Towards a National Cybersecurity Policy

The US presidential election has made cybersecurity a major focal point for government policy. After numerous serious breaches and denial of service attacks at retailers, banks, media companies, defense contractors, government agencies, telecommunication providers, and Internet service companies, it's about time that we had a serious national response to the threats posed by state-supported and private actors. However, I'm concerned that we could end up in a bad position if we rush to react to perceived threats without careful consideration of the systems and policies we implement and their potential side-effects.

Cybersecurity Basics

Our current approach to cybercrime prevention requires each information system operator to secure their own environment by implementing best practices for threat prevention, detection, and response. These practices include:

• using network encryption (SSL/TLS, VPN, etc.) to ensure all data flowing between the system and its users cannot be intercepted
• using multi-factor authentication to ensure that system access is restricted to authorized users
• implementing strict controls around physical system access and encrypting all data that is stored in the system
• implementing strict procedures for patching known security defects in all device firmware, system software, and application software
• ensuring all systems are properly configured to prevent unauthorized access or data leakage (operating systems, web servers, e-mail systems, database servers, etc.)
• ensuring complete awareness and accountability of all devices and applications in the operator's network, to prevent a rogue device or application from being inserted into the network and leaking proprietary information
• implementing appropriate network security measures (firewalls, IDS, and IPS) to prevent unauthorized data transmissions to or from components in the network
• implementing security information event management (SIEM) to observe all application, system, and network events and detect suspicious events that could indicate illicit activity
• implementing denial-of-service prevention solutions to protect against brute force attacks like the one that took out Dyn on October 21, 2016 and with it many popular Internet services
• regularly inspecting all code developed internally for security weaknesses and immediately patching any defects discovered
• regularly performing third-party penetration tests to verify that cybersecurity defenses are operating as intended
• implementing e-mail and messaging filters to protect employees from exploitation (e.g., spear phishing, social engineering)
• performing routine malware scans on all servers and personal devices
• implementing recurring cybersecurity training for all employees, including specialized classes for software developers and system operators
• implementing an internal cybersecurity management and incident response team with skilled professionals and 24x7 coverage

As you can see, there's a lot of stuff that has to be done, and most of them require ongoing effort and expense. The awful truth is that most companies are not doing these things, and many others are doing them in an incomplete or haphazard manner. And the bad guys know it.

A Big Problem for the Government

Cybersecurity is just as big an issue for our government as it is for the private sector, yet in many ways the government is even less capable. The breach at the Office of Personnel Management, which resulted in the loss of over 20 million government employee records with extremely detailed personal background information, could have been prevented if the agency required two-factor authentication, but they didn't. It went on for over a year, but it wasn't detected because they didn't have an effective SIEM platform in place. It's also been widely reported that Chinese hackers stole large amounts of data from the F-22, F-35, and C-17 programs at the Department of Defense.

I believe – or should I say hope – that some government systems have better security in place, but the complexity of systems and networks, and the constant evolution they experience, means that the probability is high that access to even the most sensitive information can be gained through unexpected and potentially unguarded pathways.

Even our political system is under threat. The 2016 election cycle started and ended with the drama over Hillary Clinton's private e-mail server and its potential implications for national security. As if to underscore this issue, thousands of internal e-mail messages were stolen from computers at the DNC as well as the Google e-mail account of Clinton's campaign manager John Podesta. The DNC breach was carried out by malware installed on their computers, and the Podesta hack was a straightforward spear phishing attack that convinced him to give his Google mail credentials to the hackers. If the DNC had mail filtering and malware detection systems and if Podesta had enabled two-factor authentication, both attacks would have been thwarted.

A National Cybersecurity Policy?

The incoming administration has proposed a national cybersecurity task force to determine appropriate policies and actions for defending our nation's information systems. What might this entail?

First, there might be a set of regulations which require companies and government agencies operating vital information systems to implement a specific minimum set of cybersecurity capabilities from the list above. Companies that fail to meet these requirements will be cited and must comply within a given period of time or face stiff financial or other penalties. This will require a national cybersecurity enforcement agency that will perform inspections and penetration tests, and deliver warnings and citations to organizations that fail to comply with the law. There is legal precedent for this; consider that Ford can't sell a car in the US unless it has airbags and seat belts, so why should a bank be able to launch an online banking system without the capabilities required to protect its customers' identities and accounts?

