wm2005 application security

[Guest bretto]

After checking out wm2005 for a while now I like it. One thing of importance is that it appears to be more like the smartphone with regard to application security.

It appears that applications will need to be signed and applications will not be able to be reinstalled without the system uninstalling the first copy then installing the new copy of the software (no upgrading so to speak)

Firstly has anyone researched this?

Does anyone have any user-friendly, readable info on application signing?

Is there a way to stop the system removing previously installed copies of software?

[Guest wolfe]

Hello Bretto,

You seem to be asking two different questions:

(1) What is this Security and Signing under Windows Mobile 5, anyway?

Take a look at the following Article:

A Practical Guide to the Smartphone Application Security and Code Signing Model for Developers

This article gives step-by-step instructions on signing applications, DLLs, and CAB files - as well as information on how to add your own debugging certificates into your test handsets.

However, when it comes time to ship your application, you will face a huge minefield in terms of what certificates (if any) you will need for what devices sold through what carriers.

The short answer for security on Windows mobile 5 Pocket PC Phone Edition handsets is that MOST carriers will probably choose to ship their PPC Phone Edition WinMobile5 handsets with something called One-Tiered Security, and also (usually) have "User Prompting" turned on.

This means that users will see a warning dialog box when they install your CAB. This warning dialog box tells users that this code comes from an unknown source, and may be dangerous. If users choose to continue installing your software, then your software will install just fine. Once your software is installed, the user may (depending upon a number of things) see another similar warning dialog box when they first run your application. If the user says Yes, to continue to run your application, then the user will not be prompted for permission to run your application again. The Operating System remembers those applications that the user has approved for execution.

The level of security will be tightening in the coming few years, so you should be prepared for more and more difficulties with code signing in the future.

(2) Any way to stop the system from removing previous versions of software when installing new versions?

Actually, this is a "safety feature" of the installer. Currently, the installer can only have ONE instance of each Manufacturer/Product Name combination as defined in your CAB file. If you wish to keep around previous versions of software, then you will need to change the Product Name so that the new Product Name is different from the previous Product Name.

However, are you really sure you want to do this non-replacement of the previously installed software?

Are you just looking to retain user settings? In this case, you can set up your INF file to install user settings, and create the default user settings on the fly when they are needed, but not found in the Registry. In this way, when the previously installed software is removed, the user preferences will still be sitting in the Registry, ready for use by the newly installed software.

Are you looking to keep data files around? If this is the case, then you should follow the pattern of the registry settings, and create the default data files when your program first runs - do not install a "default data file" during your CAB file install. You could even move the code which creates the default data files into a seperate DLL, and dynamically load that DLL ONLY IF you do not find any data files when your program starts up.

Does this all make sense to you?

-- John Wolfe 4-Nov-05

[Guest bretto]

Thanks Wolfe

I got around the problem by using a custom setup.dll included with the installation to customise the registry. This way the user (setup.dll) has control over what settings they keep or not and the cab installer wont remove them by default when upgrading the application.

Certificates play a big part if your application wants to do things like intercept sms. These are "trusted" processes that require some sort of signing especially on smartphones (wm2003) and Im guessing ppcs running wm2005. I'll investigate the link you mentioned and see what I can find out.

Thanks again