Orange's response to bugs + digital signatures - Your say!

[Guest rik007]

Comon on! You all sound surprised.... ITS MICROSOFT! How else would expect an MS phone to behave? Slow? Buggy? Well... TBH, YES! Thats exactly the problem, the p800 I hope will be a dream, im returning my SPV after a total of 3 days ownership [i TRIED to give it a chance!] :cry:

[Guest Rob.P]

You know the software for this phone will get there eventually, it only took them nigh on 5 years to get to XP and that is by far the most stable half decent OS they have produced.

So give it another 5 years and I'm sure smartphone XP will be as just as good :D

[Guest joelj]

Xanadu? HAH! Bet that's a reference not to the poem my Samule Coleridge-Taylor, but rather to the song by Olivia Newton-John!

Just think a moment....do you want an SPV or a baby's rattle ?

Am I the only one here who finds that comment just a little bit insulting?

Personally, I'd like a device that works properly and is open enough that freeware is available on it. I want the device to be both a mobile phone and PDA supplied by my mobile telco so that operation is seamless. It also has to be in a the familiar form factor of a mobile phone and not a PDA/housebrick size. Many people on this website have already stated they would quite hapily have paid more for the product if it wouild have meant fewer bugs and more developer support.

Don't you see? The price is neither here nor there. This unit is the only PocketPC based phone on the market right now. If they're all going to be like the SPV (and if the SPV doesn't change) then the platform is doomed to mediocrity. Which would be a damn shame.

Your argument appears to be "hey, you guys paid bugger all for it, now shut the fsck up!". Well, we're all paying a big price for this. And I'm not just talking the 12 month tie in and the line rental. The price appears to be the opportunity cost of a decent Smartphone 2002 implementation.

Just think a moment... are you going to make a useful contribution to this board, or are you going to incite 905 otherwise rational MoDaCo forum members to lynch you?

:evil:

grr.

joel

[Guest chewie]

Correct me if i am wrong, but wouldnt it be just as easy to create malicious code to run on the Nokia 7650?

I ask because there is no certification needed for that phone. I know it isnt an orange branded phone, but orange seem to keep spouting off that this certification is for the safety of the network!

[Guest d80tb7]

Regarding letting unsigned apps run on phones, just think about this from Orange's point of view.

While most people on this forum would no doubt be careful as to what apps they would run this really isn't going to be the case for the general public. Do you really think that the person on the street is going to understand that a phone can get a virus just as easily as a computer can and even if they did do you think that would stop them running what they want? And then what happens when their phone stopes working, or they get stung on their phone bill because their phone called some premium rate number for 15 hours? Do they chastise themselves for being so careless as to run trojan.bat. Do they hell, instead they get themselves on the phone to Orange customer services and start complaining.

Now it doesn't matter whether they've already signed something to say they have no legal right to complain because Orange offer free customer service so the very fact that they are ringing means they are costing Orange money. As some of them are important customers its going to be pretty likely that Orange will not want to annoy them and so they will doubtless be placated even though they are in the wrong.

Ok you could have some sort of registered developer program for a nominal cost, however.

1. If someone really wants to write a virus they will find a way around whatever safeguards you put in place.

2. If all this is done for a nominal cost then who is going to pay for the investigation and consequences of any attack. Tracking someone down and bringing a prosecution against them isn't going to be the easiest thing to do even if you do have an address for them and just think that a successful attack against the Orange network is going to cost far more than they could ever hope to get back by suing an individual.

Yes the certification thing is annoying, yes they are not being consistant by applying similar safeguards to all products but you have to admit that if you were them then you would be doing similar.

[Guest Cent]

I totally agree with you. They would have to protect themselfes and this is the way to do it. Good answer. Now answer this:

Why charge so much ?

Why make it so hard to obtain certification ?

Why make it take a week (unacceptable for bugfixes) ?

How is a developer meant to test his/her products without this all being sorted out ? How do you test during development in the first place ?

Why ask for money for every patch that is submitted too ?

Why do other phone vendors not have the same problems with lets say the O2 XDA or the HP Jornada 928 ? Those phones have been out a whole lot longer.

... they will find a way around whatever safeguards you put in place ...

I really, really hope so. And good luck with those answers :D And I do agree about the protection. Just there are other ways.

[Guest DJHope]

Totally agree with cent on that one i really do think they could have gone about this differently, i dont understand why they didnt think this would be a problem! Somethings definately up for them to have to release a phone and then come up with a contingency plan to certification for a janurary release! Personally i think the hackers will have got their first, i already herd on this forum about creating a "bootdisc and firmware loader" with ya MMC card, now i imagine (could be wrong here) if someone has an unlocked SPV if they dump their bootdisc/firmware and give it to everyone else i wonder if that would screw over application signing. However most people with unlocked SPV's are devlopers and hence its more than their jobs worth but i bet theirs someone out their who would be willing to do it!

