When software updates go bad(ly)
I received an email overnight that has me re-evaluating what my smart phone will be. But the email also raised a number of other questions in my mind that are more diverse and apply to more than just the decision of what smart phone to upgrade to.
But first, here is the email, with the names changed to protect the guilty:
[Phone company], in their infinite-but-incompetent wisdom, pushed an OS upgrade to [their] Android [model] phones last night that wipes out your contact lists. Of course, [phone company]'s answer is to sync your contact with Google, which I do not do because I have numbers that have to be kept in confidence. This means that the last decade of contacts are gone and I now have to rebuild from scratch.
Clearly, we have all been there before. Some well intentioned software update has wiped out our critical data. It is one of the many reasons we all back up our data, especially our important, critical data. As an IT professional, I could say Too bad, you didn’t back up your data, tough luck. In fact I suspect that many of you are thinking exactly that and why does it matter. In fact, I think it does matter and in many ways that we as open source professionals need to be aware of.
Let me take you back to my article in May where I was discussing my thoughts on migrating to a new phone. One of my important issues was being able to load and back up my important contacts. And based on the email I guess I should add in a secure manner. I too have a number of phone numbers that should never see the outside world. These are not classified numbers, but they are numbers that are considered close hold – backdoor numbers, home numbers for people that would rather not just have anyone call them at home, numbers for access to certain facilities that the public in general just should not have. That sort of thing. So I can appreciate the idea of backing up to Google as being a bad idea. And I am sure I am not alone. Clearly, there has to be another way.
And this is the rub. As an IT professional, I am sure I can cobble up an alternative solution, but my friend is not. In fact, the phone in question is probably the most technologically advanced device they own. And in a number of cases, these devices are the most complicated devices that most people have in their possession and they are being marketed as a phone, rather than the computer they really are. Further, these devices are being marketed as an alternative to that other palm based computing device but with the Open Source moniker writ large across them – and poor PR will affect us, regardless of whether it is our fault or not.
But what really bothers me most is this happened at all. I would like to blame [phone company] for this but I have to wonder, in 2010, why we are still having OS updates that overwrite the data on the device? This is not 1990. We know how to update devices without overwriting personal data, every operating system today does it quite well. So what happened? Is this an Android issue? Or a [phone company issue]? I have not seen a wide spread hue and cry about Androids being overwritten, but if it only started last night, it might take a day or so for the yelling to start – we will have to keep an eye out.
The point here is this. There needs to be provided as a point-of-sale item a simple solution for (securely) backing up user data. There also needs to be a way of ensuring that code flashes do not destroy personal data and pressure needs to be brought to bear on the phone companies and other resellers to educate their customers that these are not your parent’s telephone. They are complex computing devices and need to be treated as such.
|diff -u: What's New in Kernel Development||Sep 04, 2015|
|Android Candy: Copay—the Next-Generation Bitcoin Wallet||Sep 03, 2015|
|The True Internet of Things||Sep 02, 2015|
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
- diff -u: What's New in Kernel Development
- Using tshark to Watch and Inspect Network Traffic
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- The True Internet of Things
- Android Candy: Copay—the Next-Generation Bitcoin Wallet
- September 2015 Issue of Linux Journal: HOW-TOs
- Firefox Security Exploit Targets Linux Users and Web Developers
- Concerning Containers' Connections: on Docker Networking
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects