This post is about last month’s Shenzhen Maker Faire. It follows on from Shenzhen Trip Part 1.

Maker Faire

Shenzhen was my first Maker Faire that wasn’t “Mini”. Mini Maker Faires are organised externally to Make Magazine but under license, and there have been two of those in Australia – Melbourne in 2012 and Sydney in 2013. Both were great fun, but I was looking forward to attending a “Big” Maker Faire.

Continue reading

Earlier this month I was lucky enough to head over to Shenzhen, China, for Dangerous Prototypes’ Hacker Camp and Maker Faire Shenzhen. I flew over with Jon Oxer (from Freetronics), and Mitch Davis (from Hackvana) was on our flight as well. Good Melbourne contingent!

Ian from Dangerous Prototypes has put a great series of day-to-day blog posts up on the Hacker Camp mini-site explaining the full program, so I won’t bore you by repeating them. Needless to say he and Jin, and the other organisers, did an insanely great job of showing us all the things they love about living in Shenzhen. I want to highlight just a few things from the trip that stood out for me.

Continue reading

Too much going on lately:

Still, it’s nice to have things that are (almost) coming to fruition.

Last Monday I walked into a Big W store here in Canberra and paid $188AU ($196US) for an Android smartphone, no network lock and no contract. I’ve had it for nearly a week now. What do I think? I think, with minor qualifications, that it’s almost unbelievably good.

Packaging

The Sonic comes in a fairly standard box. It contains the phone, battery, USB charger, USB to MicroUSB charge/sync cable, and a handsfree kit. There is a 2Gb MicroSD card already inserted in the SD slot.

The handsfree uses the common extended-3.5mm-stereo-plug pinout, same as the iPhone, which is convenient given the range of existing accessories (maybe this is a defacto standard now?)

Build Quality

The phone is a plastic “candybar”, and it feels very sturdy. I was pleasantly surprised after playing with the $99 Eken M001 and $149 M003 tablets last year, which each felt like flimsy rubbish.

The only remaining question is how the Sonic will age. The touchscreen doesn’t seem more susceptible to scratches than any other phone, but time will tell for sure. I anticipate it will hold up well, though.

Performance

The Sonic has a 600Mhz ARM11 processor (the Qualcomm MSM7227), and 256Mb of RAM.

Compared to the current crop of dual-core 1Gb superphones, you can almost hear the gadget fanbois scoffing and calling the Sonic underpowered and therefore useless. Still, the real proof is in how the phone runs.

The Sonic runs Android 2.3 Gingerbread extremely well – performance is snappy, apps open quickly. I haven’t tried enabling bells and whistles like live background animations on the home screen, but in out-of-the-box use the HTC Sonic runs perfectly without compromise.

Before using it, I felt dubious about the Sonic’s 256Mb of RAM. More or less every Android phone since 2010 has at least 512Mb, and Android is known to be a bit of a RAM-hog. For the most part though, I’ve found the Sonic’s low RAM1 to not be a serious factor. The built-in memory management in 2.3 seems to be good at keeping RAM free for use, while allowing apps to run in the background where possible. I installed “Advanced Task Killer”, but I haven’t needed to use it yet.

There’s a slight delay when re-launching something that’s been closed while in the background, but for the most part it’s pretty seamless. I was able to keep several web pages open at once in the browser without a hint of page reloads or slowdowns, while other apps kept running in the background.

Screen

The Sonic has a 3.5″ HVGA (320×480) 262-thousand-colour capacitive touchscreen. Again, although it isn’t on par with the amazing “super-ultra-OANULTIMOLED” screens in the Desire HD or the Galaxy S2, it is still a competent screen. On paper it’s comparable to phones like the HTC Magic, or pre-iPhone 4 iPhones.

The screen surface is very shiny, which made it a bit of a pain to read in bright sunlight (not unreadable.) Otherwise I find it very readable.

