I’m a big Apple fan. There is big Apple news that I feel the need to share! Apple announced at their much publicized event on March 6th that they will be allowing developers to write programs for the iPhone and iTouch devices. The Software Development Kit or SDK is available to download from the Apple site. You will need a MAC running their new Leopard OS to write programs. People, this is really big!!! I was totally blown away watching the event the other evening. Apple invited 5 different companies spanning diverse industries, from games to medical software to present their programs at the event. The developers had 2 weeks to program something new for the event. Some had never written software on the MAC before. The companies themselves were quite surprised to see what they were able to accomplish in such short period of time. I think this move by Apple to invite third-party developers to program using the Apple SDK will propel the IPHONE into new dimensions. This is a huge accomplishment. It is simply a revolutionary device, a hand-held mobile computer that is always connected. In my opinion, Apple is reinventing the personal computer.

Apple will be the gatekeeper for all these programs. The only way you’ll be able to install these programs on your iPhone is through the "App Store" on iTunes which will be accessible using wireless, as well. Developers will name the price for the programs they write. Apple will take 30% off the top and the developer will get 70% of the set price. Apple will be hosting the application, distributing and marketing your application. Developers will need to adhere to Apple’s rules when writing programs. No porn, no malicious software, no illegal or privacy software will be allowed. It has yet to be seen whether Apple will allow applications that might compete with their own applications. If Amazon wants to create an MP3 download service, would Apple allow it to compete with their own WIFI iTunes store application? Or let’s say Sun wants to create a JVM to allow Java programmers to write code; will that be allowed? Lots of questions surface but we’ll have to wait until the end of June to see what happens.

So, being a developer, I absolutely had to download the SDK. I downloaded the "Hello World" sample application and opened up the source code in Xcode ( Apple’s IDE). With a click of a button I had the program running on the IPHONE simulator. I wish I had more time to play with this! As we speak, developers all over the world are writing programs. Bloomberg reported today that the SDK had 100,000 downloads of programs in less than a week. Another interesting point that Adam from the Maccast brought up is, what he calls, the halo effect for developers. He thinks that once developers start creating iPhone programs, they will love the experience and will, thus, want to start developing for MAC products.

Another very cool iPhone feature that is specifically geared to the gaming companies is the accelerometer. The accelerometer detects when the device is turned or moved and the display is viewed differently as directed by the movement. You may view pictures or video in landscape mode or look at a webpage in wide screen. Developers can take advantage and code for how the device is moved in the 3D space. This is particularly applicable to game developers. At the demo, I was blown away by the graphics/accelerometer use in the game called "Spore", developed by EA and a monkey game by Sega. To control the game you move and tilt the iPhone; very cool stuff indeed

There is an interesting concept that surfaces sometimes in business, politics or espionage called “Plausible deniability”.  It involves the creation of chains of command that are loose enough to untie when the need arises.  If high ranking officials or politicians become aware of disreputable or questionable activities, they may claim, using “Plausible deniability”, that there is no  way of proving they had any knowledge of such activities.  They can simply deny it, and since there is no direct connection to these high ranking officials, there can be no hard evidence linking themselves to the questionable activity or to the knowledge thereof.  The Plausible deniability concept is also applicable in technology, as you”ll see.

There is this great open-source encryption  software that you can install for free called Truecrypt.  Since most people have bank statements or other sensitive files stored on their computers, this program is for everyone.   You can easily set up what they call an “encrypted volume”.  What is that?  It looks just like any of your letter drives on your computer, but it is really a container of all your encrypted documents.  You can drag your sensitive files right into this new drive and use it just like any other drive, ie: drive F: on your computer.  Truecrypt performs “on the fly” encryption which means that your file is encrypted and decrypted in memory as you use work with it.    When you are done updating a file, it is always written back to the volume encrypted so you never have to worry!

When you mount a Truecrypt volume you need to enter your password and when the computer shuts down down the volume is then unmounted.  If you look at the file that is used to mount these encrypted volumes you’ll see random bits of data.  There is absolutely no way to get any information about your data stored on the encrypted file; it’s just random noise.  To give you an idea of how safe your data is, Truecrypt writes on their website:

“The only way to recover your files is to try to “crack” the password or the key, but it could take thousands or millions of years depending on the length and quality of the password/keyfiles, on software/hardware efficiency, and other factors.”

These guys really covered everything, so it is a highly secure system.  Truecrypt volumes are extremely easy to set up and their website is a great resource for how to get started and learn more about how this technology works.

Back to Pluasible deniability.  Let’s say that I created an encrypted volume and put some very sensitive files in my encrypted container, all is good and my data is quite safe.  Now let’s suppose that some evil  person gains access to your  computer and forces you to give over your secret files he thinks you have.  He knows that you’re smart and that you must have encrypted your sensitive data.  You have no choice but to give him your password and he then can take your files!  To get around this scenario, Truecrypt allows you to create a hidden volume.  A hidden volume is an encrypted volume within another encrypted volume, each having different passwords.  Now, in the case of the evil person, you can say to him “here are my secret files” and give up the password to the outer volume.  The files you “gave” him in the outer volume are not really your sensitive files.  The inner volume contains the truly secret files.  When you open up the outer volume there is absolutely no way of knowing that there is a hidden volume inside.  You have successfully invoked “Plausible deniability” in the sense that your adversary does not know anything other than that outer volume exists and you do not “have” any secret files the adversary wants.  The direct link was severed and you can deny any knowledge of those files.

In a future post we”ll talk about whole disk encryption a new feature of truecrypt. This solution is perfect for laptops or even desktops that contain sensitve data.