Apple’s not-so-subtle political backing
I’m sure others have noticed this before, but this just caught my eye this morning.
Updates from steve918 RSS Toggle Comment Threads | Keyboard Shortcuts
-
steve918
-
steve918
Open Feature Request: iTunes Auth
Problem
There are a lot of applications that would like to persist user state for one reason or another and right now there are two options:
Option 1: tie everything to the device identifier.
Option 2: implement your own authentication and registration mechanisms.
From an end user perspective both of these methods provide me with a less than optimal experience.
Option 1 is convenient in that I don’t have to provide up front information, but if I ever upgrade or change devices then all of my information is lost.
Option 2 solves the problem you encounter with with option 1 and even provides a way to access my information across multiple devices, but at a serious burden. Now I have to complete a registration process where you choose a unique username, password and probably an email address. Filling out registration forms on my tiny iPhone keyboard is never a great experience and when you are done you have yet another set of credentials that you have to keep track of. In addition, the second option is non-trivial to implement from the developer perspective and requires a decent amount of server code.
“iTunes Auth” would be an easy way for a developer to invoke the iTunes login dialog and then retrieve a unique token identifier when a user successfully authenticates.
The token would be unique to the application and user and would provide no information about the user. It would just be a constant identifier the developer could use to associate persistent data to.
Technical details
Below is an overview of the implementation I have in mind. It’s not extremely in depth, but should give you a pretty good idea of what the implementation would look like as an application developer.
First your application would prompt the developer to sign in. For most applications this would only need to be done once per device + application combo.
[AuthKit authenticateUser];
Which would bring up the standard login dialog:
Once the user has authenticated your application might receive a callback similar to the one you get after registering for push notifications:
- (void)application:(UIApplication *)application didAuthenticateWithUserIdentifier:(NSData *)userIdentifier
With the user identifier being:
hash(Bundle Seed ID + iTunes Username)
Where the hash function is something like sha256 and the Bundle Seed ID is an identifier that is unique to an application or group of applications. This way each developer’s application has a different identifier.
OAuth would be another options, but I don’t see Apple exposing this as a web-service outside the device due to the phishing concerns so I don’t know if it’s really necessary.
Security
The method described above doesn’t provide any information about the user to the developer so no personal information is exchanged.
Even though the hash for that user+bundle identifier will always be the same, each application will have a unique hash for that user. This way it is impossible to determine if a user is the same from one bundle id to the next preventing any concern about libraries collecting analytics about user habbits across applications.
Phishing could become a concern since an application could present a login dialog similar to the actual dialog, but this is currently possible with StoreKit; therefore shouldn’t create any additional concern.
Summary
iTunes Auth would provide a simple solution to allow developers to easily persist user information without having to implement complex registration systems while giving users the ability to use the credentials they are already have. The unique nature of the user hash would allow developers to consistently identify a user without exposing user information limiting security and privacy concerns.
-
steve918
Apple and Carriers quietly raise 3G app download limit to 20MB
-
steve918
Free online Android programming course presented by CreativeTechs in partnership with O’Reilly
-
steve918
Great video summarizing what it takes to make money on the iPhone AppStore http://www.youtube.com/watch?v=7FtWWTllCrg I think the key ingredient here was just persistence.
-
steve918
Impressive open source Flash implementation in Javascript. Mind blowing: http://paulirish.com/work/gordon/demos/ via @elliottcable
-
steve918
Flashing led mind control widget
Ok so maybe I’m still working on the mind control part, but I’m going to figure out how Apple does it and just emulate that. The flashing led part I have got down though.
I had the opportunity to take a Eagle CAD workshop given by the local Dorkbot group. It turned out to be a blast. Probably the best $35 I’ve ever spent – seriously it was only $35 and I got 6+ hours of instruction and three copies of the circuit board I designed!
Below is a picture of the CAD drawing of the circuit board. It’s should appear pretty close to scale on your screen. It is just a Atmel attiny13 micro-controller powering a RGB led. Which is pretty similar to my RGB nightlight, but with much cheaper parts and a better footprint.
One other interesting bit: I don’t own a AVR programmer, I’m actually using my Arduino compatible board running mega-isp to program it.
-
steve918
RGB Arduino Nightlight
I recently started playing with the Arduino micro-controller platform and I thought for my first project I should make something easy, but fun and functional.
I posted a ton of photos showing the construction. I purchased all of the materials at Craftwarehouse and the Arduino board from Modern Device. The RGB LED and DC barrel jack I got at Radio Shack and the power source is a recycled 9v wall wart that was for an old RC radio.
An LED powered nightlight is perfect for a child’s room because it has a long life, consumes very little power and most importantly it doesn’t get hot!
I had to turn it off the first night I put it in my son’s room because he wouldn’t go to sleep. Instead he stayed up saying: ‘Oooh, it’s blue.’ ‘Oooh, it’s greeeeeeen.’
steve918
Discovery: ~/.ssh/config
I’m probably the last one to know about this gem, but it sure has made my life easier. I have like 4 or 5 random ssh keys to keep track of that map to various users on various systems. Up until know this has meant passing the write key file with the -i option to SSH, but no more; ~/ssh/config makes life much easier. All you have to do is define which sites go with which user and key and ding ding life is good.
Host example.com
User root
IdentityFile ~/ec2/example.pem
Host example2.com
User gitosis
IdentityFile ~/.ssh/id_rsa
Ben, and -
luke
umm, yeah. you’re the last to know.
-
Ben
I knew about Host in .ssh but I never connected the dots. Useful!
steve918
HTTP Client 'Web View' – My OSCON FOSS contribution
I’ve been using HTTP Client for testing HTTP requests for some time, but I’ve needed to be able to view the response as rendered in the browser on occasion. This is especially true when working with Django errors as they are very rich HTML content.
So since I’m at OSCON I thought it would be a good time scratch that itch while giving something back.
Pretty simple hack, but infinitely useful for me personally. Hopefully someone else will find it useful as well.
So here it is in all it’s glory. It’s compiled for Mac-Intel/Leopard.
Download:
HTTP Client – with ‘Web View’
-
gabe
I have a fork on github that adds an option to turn off certificate validation (for testing with dev https boxes), and fixes a “double” escaping issue.. if you put up your changes somewhere I can submit some patches…
http://github.com/gabriel/mac-httpclient -
Brad Choate
Why thank you — this has been on my own to-do list.
Brad 11:11 am on November 20, 2009 Permalink |
That is an awesome project… Now I need to get a Arduino and make something.
luke 11:54 am on November 20, 2009 Permalink |
that’s cool!