However, using Android 2.3 on the Sonic I did get the impression that 320×480 is now the minimum resolution that the Android designers are working with. In some situations there isn’t enough screen space for the keyboard, the status indicators, and context for whatever is going on. Although this can be a bit fiddly, it’s only in a few places and never totally unusable.

However, I wouldn’t want to use 2.3 on a lower-resolution phone, and I suspect future Android versions may not fit comfortably on the Sonic’s screen.

Similarly, even though a 3.5 inch screen is realistically quite big, the default Android keyboard can be a bit small and fiddly when typing. I installed the free Swype keyboard beta and although I’m still getting the hang of it, it seems more forgiving.

As a Phone

The Sonic has a good loud speaker, good earpiece audio quality and volume. It does the “basic phone thing”2 very well.

Vendor Customisations

Huawei, thankfully, has resisted the urge to heavily customise the Sonic. The phone ships with the default Android launcher running a custom colour theme, plus a somewhat neat “cube” effect when switching launcher screens and an Expose-like “quick home screens view” that you can pull up by pressing Back on the home screen. The latter effects are particularly nifty.

The crummiest bit of “vendorware” is “Hi Space”, which as best as I can tell is Huawei’s “me too” App Store with some bonus features, but without any apps I actually wanted to install.

This is placed front-and-centre on the default home screen, and when I first used it my heart sank. Thankfully, though, Google’s Android Market is also installed (although not on any launcher home screen), and works fine.

I think Huawei really made a big mistake featuring Hi Space over the Android Market. Novice users are going to fire it up and look for things like “twitter” & “facebook”, and they won’t find them. If they don’t know they can dig around for the Market, this has the potential to cripple their use of the phone. It’s pretty much textbook “bad user experience”, and for what? So Huawei can pretend to be Apple?

Music Player

Huawei have also put in their own customised “Huawei Music” player. It is um, heavily, um, cough inspired by the iOS music player.

Even down to a very familiar “cover flow” type view if you turn the phone sideways:

Where did they get that 'unknown album' icon from, anyhow?

… however, amusing “inspirations” aside, the Huawei Music Player app actually seems pretty good.

EDIT: The next time I used this player I noticed a pretty major bug – all albums are played in alphabetical order by song name, even when the songs have track number tags & track numbers in the file names. Annoying. Have installed the PowerAMP trial.

What lets the Sonic down as a music player, unfortunately, is the sound quality. There is a significant background hiss any time the internal amplifier is on, loud enough in headphones that it eclipses even moderately quiet details in music. I’m not a card-carrying audiophile, and I’d expect some hiss in any consumer music player, but the Sonic is loud enough to ruin the experience for me. It was audible through the cheap-and-chearful earbuds that came with the Sonic, downright grating with my Sennheiser MM50 in-ear headphones.

Given that music was one of the reasons I went back to a smartphone, it’s safe to say that if I ditch the Sonic for any reason, it will probably be audio quality.

Battery Life

On my first full charge I got 2d 11h 27m before battery dropped below 3% and I decided it was time to charge.

That was with Wifi on about 35% of the time, GPS and mobile data on approximately 10% of the time, and only used lightly. Email, facebook, twitter were all checking for updates in the background.

Writing this now, the phone has been on battery for 50 hours with plenty of use and although the lock screen advises to “connect your charger”, I still have plenty of juice.

So I’m pretty happy with that. I think if you turned absolutely everything off and didn’t use the phone then you’d have a shot at the 72 hours that Huawei claims it will stay on standby for.

Camera

Unsurprisingly, the 3.2MP camera in the Sonic is pretty “camera phone like”. It’s good enough that in good light you can use it as a “visual notetaker”. You won’t want to hang the pictures on your wall, though.

For the pixel peepers, here are 3 quick unretouched sample snapshots from the Sonic. One taken at dusk, one on an overcast afternoon, and one indoors at night (poorly lit room.)

