Of iPhones and Oxford

Having used the iPhone at the University of Oxford since November, my experience has been generally good, but there are a mishmash of departments, colleges, and the central university computing service (OUCS) to deal with.  Now, with the iPhone 2.0 software update, I finally feel like I can take advantage of all the services that are on offer.

OUCS announced today that iPhone will be an officially supported platform, at least for getting WiFi access, with the possibility of them building some ‘local applications’ (which I interpret to mean native apps).  The site claims that they’ll release instructions for accessing eduroam WiFi access points shortly, which will add iPhone to the list of mobile platforms that already includes Windows Mobile 5 as well as the Nokia N95, 770 and N800.

However, eduroam isn’t as widely available as the older OWL-VPN system, which is available in most libraries and commom rooms.  In order to use this service, you had to install a Cisco VPN client which authenticated your connection and allowed you to access the internet.  Unfortunately, mobile users (not just iPhone) were left out in the cold because there was no Cisco VPN client for mobile platforms, hence the switch to eduroam, which doesn’t require the VPN.  However, the new iPhone 2.0 software includes support for Cisco VPNs, meaning that OWL-VPN is now available for iPhone!  You can use the instructions below to configure your iPhone to access the OWL-VPN for places where eduroam is not yet available.

1. Register for a remote access account.  If you’re accessing OWL-VPN from a laptop, you’re already good to go.
2. View this configuration document (you’ll need to sign into WebAuth to view it), and make note of the IPSec secret.
3. On your iPhone, connect to an OWL-VPN wireless access point.  This will appear without the ‘lock’ symbol, but when you connect to the VPN, you’ll be secure.
4. Next, on your iPhone, select Settings -> General -> Network -> VPN -> Add VPN Configuration.
5. Choose IPSec at the top, and enter the following:
   Description:  <whatever you want it to appear as, I used ‘OUCS’>
   Server: vpn.ox.ac.uk
   Account: <your remote access username, i.e. abcd3456, from step 1>
   Password: <your password from step 1>
   Use Certificate: <should be grayed out, leave it alone>
   Group Name: oxford
   Secret: <the secret from the document in step 2>
6. Tap Save
7. On the VPN control at the top, tap to turn it ON.  If all goes well you should see a ‘VPN’ symbol next to the WiFi signal indicator at the top of your iPhone.  Surf away!

I haven’t tried to get onto an eduroam access point yet, but as soon as I do, I’ll post an update with any special instructions.

Update: I’ve been able to connect to eduroam (outside the Earth Sciences building, if anyone cares).  Oxford types will need to get a Remote Access account, then connect to the ‘eduroam’ access point from their iPhone.  It should ask you for the username and password (your remote access password, not your WebAuth/Email password).  You’ll be prompted to accept a certificate, which should be issued by GTE Cybertrust Global Root.  It came up ‘not verified’ on my iPhone, but I connected anyway and was able to start surfing away.

Update 2: After my triumphant first day of success with iPhone and OWL-VPN, I’ve been subsequently unable to surf successfully.  It connects to the WiFi and VPN without complaint, but seems unable to get any data.  Anyone else have this trouble?  I’ll have to investigate this further when I’m back in Oxford.

Midomi: first iPhone app to blow my mind

Just a quick post to share some excitement.

After a bit of a struggle, I pulled down and installed the iPhone 2.0 software last night and added some apps.  There are some good ones, which I’m sure you’ll hear described all over the intertoobs if you’re so inclined.  My favorite so far is called Midomi.  You fire it up, then sing or hum at your iPhone and it tries to figure out what song you’re after, then gives you links to the iTunes store to buy it.  What floored me is how incredibly good it seems to be at figuring out what you’re singing.  I did a 12 second off-key rendidtion of the opening line of “Don’t Stop Believing,” and in seconds it came back with the correct result.  This’ll be great for those moments when you hear a song you recognize on the radio but can’t for the life of you remember who it’s by.

The Stun Switch

In thinking about Bruce Schneier’s post on Wired.com, I’ve Seen the Future, and It Has a Kill Switch, I can’t help replaying in my head an Eddie Izzard bit about the kill/stun dichotomy of the “phaser” weapons in Star Trek.

There should have been many more settings, not just kill and stun.  Kill, stun, limp: that’s the next one down, isn’t it?  …or maybe on “bit of a cough” setting, even lower than that.

