Tech-spelunking

UPDATE AT THE BOTTOM

I have an iPhone 4S and recently upgraded to iOS 6.0.1. My battery life had been middling before, but since moving to iOS 6, it had dropped dramatically. I now cannot make it through two-thirds of the day without putting my phone on a charger. I finally reached my limit yesterday and decided to figure out what was going on.

I started my hunt with some googling: ios 6 battery drain

Most of the hits are generic types of things to try. Tweak settings, reboot, restore, reinstall apps, and the dreaded, wipe and setup from scratch. I was pretty sure that last option would fix my problem but I didn't want to lose all of my apps' data and have to go through a long setup process. Being an iOS developer, I decided to peek behind the curtain and see what I could figure out.

I launched Xcode (Apple's developer environment) and then Instruments (Apple's performance monitoring tool). I connected my iPhone and started Instruments with the iOS Activity Monitor template:

This collects in real-time data about the processes running on your iOS device. The information is a lot like Mac OS X's Activity Monitor and looks like this:

My phone seemed relatively idle ("DTMobileIS" is the process that feeds data to Instruments so ignore it). But one thing I noticed is that the process "dataaccessd" had an enormous amount of CPU Time racked up. It was order of magnitudes higher than any other process. So, back to Google: dataaccessd ios battery drain

Now, we were getting somewhere – dataaccessd has been fingered before as a cause of battery issues. So, I investigated some of the hits and and came upon this Open Radar bug:

dataaccessd continuously crashing, draining battery.

With high total CPU time for my dataaccessd, it clearly wasn't crashing. However, this did ring a bell for me – I've had issues with Calendar. It tends to be very sluggish. I started playing around with Calendar while watching the Activity Monitor. 

What I found was startling. After launching Calendar, switching back and forth between a couple of the days in the month view and then locking the phone, the dataaccessd process would eat the CPU for close to a minute before settling down. I could reproduce this on demand with simple interactions with Calendar.

In an attempt to figure out what dataaccessd was doing, I used the Network template in Instruments:

What's nice about Instruments is that you can run this second template at the same time with the Activity Monitor template. When you focus on the dataaccessd process and drill down into the connections, it looks something like this:

I now recreated the problem and what appeared here was a ton of Data In and Data Out activity by dataaccessd. It was all on localhost so I presumed that what we were talking about was ultimately file I/O. 

So we are at the point where messing with Calendar causes dataaccessd to do a whole bunch of file I/O. If this happens whenever Calendar does anything (like handling Push from iCloud or firing off event alarms), I felt it is the likely cause of my battery issues.

Unfortunately, this is about as far as Apple's Developer tools will take you. You really need to be able to trace dataaccessd itself to figure out what it is doing. Instruments does have a template for this, but you can only run it on applications that can be launched. Long-term system processes like dataaccessd cannot be attached to. The inability to do this is also probably a result of Apple not wanting people poking around in the internal guts of a system process like dataaccessd.

With a little more Googling, you end up finding out that Calendar stores it's data in Library/Calendar/Calendar.sqlitedb. Apple doesn't allow you to access this file directly on the device but there's another way to get to it – through a device backup. 

My phone is set to backup over WiFi to iCloud, but if you right-click on the device in iTunes you will see an option to force a local backup. Once you do that, you can access your backup with iBackupBot, a cool tool that knows how to access and interpret your device backups. I found Calendar.sqlitedb and extracted it to my Desktop.

The first thing I noticed is that the file was close to 73MB in size! That correlated to the amount of I/O that dataaccessd appeared to be performing according to the Network template in Instruments. If dataaccessd is having to rewrite that file regularly, no wonder it's eating the CPU (and my battery).