Second, there might be a national cybersecurity monitoring function observing all network traffic passing over major internetwork links, especially those traversing our national border. In this way, unusual or suspicious traffic patterns can be detected; e.g., OPM data being sent to China, a major bank's computers being accessed from a TOR node, or a large data dump from a US telecom provider's network to a server in Romania. This would then let the potential targets be informed, hopefully before too much damage is done.

Third, there might be a traffic management function to block or interrupt network traffic if it is deemed suspicious or harmful. This would amount to a national firewall, where all US network operators are required to deploy secure border gateways with traffic inspection and control software and allow control of those devices by some national cybersecurity agency. This mechanism might be able to prevent large volume data theft and block large-scale DDoS attacks.

Fourth, there might be a set of regulations which require manufacturers of networked devices to meet a minimum set of cybersecurity requirements. Consider that a lot of the hacking going on today is enabled by things like home routers and webcams with known vulnerabilities that have been compromised by malicious actors and are being used to penetrate internal company networks or launch large-scale denial of service attacks. Companies might have to demonstrate compliance before their devices are allowed to be sold in the USA, so this would give them a massive incentive to get it right.

Finally, I believe the task force will propose a single agency to implement and enforce these policies. This will close the gaps that exist today across Homeland Security, Commerce, Justice, Defense and other federal agencies that each cover a part of the national cybersecurity landscape.

What Could Go Wrong?

Any policy decision will have negative impacts as well as positive ones, but this set of policies could have huge implications for our government, our citizens, and our businesses.

First, a new set of complex regulations and compliance enforcement policies will create a large cost burden on businesses and taxpayers; the former to comply with regulations, the latter to fund the personnel and systems required to enforce the policies. You might argue that businesses should be in compliance in any event, but having to prove compliance to the government will create expenses beyond the internal implementation cost.

Second, a global traffic observation system will be costly and may raise significant privacy concerns. Will the government be watching every movie you download from a foreign server, or reading every e-mail you send to international friends and co-workers? Beyond this, it will create costs for network operators and will require people and systems that will perform the monitoring and alerting functions.

Third, a global traffic management system will potentially threaten valid traffic between networks and could allow the government to intentionally cut off Internet traffic to any or all other countries, so this is a serious threat to our freedom. If your personal or corporate communication was blocked, and this communication was valid, what would you have to do to get it un-blocked? What rights would you have to freely send and receive data, and what obligations would the government have to protect those rights and not infringe upon them?

Fourth, requiring devices to be inspected by the government prior to being sold will create delays in time to market and additional expenses that smaller companies might not be able to bear. This will advantage large companies with established revenue streams and more human resources, and thus will probably retard innovation.

Finally, a new large and powerful bureaucratic organization will also create new problems. It will have to be funded and staffed, initially. After a while, as all bureaucracies do, it will attempt to solidify and expand its position in society by increasing its authority and budgetary requirements. It will create friction with existing bureaucracies which will result in wasted energy within the government, and potential fallout to the citizens and businesses as they try to decipher and navigate the new requirements. Consider the impacts encountered when businesses and individuals were trying to understand the impact of complying with the Affordable Care Act when it was introduced.

Summary

At the end of the day, I believe we need to have some kind of national cybersecurity policy defined and implemented. Whatever we do, it will be complex, expensive, and impactful. Additionally, it will create risks to our freedoms that will have to be carefully checked and managed. However, continuing along our current path will clearly incur greater threats in the future – we simply have too much at stake to allow continued exposure and exploitation of our governmental and commercial information systems.

The SpaceX Plan to Colonize Mars

At this week's International Astronautical Congress, SpaceX CEO Elon Musk outlined a bold and well thought out approach for the colonization of Mars based on three key principles:

1. Reusing all system components to minimize costs
2. Fueling outbound transports in orbit to maximize payload capacity
3. Enabling fuel production on Mars to eliminate the need to carry return fuel

Reusable booster rockets will carry interplanetary transport vehicles and fuel tankers into Earth orbit and return to land back at the launch site. These massive boosters, powered by 42 of SpaceX's new Raptor engines, have four times the payload capacity of the Saturn V moon rocket. Reusing these boosters not only cuts cost, but drastically reduces the time required to deliver additional payloads.