NFC

The Sonic also features NFC (Near Field Communication), which from what I can tell seems like a more complex version of RFID. The promise is that you’ll be able to do things like banking transfers by waving your phone near a reader. If you live in Europe or Japan then I expect this is very exciting, but I’m not holding my breath for the banks in Australia to roll it out.

Of course, I guess NFC support does mean I could get an RFID tag embedded in my arm and use it instead of an unlock code! :P

“Rooting” & “Custom ROMs”

When I first bought this phone, I expected it’d take some “customisation” before it was really any good to use. I figured at the time it was a compromise, the low cost in dollars means a cost in time spent tinkering. I like tinkering, so I figured I’d give it a shot.

Imagine my surprise when the phone is very good out of the box. I don’t really feel like I will want to load a “Custom ROM”, except maybe just to experiment.

That said, at this stage my simple investigations into serious customising haven’t gone well. “z4root”, apparently the easiest way to unlock root access on Android 2.3, doesn’t seem to work (exits suddenly but cleanly after the status message “obtaining root shell”, seemingly without having actually done so.) I haven’t done any more investigating yet.

The Sonic is a newly released phone though, so I expect more information and tools will appear in time.

Open Source Situation

Huawei themselves make Linux kernel source available for their devices, and the releases seem timely and are (apparently) complete. This makes me happy, and bodes well for community developments in the future.

Compared to the Huawei Ideos U8150

I came to the Sonic U8650 after looking at the Ideos U8150, which is now available for less than $100AU through some carriers. The Sonic is very similar to the Ideos, although there are some noteworthy differences:

The Ideos’ screen is smaller at 2.8″, and half the resolution at 320×240. I haven’t used the Ideos, but considering that the Sonic’s screen feels somewhat cramped I think this is the number one reason to choose the Sonic.

The Ideos’ chipset is MSM7225, very similar to the Sonic’s MSM7227 although slightly slower (528Mhz vs. 600Mhz.) Also the MSM7227 has a 256kb L2 cache, which the older sibling apparently lacks. All told, performance should be marginally better on the Sonic.

The Ideos ships with Android 2.2, although there is a “Custom ROM” with 2.3. 2.3 in the Sonic works very well out of the box, and this probably makes it a better option for most people. However, the availability of custom ROMS can be seen as something of a positive for the Ideos, because there are people actively working on source-based Android builds and kernel versions. I’m hoping that in time the Sonic will prove similarly popular with tinkerers, given its good ratio of cost to functionality.

Other Alternatives

What other budget Android options are out there? From what I’ve seen, in the same price bracket there are some similar phone models from major manufacturers. For instance, the Samsung Galaxy Mini or the HTC Wildfire. But they mostly have lower-resolution 320×240 graphics, and many (like the Wildfire) don’t officially support Android 2.3 yet.

Telstra sell the ZTE Racer as the Smarttouch for $99 but it’s both a small screen, resistive touchscreen (eck) and comes locked to Telstra. The ZTE Blade is apparently a good option (more RAM than the Sonic and a higher res screen) but it’s not available in Australia yet, you’d have to import it yourself.

Finally, there are secondhand smartphones. The HTC Desire & Samsung Galaxy S both seem to sell used on ebay for only marginally more than the Sonic costs new, so that could be a good alternative.

Bottom Line

Four years ago a 4Gb iPhone cost $499US, a year later the HTC Dream (Google G1) with Android cost $399US. The Huawei Sonic is several times more useful and usable than either of those phones, and costs less than half as much. I can see it being huge in markets like China and Indonesia, where many people want smartphones but most do not have the buying power.

I guess the Sonic’s affordability isn’t surprising given the unending march of technology towards lower costs with more features. However, it still daunts me that four years ago smartphones were boutique nerd curiosities, and now they are practically commodities, with no tradeoff in quality.

In other words, I’m amazed at how happy I am with this phone. It’s not going to set the world on fire, but it works well and does everything I would want from a smartphone.

