Unfortunately, there seemed to be a problem with the new security feature: it wasn't working...or at least, so it seemed. As it turns out, the problem was that users weren't informed as to how to properly activate the anti-phishing protection, an issue that points to a poor implementation of what could and should have been a major breakthrough in mobile computing technology.

Although Apple touted the anti-phishing protection back in March when they announced their 3.0 update, the new feature didn't actually materialize until this month when the company released the OS 3.1 iPhone/iPod Touch software. According to Apple, the anti-phishing protection feature will display an on-screen warning message when you attempt to visit a known malicious website.

Once the update was released, security researchers and other Apple enthusiasts began testing the new technology. The results were immediately disappointing. "I've not been able to get it to block anything," Michael Sutton, vice president of research at security firm Zscaler was quoted as saying. He had been testing the feature using known phishing websites identified by the anti-phishing database hosted at PhishTank. The Mac Security Blog also found after extensive testing that it simply "does not seem to work." MacWorld, however, found that the feature worked sometimes, but the inconsistency hinted that the technology was not "ready for public consumption," they reported.

What gives? Did Apple really release a broken feature? Were they even aware of the problem? Blogger Jim Dalrymple of The Loop decided to go straight to the source: he asked Apple.

Apple Says "You're Doing it Wrong"

Apparently, this was not a case of the anti-phishing technology being broken. It was a case of everyone simply "doing it wrong." As it turns out, in order for Safari's anti-phishing database to update, there are a few particular steps that need to be followed, explained an Apple spokesperson. After updating the phone to the OS 3.1 update, users need to do the following:

1. Launch the Safari web browser.
2. Connect to a Wi-Fi network.
3. Charge the iPhone with the screen off.

The spokesperson added that for "most users" this process should happen automatically when they charge their phone. We would have to disagree. "Most users" don't launch the Safari browser prior to charging their device - if anything, they close down any open applications before plugging in the phone to charge.

Poorly Implemented, Poorly Explained

If you follow the above steps, the feature will work. However, most users will never know to do this unless they happen to closely follow technology news and blogs. The general mainstream population - the very demographic Apple so craftily attracts via their billion dollar marketing campaigns - expects things to "just work." That is the Apple promise, after all.

Yet even on Apple's own website where they detail the various new features in the OS 3.1 update, there is no mention as to how the anti-phishing protection should be utilized. It simply lists that the feature exists. A helpful link to a "how to" guide would seem appropriate here or, at the very least, a footnote.

Having to perform the somewhat unintuitive steps to get the anti-phishing protection feature to function properly seems like an unusual miss for a company who generally makes things simple and straightforward. Why does it need Wi-Fi, for example? Apple claims that the Wi-Fi connectivity is required so as not to incur any additional data fees for the end user. But launching the browser? We almost wonder if it wouldn't have made better sense for Apple to implement the feature in the new iTunes update instead. The desktop software could retrieve the updated anti-phishing database from the internet upon launch and could then sync it to the iPhone or iPod Touch the next time it was plugged in. That would also alleviate another common problem with the current implementation - if the phone isn't plugged in long enough, the update won't complete and users will only be partially protected. On the other hand, the inclusion of the database via a sync would have ensured that all the data was copied over to the phone.

In the end, though, Graham Cluley, a senior technology consultant at Sophos, reminds us that maybe we shouldn't be too hard on Apple. "Many other smartphones don't offer even the most elementary form of anti-phishing protection to their users," he says. That may be true but, unfortunately, the way Apple chose to deliver their anti-phishing protection feature means that most iPhone users won't be protected either.

But recently, we've begun to question AIR's longevity. Now don't get us wrong - many of our favorite apps (TweetDeck, Tumbleweed, Yammer, etc.) are built using Adobe AIR. However, there's no reason why these apps couldn't just run in a browser instead...and that might even be a better place for them. 

When we think about AIR apps today, one of the top apps that comes to mind is TweetDeck, the multi-columned Twitter application which includes much sought-after features not built into Twitter.com's own web site such as groups, photo-sharing, and saved searches. Yet despite everything we love about TweetDeck, we wonder why it can't exist simply as an online application. What purpose does running TweetDeck in Adobe AIR serve? It's not AIR's cross-platform abilities - after all, web browsers are the original cross-platform apps -and it's not that AIR is notably faster than an online version either. Probably the only reason for TweetDeck on AIR is that when the app was first built, AIR was the hot new thing. Now that the company has settled on the platform, they're just sticking with it.

Yet on the flip side, another popular Twitter client and originally an AIR-only app has gone the other direction. TweetDeck competitor Seesmic, once solely an Adobe AIR desktop application, is now offering a web-based version. Not only is the online app more than functional, it's also being lauded as "the best Twitter browser interface yet." More importantly, it goes to show that you don't need a desktop application to have a speedy, pretty, and useful app.

Streaming Video: Yeah, We Can Do that Online

Outside of the Twittersphere, other AIR apps on our radar in the past have included video-streaming programs like Adobe Media Player, AOL Top 100 Videos, and the YouTube-streaming DeskTube. Incidentally, today DeskTube is launching a new beta of their application, claiming "performance improvements" that now make their player "netbook-ready."

This immediately got us thinking: why do we need netbook-ready AIR applications? Maybe I don't speak for everyone, but my netbook is currently running XP and the only "app" I've installed is Google Chrome. With this fast, lightweight web browser and its pop-out tabs, desktop apps all of sudden seem so passé.