Some devices already have a remotely enabled kill switch, such as corporate Blackberries with remote wipe cabability (intended to protect sensitive company data should it be lost or stolen), and others will soon follow, like reports that OnStar is adding the ability to remotely stop the engine of a connected car (again, marketed as an anti-theft system).

Microsoft, however, is looking to set its phasers on stun, limp, or even “bit of a cough.”  They’ve filed a patent application for something they call Device Manners Policies (DMP), another Minitrue-style name and acronym, which, like Digital Rights Management is less about manners (or rights) and more about restrictions.  Schneier calls it Selective Device Jamming.  Essentially, under this scheme, locations will be outfitted with hardware to broadcast to your devices the rules of the land, such as “vibrate only” for cell phones, or “no photography” for cameras.  Hospitals or airplanes where critical equipment can be subject to interference from wireless devces would be able to force your devices into sleep mode until you leave the area (how will such wireless transmissions be guaranteed not to cause interference themselves?).

Microsoft wants to draw analogies with the societal guidelines we call “manners,” i.e. that it’s considered rude to talk on your cell phone in the movie theatre.  However, this is a false analogy since manners are guidelines, not rules.  DMP wants to disable functionality in your electronics (albeit temporarily) without your consent, or force them into sleep mode: limp and stun settings.

No, an actual manners technology is only a short step away from the “location-based services” stuff that all the cool kids were talking about 2 years ago–some of which are already out.  See, once your devices know where they are, you can do digital manners all client-side, without having to contact the Borg Cube to get your orders.  You have a couple different profiles, such as “theatre” which might mean switching to silent, “office” which sets ring volume to low, and “street” which sets it to high so you can hear it above the sounds of the city.  Simple, no external restrictions, and the user still stays in control.  Each person is free to choose to obey social guidelines or not: just like real manners.

Photo by Ted Sali
Creative Commons Licensed

Card Reader arrives from NatWest

NatWest, my bank here in good ole England has seen fit to beef up security for some aspects of internet banking by moving to Strong Authentication.  Unfortunately, they haven’t seemed to have done the PR on this move as well as hoped.  Most of the reaction I’ve read on the net so far has been people annoyed.

Strong Authentication, or multi-factor authentication is considered by researchers to be significantly more secure than using a single factor.  A factor in this case is something that identifies a person, and factors are usually classified into 1) things a person knows, like a password or PIN, 2) things a person has such as a bankcard or keyfob built for this purpose, and 3) things a person is or does, like a retinal scan or fingerprint.  So online banking, which only required the user to enter in username/password combo relied on a single factor, whereas the ATM uses strong authentication since the user is required to have their bankcard and know their pin.

So NatWest (and I guess other RBS banks?) are sending that ATM-style authentication home to users by sending each a small calculator-like card reader for use with their bankcard.  It works pretty much exactly like the card readers in the grocery store, except that they give you a code online to enter in reader, and then the reader gives you a code to enter online.  I, for one am pleasantly geeked-out to use it, and glad to see that NatWest is taking the security of online banking seriously by putting so much money and effort into getting it out to users.

I don’t think they’ve done a particularly good job so far of allaying people’s concerns.  Lots of comments on blog posts are bemoaning the fact that they’ll have to carry the damn thing around with them—no, you wont.  You’ll only need it to make a payment to someone online if you’ve never made a payment to them before.  The readers are also entirely identical, meaning you can borrow your cubemate’s reader if he has his at work and you keep yours at home.  But I’ve heard rumors that the big reason NatWest is beefing up security is because they’ll be cutting down the delay between making a payment and the recipient getting credited.  It’s now about 3 working days, and apparently the plan is to make it happen in seconds.  If true, that’s a really important new feature that NatWest could use as a way to introduce the readers:  “We’re working faster to process your payments, but also means that we need to increase security.”

Finally, since the reader is just a standard thing (even readers from other banks will apparently work), I’m hoping either they’ll release software that works with laptop smartcard readers, or someone hacks it together.  The security is in the microchip on the card, so putting the reader as widely available as possible shouldn’t undermine the system.