I now decided to get into the database itself and check it out. I started Terminal, changed directory to where Calendar.sqlitedb was and started up sqlite3 to inspect it. Running .tables looks like this:

So, how do I figure out which table is the problem? I started by figuring out the sizes of each table:

sqlite> select count() from Alarm;
61
sqlite> 

I did this for every table in the database until I found the culprit:

sqlite> select count() from Participant;
390883
sqlite> 

Well that doesn't seem right! The Participant table was multiple orders of magnitude larger than any other table. Now, I started looking at the data in that table:

There are a *bunch* of participants on events in my calendar for events that appear to have originated on Google (I guess either because I subscribed to a calendar there or received them in email and accepted them on to my calendar). We need to look at the schema a little bit to figure out what is going on:

It appears that owner_id points to a row in CalendarItem that is the owner event for each Participant. So, we try to narrow things down to see what is going on:

Why in the world does one CalendarItem have so many copies of the same Participant on it? And how many times exactly you might wonder?

sqlite> select count() from Participant where owner_id=137500;
9771
sqlite> 

Whoa! Clearly there was a bug at work here. There were small counts of Participant rows with emails without "mailto:" so I figured that must have been the root of the problem. My best guess is it was fixed somewhere by somebody at some point but no code was ever written to clean up the mess it left behind in my Calendar.sqlitedb.

So, now what do we do about it? Again, a wipe and reset of the phone would probably fix this. But I wasn't interested in wasting time on that. So, I decided to try an experiment. I again backed up my phone and then made a zip archive of the backup directory in ~/Library/Application Support/MobileSync/Backup just in case things went horribly wrong. I then used iBackupBot to again extract Calendar.sqlitedb and started sqlite3 on it. I then took a chance and tried to get rid of the junk participants.

sqlite> delete from Participant where email like "mailto:%";
[...crunching away for a few seconds...]
sqlite> 

I then exited sqlite3 and now the size of Calendar.sqlitedb was just 2.2 MB! This was looking promising. I imported Calendar.sqlitedb back into my backup using iBackupBot and restored my phone from this backup.

This is where things got a little scary. iTunes restored the phone and it started rebooting – and then powered off. I powered it on and it powered itself off within about 10 seconds. I powered it on again and the same thing. At this point, I'm thinking "oh well, going to have to do a full recovery restore back to where we started" and powered the phone on again, prepared to put it into Recovery Mode. But I gave it another chance and to my surprise it finished booting!

I got Instruments running again with the Activity Monitor template and unlocked the phone. I interacted with Calendar and watched the effect. Calendar is now nice and snappy and dataaccessd runs for just a couple of seconds and then goes idle.

It's still early after this adventure so I'm not 100% positive this fixed my battery drain yet but the early indications are promising. Calendar is nice and snappy and dataaccessd no longer eats the CPU. The battery life feels subjectively better so far; it will take a couple of days to really get a sense for the change. And I haven't fully exercised Calendar to see if I haven't borked it somewhere with my database hacking but so far so good.

If anybody at Apple ends up reading this, I've kept a copy of that backup with the original Calendar.sqlitedb in case somebody wants to perform forensics on it. Also, I recommend writing a Calendar.sqlitedb "fsck" type of utility and adding it under the covers to the OS update process in order to keep this cruft at bay. You just might see the battery complaints die down.

UPDATE: My battery life has dramatically improved. Before, I had to start recharging it about 2/3's of the way through the day. Now, I can go an entire day with moderate usage and still have about 1/3 power remaining.

You may well wonder what the two items in the title of this post have to do with each other. Computer Security is of course the practices and tools that go into having a secure computing experience while anti-lock brakes are a safety feature on most modern cars.

When anti-lock brakes were introduced, they were hailed as a life-saving technology that was sure to reduce the number of accidents on the road and result in less injuries and cost savings for everybody. However, the real-world results never matched these expectations. When drivers learned about and began using anti-lock braking systems, they started driving faster, following closer and braking later. All of these factors effectively cancelled out the predicted benefit of introducing them in the first place.

A number of studies have concluded that Risk Compensation is the reason for this result:"an effect whereby individual people may tend to adjust their behavior in response to perceived changes in risk".

So, what's really happening here? People go about their lives behaving in ways based on the perceived risks of their activity. If they think they might get hit by a car when crossing a street (the risks are higher) they will look both ways before crossing. If they think they might have less odds of getting into an accident because their car has anti-lock brakes (the risks are lower) then they will drive more aggressively.

The effect is even more pronounced in professional sports. The National Football League (NFL) is experiencing more significant injuries while at the same time deploying safer equipment and changing rules in the name of safety. Players are responding to the perceived decrease in risks by playing the game more aggressively.

