing and building software. I’m not talking about management related roles in technology organizations where there are many women making significant inroads. I’m not including the designers (web, graphics etc) , technical writers either. I’m talking about folks who develop. So why is there a significant shortage of women in this area? It definitely isn’t true that women can’t program, and I don’t believe that it something to do with our genetic makeup, so what is the reason.

I’ve pondered over this topic many times in the past but it was rekindled over the weekend at Cocoaconf when I noticed that nothing much has changed over the years in this regard.  I chatted about this with some of the men who attended the conference and it was interesting to get their perspective on this as well.  This is a summary of  my thoughts-

It is no secret that the number of women pursuing a Computer Science /Engineering degree is still very small (and some reports indicate that its dwindling).   So why aren’t women inclined to pursue this degree in the first place? Is it because (judging by the fact that there aren’t many women in this area), they perceive this as a “guy thing” and automatically assume that this would be something they wouldn’t enjoy? Or does this start much earlier during elementary and middle school, where summer camps related to topics like “ Building Robots” and “programing” are mostly attended by boys which dissuades even the girls who are interested in such topics (or over-protective parents of girls) from participating in  such camps?

Even the women who enter the industry as a developer tend to switch to non-development or non-technical roles/jobs within a few years. Is it because women inherently prefer to work in roles which involve more “socializing” such as management, marketing,  sales? As a developer, one does not have to interact a whole lot with others- you are pretty much in your office/cube for most part (well- there is “pair programing” but that’s not for everyone).  Some women have indicated that they switched careers because “it was hard to keep up”.  Like many other jobs these days, programing is not a traditional “9 to 5 job”. Technology changes at a rapid phase and in order to do well, one needs to constantly upgrade their skills.  There is continuous learning required. This may require spending evenings and weekends learning the new skill. Depending on the demands of the family, that is not always feasible, especially for women.  Some women have indicated that switching to management related roles was essential to climb up the corporate ladder within their company. I disagree with that.  Most companies offer separate management and technical tracks. One can be in a position of significant influence even while serving a purely technical role.  

A very interesting point that was raised by some one and with which I agree, is the men in development roles tend to possess traits which may not appeal to many women.  They are generally “arrogant” ,”brash” or “over confident” . Hold on- let me explain this a bit.  As developers, we can’t just “give up” on bugs. We are adamant about fighting them and proving that our code works.  Developers are not necessarily the most social people and many tend to lack “people skills”- we are not shy about "calling a spade a spade". Very often, developers tend to trivialize a complex task.  For instance, even if fixing a problem took a lot of time /effort, men tend to downplay the effort and claim that “Oh that was so easy. Figured it out in no time ”.  This may be intimidating to women who may have lower self-confidence in their programing abilities to begin with.

 Being in a development job may need women to be willing to primarily interact with men.  For many women, this would mean stepping out of ones comfort zone . While this is not a requirement to do well as a developer, it certainly helps to be able to network with fellow developers at the workplace and at conferences- one learns a lot in the process.  On the flip side, many male developers do not openly welcome women into their discussions for fear of being misunderstood. Of course if there were sufficient women in these roles to begin with, there wouldn’t be this issue!

Women tend to discuss family matters more often than for instance, the latest gadget or the cool stuff that they discovered while hacking into their new gadget.  Sure- men probably discuss sports a lot as well but they also talk a lot more about technology, even if they are not directly working in that space. There is nothing wrong in discussing family, but my point here being that we are influenced a lot by our company.

 I’ve not covered all the factors in this blog and that was not my intent. I’m sure that there are many more reasons and it is probably a complex combination of all of the above factors.

One of the pioneering programmers was Lady Ada Lovelace. It is sad not to see more women following her legacy.

 

 

 

 

18 comments

The list of mobile-specific security exploits that were discussed at this week’s BlackHat Technical Security conference got me a paranoid again. I did a bit of security related work a while ago.  I didn’t attend the conference, so no- this isn’t a blog about the conference- sorry!

Security has always been an afterthought. Back in the day when I did some Internet related standards work, the section on “Security Considerations” was typically the most sparse chapter in the specification.

With the proliferation of connected devices ranging from smart phones, tablets, TVs, STBs, game consoles to cars, toasters, washing machines, refrigerators, we are susceptible to security threats more than ever.  But are we taking it seriously enough?

There is no denying that mobile computing is the present and the future, so I’d like to specifically discuss mobile devices and in particular, smart phones and tablets in this context. 

The Network:

Wireless networks are ubiquitous –homes, the coffee shops, airports, airplanes, trains, maybe your entire city.  Of course, this was true even in the “pre-smartphone, laptop era”. But now, there is a huge difference in terms of the number of actively connected devices. Anything you want to do, “there’s is an app for that”. A lot more people are performing a whole lot more of sensitive transactions (banking, ticketing, shopping) from their mobile devices.  