Desktop as a UI extension of mobile devices

I was thinking about another post I’ve wanted to write about switching from a paper planner (diary for the Brits) to an electronic one. One of the few interactions in which paper calendars tend to come out ahead of electronic calendars is entering an appointment. Mobile devices just don’t have text entry interfaces that can keep up with ye olde pencil (yes, that includes you, iPhone). However, when I’m sitting in front of my desktop, I enter events into Outlook—where the interaction is just as fast as the paper planner (click the day and time, start typing). My schedule lives in the cloud somewhere and is synced to my computers (home, work, laptop) as well, but it’s the iPhone that I associate with the physical object that is “my planner.” It’s the thing I carry with me, just like I did my paper planner back in the day. The iPhone is sitting in my pocket when I’m entering appointments into Outlook, and in this sense, it’s as if my desktop computer is acting as an interface extension to my iPhone. I use the comparatively rich desktop interface to modify information on my iPhone—modifications that I’m perfectly capable of making with the iPhone’s interface, but which are simply accomplished easier with the mouse, keyboard, and full-sized display of my computer.

This got me thinking that there are plenty of other interactions I have with my mobile device which would be much easier on my computer, like sending a text message or choosing a ring-tone. I spend a good deal of time every day in front of a computer with my mobile sitting in my pocket. What if whenever I was parked in front of the computer, my mobile used a wireless link (like Bluetooth) to forward interaction tasks to my desktop. I could send and receive text messages from a small ‘chat’-style application, giving my thumbs a break. I could highlight a phone number, maybe one I found online or one from my contacts list, and issue a command to have my phone dial it. By the time I fished it out of my pocket I’d be talking to the person I called.

No, this isn’t a replacement for a good phone interface. There’s still many hours each day that I don’t have a computer around, and good interface design makes a mobile device a joy to use rather than a pain. However, there are limitations to how good you can make the interaction and still expect me to hold the thing up to my ear or slip it into my pant- (trouser-) pockets. If I’m already focused on the computer, put as much the phone interface there as possible. It would allow me to integrate my mobile even more closely into my normal workflow, and prevent me from having to dig it out and put it back, making it much less of an interruption when I do use it at my desk.

Anyone heard of any software out there already that allows you to do this kind of thing (besides the example I mentioned with the calendar)?

Too Cool for a Mobile Phone

I’m often confused, and usually amused when people say they don’t have and don’t want a mobile phone. My mom is one of these people, but I’m not confused by her reasoning. It seems a bit dismissive to say, but really, she doesn’t get out much. I don’t mean this in a she’s-out-of-touch-with-the-world way, she just isn’t really interested in traveling around. Home is her base of operations, she doesn’t have time to chat while she’s at work, and she’d rather visit her friends than talk on the phone. She’s no Luddite, either: she’s perfectly happy to bust out Skype to call her sisters, or chat with them on IM. She’s simply ambivalent on mobile phones.

No, I’m primarily referring to people who are too cool for mobile phones. They don’t have one and are proud of it. “I just couldn’t stand to be that reachable all the time,” they say. “Sometimes I don’t want people to be able to get a hold of me.” There is something charming about being old fashioned; insisting that the music from the 70s is way better than any of the crap they put out today and even having an honest-to-God turntable to play your vinyl on. One guy I work with says he likes the idea of actually planning things ahead with people, like when and where to meet up, and not being able to change it at the last minute.

(Photo by Ronrag, Creative Commons Attribution-Noncommercial 2.0 License)

What gets me is when people try to make up practical reasons for their (perfectly understandable) desire to be fashionably out of the mainstream. The fact is that having a mobile phone instead of a landline actually gives you more control over how reachable you are, not less. People don’t switch off their landlines. They could unplug them, but lets face it: that’s odd. People who call you will imagine horror-movie scenarios of you trapped in your house with a serial killer who has cut the power and telephone lines. No, to be “unreachable” with your landline, you have to leave your house. With my phone, no matter where I am, I push a button and I’m totally incommunicado on phone, text, and email. And I’m not afraid to do it, either. None of my friends need to worry about calling too late or too early, since my phone is off before I got to bed. It goes on silent when I’m enjoying a movie or spending time with my girlfriend. When I look at it later, my messages, texts and emails are patiently waiting for me. And if I get a call at an inopportune time, a quick dive into my pocket shuts it up. Contrast that with the telephone ringing in your house or office that you don’t want to answer: four rings until the answering machine gets it, loudly announcing the message to anyone within an earshot.

—–

“Heydude, what’s your mobile number?”

“Don’t have one.”

“Really?”

“Yeah, I’m pretty much too cool for that sort of thing.”

“You’re probably right.”

How hard was that?

Why is exchanging contact information still stuck in 2001?