Besides what does DeskTube do (or any of these video-streaming AIR apps for that matter) that the web cannot? In DeskTube's case, in addition to playing YouTube videos, it includes a search feature, top video lists, a built-in uploader, and it lets you share videos via Twitter and Facebook. All those things can be done via YouTube.com right now, so what's the benefit of AIR?

Is the Future RIAs or Just Better Browsers?

Adobe AIR launched back in February of 2008, a time when browsers seemed either hopelessly out-of-date (IE7) or bloated with a plethora of add-ons (Firefox). We saw these little internet apps that could sit on our desktop connecting us to web services as truly amazing creations. But then in September, Google launched their Chrome browser and nothing has been the same since.

At first, we railed against Chrome's lack of extensions and lack of support for RSS among other things, but after a while (and once we filled up our bookmark bar with add-on like bookmarklets), we got over it. Surprisingly, you can live quite well without loading down your browser with extensions. In fact, the only thing that Chrome desperately needs is a Mac version so our non-PC friends can dump the open-source Chromium and use the real thing.

You see, once you "go Chrome" it's hard to switch back. As much as we fear handing yet another bit of our online life to Google, Chrome is where it's at now. Firefox now seems heavy and so much slower than before. Instead, we're popping out tabs to watch sites like FriendFeed and Twitscoop update in real-time. We're switching from online mode to offline courtesy of Google Gears in our Gmail and Calendar. And we're wondering why on earth we need another AIR app.

Today, AIR almost seems like a stop-gap between the heavy web browsers of the past and the speedy WebKit-powered browsers of the future...browsers like Chrome and whatever else comes next.

However, the problem with Tor and other types of internet anonymizers is that they require a bit of technical know-how in order to implement it...that is, if you even know they exist. That's why what Veiled will offer is so...well...revolutionary. Even the least savvy internet users can use a web browser and that's the only "technical" savvy needed. There is no extra software required.

According to security site Dark Reading, Veiled will connect the user's HTML-5-based web browser to a single PHP file which downloads some JavaScript code into the browser. Pieces of the files are spread among the members of the Veiled darknet, but not through traditional peer-to-peer technology. Instead, Veiled uses a series of repeaters. Senior Security Researcher, Matt Web, in HP's Web Security Research Group says, "it's a file on a web server, but I can also host one on my web site, for example, and we can join those two files together." He goes on to say, "It's very distributed."

He and his fellow researcher, Billy Hoffman, Manager for HP Security Labs at HP Software, have also confirmed that encryption will also be built into the network to allow for secure and anonymous communications.

Although darknets are often used by online criminals to cover their tracks, the researchers would rather focus on the positive aspects of their software, noting that it could be used for secure whistle-blowing and other forms of free speech.

Image credit: flickr user Xeni

In the latest version of the Flock browser, they've integrated Facebook Chat for instant messaging. You can also drag and drop photos, videos, links, and text right into the chat window. The ability to move media around like this is actually one of Flock's best features - no more browsing for files, everything is drag-and-drop in Flock, including posting media to MySpace, Facebook, and Twitter.

Twitter integration in the new version of Flock has also been improved, now providing access to trending topics and allowing you to save search histories.

The final improvement is the new feature called "Flockcast," which lets you broadcast messages to multiple social networks (MySpace, Bebo, Facebook, Twitter) at once. It's sort of like a scaled down version of social network updating tools like Ping.fm or hellotxt.

So, What's Wrong?

On paper, Flock seems like it should be the browser of our dreams. All our favorite social media addictions wrapped up into one shiny package. It's built on top of the Firefox code base, too, allowing our Firefox add-ons to work in Flock - a feature that should make the transition from one browser to the next that much easier.

So what's wrong with Flock? Where are all the users? Allen Stern was recently pondering this same question, suggesting that Flock release some "lite" versions that just include one feature (e.g. Flock with a Twitter panel only). In doing so, Stern says Flock could appeal to a more mainstream audience. He might be right there, but that's really not Flock's goal, it seems.

Instead, Flock reminds us more of FriendFeed in that they want to appeal to only the most addicted of the social media superstars out there. But unlike FriendFeed, which inspires web-loving folks like our own Marshall Kirkpatrick to delve in and discover valuable ways to use the service, Flock sits idly, being ignored by many those same social media lovers. Why?

Too Much of a Good Thing?

Maybe the problem with Flock is that it has tried to include too much social media goodness into its web browsing package. To see what we mean, just look at its competition. Today, the hot new browser on the scene is no longer Firefox, it's Chrome. Yes, Google Chrome, the same web browser that doesn't even support add-ons or RSS! It's simple to the point of being almost broken and yet here it sits as my new default browser. It even has web rockstars like Louis Gray admitting that the OS wars may be over and that the browser is the new OS.

Then look at the apps we turn to instead of Flock. Google Reader, for example - all it does is RSS. Or TweetDeck - all it does is Twitter (well, that and Facebook). The point is, these apps are simple, clean, and well-designed. They're the opposite of the information overload that appears in Flock with all its various panels.

Are we subconsciously rebelling against the web's info overload by turning to simplistic applications such as these (and Chrome)? Or does Flock having a winning formula on their hands but have just yet to master the UI design?

Or is the problem with Flock something else entirely? We're curious as to what you think. Do you use Flock? Do you love it? Do you hate it? Tell us why in the comments.