Putting Safety Pads on Your Computer

I believe Computer Security for consumers also suffers from the Risk Compensation effect, especially when it comes to firewalls and anti-virus software.

Firewalls and anti-virus software are staples of your average consumer computing experience. Most consumers don't really understand what these tools are or how they work, but they are told that if they use them and keep them up to date, they will be safe. Consumers are rarely educated about the basics of computer security technology. It would be charitable to say this is an oversight of an industry that wants to provide a safe and turn-key experience to its consumers. The more cynical reader is probably already thinking the more likely explanation; the technology industry doesn't think users can or will ever be able to understand these issues.

The problem is that firewalls and anti-virus software are not nearly as effective as our industry has led consumers to believe. Combine this situation with Risk Compensation and we have an impending disaster on our hands. Consumers who are not educated on the basics of computer security are taking significant risks based on a false perception that firewall and anti-virus software will keep them safe.

Drivers Ed

The analogy with anti-lock brakes is a useful one in more ways than one. Clearly the automotive industry and our society is doing something right concerning automobiles or we would have an epidemic of automotive accidents. I think the key is two-fold: 1) a sense of responsibility and 2) education.

Unlike when your average consumer buys a computer, a new driver must go through drivers education and pass a written exam. Vehicles come with manuals that have all of the basic operational details spelled out including all safety procedures. At the same time, we have laws and regulations that hold a driver responsible for the operation of their vehicle.

The result is a driving experience that we as a society are relatively happy with.

Putting on the Brakes

In comparison, when a consumer buys a computer, they rush home to unpack it, watch a quick introductory video on how to attach it to the Internet, install anti-virus and firewall software and then start surfing. No computer security information is taught and no sense of responsibility is imparted for how the computer is operated.

I want to make sure readers don't think I'm suggesting that we require a computer security version of drivers ed and a license to operate a computer nor that we need to pass new laws making users responsible for the actions taken by their compromised computers.

What I am advocating is that we start educating users about computer security. If they can learn important and complicated information regarding the safe operation of a car, they can surely learn material presented at the same level about computer security. I'm also advocating that we stop pretending that anti-virus and firewall software are going to protect consumers from all of the ills on the Internet.

People need to understand what level of real protection these tools are providing – and what risks they are still exposed to – so that they can become a constructive and active participant in improving computer security for everybody.

I came across this video the other day:

It's a really entertaining TED Talk about the world of computer security from the perspective of malware and presented by Mikko Hypponen of F-Secure. I encourage you to watch.

He closes with the following:

I've spent my life defending the Net, and I do feel that if we don't fight online crime, we are running a risk of losing it all. We have to do this globally, and we have to do it right now. What we need is more global, international law enforcement work to find online criminal gangs -- these organized gangs that are making millions out of their attacks. That's much more important than running anti-viruses or running firewalls. What actually matters is actually finding the people behind these attacks, and even more importantly, we have to find the people who are about to become part of this online world of crime, but haven't yet done it. We have to find the people with the skills, but without the opportunities and give them the opportunities to use their skills for good.

In other words, anti-virus and firewalls aren't the solution to our problem. Stopping the people who create and produce malware is.

At the same time, we have this sentiment that bubbled up in the news recently:

Is antivirus software a waste of money?

As it turns out, many of his security-minded peers don't use [antivirus software] either. The reason: If someone is going to try and attack them, they're likely to use a new technique, one that most antivirus products will miss. "If you asked the average security expert whether they use antivirus or not," Grossman says "a significant proportion of them do not."

That's a pretty clear indictment of the status quo. What we are doing is not working.

Guns don't kill people, people kill people

What I believe is happening here is a growing realization of what I've talked about before. The current security situation is a never ending battle of measure and counter-measure with ever increasing casualties. What is needed is a dramatic change in the way we approach this battle.

Mikko points to one way to change this. Stop trying to stop the "guns" in this battle from being manufactured and distributed; instead go after the people who are using them to commit crimes.

However, the same Wired article from above goes on to cite another approach:

Patterson said his company, Patco, had “good AV” at the time of the attack, but nevertheless it missed the password-stealing Trojan. Now, two years later, he’s taken an inexpensive step that every small business should take to prevent his company from becoming victim to this type of fraud: He’s told his bank give him a call before it authorizes any big money transfers.

