And I don't think that Tim Berners Lee ever imagined that the number one use for the internet would be p*rn. ________________________________
From: William Lefkovics [mailto:will...@lefkovics.net] Sent: Friday, October 02, 2009 10:00 PM To: MS-Exchange Admin Issues Subject: RE: iPhone experience What an interesting thread. I heard that the number #1 mobile device connecting to Microsoft's Exchange Servers is the iPhone. Rumours, surely. From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, October 02, 2009 2:10 PM To: MS-Exchange Admin Issues Subject: Re: iPhone experience Well said. As much as I dont like it for business, I do love this thing. I recently mounted and hard-wired audio/charging into my car, and I couldnt be happier with it (since its Jailbroken *snicker*). I do wish they would expidite more corporate features. But with the MobileMe service push, I just dont see that happening anytime soon. -- ME2 On Fri, Oct 2, 2009 at 4:54 PM, Mayo, Bill <bem...@pittcountync.gov> wrote: I was responding to "how do all the iphone lovers feel now" question you asked. There is no context in that question about corporations or enterprise readiness. I love my iPhone, so I felt qualified to answer the question that was posed. I definitely understand how intention doesn't always directly correspond to what your fingers type, so "no harm, no foul" from my perspective. I agree with you that the iPhone is not quite enterprise ready, at least from the perspective of companies that have specific data they need protected via legal requirement. That is not every company, though, and I am certain there are many places that the current functionality is "good enough". What I don't agree with is that Apple is touting that all security issues for enterprises are addressed. As someone that has followed this pretty closely since the iPhone was announced, I feel safe saying that Apple created and designed a consumer phone with the idea in the back of their head that this might have some enterprise use in the future. Apple is first and foremost a consumer product company and have been for a very, very long time. That is not to say that they haven't tried to dabble in the enterprise market some (e.g. XSAN), but that is not their core focus. When the iPhone originally came out, people came out of the woodwork asking for enterprise features. Apple began trying to address that, adding some features in each subsequent release. They have made quite a bit of progress in a short amount of time. But it is just that: a short amount of time. It's like people complaining about the issues with the App Store, which didn't even open until July 2008 (just over a year). I think it's safe to say that they were overwhelmed by the scale of the success (developers, downloads) of the whole thing. Again, it is obvious they are working to correct issues on it, but it is still basically just out of diapers. But back to the main point, Apple has been working to add the features that people are demanding and sometimes marketing-speak can make you look silly. Again, the iPhone is first and foremost a consumer device, so they have to balance the development resources appropriately (in other words, they just aren't going to focus on enterprise functions and ignore all those folks that want whiz-bang new features, like video). I think we can agree that the iPhone is not the answer for every business. However, the iPhone is a fantastic piece of tech, and cannot be dismissed as silly/crap/junk as so often comes up on this list. ________________________________ From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Friday, October 02, 2009 4:32 PM To: MS-Exchange Admin Issues Subject: RE: iPhone experience "I am not carrying around credit card information on my phone. For better or worse, there isn't a whole lot of personal information on the phone that people couldn't dig up other ways anyway." Nobody cares about that data anyway. Totally besides the point. Corporate data leaks, corporate espionage, HIPAA, Sarbanes Oxley, etc. That's the issue. Apple is trying to tout that the iPhone is Enterprise Ready, and that they have addressed all the security issues Enterprises have been asking for. Not the case. I'm happy with my users that are on AES-192 FIPS Certified Devices. iPhones, not so much. Goodlink has had AES, Polices, Remote Wipe, etc, etc for YEARS. I'm sure BB has too. It's amazing how slow other companies are picking it up. That being said, I still DO agree with many of your points :) -Sam ________________________________ From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Friday, October 02, 2009 12:24 PM To: MS-Exchange Admin Issues Subject: RE: iPhone experience You read those articles, right? You phrase your statement to indicate that Apple is actively misleading people ("lied") telling people that something is in place that isn't. The first article is a hacker saying he can work around the encryption and I assume he can. That doesn't indicate that Apple "lies" when they say they encrypt the data. Is it a "lie" to say that WEP is encryption because it can be broken? You have to understand that encryption was *just* added. At this point, I'm sure they understand they have a problem and I am sure they are working on it. As for the second link, that is referring to the report that with older versions of the iPhone OS, it incorrectly reported to Exchange Server that it had encryption. This has been fixed in the current version of the OS, and I think that is all you can expect. But the bigger point here is that Exchange simply blindly trusts any device that connects to it about such things. Does Microsoft not bear any culpability? There is a valid argument that vendors shouldn't misrepresent, but if you go back to your hacker in the first link, it would be trivial for someone to alter traffic from an otherwise legit device to say that it did offer encryption and blow up your policies anyway. Again, Exchange working on the honor system is just as much of a problem as the now-corrected behavior of the iPhone. I fail to see how any of the last 4 links have anything to do with lying, iPhone security, or encryption. Just a bunch of complaints saying that Apple shouldn't advertise software that it is 100% your choice to download or not. As for my "I feel just fine" response, I offer the following. I am not carrying around credit card information on my