Guest DJHope Posted November 23, 2002 Report Share Posted November 23, 2002 Im slightly irritated by certification, and i agree with many other people that simple measures can be used to stop malicious code from working, such as requiring a YES/NO box before sending email/sms/mms. also i cannot understand why orange dont allow you to take on the resposiblity of screwing up you own phone, i havnt herd of any really nasty stuff shutting down entire networks etc from the batch of xdas that have been out for ages. The new versions of the handgo programs are coming out soon (or are out) could you not compare the old versions with the new versions and prehaps work out how certification works? Im sure someone will have worked it out by the end of the year, which could be much more dangerious than orange allowing us access. I also understand from the side of the operator, but at the end of the day, security may well bring about the death of our freedom of speech. Link to comment Share on other sites More sharing options...
Guest dodgybob Posted November 23, 2002 Report Share Posted November 23, 2002 quite right there...! My opinion on this is that they are trying to make more money... its a revenue generator... They don't make money from the actual sales of the software... that usually goes straight to the developers... They will most likely be making revenue from the Certifiaction/App Siging thing that developers are being forced to do! Thats their sole source of revenue... Orange are practically giving the phones away!!! So theres not much to be earned on handset sales... its all about the additionl stuff... Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 23, 2002 Report Share Posted November 23, 2002 Yep aint that the truth, corporate money grabbing b**st*rd' s! Its a shame tho, i am in total agreement i really dont think its a security issue, their are many ways round that, im sure you could screw wiv the phone to you hearts content using ya pc, and u dont need application signing to run nasty progs on here!! not yet any way :D i dont have my spv yet, still waiting for mine from avrmobiles, but i am assured im in the que. I love the idea that i might be able to play doom on it, but reading this certification stuff, my heart was suddely filled with sadness! M keep telling us "wait for a couple of weeks, exciting announcements" if this isnt to eathier 1) make the certification process inexpensive and easy, 2) provide devlopment phones, for a fee and then certification free or 3) remove the whole thing completely, i might just stamp on my fone! DJ Hope Link to comment Share on other sites More sharing options...
Guest Paul [MVP] Posted November 23, 2002 Report Share Posted November 23, 2002 The certification process is basically signing applications with the Orange digital signature. This is going to be very well guarded at Orange, and I can't imagine there being a workaround in the foreseeable future. Quite a few people have kicked up a stink about this, so hopefully Orange will issue a root certificate patch so we can write and install our own software on the SPV... P Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 23, 2002 Report Share Posted November 23, 2002 yeh hopefully, but ive only seen ms people on these forumns, are orange even listening! havnt herd a word from them. Link to comment Share on other sites More sharing options...
Guest Paul [MVP] Posted November 23, 2002 Report Share Posted November 23, 2002 If we can get enough SPV users on this forum, maybe Orange will listen to our collective voice... P Link to comment Share on other sites More sharing options...
Guest Gaf Posted November 24, 2002 Report Share Posted November 24, 2002 If the SDK wont work with the SPV then id say the MS site http://www.microsoft.com/mobile/smartphone/default.asp seems pretty misleading. Im starting to wonder if orange can be had for making out this phone is something its not. Link to comment Share on other sites More sharing options...
Guest Paul [MVP] Posted November 24, 2002 Report Share Posted November 24, 2002 Watch this space... This is all gonna kick off pretty soon I think! :twisted: P Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 24, 2002 Report Share Posted November 24, 2002 Read below! Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 24, 2002 Report Share Posted November 24, 2002 God my sentance structure grammar and spelling sucked in that previous post, it should read: Erm... just seen ya site gaf, nice, im sure people on those forumns are already in the process of hacking the spv! Quick ms sort it out! Btw, modaco, i agree that orange will keep certification a closely guarded secret but where there’s a will there's a way. Windows xp activation is full proof isnt it and lemme see you can’t copy xbox games, damn Microsoft are good! Link to comment Share on other sites More sharing options...
Guest Third_of_Five Posted November 27, 2002 Report Share Posted November 27, 2002 If the SDK wont work with the SPV then id say the MS site http://www.microsoft.com/mobile/smartphone/default.asp seems pretty misleading. Didn't see the bit "Develop cool apps with the Smartphone SDK" first time around. Yes, this is misleading. But it's MS not Orange, so Orange can't be blamed :D Also, it says develop cool apps, doesn't say you can run them on your phone. Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 28, 2002 Report Share Posted November 28, 2002 Yeh but MS arnt responsible for the certification issue, the PROVIDER has the choice of activating certification or not, in our case Orange! Link to comment Share on other sites More sharing options...