The transport vehicles will carry people and cargo back and forth between Earth and Mars, and the tankers will be used to fuel the transports in Earth orbit. This approach will allow the transports to be launched without fuel on board, maximizing the amount of people and supplies each ship can carry to Mars.

The transport ship and tanker will be based on the same fuselage design to keep costs to a minimum. Both of these ships can return to Earth using aerobraking and propulsive landing capability so they can be reused on subsequent missions, another key factor in managing costs. The transport ship will also be capable of landing on Mars and launching from there back to Earth. Since Mars' gravity is only 38% of Earth's, the transports will not require a booster rocket to return home.

In order to get back to Earth, fuel must be produced on Mars. To enable this, the Raptor engine runs on methane and oxygen, both of which can be produced on Mars using the carbon dioxide that makes up most of the atmosphere and the water ice that can be found on and under the ground. Power generated by solar panels or nuclear reactors can be used to melt the ice and split the hydrogen from the oxygen via electrolysis. Some of the oxygen can be used for rocket oxidizer, and the rest can be used for life support. The hydrogen can then be combined with the carbon dioxide in a reaction to create methane rocket fuel and water for life support.

Musk's plan is based on the (approximately) 2-year cycles of Earth-Mars orbital alignment when getting to Mars will only take 90 to 120 days. He envisions a fleet of transports that will gather in Earth orbit and all leave for Mars together at these times. This will allow large amounts or cargo and large numbers of colonists to arrive at once, increasing the odds of survival for the colonists since the loss of any one ship will have less overall impact on the mission.

All of this sounds amazing, yet what makes it plausible is that SpaceX is already a successful, fully-integrated space systems provider, and they have already developed many of the technologies required for this plan to succeed. However, there are still some major obstacles to clear:

• SpaceX will need a lot of additional cash to complete this plan. Musk was clear that he will need funding help from both the private and public sector to get the system built.
• The booster and transport/tanker vehicles are still being designed, and there are major technical challenges to be worked out along the way. For example, the design calls for composite fuel tanks to keep weight down, but it may be difficult to make this material work at this scale and with the temperatures and pressures required as Lockheed learned during their failed attempt to build the SSTO Venture Star space transport back in 2001.
• How the colonists will be housed, fed, and protected from radiation on the long journey to Mars is still being worked out. Musk believes the radiation risk is small and can be mitigated by keeping the ship pointed away from the sun during the transit, using the engine, fuel tanks, water stores, and cargo to shield the passengers.
• How the proper landing sites will be selected and prepared prior to the first colonists' arrival is still to be determined. Building enough habitat for hundreds or thousands of colonists is a large task, and making sure that fuel production and food production facilities are already in place is critical to success. If you land too far from the ice, or if one of the transports crashes on the fuel factory, the mission is doomed.
• Exactly how the colony will be sustained in terms of food, water, air, and housing is still not clear. We'll need to figure out how to build and maintain airtight and radiation-proof structures using as much local material as possible. We'll also need to learn how to grow food on Mars.
• Having a lot of people on Mars will require some form of local government. Just like on Earth, there will be disagreements, crimes, and other problems between people that will have to be dealt with. You will need police, courts, and jails.
• Since there will be men and women, there will be babies. Education facilities will be required at some point.
• What will be the basis of the colonists' economy? Will they be employees of SpaceX? Will they get (or even need) a salary? Will there be taxes? How will goods and services be equitably distributed?

Musk indicated a belief that building a self-sustaining colony on Mars would be a 40 to 100 year process, and he plans to start sending the first ships by 2018. These would initially be the smaller unmanned Dragon capsules, followed by the large colonial transports in 2023. Assuming he can get the funding, given the estimated costs and life expectancy of the various ships, he believes he can deliver people and cargo to Mars for less than $140,000 per ton. This is an amazing achievement when compared to the cost of current approaches for interplanetary travel.

