When software updates go bad(ly)
I received an email overnight that has me re-evaluating what my smart phone will be. But the email also raised a number of other questions in my mind that are more diverse and apply to more than just the decision of what smart phone to upgrade to.
But first, here is the email, with the names changed to protect the guilty:
[Phone company], in their infinite-but-incompetent wisdom, pushed an OS upgrade to [their] Android [model] phones last night that wipes out your contact lists. Of course, [phone company]'s answer is to sync your contact with Google, which I do not do because I have numbers that have to be kept in confidence. This means that the last decade of contacts are gone and I now have to rebuild from scratch.
Clearly, we have all been there before. Some well intentioned software update has wiped out our critical data. It is one of the many reasons we all back up our data, especially our important, critical data. As an IT professional, I could say Too bad, you didn’t back up your data, tough luck. In fact I suspect that many of you are thinking exactly that and why does it matter. In fact, I think it does matter and in many ways that we as open source professionals need to be aware of.
Let me take you back to my article in May where I was discussing my thoughts on migrating to a new phone. One of my important issues was being able to load and back up my important contacts. And based on the email I guess I should add in a secure manner. I too have a number of phone numbers that should never see the outside world. These are not classified numbers, but they are numbers that are considered close hold – backdoor numbers, home numbers for people that would rather not just have anyone call them at home, numbers for access to certain facilities that the public in general just should not have. That sort of thing. So I can appreciate the idea of backing up to Google as being a bad idea. And I am sure I am not alone. Clearly, there has to be another way.
And this is the rub. As an IT professional, I am sure I can cobble up an alternative solution, but my friend is not. In fact, the phone in question is probably the most technologically advanced device they own. And in a number of cases, these devices are the most complicated devices that most people have in their possession and they are being marketed as a phone, rather than the computer they really are. Further, these devices are being marketed as an alternative to that other palm based computing device but with the Open Source moniker writ large across them – and poor PR will affect us, regardless of whether it is our fault or not.
But what really bothers me most is this happened at all. I would like to blame [phone company] for this but I have to wonder, in 2010, why we are still having OS updates that overwrite the data on the device? This is not 1990. We know how to update devices without overwriting personal data, every operating system today does it quite well. So what happened? Is this an Android issue? Or a [phone company issue]? I have not seen a wide spread hue and cry about Androids being overwritten, but if it only started last night, it might take a day or so for the yelling to start – we will have to keep an eye out.
The point here is this. There needs to be provided as a point-of-sale item a simple solution for (securely) backing up user data. There also needs to be a way of ensuring that code flashes do not destroy personal data and pressure needs to be brought to bear on the phone companies and other resellers to educate their customers that these are not your parent’s telephone. They are complex computing devices and need to be treated as such.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- The Death of RoboVM
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide