Guest Funster Posted January 27, 2003 Report Posted January 27, 2003 There's an article on page 27 of this week's IT Week which says: "Microsoft will today release an update to its Smartphone 2002 platform....to fix a security flaw that lets unsigned code run on handsets". "The update fixes a flaw that allowed users to run applications that had not been digitally signed." "This update will be available through Orange's device update service.." Which means that we can probably choose to ignore it... The rest of the article is just padding with the usual banal Microsoft quote.
Guest Firaas Posted January 27, 2003 Report Posted January 27, 2003 Er, if it's serving through Orange Update, than that presumably means it's a seperate update to the bugfixes?
Guest Deemon Posted January 27, 2003 Report Posted January 27, 2003 of course its gonna be separate! We`ve all been bad boys and girls ;) . All the programing resources probably moved over to fixing the dreaded hole that we nasty hackers discovered..so that means we will probably have to wait longer for the bugfixes...any excuse to give us the bug fix patch eh Orange....?
Guest Monolithix [MVP] Posted January 27, 2003 Report Posted January 27, 2003 When will people learn ;) Ah well, back to MGS...
Guest xanadu Posted January 27, 2003 Report Posted January 27, 2003 Just got this reply back from The Inquirer. Thought some people may be interested........... "Hi, I'm not sure I understand your complaint. the first batch of SPVs went out without software fixes. The Orange UK site then showed the SPV as out of stock. Orange are now installing the software patch on shipping models. The next release of SPVs will therefore have the software fix. What exactly did we get wrong? Oh. And the hackers had two separate fixes - one for the UK model and one for the French models. Regards Tony Dennis "
Guest Gorskar Posted January 27, 2003 Report Posted January 27, 2003 Even with the software fix, getting rid of certification should be as easy as loading a backed up IPSM file that has had certification removed with the bootloader. Hopefully someone can put one on the internet somewhere that is as close to factory settings as possible. I will certainly be backing up my IPSM before attempting any updates.
Guest Firaas Posted January 27, 2003 Report Posted January 27, 2003 I have a weird feeling that the certification-workaround fix won't be much of one. It's likely to be something stupid, like delaying the time when ActiveSync can access the SPV - that seemed to be the case in today's Danish SPV update, but I was running gnuboy within minutes.
Guest fixit Posted January 27, 2003 Report Posted January 27, 2003 Ran Orange update, it found something new and installed it - think it said it was a ringtone, but maybe it included this alleged fix. However, I've rebooted the phone and my unsigned apps still work so maybe it was benign.
Guest sbsdegb1 Posted January 28, 2003 Report Posted January 28, 2003 don't know if I have missed something somewhere but can someone point me in the direction of the topic / thread detailing the method for disabling / working around the certification issue and being able to run unsigned apps... thanks
Guest Gorskar Posted January 28, 2003 Report Posted January 28, 2003 Its in the sticky thread at the top of the forum "guide to unlocking your phone for application development"
Guest dma Posted January 28, 2003 Report Posted January 28, 2003 Here is the full article for those interested. http://www.ukdma.plus.com/images/itweek.jpg
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now