It’s not an unknown fact that wireless networks are not very secure. Sure, with 802.11n we have come a long way from the vulnerable WEP and WPA security of 802.11a /b/g days, but there is no guarantee that all the wireless networks we traverse are upgraded to the latest and greatest and besides, many folks who setup their home wireless networks may not take the necessary precautions to secure their network.  In places where there is no sufficient monitoring of the wireless networks, it wouldn’t be hard for someone to set up a rogue Access Point that unsuspecting users would connect to or for an attacker to launch a Denial of Service attack by exploiting RF interference.

The Device:

If you are thinking that the issues I mentioned thus far are old-school, then you may be interested in the more sophisticated form of “baseband attacks” . In this case, an attacker could potentially gain control of the device memory through malicious code installed on the device’s radio signal transmitter/receiver by posing as a legitimate cell tower!

I’d like to draw some comparisons between the iOS and Android platforms.

Both the Android and the iOS platforms have a sandbox model for running applications, which limits the extent of damage by a malware-app. 

Apple to its credit has a rigorous code signing process that ensures that certificates issued by Apple are used to sign apps.  Android on the other hand allows for self-signed certificates and so there is no guarantee of the identity of the signer of the app.

The approval process by Apple, while in no means intended to scrutinize app code for security breaches, at least provides some level of assurance about the quality of the application.  There is no Android Marketplace approval process.

Apple disallows installation of any app that is not downloaded through its App Store (and consequently signed by Apple) and in order to allow that, one would have to jailbreak the device. On the Android, it’s very easy to install apps that are not available on the Android marketplace- just check the “Unknown Sources” box under settings to allow installation of any app and you are done.

Of course, there are security holes in both the iOS and Android kernels that can be exploited quite easily on jailbroken phones with root-level access. Attackers can then use many freely available tools to disable kernel-level security patches on jailbroken phones in order to launch their attacks.

Another point to note is that mobile devices are often connected to laptops ( and desktops?) for purposes of backup/restore/sync services. This makes the mobile devices as vulnerable as the platform that they are hooked up to.

The Services:

 The mobile device is increasingly becoming the platform of choice for activities such as browsing, emails, social networking etc.  This implies that mobile devices are now the target of the kinds of attacks s like phishing , pharming and Internet fraud  which traditionally plagued laptops/desktops. The problem is exacerbated with the growing popularity of social networks.

Furthermore,  the growing relevance of cloud based services for mobile devices poses significant security risks.  What prevents an attacker from harnessing the “infinite” resources on the cloud for launching DDoS attacks? 

Final Thoughts

There is significant variation in the demographic of mobile device users ranging from the tech-savvy geek to the grandmother who has never used a computer to the teenager who is always online. Educating such a diverse population of the security risks involved is a daunting task. This implies that security has to be integrated into the platform -the device, the infrastructure/networks and the services. The end-user is an integral part of the solution but the hardest to manage.   In addition to the consumer space, many businesses allow access to corporate services from (personal) mobile devices, making the corporate resources susceptible to security attacks by compromised devices. Security is an expensive investment for both individuals and enterprises. It’s similar to insurance- You never realize how absolutely important it is until your systems are compromised.  Now that I’ve shared my thoughts, I think I will relax a little!

 

1 comment

 

This is probably one of the most commonly asked questions by folks looking to mobilize their business (probably right after what mobile platform to target).

While I have discovered a lot along the way from my own experience as a (native) mobile developer, I must add the disclaimer that this blog is also a result of discussions with a lot of smart people in this space. I thought it would be worthwhile sharing it to a potentially larger audience.

Definitions

 First , a brief definition of the two- [Mobile]Native Apps are mobile applications that can be downloaded and saved onto your mobile device from where they can be loaded to run natively on your device. [Mobile]Web Apps are mobile applications that are hosted on a remote server from where they are loaded and to run within a web browser environment on your mobile device.

The list below is by no means exhaustive. It is an attempt to highlight the major advantages of the two

 

Why a Web App?

 

                       1) “Develop once, Run everywhere”

 This implies that the web app is for most part platform agnostic. This has been widely touted as the selling point for web apps, however the statement is not entirely true. HTML5 is still in the process of standardization (http://dev.w3.org/html5/spec/Overview.html ) and as we know all too well, despite standardization efforts, ,there will undoubtedly, be variations in browser implementations across platforms. These variations will impact the behavior, performance and appearance of your web app on the various platforms. Still, while I cannot quantify this statement, one can infer that the development effort/cost will be lower than building native applications independently for each of the platforms of interest.

                      2) App is primarily “network data driven”

By this, I mean that the app communicates heavily with backend data servers for its various functions. Communicating large volumes of data across a bandwidth constrained wireless network is not practical (unless you have a cheap, unlimited data plan – if there is such a thing!). In this case, hosting the app in the network in the proximity of the servers will alleviate the problem.