Finally, we should consider the human element of this endeavor. Life on Mars will be difficult, the work will be hard, and the risk of death will be omnipresent. In many ways, the Martian colonists will be like those who left Europe for the New World in the 17th century. Many will die in shipwrecks, from work accidents, from illnesses, and other things that we don't often concern ourselves with in the developed world. On top of all that they will have to live in an enclosed habitat all the time; going outside will require a space suit. Given this, will people even want to go to Mars? If they go will they want to stay? What will be their motivation? Musk's goal of making humanity a multi-planet species is admirable, but previous colonization events have been driven by people's internal desires to find a better life for themselves and their family. Will Mars hold this kind of promise for enough people to create a viable community, or will it end up as just another lonely outpost for a few dedicated explorers and scientists? Only time will tell, and I look forward to seeing how this develops over the next few years.

Sour Apples: iPhone 7 Disappoints

The new iPhone 7 is a disappointment, not for what it is but for what it could have been.

Let me explain.

On Wednesday, Apple announced their new hardware, specifically updated watches and phones. There was a lot of anticipation in advance of the event, with intense speculation that Apple would remove the analog headphone jack from the phone.

The headphone jack is certainly gone from the iPhone 7. However, what's also missing is any real innovation. There are many small refinements including better cameras, improved CPU performance, improved wireless network performance, and improved battery life, but these are things most consumers take for granted in annual tech refresh cycles. Other changes like new case colors, stereo speakers, and the new home button design seem more focused on style than substance.

The headphone jack removal is very polarizing for Apple consumers, because it interferes with common usage patterns that have persisted for almost a decade. Many people listen and recharge at the same time, and now you'll need an extra dongle for that. Many people plug their phones into their cars and other audio gear using the headphone jack, and now you'll need an extra dongle for that, too. And did we mention that this dongle doesn't offer another Lightning port for charging? So if you don't have Bluetooth audio in your car, forget about playing your tunes and arriving with a fully-charged phone.

Why didn't Apple add wireless charging? This is a feature found on many high-end Android phones and the Apple Watch. It would have nullified the complaint that with the new iPhone people can't simultaneously charge their phone and listen to music or make phone calls. It would have eliminated the need for a 'charge and listen' dongle that people don't want to carry around with them since they already have to carry a charger and/or they have one on their desk or nightstand. The option to use Bluetooth headphones is there, but these also have limitations mostly in the form of battery life; I have been on many conference calls that exceed the 4-hour capability of Apple's new AirPods, so would I have to buy two sets of them just in case they conked out mid-call?

Why didn't Apple introduce an OLED screen? This offers better contrast and lower power consumption than LCD, and has also been a feature on higher-end Android competitors for years. Because it doesn't required a backlight panel, it would have let the iPhone get even thinner or the extra space could have been used to increase battery capacity.

Finally, why didn't Apple ditch the Lightning jack altogether and introduce WiGig capability? This super fast 60GHz radio would have let the iPhone support HD and UHD video to desktop monitors and big screen TVs. It would have also allowed the device be totally sealed against dirt and water with no external connectors. More than that, it would have allowed the iPhone to become a single device that could use multiple screens and peripherals to serve as a phone, tablet, desktop, and entertainment device. Imagine pairing your iPhone with a wireless game controller and big screen TV to play video games in high-definition, or pairing it a desktop monitor, keyboard, and trackpad to use office applications and browse the web.

These are the kinds of changes Apple's customers are looking for, but at this point we can only hope for next year. Unfortunately for Apple, the Android platform is more competitive than ever. The recently released and highly-polished Nougat OS and new high-end devices from Samsung and other manufacturers are appealing even to Apple die hards. It seems like Apple's visionary image is tarnishing, and they are transforming into just another mega company trying to protect margins on existing products instead of taking bold risks on new capabilities that drive the industry forward.

p.s.: I didn't even mention that there was not a single announcement related to their personal computer business, even though the Mac lineup has not seen a major change in several years. I'm writing this on a three-year-old Macbook Air, and Apple doesn't have a single product that is compelling me to upgrade. I'll probably write about this in a future article.