Apart from headphone audio quality, the dislikes I do have are all niggles with Android rather than problems with the Sonic itself. And I suspect a lot of them are just the experience of a former iPhone user getting used to “the Android way”. Not the fault of the Sonic.

And did I mention that the Sonic costs $188AU?! Bought from a bricks-and-mortar store with a “change of mind” returns policy, and a walk-in return to claim the one year warranty. Without any network lockin or contract. That blows me away.

If you want a competent Android smartphone on a budget, and you’re not interested in “alpha geek” pissing contents over features and specs, then I totally recommend the Huawei Sonic.

EDIT: I’ve written a follow-up post about the Huawei Sonic, 10 months on.



  1. Being an embedded systems programmer during the day, I honestly find the very notion that 256Mb RAM is considered “low” to be cringeworthy. That’s Android for you, I suppose. []
  2. I know, people still make phone calls. WTF! []

When I ditched my iPhone 11 months ago, I promised a follow-up post about the experience. So here it is.

Quitting

Only one thing really surprised me about going back to a “dumbphone.” The idle moments. The habit of pulling out my phone to fill them was deeply ingrained, even more than I’d realised. Every time my brain hit a pause, there would be a moment of agitation: “I’m here and I have nothing to do for a few moments, what do I think about? Where’d my phone go? What else can I do with my hands?” That feeling (“disconnect anxiety”? withdrawal symptom?) lasted for a couple of weeks.

The other interesting thing was how many people sympathised with me (either here on the blog, or in person.) A few people openly told me I was crazy or self-obsessed (both legitimate charges, in all honesty), but a lot of people also really seemed to relate. Most of them had iPhones or other smartphones that they didn’t intend to give up, but they seemed to relate to me wanting to. That phenomenon interests me a lot.

Relapse

<

p>So why did I decide to get back on the smartphone wagon, after all my self-righteous abandonment last year? There are a few reasons:

Hypocrisy. Honestly, on the few occasions when I’m out and I really want to google something or look an address up on a map, I just rely on Jess having an iPhone. Smartphone cheating. Similarly, when I’m at home I’ll just pull my laptop out. Less convenient than a phone, but the same end result.

LastPass. I’ve started using the LastPass password manager, which basically means that without my own computer or phone at hand I’m locked out of nearly all my online services. I can’t just go to an internet kiosk and check my email when I’m in a foreign city or an airport, any more.

IOIO. Android has some really cool new stuff in it for tinkerers. Can’t wait to have a play.

Hackerspace tunes. Sounds stupid, but I want an mp3 player to plug in at the Hackerspace. Pretty much all non-iPod MP3 players seem kinda sucky or ridiculously expensive. Everyone else just uses their phone, so I figured I should too!

Price. I’ve gone with a $180 Huawei Android phone (will write a review.) This both appeals to my inner skeapskate, and the idea of cheap/commoditised smartphones really interests me (boutique to commodity tech in 4 years!?!)

As for the other behaviours I disliked myself for in the past, I’m hoping I can rely on self-control. Time will tell.

TL;DR version

I did some investigation into the Bing & Google spat. Once the Bing Toolbar is installed, IE 8 sends Microsoft a summary of every page URL that is requested. I found no evidence the toolbar singles out Google, or even search engines. I found no evidence of directly copying search results.

The results seem to indicate that Bing treats Google’s search result pages the same as any other URL on the world wide web.

The rest, it would seem, is all spin.

Background

Over the past 48 hours Google & Bing have been having a public spat about search results. The initial salvoes led to Google’s official blog post “Microsoft’s Bing uses Google search results—and denies it“, then a counter-post from Microsoft “Setting the record straight“. These two official posts have been accompanied throughout by other parties posting comment, criticism and also poking fun.