phone. For better or worse, there isn't a whole lot of personal information on the phone that people couldn't dig up other ways anyway. But if it were missing, I have the ability to: 1) locate where it is on a map, and 2) remotely wipe it. And I would imagine that the odds are in my favor that any person that might steal the phone is not a hacker anyway. Every time an iPhone topic comes up on this list, you can determine the tenor of the response from the name of the sender (myself included, no doubt). I really don't understand why some people get so bent out of shape whenever comes up, but to each their own. ________________________________ From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Friday, October 02, 2009 12:56 PM To: MS-Exchange Admin Issues Subject: RE: iPhone experience "Again, source? I feel just fine." Just to recap a few articles that were referenced in this thread: "Hacker Says iPhone 3GS Encryption Is 'Useless' for Businesses" http://www.wired.com/gadgetlab/2009/07/iphone-encryption/ iPhone has been lying about it's compliance with security policies http://www.infoworld.com/d/mobilize/other-iphone-lie-vpn-policy-support-865 Apple pushes iPod/iTunes/iPhone update that includes the Apache web server: http://www.itworld.com/security/79064/dont-need-it-dont-install-it http://www.macrumors.com/2009/09/09/apple-releases-iphone-configuration-utility-2-1-for-mac-and-windows-and-mobile-me-control-panel-for-windows http://blogs.computerworld.com/14808/apple_shovelware_problems_again_iphone_configuration_utility http://www.computerworld.com/s/article/9138620/Apple_pushes_unnecessary_software_to_Windows_PCs ________________________________ From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Friday, October 02, 2009 11:48 AM To: MS-Exchange Admin Issues Subject: RE: iPhone experience Again, source? I feel just fine. ________________________________ From: Steve Ens [mailto:stevey...@gmail.com] Sent: Friday, October 02, 2009 12:12 PM To: MS-Exchange Admin Issues Subject: Re: iPhone experience Another question - how do all the iphone lovers feel now that they know the security on their precious devices is crap and that Apple lied about the included encryption? On Fri, Oct 2, 2009 at 11:06 AM, Sam Cayze <sam.ca...@rollouts.com> wrote: "So how many of you that have deployed the iPhone have had to deal with physical damage" I have, but this guy breaks any phone he touches. Many of my friends have them, and they seem to hold up quite well. The problem is that At&t's excludes Assurion Insurance on the iPhone. (All other carries offer a damage insurance for smartphones, with a $50 or so deductable). A MUST IMO. That will leave you high and dry when someone breaks an iPhone. 1. Get 3rd party Insurance on the iPhone (http://www.squaretrade.com <http://www.squaretrade.com/> ), or check your Ins policy at work. You might be able to add a policy rider. (It was a rip off where I worked, I opted for square trade) 2. Keep a spare on hand. (Or at least a dumbphone), in case the user's phone breaks, and needs one ASAP. Another reason for 3rd Party coverage: Apple and At&t are NOT offering replacements to users that have bricked iPhones during an upgrade to say OS 3.1. (Ridiculous, I know, don't get me started). Sam ________________________________ From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: Friday, October 02, 2009 10:36 AM To: MS-Exchange Admin Issues Subject: RE: iPhone experience So let me pose an iPhone question. Compared to a BB, how does it physically hold up. I have guys here that just beat the living hell out of their phones and of course they are also the ones who want iPhones and the iPhone just looks too delicate for day to day usage by a lot of folks. The BB can take a hell of a beating and short of the occasional track ball replacement, I rarely have to replace them unless someone has dropped it in a toilet or some other catastrophic issue. But that glass front on the iPhone scares me. So how many of you that have deployed the iPhone have had to deal with physical damage? From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, October 02, 2009 8:25 AM To: MS-Exchange Admin Issues Subject: Re: iPhone experience OK, so my reply to you: I didnt say to pin it on anything. I said it can be done; which is true. I didnt say to do it or not to; only that its possible. I really dont know how I could have written a more neutral statement about it originally or in my reply to you. I dont think its fair to say I'm being disingenuous because of my intentional neutrality. Touché on the open source bits of router firmware, which opens the door wide for any modifications. My mistake for neglecting to take that into consideration. But, these forums have not been quick to uphold Microsoft's licensing when it comes to phone firmware/software customization. Theft, sure. Customization? No. Jailbreaking is not theft. Your comparison to BitTorrent use was disingenuous - for real. -- ME2 On Fri, Oct 2, 2009 at 12:24 AM, Ben Scott <mailvor...@gmail.com> wrote: On Thu, Oct 1, 2009 at 8:38 PM, Micheal Espinola Jr <michealespin...@gmail.com> wrote: > I don't see what was "disingenuous" about my reply to Bob. Not your reply to Bob, you reply to me. Which I read along the lines of, "Oh, I didn't mean you should actually *do* what I was talking about, I was just saying it's theoretically possible." You want to argue you don't think it's a big deal, or you interpret the license different, or something like that (which you did, now), okay. I might not agree, but I can respect that. But playing language lawyer to try and dodge ownership of what you say -- that is bogus. I have no respect for that. Maybe that's not what you intended to mean, in which case, I apologize. > Its funny, because whenever someone wants to get better access control with > a home router, there are plenty of recommendations for DD-WRT. The license agreements with those routers don't prohibit third-party firmware. Indeed, in many cases, they're specifically required to release the source under the GPL. Some even advertise their compatibility with third-party firmware as a feature, e.g., WRT54GL. Apple/AT&T forbids it in their licenses, release updates to counter it, and threatens legal action. See the difference? > Apple is not special. No, they're not. And these forums are usually pretty quick to uphold Microsoft's licenses. So why not Apple's? -- Ben