Guest MarsBar Posted November 28, 2002 Report Share Posted November 28, 2002 from the SM2002 SDK ------------------------------------------------------ Setting Security Policies Policy settings are a part of the mobile device security scheme. Smartphone 2002 provides a secure configuration by default, out of the box. The user cannot modify security policies through the UI. However, we recommend that mobile operators modify the default security configuration by pushing their own security policy documents. This section discusses how to modify the Smartphone 2002 default security policy and create a new security policy document. The settings are defined in XML files that are pushed to Smartphone 2002 and are then processed by the Push Router. The following XML example is the default security policy document: -------------------------------------- So even if you manage to "hack" the security, when you restart the phone it will download the standard policy again???? Mmmmm Link to comment Share on other sites More sharing options...
Guest DJHope Posted November 28, 2002 Report Share Posted November 28, 2002 Yeh any change you make to any part of the windows directory isnt saved, so when you restart phone its back again! Link to comment Share on other sites More sharing options...
Guest rcraswell Posted December 2, 2002 Report Share Posted December 2, 2002 Changes you make to the security policy are not stored in the Windows directory so any changes will persist through a reboot. The problem is that your app has to have sufficient permission to change the security policy in the first place. (Think of it as having to be an administrator on the phone to make administrative changes.) Any developer program will likely take the form of a mechanism to change this security policy on specific phones. Link to comment Share on other sites More sharing options...
Guest xmob Posted December 2, 2002 Report Share Posted December 2, 2002 http://www.theregister.co.uk/content/64/28393.html Link to comment Share on other sites More sharing options...
Guest DJHope Posted December 2, 2002 Report Share Posted December 2, 2002 Erm..intresting. Ive heard alot of people say that all applications will have to be signed by orange. Surely that cant be the case check out all the inbuilt windows programs, they still RUN in the same method as the others and i doubt microsoft would have crippled themselves they wouldnt make a software product they themselves couldnt add software too! That must mean microsoft can certifiy products and their must be a way of signing applications through microsoft instead of orange. I could be wrong here but dosnt that make sense? Link to comment Share on other sites More sharing options...
Guest Third_of_Five Posted December 2, 2002 Report Share Posted December 2, 2002 I got this reply to a post on a developer forum regarding this issue from someone who works for a company who develops software for mobiles. http://www.smartphonedn.com/forums/viewtop...c.php?p=989#989 Orange are going to have many holes in their feet at this rate! Link to comment Share on other sites More sharing options...
Guest Third_of_Five Posted December 2, 2002 Report Share Posted December 2, 2002 Also this post: http://www.smartphonedn.com/forums/viewtop...c.php?p=993#993 Just to clarify (again) -- this is not a Microsoft issue at all. This has to do with the security model and set of root certificates that Orange installed on the SPV. Â I know that there are people in Orange right now working frantically to provide a solution to this problem. The technical solution exists but it's a matter of figuring out how to administer it. Â Orange did not set up this particular security model out of any motivation to gather additional revenue -- they merely took the most conservative route and kept everything as locked down as the OS would let them. Â Please remember that Orange is a phone company -- they're not really used to shipping little computers yet. This is a learning process for them and I think they were quite surprised about this whole thing. So things are looking up for developers perhaps? Link to comment Share on other sites More sharing options...
Guest Martin@Home Posted May 26, 2003 Report Share Posted May 26, 2003 "]Watch this space... Â This is all gonna kick off pretty soon I think! :twisted: Â P You weren't wrong there mate !!!!! Makes interesting reading this post ! I may only have newbie ststus but I have been following this forum from the beginning of december last year when I first got my smartphone.... My how things have changed ! :) :( Link to comment Share on other sites More sharing options...
Guest Martin@Home Posted May 26, 2003 Report Share Posted May 26, 2003 Sorry... "Post" should read "Thread" :oops: Link to comment Share on other sites More sharing options...
Guest drblow Posted May 27, 2003 Report Share Posted May 27, 2003 What would everybody think the chances are of the next Orange update being uncertified?? Link to comment Share on other sites More sharing options...
Guest Monolithix [MVP] Posted May 27, 2003 Report Share Posted May 27, 2003 Of course it will be. That's the decision they have made, and they'll no doubt stick by it for the duration of SP2002 at the very least... Link to comment Share on other sites More sharing options...
Guest Paul [MVP] Posted February 10, 2006 Report Share Posted February 10, 2006 As in Palm OS phones, like the Treo 650 I assume you mean? Good call... P Link to comment Share on other sites More sharing options...
Guest Paul [MVP] Posted February 12, 2006 Report Share Posted February 12, 2006 It is done :) P Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now