Three Wishes for the iPhone 7

There's no doubt that the iPhone is one of the most popular consumer devices ever made, but to some extent it may be a victim of its own success. We now have all the screen sizes we need, from 4 inches to 5.5 inches, and all of them have pixels so small that adding more won't make the image any sharper to the human eye. The processors are fast enough for any application you might want to run, and the cellular, Wi-Fi, and Bluetooth radios deliver enough connectivity options and bandwidth. All iPhone models have fingerprint recognition and Apple Pay capability, and battery capacity is good enough for most people to get through their entire day without concern.

So what new features can Apple put into the next iteration of the iPhone to keep the platform fresh and compel current users to upgrade? Certainly another bump in processor speed or memory capacity isn't going to be very interesting, although it is probably inevitable. If I could ask for three enhancements, these are what they would be.

Wish #1: WiGig

Apple should add a new radio capability to the iPhone 7 called WiGig. Also known as 802.11ad, this technology uses the 60 GHz frequency band to transmit data at up to 7Gb/s. It won't replace your LTE or Wi-Fi connection, because these high frequency signals can't pass through walls, but it will provide several valuable capabilities.

The most immediately useful of these is the ability to watch movies streamed right from your phone to your TV in full fidelity with no messy cables or adapters. Imagine, taking your iPhone into the family room, opening up the Netflix app, and playing a 4K movie to your big screen TV without juggling remote controls. Then imagine going over to a friend's house and watching that same movie on his TV. You can try this today with AirPlay over Wi-Fi, but the video may be choppy and 4K resolution is not supported so it's 1080P at best. This might be the set top box killer we've all been waiting for.

It will also allow video games to display on the TV while using the iPhone as a controller. As an option, a Bluetooth game controller can be coupled to the iPhone to allow a more conventional game console experience where the iPhone replaces the console completely.

WiGig can allow the iPhone to drive a tablet display when you need more screen real estate; for example, while reading a magazine or book. The user can interact with the tablet while their iPhone is sitting on their desk or nestled in their pocket. Apple could create a 'dumbed down' version of the iPad for this, or just add this capability into new iPads.

Finally, and perhaps most importantly, it will allow the iPhone to be used with a high-resolution desktop monitor. When coupled with a Bluetooth mouse and keyboard, this could allow your iPhone to be your only computer. Apps could be extended to support a mouse, just as they have been extended to support a pencil on the iPad Pro. You would never have to sync your iPhone with your PC because all of the data would stay on the iPhone. Imagine traveling without a laptop computer, just using available WiGig terminals in hotels, offices, and other workspaces when you need a more traditional PC interface.

Wish #2: Visual Unlock

While the fingerprint reader has been a useful addition to the iPhone, I think we all have experienced the frustration of it not working from time to time, as well as the awkwardness of using it when your hands are full, dirty, covered in gloves, or just not conveniently positioned.

Apple should use the front-facing camera to enable the iPhone to be unlocked visually, by examining your facial features and getting enough of a sample with small movements and eye blinks to know that it's not being fed a static image.

Wish #3: Remove the Connectors

It's time to eliminate the anachronism of electrical sockets. The iPhone's Lightning connector and the 3.5mm audio jack should be removed, because there's just no need for them anymore.

Getting rid of these metal sockets will allow more freedom in physical design and, with minor changes to cover the volume, mute, sleep, and home buttons, allow the phone to survive serious encounters with water and dirt. Imagine not worrying about taking your iPhone to the beach or pool. Imagine being able to clean your phone by sticking it under running water.

The audio jack is made redundant by Bluetooth. I'm sure this will make some audiophiles choke, but for the vast majority of people Bluetooth is a better option because it is free of cables and provides comparable audio quality at the range of a normal headphone cable.

The Lightning connector can be eliminated by adding inductive charging to the iPhone; just lay the phone on top of a charger to top up the battery. Besides charging, the only other reason for Lightning is fast data transfer, but WiGig has that covered.

I'm sure this suggestion will elicit gasps from those who believe that this will upset users with legacy Lightning devices, but it's easy to imagine a WiGig to Lightning/USB adapter that can keep them out of the scrap heap.