This to me is the real game changer. And I hope to make Trust Inn the catalyst for that change.

This blog is primarily about interesting but obscure technology topics. Today, I'm going to take a slight diversion and market some of my recent work (which has also been responsible for a recent dry spell in blogging!).

I've started a new company: Data Bakery. Data Bakery is dedicated to developing and delivering powerful applications that put people in control of their technology – not the other way around. To that end, Data Bakery has built its first product: Trust Inn.

Trust Inn takes sophisticated encryption and information aggregation technology and packages it up as an easy to use web application. Trust Inn is focused on three problems: whether or not to trust websites you visit (trust), managing and integrating your personal information with those websites (identity) and ultimately managing your relationship to those websites (authorization).

Trust Inn is being delivered in phases, each focusing on the problems described above. Phase one (trust) is ready for early adopters today. If you are interested, check out http://www.trust-inn.com/. Do pardon the dust and be patient with us as we bring Trust Inn to life.

Asymmetric Warfare

In Computer and Network Security is Hard - Too Hard I lamented the sad state of security affairs. In that article I concluded that the only way to deal with the security problem was to launch "asymmetric warfare". Trust Inn is Data Bakery's weapon of choice in this effort.

So, what exactly does that mean? The problem I described is that the current security battle is about fighting never-ending skirmishes where only the details change. It's a new vulnerability one week and a new counter-measure the next. The story is always the same, only the details change. Trust Inn is dedicated to ending this cycle by changing the battlefield itself. This will be accomplished by addressing three areas: trust, identity and authorization.

Trust

Information about websites and whether to trust them is scattered all across the Internet in various websites, databases and technologies. It might be a rating at the BBB, a listing in a malware database or a vulnerability in SSL. Your average user doesn't have the time or the skills to aggregate and evaluate all of this information – they usually resort to luck.

For many years, I've personally believed that the Internet would change society dramatically due to the reduced ability for people to hide wrongdoing. The Internet spreads information about wrongdoing more quickly, democratically and effectively than our press could ever hope to.

Trust Inn is the embodiment of this principle when it comes to website trust. It aggregates and evaluates information for you while hosting user generated information about the trustworthiness of websites.

Identity

The concept of a username and password manager is not new – there are plenty of solid products on the market that solve that problem. However, Internet users have an identity that is completely separate from the personas they present to websites that they interact with. This identity consists of much more than a username and password; it consists of all types of information. And more importantly, there are numerous ways in which users want to securely use that information.

That's a more subtle and sophisticated problem that existing password managers do not address. Trust Inn will address this in the future by solving the problem the way users deal with it – in their web browser.

Authorization

Lastly, Trust Inn will address a problem that's deep at the heart of our security battles on the Internet: authorization. Normally, people don't think of our problems with security as an authorization problem. They believe that everything centers around usernames and passwords.

By establishing them, they instantly become a vulnerability:

• Users must remember and protect passwords
• Websites must store and protect passwords

This results in a fragile environment with a very large surface area. An enemy can attack the user, the website and everything inbetween to try and get the username and password.

But realistically, this is not about usernames and passwords. They are just a means to an end, the end being authorization. You only provide a username and password in order to authorize things like: logging into a website, transferring funds, sending and reading email, etc.

Trust Inn will ultimately deliver functionality that enables authorization without usernames and passwords. In this new scenario, the balance of power will be radically shifted towards the user.

Hopefully, it will be shifted enough to finally turn the tide in our battle with the bad guys.

One of my favorite toolkits is the Qt toolkit from Nokia. Qt is a toolkit for developing cross-platform GUIs that is available under both an open source and commercial license. It was first developed in 1991 and led to the formation of Trolltech in 1994. In 2008, Nokia bought Trolltech which caused quite a stir in the Qt community (see the comments on this Qt Labs announcement of the acquisition).

Trolltech had made a considerable investment in mobile GUI and platform development for Qt. The fear was that Nokia would close source Qt and shutdown development of the Desktop side. To their credit, Nokia promised the community they would not do this – and they've been good to their word. Ars Technica (which always has the best coverage of Qt) recently covered the new features coming in Qt 5.