Spinny Spin Spin Spin

Two things have struck me as bad in this debate. First off, the insane levels of spin. Google’s original blog post minced no words about implying the actions were deliberately targeted, and went directly on the attack with statements like “some Bing results increasingly look like an incomplete, stale version of Google results—a cheap imitation.”

Bing’s counterspin was just as shocking, associating Google’s tactics with “click fraud” and casting the focus across to other Bing features that have (allegedly) shown up in Google.

Google seem to have struck first in the spin war. Their official blog post painted Google as the innovator, and Bing as the unquestioned copycat. This left little room for either party to save face, but it left Google with a massive PR upper hand.

Science?

The other problem I see is with Google’s methodology. The blog post explains how they concocted a series of experiments to “determine whether Microsoft was really using Google’s search results in Bing’s ranking.”

The experiments produced results, but not in any kind of scientifically conclusive manner. There were no scientific controls, and the conclusions were presented as simply supporting Google’s argument, with no other plausible explanation ceded.

My Investigation

I decided to run my own investigation. Armed with nothing but a humid Australian summer evening, Wireshark, and beer. I also have a Windows XP VM that I keep around just to run Adobe Lightroom.

First off, I installed a vanilla IE 8 and started my packet capture.

Straight away, I saw TLS encrypted connections to a Microsoft IP. Caught red handed?

A quick session with the excellent freeware API Monitor let me read the unencrypted data.

Seems that this is the IE anti-phishing filter. A SOAP request is sent once for each domain the browser visits. The responses appear to be cached so the same domain is not requested twice.

For example, here are the only two SOAP requests sent to Microsoft when I navigated to google.com.au, searched for “green fig jam”, and clicked the third link. Excuse the XML.

You’ll notice the only two URLs sent were the article I clicked on and some tracking URL on that same site. The search URL on http://google.com.au was not not even looked up, because google.com.au had previously been cached as a safe domain.

The anti-phishing service seems to be innocuous. It does not provide enough information to enable any “copying of search results”.

Bing Toolbar

I couldn’t find any other data sent by plain old IE 8 (including Suggested Sites.) Time to install the Bing Toolbar and give away some more of my precious privacy:

Immediately the packet captures started getting interesting:

Unencrypted HTTP GETs to g.ceipmsn.com, one for every page that the browser loaded.

Here’s the full encoded HTTP/1.1 session, as captured by Wireshark. Below are the individual GETs sent when I opened a new window and visiting my website, projectgus.com.

This first GET seems to be an initial identifier sent when the browser opens (nothing is sent back in the response.) Then there is a GET when I type projectgus.com on the address bar. Then one for the Telstra GPL Violation link on the front page. Then finally one when I click through to the GPL-Violations FAQ.

Among the interesting pieces of information that are sent:

  • A unique identifier for at least my Windows login session, maybe my computer. I never saw it change. (MI=0E6B38A7645C4121BC051BDBF57482AF-1)
  • Version numbers such as my VM’s OS version (XP Pro), and some others. (OS=5.1.2600)
  • Timestamp and timezone. (ts20110203221808108|tz-600)
  • The URL loaded. (euhttp://gpl-violations.org/faq/vendor-faq.html)
  • The link text clicked on to get to that URL. (atvendor%20FAQ)

There are also some other interesting fields that appear in some other captures, such as the original URL if a redirect occurs. There doesn’t seem to be any page content sent, just URLs and sometimes link text.

What about Google?

Here’s another full session, recorded when visiting google.com.au to search for Microsoft Seaport, then clicking on the third search result.