Wrapping Up

It's time for some serious innovation in the iPhone family, and at this point that means Apple needs some extreme focus on key features that will really make these devices better and more useful for the majority of their customer base.

Distracted Driving: Let's Slay the Monster We Created

Almost every day we see it: Someone in one of the cars around you moving down the road at high speed with their attention focused on their smartphone instead of the traffic around them. It's a global phenomenon, and there's no sign of it decreasing in frequency despite all the laws against it. According to distraction.gov, the official US government website for distracted driving, 3,179 people were killed and 431,000 were injured in motor vehicle crashes involving distracted drivers in the USA during 2014. The World Health Organization predicts that by 2030, road traffic injuries will be the fifth leading cause of death globally, surpassing AIDS, diabetes, violence, and all forms of cancer. Yet with all that carnage, the site goes on to say: "The best way to end distracted driving is to educate all Americans about the danger it poses."

As a technologist, this is appalling to me. This problem exists because of the smartphone and mobile network technology we have created, and has grown because of the improvements we have made to that technology specifically so that all of us can be connected at all times, everywhere. Yet our best solution is to try to convince people that they shouldn't do the very thing that the technology was designed to enable!

I can't accept that, and I think we need to devise and implement technological solutions for this technological problem. Certainly people can and will continue to eat, drink, groom themselves, and engage in other distracting activities while driving, but I think we all agree that very few of these have the same distractive capacity as messages and other notifications that are actively pushed to your device at random times during the day causing it to flash, shake, and make all kinds of noises to get your attention.

The solution seems obvious: Simply stop the driver's phone from creating or allowing distractions while the vehicle is moving. Unfortunately, a logical examination of that approach leads to another set of problems that are not easily addressed:

• How do you know that the user is driving and not just a passenger in a car, bus, or train?
• What applications are allowed? Should the driver be able to have a voice conversation over Bluetooth? Should they be able to have a voice interaction with Siri, Alexa, or Cortana? What about Google Maps? Pandora radio? How do you allow some interactions and prevent others?
• How do you disable the driver's phone yet allow the passengers' phones to continue normal operation? People have multiple cars, multiple devices, and people also rent and share cars, so this is not straightforward.
• How do you deal with people who actively try to bypass or override the control mechanisms?

This used to be a problem related solely to text messaging, and perhaps could have been addressed through controlling SMS delivery in the mobile operator networks, but now it's about mobile applications over the Internet. Since you cannot disable Internet service without making the device completely useless, the solution must lie with the device manufacturers and the automobile manufacturers. I don't know what the answer is, but I believe it will involve a few specific technological components. 

First, every mobile device must be able to transition into a Driver Mode that limits its capabilities. For example, screen input may be disabled and only voice interaction permitted. Applications will have to be qualified to operate in this mode, and if not they will be disabled by the device operating system.

Second, every automobile must be able to provide information to the device that would allow it to engage and disengage Driver Mode at appropriate times, such as when the car is put into or taken out of a drive gear, or when the car is in motion or stopped.

The automobile could also assist or take over engagement with the driver in more intelligent ways, perhaps via technologies such as Apple's CarPlay or Google's Android Auto. It's certainly better to present visual information on the car's dashboard or infotainment display than require the driver to look at their phone's screen, and it's also better to present audio information over the car's speakers than those on the phone. In today's world where every smartphone can use Bluetooth and screen sharing, this should not be a big leap.

Finally, there will have to be some solution for dealing with multiple devices in the car. One approach may be to have each device's location precisely analyzed to determine which one is nearest the driver's position. Another may be for the car to detect all devices and force one to be placed into Driver Mode with the notion that passengers would object to having their phone disabled by the driver.

There are a few technical solutions available now, such as CellControl, but these are mainly for teen drivers and require parents to install and configure hardware in the car and applications on their child's phone. Most adults would never voluntarily install this kind of control, and could choose to opt out of it whenever they wanted. 

