Another iPhone, Another Imbroglio
AT&T's and Apple's IT systems were trampled under a stampede of wannabe iPhone 4 owners, causing long waits, technical glitches and even a reported security hole. The situation underscored the incredible popularity of the iPhone as well as the inelegance of the systems meant to sell it. Meanwhile, Nintendo thought small, Sony dreamed big and Microsoft fluttered and shimmied about at E3.
There are worse companies in the world than AT&T. It's not like they manufacture landmines or refused to recall dangerous cars or something. But screw up one little launch of a beloved Apple gadget (or maybe two, or four), and all of a sudden everyone wants you to line up right behind BP and listen to a congressman tell you to kill yourself.
iPhone pre-order day came and went this week, and from all the accounts I've read, it was a total disaster. Yes, lots of people did manage to squeeze in an order in time, and they'll get their iPhones on the official release date of June 24. Apple says it's ready to fill 600,000 pre-orders, assuming nothing else goes to hell between now and then.
But as a whole, the IT systems AT&T and Apple used for the pre-order rush were simply not able to handle the demand. Customers reported incredibly long waits online, crashing sites, slow lines in stores, screw-ups that overcharged people, and bungled credit card transactions. Some retail employees at AT&T got so fed up with the computer systems that they started taking orders down by hand in order to punch them into the machines later when they might start working again. "A" for effort, I guess.
In fact, demand was so high that by Wednesday, Apple had started moving back its promise date on new pre-orders. Those who didn't hop to it on Tuesday morning will have to wait until early July. And AT&T just plain stopped taking pre-orders altogether. As embarrassing as it is to not be able to handle a bunch of customers who are throwing money at you, I suppose it's one of the more desirable problems for a company to have. Same goes for everyone who had problems getting their orders through -- if this is the kind of thing you can afford to spend time being mad about, then believe it or not, you're an extremely comfortable human being.
But some AT&T customers say they have more to be angry about than just having to wait longer for a new toy. As the carrier's systems were in the process of melting down Tuesday, the blog Gizmodo reported on some strange AT&T website behavior. Some users said they were being charged for multiple phones after buying just one; at least one said he had his contract renewed without securing a deal on a new phone. The really weird one: Some users said that when they tried to log on to AT&T's site using their usual names and passwords, they were taken to someone else's account and had access to a lot of that stranger's information. An unnamed inside source at AT&T reportedly told the blog that it was the result of an improperly tested anti-fraud system update that was installed last weekend -- just in time to crash and burn in the most spectacular way possible.
Listen to the podcast (12:37 minutes).
E3 took place this week, giving video game makers the chance to impress us with even more sequels to the two-dozen-or-so game franchises that manage to make money, as well as the latest gimmicky add-ons designed to squeeze another few years of hardware sales out of their systems.
First up was Microsoft, which again demoed its triumph in flail-based gaming, the Kinect. This used to be known as "Project Natal," and it consists of an array of sensors you set on top of your TV and connect to the Xbox 360. It watches your movements and listens to your voice, and suddenly you're able to play games without holding a controller.
But Kinect will only work with games designed specifically for the system, so sorry, you can't mime your way through "Halo 3" just yet. The day-one game lineup for the Kinect looks pretty heavy on the fitness, sports and dancing genres, so roll out the plastic sheeting -- things are gonna get sweaty. The Kinect will hit stores on Nov. 4, but no price has yet been named.
Microsoft also took the chance to roll out a new version of the Xbox 360 itself. It's small, it's glossy black, and it finally has built-in WiFi, though still no Blu-ray support.
Next at bat was Nintendo, which finally showed us what this glasses-free 3-D thing is all about. Its new 3DS handheld system will play certain titles that appear in 3-D, just as long as you look at the screen head-on. IDC's Louis Ward got his hands on one, and he told us he thinks it looks impressive. No pricing or release dates were announced, though, so when you'll be able to see for yourself is still a mystery. 3DS titles will include new entries from series like "Zelda," "Donkey Kong" and "Star Fox."
3DS was pretty much the biggest thing happening in Nintendo's hardware universe. In software, the company's big plan is to take some decade-old meat out of the fridge, reheat it, and serve it up for the Wii. It's reworking crusty old titles like "Goldeneye" to play on its motion-controlled console.
It's not exactly a show-stealing announcement, but it got a fair round of cheers. Some of these games were prime rib back in the day, and they're still fun, right? The Enderle Group's Rob Enderle says this wasn't such a great idea because these old games don't play to the Wii's strengths, like motion-control hardware and sports titles.
IDC's Ward was a bit more optimistic. He told us, "These titles still have a relatively loyal fan base, and people don't forget about them as quickly as games on other platforms. It remains to be seen how this will play out with regard to marketing."
Finally, Sony got its chance in the spotlight when it revealed dates and prices for its own Wii me-too controller, the Move -- that's Sept. 19 in North America, starting at US$50 for the bare-minimum set.
Looking much further ahead into the future, Sony's big plans are all about 3-D gaming. But unlike other gimmicks meant to keep an existing console on the feeding tube for a few more years, getting 3-D on a PlayStation will not require you to buy a new $200 peripheral along with a bunch of new games. Nope, you'll just have to buy a $4,000 3-D TV -- and a bunch of new games. All the PlayStation 3s on the market right now are physically capable of going 3-D; they just need a software update from Sony to get going. But unless you have a bright, shiny, 3-D TV to play it on, you won't get very far.