Here is some of the pertinent data sent to Microsoft from that session:

<

div style=”text-align:left;”>

  • euhttp://www.google.com.au/search?hl=en&source=hp&biw=1676&bih=813&q=microsoft+seaport&aq=f...
  • euhttp://www.google.com.au/url?sa=t&source=web&cd=10&ved=0CFgQFjAJ&url=http%3A%2F%2Fsmartnetadmin.blogspot.com%2F2010%2F02%2Fremove-microsoft-seaport-search.html&rct=j&q=microsoft%20seaport&ei=ho1KTbQXjMlxw7vFtws...
  • |euhttp://smartnetadmin.blogspot.com/2010/02/remove-microsoft-seaport-search.html

… these are just some of the 12 URLs requested by the browser as it went through these motions. Ironically, most of the other page loads seem to be Google, Blogspot & Doubleclick all recording tracking data.

Interestingly, the ‘at’ field showing the link text doesn’t appear when tracking Google activity. I don’t know if this is IE8 honouring robots.txt, or some other factor.

It’s clear to see that if Bing mines this data then it could associate Google search queries with the resulting pages. This is simply because the query is encoded in google’s URLs, and then the result page URL follows. In this way, though, it does not look like Google is being treated any differently from any other web site with human-friendly URLs.

In particular, Google’s experiment (injecting unique strings into special searches) could surely have caused these associations to occur, from the data seen here.

It’s worth noting that, on the face of it, mining tracking data in this way could provide better search results – by mining where users really do click all over the web, and which pages they bounce through before finding useful content.

Of course, there is nothing in this investigation to suggest that Bing doesn’t have some special “google filter” running on their server side to extract Google clicks from the rest of the tracking data. However, there’s also absolutely no evidence to suggest that this does happen. Occam’s Razor would seem to apply.

So who done bad, again?

The behaviour I’ve seen explains Google’s experiments, but does not support the accusation that Bing set out to copy Google.

Bing Toolbar is tracking user clicks and Bing could use the result to improve search results. I don’t personally see any great distinction between this behaviour and Google’s many tracking, indexing and scraping endeavours which they use to improve their own search results.

While I personally dislike the privacy implications, Bing Toolbar is pretty upfront about it when it gets installed (unlike much web page user tracking.) The fact that the tracking is plain HTTP not HTTPS, with the content in plaintext, would seem to indicate that they weren’t seeking to hide anything.

Ultimately, the worrying question for me is whether web search has become so stagnant, and so generic, that this kind of name-calling and spin-doctoring may now be the only way to carve out a brand?

This letter is my plea and suggestion to Wondermedia, although the theme applies to similar tech companies as well.

(If any fluent speaker can translate this into Chinese for me, I’d very much appreciate it!)

Dear Wondermedia Technologies,

Congratulations on your WM8505 system-on-a-chip. In 2005, a “$100 laptop” was a visionary idea, a dream. Now, thanks to your technology, I can buy a netbook for $85, including shipping to my house in Australia. If I was in Shenzhen, who knows how cheap it would be?

That netbook has more power than the $3000 desktop computer that I owned 12 years ago.

However, it’s not all good. Ars Technica recently labelled the $99 Maylong M-150 tablet the “worst gadget ever”. That tablet is built around your WM8505. Noone who reads that review will buy the product. No importer will read that review and decide to wholesale order any WM8505 product. No hardware engineer would choose WM8505 on the basis of that review, either.

It doesn’t have to be that way. Vendors can ship better tablets and netbooks, that get better reviews, at no cost to you. You can sell more units, at no cost to you.

Take a look at the custom firmware on Slatedroid.com. Every one of those people has modded the same proprietary WM8505 build of Android 1.6 to try and make it better. It runs faster and smoother and has more features. They have spent hours of their time trying to make your products better.

Take a look at the rough port I did of Android 2.2 this week. It’s very poor quality, but it doesn’t have to be. It can be better, at no cost to you.

Look at the months of hard work by the talented Alexey Charkov to make a WM8505 Linux kernel that is good enough to be in the official kernel tree. Big players like TI, Marvell, NVidia all pay talented developers to make Linux code that is good enough for inclusion in the official kernel. Alexey is doing the same for you, for free. His work is coming along slowly, but it could be coming faster. You can help him to help you, at no cost.