Qt started off as a pure C++ toolkit and with Qt 5, Nokia has made it clear that the future of Qt is now their Qt Quick technology – a declarative GUI syntax with JavaScript runtime. (Sound familiar?)

Before getting into Qt Quick, it's worth stepping back and looking at the big picture – the picture of how Qt relates to its surroundings.

Abstractions and Layers

Qt's original reason for existence is to create a new GUI toolkit abstraction on top of multiple operating systems with their own native GUI toolkits. For instance, on Windows, you would write an application in C++ referencing the Qt QWidget family of controls that were themselves implemented on top of the Windows GDI.

Qt's appeal was that if you wanted to then run that same application on Mac OS X or Linux, you could take your C++ source code and with just minimal changes recompile and run your applications on those platforms. The QWidget control implementations on the other platforms would translate the Qt calls into Cocoa or XWindows calls as needed.

In essence, what Qt did was create a new windowing abstraction in their toolkit on top of the platform's native GUI toolkit. This new abstraction was very powerful for developers that needed to develop applications that were cross-platform and who didn't want to write a completely separate application for each platform.

Everything about this scenario sounds great on paper. The clouds only start to gather when you actually get down into the details. And that's when the abstraction begins to bear down upon you.

The Tyranny of Abstraction

Steve Jobs famously posted his open letter "Thoughts on Flash" during his battles with Adobe. In it, he focuses on the issues of Flash on iOS – but he might as well have been talking about Qt:

We know from painful experience that letting a third party layer of software come between the platform and the developer ultimately results in sub-standard apps and hinders the enhancement and progress of the platform. If developers grow dependent on third party development libraries and tools, they can only take advantage of platform enhancements if and when the third party chooses to adopt the new features. We cannot be at the mercy of a third party deciding if and when they will make our enhancements available to our developers.

This becomes even worse if the third party is supplying a cross platform development tool. The third party may not adopt enhancements from one platform unless they are available on all of their supported platforms. Hence developers only have access to the lowest common denominator set of features. Again, we cannot accept an outcome where developers are blocked from using our innovations and enhancements because they are not available on our competitor’s platforms.

What happens with technology like Qt is you are locked into their abstraction and as a result locked out of the platform's native abstractions – both for good and bad. The good is that you don't have to deal with the platform differences. The bad is that you don't get to take advantage of the platform differences.

The Chains That Bind You

Now don't get me wrong; I'm a big fan of Qt. But you have to be realistic about the tradeoffs that its abstractions impose on you and your project. For comparison sake, take PyQt as an example.

It would be easy to take potshots at C++ but let's just say we prefer Python instead. PyQt layers a Python abstraction over Qt so you can use it from that language. The difference between this abstraction layer between Python and C++ on the one hand and Qt's abstraction and the native platform's GUI on the other is the thickness. PyQt is a very thin abstraction that basically is more of a "translation" than a new abstraction. There is very little of Qt you can not access and use through PyQt.

This concept is what takes us back to Qt Quick. Qt has traditionally been regarded as a "cross-platform application framework". With this new emphasis on Qt Quick, I believe Nokia is taking a serious risk. Qt Quick is not a thin abstraction like PyQt on top of the C++ base. It consists of new concepts, behavior, syntax and languages. In other words it is another thick abstraction on top of the already thick abstraction of the C++ framework.

No Win Scenario?

If Nokia doesn't manage this transition well, I believe they risk turning Jobs lament about Flash on iOS into a prophetic prediction of Qt's demise. If Qt Quick becomes another thick abstraction on top of an already thick C++ abstraction, all of the negative effects Jobs points out will not be alleviated. They will only be compounded – and they are already being felt.

On the other hand, let's say Nokia pulls this off and the result is a new single, coherent, Qt Quick abstraction between your application and the native platform. An abstraction that includes a declarative GUI language. And a JavaScript runtime. Sounds an awful lot like a web browser.

After all of this work, will they end up with something the market regards as nothing more than a proprietary web browser? And at the same time will they expose themselves to new competitors with a non-standard solution in a market dominated by standards-based solutions?

Only time will tell.