View Full Version : The Thin Edge of The Signed Wedge: symbian Signed and the Future of Small Developers


Ewan
03-02-2005, 10:17 AM
There's something that's worrying Steve in the development of the Symbian OS eco-system. It's very small and trivial now, but is Symbian Signed is the thin end of the wedge. Why does this affect everybody (not just developers)? Read on as Steve looks into a future that's not a nice place to be if you have a Symbian handset (http://www.allaboutsymbian.com/features/viewarticle.php?id=145)...

Joel_
03-02-2005, 01:54 PM
This SymbianSigned thing is just a ripoff.
It prevents the developer to fix bugs and they will improve the app if it's very necessary because it costs money (new signature).

For the end user Symbian Signed doesn't guaranties anything. SymbianSigned product can be weak quality, incompatible with other software, can cause data loss etc just like the unsigned ones. Just have a look at the End User Statement of SymbianSigned.

Those who thinks SymbianSighed helps the Symbian ecosystem please have a look at the desktop computer world that works without any certification.

Rafe
03-02-2005, 02:38 PM
I think the important point is that the issue will be how much the handsets get locked down. I would be as irritated as anyone if my handset was completely locked down (i.e. Symbian Signed only).

However I do accept it is something that should get built into the OS (in fact it already is, its just no one has chosen to lock them down completely... for example the 6630 on Vodafone has several blocks on it - I think one of them is no MP3 ringtones). Some people may recall that when the A920 first appeared it wasn't possible to install 3rd party programs at all (and even now I think they have to be in the internal memory).

Inevitably in order to sucede Symbian has to ultimately do want the Operators want. It is going to be an issue of the operators making the choice. I don't think Nokia would ever release a handset completely lock down - why should they? However the choice will be there for the operators. So I guess what I'm saying is that its the operators we have to watch for... The interesting thing is both Orange (SPV) and 3 (A920) did lock some handsets down like this but back down in the face of users complaints.

And yes Symbian Signed is not a guarantee of a good app. Its a guarantee about security - i..e it has far more to do with reassuring networks that the app wont take down a network and much less to do with a seal of approval for end users.

SwitchBlade
03-02-2005, 03:16 PM
This all seems to boil down to people forgetting that they aren't really as important as they think they are. Network operators seem to have the delusion that people get a phone on their network purposely because they are the better network and that people think that. Whereas they generally make a sale because the person knows what handset they want and the network just happens to have the cheapest deal. Lockdowns may save money for operators in the long run though as I know I'd rather buy a sim-free phone without the lockdown than go for the operator subsidy and the lockdown.

AaronT
03-02-2005, 08:21 PM
Well, I guess it'll be down to the manufacturers and network operators to decide whether they choose to turn on mandatory Symbian signed, etc. Isn't the Orange SPV C500 application locked?

The one peice of good news for the little guy was the announcement of the free Symbian tools for the open source and multi-platform Eclipse IDE. That should bring development costs down significantly for any bedroom developers.

Ewan
03-02-2005, 10:19 PM
The one peice of good news for the little guy was the announcement of the free Symbian tools for the open source and multi-platform Eclipse IDE. That should bring development costs down significantly for any bedroom developers.

Just a pity that none of the software stores may promote non-signed apps in the fututre... ;-)

make75
04-02-2005, 09:16 AM
I would like to bring a bit of the another side of the story. I think nobody would contradict if I say that the winning platform is the one that have most software. However, most biggest fear is a malware that would make something really bad things. You can see how much bad press there are about those few Symbian viruses that really are not bad at all. Think about software, which would make the device behaving badly in the network and possibly would bring down the network. If that would happen it is the end of the Symbian story. I believe that there will be a set of APIs that you can use without signing an app, but for example, all network operations require signing. You should remember that mobile is not the same as the desktop.

--marko

Ewan
04-02-2005, 09:29 AM
If a single phone can bring down a network, then I don;t want to be in that network. Simple as that. At most a single phone should only affect a single phone.

And of course teh largest computing platform (to date) is the Windows PC, and while it has malware, it still is the biggest software, units and retail leader.

SwitchBlade
04-02-2005, 09:46 AM
make75 has a good point though, we all know for example on New Years Day, how slow the networks become and hard it is to get a call or text through when loads of people are using it to wish friends a "happy New Year". Imagine for a second a virus that could concievibly get out there, some how spread via, for tested example bluetooth. Heres the land of fiction (at the moment) get onto the target device without the user being informed about it. This virus lay dormant on devices, spreading, then on a set date the phones go mad, locking out the keypads and randomly dialing/texting etc in a sort of DDOS attack on the mobile networks.

It may be the realms of fiction but it happens quite a lot with windoze computers, and on the track record of the PC scene I think Network Operators are justified in worrying about the damage that rogue software could do to their network. Sometimes a little paranoia could be good, unfortunately at this stage I think it's a bit far, but if some clever programmer proves otherwise we'll all look back on this is hindsight with "How daft to kick up over this and now the phone network is down."