What resources are the community using, at this moment? At the beginning, barely anything at all, just incomplete leaked data sheets. Then you were kind enough to release most of your Linux kernel source, which has helped greatly.

<

p>I’m writing this letter to suggest you release more, for your own benefit. Many big companies provide datasheets, BSPs, SDKs, source code for free. You should do the same with what you already have. With more information and more source code, it would be possible for the community to build many things. If we had the Android 1.6 source code, WMT SDK source code, or current/complete documentation (even in Chinese) then the community would be able to develop Android firmwares with more features and better hardware support, maybe even a 2.2 port that runs well. There is nothing stopping vendors from shipping devices with a community Android build, if it is better. More WM8505 sales, at no cost to you.

More datasheets and documentation will also make Linux kernel development faster and better. How much of your own developers’ time do you save if the mainline Linux kernel has Wondermedia hardware support in it, instead of having to keep patching it in-house? Better quality kernel, less maintenance costs, no cost to you.

The community is indirectly trying to give you a competitive advantage, for free. All you need to do is open up.

Why not open up? One reason, I think, is that you probably charge for this information. Charging for BSPs & SDKs is a revenue stream. I ask you this: How big is that revenue stream? How many more units do you need to sell before it does not matter any more?

Maybe you think that you can’t afford the support costs, or the maintenance overhead. If this is a concern, rest assured that the community does not need much. Even if you just “leak” a torrent file or send the files for someone else to host, the Internet will make sure that they never go away. The community already provides support for each other.

I realise this is not the same as most small hardware companies’ culture. However, there’s no reason why you can’t behave like the big companies on this. This will differentiate you in the marketplace and give you an advantage. The community is standing by, waiting to help make your products great.

These words apply to all similar companies, not just Wondermedia. If someone becomes the first truly open manufacturer of small, affordable, embedded ARM systems then I predict that the developer community will beat a path to their door.

Telstra have issued a PR statement about their GPL compliance. The statement is a promising sign, but I’m afraid it is somewhat misguided.

Update 9/11: Today Netgem have posted a new version of their GPL source, labelled “T-Box”. I’ve also been contacted personally today by a Telstra representative about the T-Hub product. Both things are excellent to see, Telstra do appear to be taking this very seriously. Will post any more developments as they occur.

However, now I know. If you want an answer from a massive multi-billion dollar company like Telstra, you don’t waste your time with customer service. You carefully research and publish a blog post shaming them, then hope that the tech media will pick it up and bring it to their attention.

I’m so glad that’s clarified.

Actually, the follow-up to yesterday’s “Telstra violating GPL in their T-Hub product” post has been awesome. Big thanks to Renai LeMay for noticing and reporting on it via his news site Delimiter this morning, from where it seems to have spread.

The follow up was so awesome that this afternoon Telstra released a PR statement. To my knowledge they haven’t released it publicly, and they didn’t send it to me (*sadface*), so I can only quote from Delimiter:

“We’re currently talking with our T-Hub vendor to work out whether software used in the product is subject to [the] General Public License (GPL),” said the company. “Should we find a lack of compliance, we promise to work with our supplier to correct it.”

This is excellent. I think it’s commendable that Telstra have reacted to this, and I eagerly await news of further progress.

Clearly, I would have rather that they (a) checked well before they launched the product back in April, and (b) had an effective customer service system so I could have gotten this answer when I first tried to contact them privately about it. However, nonetheless, it’s excellent news.

T-Box

Telstra also weighed in on their T-Box, a set-top box & IPTV product which is manufactured by Netgem but branded and sold by Telstra:

“T-Box owners can find licensing information about the open source software incorporated into their device by visiting the settings menu,” Telstra said. “The source code for the open source material is available from our vendor’s website and we believe all GPL code is identified and is available to customers.”

To verify this, I detoured home from work via my local Telstra Shop and took a look at the demo model. Sure enough, you can select Menu -> Settings -> Information -> Licensing & Copyright.