                      3)Application developers want to “be in greater control”

Today, the fate of the apps is dictated (to a large extent) by the terms and conditions imposed by Apple App Store , the Android Marketplace or any of the other app storefronts. As an example, Apple’s “subscription model” imposed major restrictions on in-app purchases made from native apps  which led many app developers to remove the “Buy button” from their apps.  Web apps will allow you to bypass those restrictions allowing consumers to directly make purchases from their web apps. This provides developers the flexibility they need to deliver the desired service to their consumers without being encumbered by policies set forth by the application store owners. That said, while there isn’t a concept of a “web app storefront” today, one can envision that something like that would be in place when web apps become more ubiquitous. So it remains to be seen if there would be any restrictions that can impact the services rendered by web apps.

 Why a native app?

 

                      1) Performance, Performance, Performance!

This statement probably needs no further explanation. If performance is an important criteria, which is typical of  game apps, then native app is the way to go

                      2) Superior User Experience/ Interface

Native Apps leverage the hardware acceleration support for graphics available through specialized GPUs and use customized/optimized platform-specific  graphics libraries , thereby resulting in a vastly superior UI experience that is hard to match by web apps using JS/HTML/CSS. I earlier mentioned “Develop once, Run Anywhere” as an advantage for web apps- However, if UI is an important consideration for your app, then note that the  same “one size fits all” model will result in a sub-standard  user experience on certain platforms  and this would be unacceptable to users who are used to a particular level of user experience on a given platform.

                         3) Support for Remote Notifications

Most platforms provide some sort of remote notifications framework (eg- Apple’s PUSH Notification Framework, Android’s C2DM ) that allow registered apps to receive asynchronous from their application servers via centralized notification servers. Only native apps can register for push notifications. If this is a requirement for your app, then native apps are definitely a better fit. Alternatives for web apps like SMS or emails are not as seamless or compelling.

                     4)No Network Connectivity

If your app does not require network connectivity for its various functions, then offering it as a web app would impose that unnecessary requirement for it to run. Of course, HTML5 supports Application Caching that can be used to locally cache apps and run it even without a network connection. So this is probably not an issue, but the level of support may vary depending on the browser’s HTML 5 implementation.

                    5)Better Hardware Access & Control

Native Apps can access and control platform hardware resources like camera, accelerometers through native APIs exposed by the platform. This can be leveraged to build unique, compelling features into the apps. Although HTML5 is aimed at standardizing access to various hardware resources on the platform, the level of support is likely to be “inferior” compared to the options available to Native Apps – and by ”inferior” I mean that the platform vendors are more than likely to support access to a particular hardware  resource natively prior to supporting it on their browsers.  In some cases, the vendor may choose not to (for security reasons) provide access to certain hardware resources via their browsers. Besides, the level of hardware access support can vary across browser implementations.

In Summary..

There is a place for both types of apps out there. The choice greatly depends on the objective of the application and the targeted audience.

 

Is my phone possessed?

Jul 28, 2011

1 comment

Recently, my husband’s Motorola Droid with Android 2.2.2 started acting weird- buttons were clicked automatically, apps would open/close on its own and the phone would not respond to our commands. In short, it seemed like the phone has a mind of its own (and its a scary situation when machines take control!). A power cycle did nothing to help the situation.

Naturally, my first reaction was to assume that the phone was infected by a malware app. After we established that no app was recently downloaded that could have caused the issue, we decided to remove the battery (while the phone is on) , wait for a minute or so and then put it back again. That had no effect either.

We decided to call Verizon. When I described the problem to the operator, she was not surprised- In fact, she knew exactly what I was talking about. So looks like this issue is not uncommon. The operator advised me to do the battery removal thing which she indicated resolved the issue in most cases. Well, I did it again just in case things would be different this time . No impact. She then asked me to dial *228(select Option 1) to do a software update . That seemed to work- I was thrilled.

The next day, the problem resurfaced for a bit and then went away.  I later learnt that couple of my colleagues had the exact same issue with their Droids’ (Android 2.2.1 in their case) . The phone seemed to be behaving normally for a week and we stopped panicking (well- just imagine life without your smartphone!). The problem occurred again yesterday.

We are due for a phone upgrade soon.  I am not sure about my husband’s plans but I have my mind set on the iPhone 5.

Cocoaconf is here!

Jul 27, 2011

2 comments

Finally, a technical/developers conference in the mid-west !

The  first Cocoaconf iPhone, iPad and Mac developer's conference, beginning August 12-13 in Columbus Ohio! There is an exciting lineup of talks by eminent speakers/authors. Its still not too late to register. Check out the details @ http://cocoaconf.com

Of course, I'm very excited about the conference being in my neck of the woods. What's even more exciting is that I won a ticket to the conference at the CocoaHeads meeting a month ago! Now, I've always been the person who is next to the person who wins, so this broke that jinx. 

I'll be there. Will keep you posted.