I think this problem is serious enough that phone and car manufacturers should get together and agree to a solution that works, and ensure that the technology is standardized, documented, and freely licensed. A subset of drivers will try to circumvent the solution, but the majority of drivers will probably appreciate the improved interaction and integration between their phones and cars and never look back.

If you have any thoughts on this important problem, please share them!

2010 MacBook Air: Lose weight, and nothing else

Now that I've had a few weeks (with one slight interruption) to get to work with the MacBook Air, I thought I'd share my findings.

I bought the top-end 13" Air with the intent of replacing my early-2008 15" MacBook Pro as my sole personal computer at home and work. Here are the specs:

• Pro: 2.6Ghz Core2 Duo, 4GB RAM, GeForce 8600M GPU, 7200RPM HDD
• Air: 2.13GHz Core2 Duo, 4GB RAM, GeForce 320M GPU, 256GB SSD
  

One of my biggest concerns was performance — I wondered if the Air could live up to the level of the Pro. Here's what I found out:

The screen is physically smaller, but the resolution is the same (1440x900) so the actual real estate is unchanged. The GPU is comparable, and both 2D and 3D graphics are snappy. The mini display port interface on the Air is superior to the DVI port on the Pro since it can support higher resolution displays and can carry both audio and video.

The CPU is slightly slower but the memory is faster; the new Air has a 1066MHz bus compared to the 800 MHz bus on my '08 Pro. So far this more than makes up for the CPU speed reduction in my estimation; response time in all applications (even graphically-intensive apps like iPhoto) seems to be the same or better.

There's no comparing disk performance — the Air blows the Pro away due to its use of solid state drive technology. Since the Air doesn't contain a 'disk' at all, but instead stores all of its data in memory chips, the access time for reading files is lightning fast and writing files is also faster. Even better, the Air has a 56GB storage advantage over the 200GB drive in the Pro.

The Air's audio is better, with a new under-keyboard speaker system that sounds fuller and less tinny than the speakers on the Pro.

The battery on the Air is delivering about 6-8 hours of normal use. This is double the amount of time I would get on the Pro.

At 2.9 pounds, the Air is 2.5 pounds lighter than the Pro. Considering the Air's smaller power adapter, the total carry package is about 50% lighter.

Peripheral connectivity options favor the Pro but, with two USB ports and a built-in SD card slot, the Air is more than adequate. However, the lack of a FireWire port on the Air may be a problem for cinematographers.

So, all in all:

• computation and graphics capability are about the same
• audio is a little better
  
• data storage and retrieval is much better
• battery performance is twice as good
• carry weight is halved
• lacking a FireWire port (not an issue for me)

At $1799, the Air turned out to be a good value for me and I've totally transitioned to it as my only personal computer.

Customer Service: One Reason Why Apple is Awesome

Last weekend I bought a new MacBook Air. Rationally, I did it because I wanted to reduce the weight of my travel bag; actually, I did it because it looks cool and I wanted a notebook with solid state storage.

After spending a day with it and getting it all set up for my office and home networks, installing software, and copying files from my older MacBook Pro, I decided to take it in to the office. As I was walking from my car into the building, the strap on my bag somehow unfastened and the bag and all its contents (the new Air and also my iPad) crashed onto the concrete floor.

I unzipped the bag to look inside; the iPad seemed OK, but the Air had a big dent in the corner of the case. Opening it revealed damage to both the top lid that contains the display and the bottom that contains the keyboard and logic board. Miraculously, the thing still worked and there was no damage to the screen. I probably could have lived with it, but the bent metal was keeping the top from closing completely on that side and I was afraid that the display would eventually get damaged from flexing.

So I made an appointment with the Apple Genius Bar at my local Apple Store in Tampa, and took the machine in. I was expecting that the lid and bottom case would have to be replaced and that it would cost me a fair amount of money.

The employee there looked at it, confirmed my view of what had to be replaced, and said that they would fix it — for free!

I was floored. I know that it is going to cost them at least a few hundred dollars in time and materials for this repair. In addition to this, they thought it would take 5 days to get the parts since the machine was so new, but three days later they completed the repair.

So now I'm on the way to pick up the computer and definitely thinking that I am going to be a loyal Apple customer for a long time. Way to go, Apple!