Apologies for my crummy photos:

TBox Licensing & Copyright
Here are the two sections that appear relevant to GPL (my transcription):

FFMPEG License LGPL: Detailed licensing information is available at http://www.gnu.org/licenses/gpl.html.

GPL License: libstdc++ (GPL with run-time exception), dhcpd, iptables, pppoe, madwifi, wpa-supplicant, iwtools, busybox, dosfs tools, e2fs tools, insmod, drivers i2c (partially), USB Sigma.
Detailed licensing information is available at
http://www.gnu.org/licenses/gpl.html

I’m not a lawyer, but this doesn’t look like GPL compliance to me.

In order for this section to constitute GPL compliance, I think it would need at least three things:

  • Actual source code included with the product, or alternatively

    “a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code”

  • The full text of the License, as per GPL Sections 1 & 2, rather than a plain URL.
  • To be accompanied by “an appropriate copyright notice”. The only copyright notice in this document is “©Netgem”, which conveniently ignores the fact that large parts of the product are, in fact, not copyright by Netgem.

In fact, all three of these errors are listed as common mistakes in GPL-Violations’ excellent Vendor FAQ, which I linked to yesterday.

“available from our vendor’s website”

OK, so nothing indicates yet that the T-Box is technically compliant. Maybe Telstra & Netgem have still made an effort at compliance. Let’s check out the assertion that “source code for the open source material is available from our vendor’s website”.

Update 9/11: Today Netgem have posted a new version of their GPL source, labelled “T-Box”. This is excellent to see.

Netgem does have a GPL download page. Unfortunately, it doesn’t actually mention T-Box anywhere. The product on that page is a “Netgem HD”. Are they the same?

I searched Netgem’s site for T-Box, but all I could find were press releases. I searched Telstra’s web site for Netgem, and all I found was a comment written by a customer suggesting a T-Box is a “Netgem 8000”. Not sure how that relates to the “Netgem HD” source, or even if it is true that the two products are 100% identical.

Adding insult to injury, the latest firmware download on Netgem’s site is v5.1.08 (January 2009), and users are reporting T-Box versions like 5.1.96.9 (03-Aug-2010). As my favourite Vendor FAQ reminds us, “The source code has to be 1:1 corresponding to the executable (object) code actually shipped.”

User Guide

I also looked in the T-Box User Guide, which is available via download from Telstra.

The user guide contains no reference to the “License & Copyright” section that is available in the user interface. It does, however, contain a “Legal Notification” section. This section has completely different text, and no open source mentions. Ironically, it does contain the following passage:

In using your T-Box, you must not violate any intellectual property rights concerning a brand, design, photo, licence, software program, audiovisual work or any other form of intellectual property.
Any violation of these intellectual property rights and, in particular, any act of piracy, will be subject to the penalty applicable within the legislation put in place.

Hmm, yes. OK then.

Conclusions on T-Box

Without physical access to a T-Box it is not possible to say conclusively if it violates GPL. However, I think I can safely say that Telstra’s PR statement is completely misguided if it means to imply that this meager offering constitutes GPL compliance.

From what I have seen, I believe that Telstra and/or Netgem should immediately take the following steps:

  • Amend the “License & Copyright” section of the product so it contains GPL compliant text. For examples of how to do this, look at any Android mobile phone and also read the wonderful Vendor FAQ.
  • Amend the User Guide “Legal Notice” so it contains the same text as the “License & Copyright” section, removing ambiguity.
  • Provide source code under the name “T-Box”, rather than under an obscure OEM name not associated with the product in any way.
  • Provide source code that is up to date with the currently released firmware version.

By the way, if anyone from Telstra would like to talk to me about this, my email address is gus at this domain name. Although you already have my name, phone numbers (twice), email address (twice) and home address somewhere in your databases – courtesy of my attempts to contact you via customer service channels.