I remember being really excited about a feature on my very first PDA (a Sony CLIÉ PEG-s320): the ability to transfer contacts wirelessly to another Palm OS device. It worked over the IR port at the top of the unit, and with a single gesture, a long stroke from the “Graffiti” area to the top of the screen with the stylus (ignore me here if you haven’t used a Palm from back in the day, it’s not essential to the rest of the story), you could send your own contact information to anyone standing in front of you with their Palm device. I used this feature exactly once.

Despite being dead-simple to perform this transfer, and despite my own geeky fetish for technology, the way I usually exchange contact information hasn’t changed at all since 2001–the year I bought my first mobile phone. Most of the time I’m stuck saying my number aloud to someone for them to tap into their mobile phone. Then they’ll have to tediously enter in my name in a flurry of thumbing their numerical keypad, and finally, confirm the transfer by calling my phone (giving me access to their number). What a pain! especially compared with speed, elegance, and technological bliss of the one time I was able to transfer my number wirelessly. The whole process of transferring numbers took about 10 seconds–name, email, home, mobile–in both directions.

At the time, I had an easy answer for why I was only able to use this feature once in the lifetime of my device: I was the only person who had one! Sure, business-types carried them around (especially those who couldn’t afford a meatspace personal assistant), but no one at JFK high school did. Even when I arrived at Olin College of Engineering, surrounded by a selection of the most geeky minds in the US, no one I knew regularly carried a PDA. What they did carry were mobile phones and laptops. Now, exchanging contact information via laptop was relatively well implemented–via email. Some people at Olin even attached an electronic business card to every outgoing email they sent. But most people still didn’t have a good way to get contacts from the computer to mobile phone without manually typing it in. This was in the days when wireless carriers would sell the cables which connected phones to computers at extortion prices, and offered to transfer your contacts when you upgraded your phone for a $40 fee.

I dreamed of the day when everyone would carry a connected device around with them. Well, those days have arrived, as Bluetooth support has expanded from the high-end phones down to the masses. In my visions of the future, I’d be “beaming” my number far more often than I said it aloud. Unfortunately, I’ve used Bluetooth to transfer files to another device exactly thrice. Once was simply out of curiosity, between myself and my friend who had a Bluetooth-enabled MacBook, once was an attempt to transfer a program from my other friend’s phone to mine (it failed), and once was to share a photo I had taken of young woman with one of her admirers. I have never used Bluetooth to exchange contact information. Why is this, when so many devices support it?

Business-types are even further back in the stone age. When people go to conferences and networking events, they exchange contact information on fancy little pieces of card-stock, rather than fancy little gadgets with buttons. The idea hasn’t changed since people started putting their phone numbers on cards in addition to their names. “My card, Sir,” you say in a cheesy Victorian huff.

I wonder how many of my friends are even aware that their phones have Bluetooth capability. I further wonder how many have figured out how to use it, and how many have tried. My iPhone doesn’t even include this feature; Bluetooth functionality is limited to hands-free devices. The days of initiating this ability with ease are gone: the feature is often buried under a stack of menus, and to make matters worse, a couple of Bluetooth-born pathogens have convinced many people to keep it disabled when not in use. This means that to initiate a contact swap, people often have to dig through some menus to turn Bluetooth on, then dig through some more to send their information. Yawn.

Still, even if Bluetooth isn’t the best way to give out your number in a busy cocktail bar, you’d think people would still use it in another situation: rebuilding your phonebook after you lose your mobile. On a side note, I’m somewhat taken aback by how few people bother to create a regular backup of their mobile phonebook, considering the misery it is to rebuild it. But that aside, if I were to have lost all my contact numbers, the first thing I’d do after getting a new mobile is sit down with a friend that hangs out with most of the same people, and push the numbers over Bluetooth from their phone to mine. But no. Every other week I get another invitation to another Facebook group, “Dumbass has lost his mobile. Numbers please!! .”

From an interaction design standpoint, we need to go a bit retro. The Palm IR-based swap has two important features which deserve to be reintroduced:

1. It was fast and easy–a swipe of the stylus or your fingernail and it was off running, finished in less time than it takes to say the number out loud.
2. It was directed–the person I wanted to get my number was the person I literally pointed my PDA at. So much simpler than having to choose the other person’s device from a list (like Bluetooth, currently).

I hope we haven’t missed the boat on this one yet! A clever design (software and interaction) and marketing could set this idea of sharing via Bluetooth or other short-range protocol back on track. Lots of new classes of devices are shipping with Bluetooth support: cameras, laptops, car-stereos, even the fabled Microsoft Surface.