With this 3-D push, Sony's placing a big bet on the future. Right now, only the freakiest of gadget freaks has a 3-D TV. But give it two or three years. Prices will come down, more content will be made available, and more and more people will opt to splurge for the 3-D TV when they get around to replacing what's in their living rooms right now. When that day comes, Sony figures it will already have that base covered, and it doesn't hurt that the company also has a line of 3-D TVs they'd love to sell you.
The situation is a little bit of deja vu from a half-decade ago. That's when Sony first showed the PlayStation 3, and back then it was a ridiculous product in terms of power and price. Michael Goodman at Mercury Media told us, "It was a $600 unit that did everything but sit up and chew gum. The problem was, they designed it for 2010 and launched it in 2006. Given the marketplace and penetration of HDTVs and broadband and over-the-box content, the PS3 is a wonderful product for this time. But in 2005, it was way ahead of the game."
So this betting-on-the-future play is something Sony's tried before -- could it be called a success yet? The PlayStation 3's a respectable platform, and it has the Blu-ray advantage, but in terms of sales, it's still the runt.
In software security research, there's a fine line between hero and jackass. Imagine you're a security researcher who's just found a hole in another company's product. If necessary, also imagine that you're not a criminal who wants to take advantage of the flaw to steal stuff.
You'll want to tell the vendor about the hole you found so they can patch it. But you'll also want them to hurry up about it, both because it's putting users in danger and because being the guy to call out a recognized and patched flaw looks good on your resume.
The leverage you have is giving them a deadline: I'm going to go public with this flaw in X days, regardless of whether or not you've patched it. What's the value of X? That's your shot to call, but if your intention really is to get the hole plugged, you should give the vendor a reasonable amount of time to do that.
That's why Google researcher Tavis Ormandy has shot to the top of Microsoft's list of most annoying people. He spotted a flaw in Windows XP and Server 2003, and just four days after he delivered the information to Redmond, he went public with the flaw as well as a proof-of-concept exploit.
According to Microsoft's Jerry Bryant, going public after just a half a week is beyond the pale, and it's put Windows users at risk. He told us, "typically and on average the finders give the vendor 30 days. Even the most aggressive finders give the vendors at least 14 days."
Wolfgang Kandek at Qualys more or less agreed, citing a flaw that was discovered at the hacker contest CanSecWest a few months ago. Hackers there found a common bug in all the major browsers, and even the fastest to respond, Mozilla Firefox, took 10 days.
But Microsoft's a big company with lots of resources, so if there's a fire this hot under their butts, they should be able to pull something together pronto, right? Perhaps, but it does take time to make sure your fix doesn't break something else in one of your related products, and when you have a catalog as extensive as Microsoft's that's a whole lot of testing.
Panda Security's Sean-Paul Correll told us, "If you look at responsible disclosure, you'll see a time frame of about five months given to vendors to fix issues. In Microsoft's case, the protocols involved are used through its products, and it has to make sure the solutions it provides are cross-compatible. They've got to make sure the fix doesn't break the product elsewhere."
If I were one of the thousands of people that AOL laid off in Fall of 2007, I guess my reaction to this story would be described as a schadenfreude sundae: one scoop of old and fermented rage, two scoops of fresh vindication, and a nice drizzle of smug on top.
Back in 2008 -- about half a year after cutting more than 2,000 people from its workforce -- AOL scrounged up $850 million for Bebo, a social networking site that was very popular in the UK. The idea was to turn AOL into what Bebo's then-CEO Randy Falco called "a social media powerhouse." Can't blame him for dreaming big at the time -- back then, Facebook didn't own the scene to the degree it does now, and Bebo was seen as a fit contender for the crown.
But once AOL got its hands on Bebo, it basically left it to gather dust in the garage. According to Andre Zdanow, a market strategist with Charles Vista, AOL has been trying to reposition itself since its high times in the dial-up Internet era, and Bebo was just one more abortive attempt. "Look at what Facebook has done -- it continually revamps itself. That is what social networks do to stay relevant. AOL didn't do that with Bebo."
Greg Sterling at Sterling Market Intelligence said AOL could have at least tried something interesting with Bebo -- reinvented it as a mobile-only network, for example, or used some of its platform tools to differentiate it.
But instead, Bebo just sat there, losing value every day. How much value? Possibly more than $1 million every 24 hours. This week, AOL sold Bebo to private equity fund Criterion Capital Partners, and the rumored sale price is $10 million, or 840 million less than AOL thought it was worth about 820 days ago.
Which Phone Will Make Me a Superhero?
Busybody nanny-staters are once again out to take all the ignorantly blissful joy out of life, just like they did with cigarettes, fast-food calorie levels, red dye #2 and medicinal mercury. Their latest target is the warm, soft radiation we get from our cellphones.
They've stopped short of ordering us all to carry our smartphones around in lead cases. Instead, San Francisco's board of supervisors has approved a measure that would require retailers to display exactly how much radiation is emitted by each phone they sell. Mayor Gavin Newsom is a known proponent of the measure, so he'll most likely sign it into law.
The measurement standard used under the proposal is SAR, or specific absorption rate. As far as the Federal Communications Commission is concerned, the maximum legal SAR level is 1.6. If a phone runs at that level or less, it's kosher. Under this proposed law, though, consumers would have the chance to see how some phones are kosher-er than others.
That's why the wireless industry has lobbied against the measure. Speaking for CTIA, John Walls told us, "It suggests that some phones are safer than others, which is contrary to the FCC standard. All devices have to comply with FCC safety standards, and studies show that one compliant phone is not 'safer' than another."
Vying for the proposal is the Environmental Working Group, which says that even that max SAR level of 1.6 leaves a wide range of radiation levels open, and having phones' specific stats in front of consumers at the point of sale may lead to pressure on device manufacturers to make their phones a little less brain-nukey.