[Guest d80tb7]

ok, here goes.

why charge so much?

I don't know how much they are charging (i've seen suggestions from £300 to £3000) but I imagine that its high to discourage individuals writing freeware/shareware while still allowing commercial software to be produced. This might seem like a bad state of affairs but imagine the logistical difficulties of tracking and diagnosing buggy software produced by individuals (malicious code aside people are still going to ring customer services if they install something and it causes their phone to hang). Admittedly companies are not immune from producing faulty software but at least they are usually easier to contact, more likely to be receptive to potential problems and have the incentive that if their programs are bad then they go out of business.

Why make it so hard to obtain certification ?

Why make it take a week (unacceptable for bugfixes) ?

Why ask for money for every patch that is submitted too ?

these do all seem a bit less than ideal. Hopefully the situation will get a bit better once process is better understood.

How is a developer meant to test his/her products without this all being sorted out ? How do you test during development in the first place ?

I'm not a developer so I'm not qualified to answer this question. I imagine that you get hold of the The Pocket PC 2002 SDK and try and write an application good enough to make money after certification costs.

Why do other phone vendors not have the same problems with lets say the O2 XDA or the HP Jornada 928 ? Those phones have been out a whole lot longer.

Well for a start these phones are not mass market devices in the same way that SPV is. I imagine that a lot of these are sold to businesses who have strict rules on what software can be installed and that anyone who actually installs software on them is quite technically minded anyway.

Finally they are quite obviously PDA's and I think people are far more tolerant of their PDA needing a hard reset than their phone.

Actually the idea of someone cracking the certification probably isn't that bad a thing. It means that a small percentage of people (and not the ones that are going to bother Orange every 5 minutes) will be able to run whatever software they want, while the general public will be reletively safe.

I totally agree with you. They would have to protect themselfes and this is the way to do it.  Good answer. Now answer this:

Why charge so much ?  

I really, really hope so. And good luck with those answers :D And I do agree about the protection. Just there are other ways.

[Guest d80tb7]

ok, here goes.

why charge so much?

I don't know how much they are charging (i've seen suggestions from £300 to £3000) but I imagine that its high to discourage individuals writing freeware/shareware while still allowing commercial software to be produced. This might seem like a bad state of affairs but imagine the logistical difficulties of tracking and diagnosing buggy software produced by individuals (malicious code aside people are still going to ring customer services if they install something and it causes their phone to hang). Admittedly companies are not immune from producing faulty software but at least they are usually easier to contact, more likely to be receptive to potential problems and have the incentive that if their programs are bad then they go out of business.

Why make it so hard to obtain certification ?

Why make it take a week (unacceptable for bugfixes) ?

Why ask for money for every patch that is submitted too ?

these do all seem a bit less than ideal. Hopefully the situation will get a bit better once process is better understood.

How is a developer meant to test his/her products without this all being sorted out ? How do you test during development in the first place ?

I'm not a developer so I'm not qualified to answer this question. I imagine that you get hold of the The Pocket PC 2002 SDK and try and write an application good enough to make money after certification costs.

Why do other phone vendors not have the same problems with lets say the O2 XDA or the HP Jornada 928 ? Those phones have been out a whole lot longer.

Well for a start these phones are not mass market devices in the same way that SPV is. I imagine that a lot of these are sold to businesses who have strict rules on what software can be installed and that anyone who actually installs software on them is quite technically minded anyway.

Finally they are quite obviously PDA's and I think people are far more tolerant of their PDA needing a hard reset than their phone.

Actually the idea of someone cracking the certification probably isn't that bad a thing. It means that a small percentage of people (and not the ones that are going to bother Orange every 5 minutes) will be able to run whatever software they want, while the general public will be reletively safe.

[Guest DJHope]

Funny that microsoft and orange have previously mentioned doom running their becasue correct me if im wrong but surely doom mods CANNOT be made for profit as with the id software EULA. I rekon the fact that the 7650 runs doom is really a finger up at orange and microsoft.

[Guest spacemonkey]

Actually the idea of someone cracking the certification probably isn't that bad a thing.  It means that a small percentage of people (and not the ones that are going to bother Orange every 5 minutes) will be able to run whatever software they want, while the general public will be reletively safe.

I quite agree. The only issue is that Orange / M$ will come out after a crack becomes available and go down the path of "there's a bunch of filthy criminals stealing from us" similar to the RIAA and Movie Industry.

Again not a big issue becuase most of us will happily ignore that. From a getting software available point of view though another vendor providing a Stinger phone without the tight certificate control would be a huge help as it would be difficult for developers to claim legitamacy if the only user base they had was hacked phones.