I still maintain though that plenty of people will go for the unlocked SIM free purchases, to avoid these restrictions, unless the handset manufacturers only sell locked down devices without any sight of unlocked ones.

Joel_
04-02-2005, 09:57 AM
SymbianSigned doesn't guarantee that an app handles the network correctly. It guarantees only that _during_the_test_ process_ the app was behaving according to the test specification. And the End User Statement of SymbianSigned clearly states that it doesn't mean that the app will always behave according to the test specification. (Only the test process matters)
It can be buggy, can do harm and it can contain malicious code unless if it produced one of these 'features' during the test.

Tuvalu
04-02-2005, 12:14 PM
I don't think Symbian Signed can guarantee that the application is bug-free. However, when an application is Symbian Signed, you exactly know who wrote it. You have to prove your identity to get a VeriSign certificate and without that, you can't get your application Symbian Signed. So it's quite unlikely that a Symbian Signed application will be malware that does harm on purpose.

Joel_
04-02-2005, 05:34 PM
I'm not talking about bugs. I'm trying to say that a SymbianSigned app can do _anything_ including harm.
And yes, you have to prove your indentity but normal digital signature (and key from verysign) can do the trick, no need for the expensive Symbian Signed. But that didn't generate revenue for Symbian.

langdona
04-02-2005, 06:57 PM
I question that Symbian Signed will do anything to increase security on phones.

Hackers see things like that as a challange and I wonder how long it will be before the security is cracked so that unsigned programs can be made to appear as signed?

If network suppliers insist on only allowing signed software on their phones it could be that the only way users can install the software they want is to try a cracked version with a forged signiture.

mopius
06-02-2005, 10:29 AM
Symbian Signed would be a great idea if it was cheaper. Something like $100 in total would be no problem, but $500+ for getting the first application signed is just way too much.

Since quite some time I'm in the process of getting a game Symbian Signed. It turned out that it's really very, very complicated to get a certificate from VeriSign as a small non-US company with the documents in German instead of English. Well, at least without paying even more money. So maybe it would be good to allow some more variety for the choice of the signing company, which could possibly also lower prices.

Apart from this, as mentioned in the article, once something is Symbian Signed, there will most likely never be an update again. For my company, signing the game once already leads to a loss, so doing it twice would only be possible if a very serious bug was found. Therefore, I doubt that this initiative really improves the quality of software. If there's a charge for signing something once, at least retesting it for minor updates should be free.

Xerop
06-02-2005, 03:48 PM
Only applications that use restricted (i.e. possibly harmful) APIs (like access to the GSM network) will need to be signed to be installed. Anyone creating e.g. a single-player gamle, or trivial utility application will be able to deploy it without first getting it signed.

Unplugged
06-02-2005, 10:54 PM
A more effective solution would be a permisssions system for apps so you would have to specifically allow apps to peform taks such as

Delete Files
Change Files
Access Network
Send Text Massage
Change profile
Chnage Bluetooth Settings etc.

Xerop
06-02-2005, 11:43 PM
That's an available option too.

Enjolras
07-02-2005, 11:00 PM
The emphasis on signing IS going to increase, and it's because of security. One of the problems that smart phones have is that they are PRIME targets for very malicious attacks. Hijacking a phone and making phone calls or sending thousands of SMS messages can lead to very real headaches for the user. It can even mean the loss of hundreds of dollars. Signing is one method of ensuring that an application is well behaved..

The new security model in Symbian 9 goes a long way to addressing this problem. By forcing applications to be signed in order to access certain system functionality (such as telephony or SMS) Symbian is protecting it's users (that'd be you) from malicious attacks either through untrustworthy software (even applications posing as other applications) or through security holes in the software itself.

I would actually argue that this model will allow OEMS to KEEP their phones open. Since the signing model allows sensitive areas of the phone to be locked down individually, the phone can be left open for general applications (ones that don't need access to those parts of the phone), while still protecting the phone from the most damaging attacks. This is a very very good thing in my opinion.

Enjolras
08-02-2005, 06:57 PM
A more effective solution would be a permisssions system for apps so you would have to specifically allow apps to peform taks such as

Delete Files
Change Files
Access Network
Send Text Massage
Change profile
Chnage Bluetooth Settings etc.
__________________

That's exactly what they've done in Symbian 9 (more or less). Signing is required to access certain system level functionality (signing grants you permission to access system elements)...

langdona
08-02-2005, 07:15 PM
I agree that the theory is sound provided that we can have low risk applications that don't need signing. A game or other application that does not use telephony or bluetooth should not require signing at all (assuming that unsigned software is prevented from using these features).

However I wonder how good the security of the signing software is. If it gets cracked then its less than useless and how many software security features in the general world of computing have not been cracked?

I think that it would be better to prevent any application from accessing the phone or bluetooth unless the user is prompted to give them permission to do so.

At the end of the day the problem with security will always be the same. Its down to the person using the device! Some are good and some are bad and I dont think thats going to change.