S60 Open to new features

I think security is a very relevant topic today. But I would really like to have control over the hardware I buy for my money. It's a little bit similar to the DRM topic. I don't really like to buy a song and the shop where I buy the music defines on which devices I will be able to play back the music.

I really understand that some special functions need to be protected. And I understand that it's a good idea to ship the devices in "safe-mode". But I really want to decide if I trust someone's software (or even my own written software) myself.

e.g. it's now nearly impossible to write a simple S60 screensaver because it need to be manufacturer signed. (Correct me if I'm wrong.)

On S60 2nd Edition devices I were able to install my own certificates and decide if I want to allow software installation of application signed with that certificate. But on 3rd Edition it seems impossible to do that. Why? Now I have to pay some hundred dollar (annually) to sign my own MIDlets for my own phone. (And for native Symbian applications it's even worse ... )

Best Regards
Björn

I think the solution goes or could go the direction Björn is pointing at the begining, that is, allow users trusts some developers. Some kind of developer signature that you can then when first installing an app from this developer allow capabilities for this app, or perhaps also for future apps of the same source. The problem for this is that the system born other way, and so you can change the security scheme as it's predefined, so for now, the only solution I see is make this in the signing level.

Why the process take 2 weeks? It's only a payload for being freeware and to justify the expenses of the paid software? If so, I think symbian doesn't have to justify anything, if developer makes money, symbian makes also, if not, both don't make money, so why is longer the process?

Ok, that's all for now, excuse me as I always say for my poor english (it's not my native language) and for the very big comment.

Offtopic: Tommi -- no trackback URLs?

Ontopic: If/when Freeware app downloads pick up to a level where it represents a significant level of data traffic for operators (=Symbian's customers), Symbian may feel more compelled to throw more money at this problem in order to make certification quicker (e.g. 5 days instead of 15). Whereas changing the OS and PlatSec is a possibility, I don't think it's realistic -- it's 100x easier to just invest more into the Freeware certification process, so that it becomes quicker.

This, then, reverts this to the popular and futile chicken vs. egg discussion (See http://en.wikipedia.org/wiki/The_chicken_or_the_egg to go completely offtopic).

...So, I'd say that Symbian marketing -- rather than engineering -- holds the key in this case. Getting a change into the OS is slow and difficult, while a decision to invest more money to support freeware developers requires a relatively simple decision process.

Ciao

can you just distribute self-signed applications or the self -sisgning does not give access to private functionalities?

Flash Lite applications do not use any of the private APIs of Symbian, but if someone want to package them into sis and create an icon does it require signing? I am asking this since I managed to create an icon to launch the Flash Lite application but only if the Flash Lite application is not installed to the private directory. (I self singed the sis)

Alessandro

> Tommi -- no trackback URLs?

Ok, I enabled trackbacks again. I disabled them for a while, because I got so tired of trackback spam...

Everybody: good comments. I can't do much to improve the situation in my official role - but hope someone from Nokia/Symbian is listening and will take care of this.

Alessandro: yes. You can find the details from Jukka's excellent post:
http://blogs.s60.com/s60multimedia/2006/06/signing_applications_for_s60_3.html

Well, you can make sis files as a SISPATCH, but I suppose that doesn't really help as it'd still need signing in some form or other...

There is another problem that I didn't mention in my post, i.e. testing signed application (beta testing).

Since I don't have all S60 devices on the market, usually I have to ask other users to test my application. The problem is that Symbian Signed only allows us to request a certificate for 1 IMEI number (if we don't have ACS Publisher ID).

What I have been doing so far is ask my users his/her IMEI number. Then I request a certificate from Symbian Signed.

It is not really a problem, but it takes a lot of time. I have to do this each time a new user want to test my application, i.e.:
- Asking for IMEI number.
- Requesting a new certificate.
- Sign application with the new certificate.
- Send the application back to the user.

In the old era (pre-3rd Edition), I can just post my application on the web and everybody can test it.

I'm feeling like Björn.When creating some "security" crap, if f**ks up just an usual users at first and not these it is intended to stop.So maybe someone really needs S60 3rd ed which is incompatible with existing S60 software and f**ks up brain with dumb apps signing but I'm actually do not need such "wonderful" device.I'm better to stick to S60 2nd ed for now and later to non-Nokia non-smart phone+PDA bunch or to non-Nokia windows-based communicator.At least these smart devices are running REAL os'es with lots of software created for years, which are NOT breaking compatibility, not limiting apps features, not f**king my brain with security idiocy and does not preventing free fully-featured apps creation as well as does not hardening bug fixes.Noka seems to get ugly enough to allow it to be "really annoying corporation".So I'm doubt I'll buy S60 3rd ed device ever or recommend it to someone.This is the MOST secure way.No S60 3rd ed in your pocket - no security concerns, no problems, no headaches, no dumb restrictions and no DRM-like restrictions.

t3st3r: why are you reading this blog, if you hate S60 and Nokia so much? Just go and buy yourself something else that suits you better :)

About your strong tone, thanks for blacking out the f-words. But still, we are approaching the limit when I'm getting pressure to do some moderating. I haven't deleted a single inappropriate/defamatory comment so far, and I would not want to start it now...

Well, maybe the tone was too high, but basically t3st3r is right!

He does not hate the Nokia or S60 whatsoever, and s60.com is just the right thing, if not the only one, to post such concerns, he is just pointed out on some really annoying things in there! Nokia itself with s60 3rd edition make people hate them ……..

For instance lets imagine, if I wanted a phone with a big screen 3MP camera and flash light! So I would go and buy Nokia 73. But not only did I got entertainment I also have a smart phone, cool ha.

And now to the point.

For instance if I had S60 device before and had many great free apps, so it is a no brainer I want to get whose apps to my new phone. And surprise surprise …….

1) They are not compatible with S60 3d edition (and If every future S60 edition will break compatibility……… beats me what will happen)
2) I can not download the new versions of that software simply because it does not exist!!!!!!!!! And probably will never be :(

Why you ask? Because to get the app running on the S60 3rd edition you need to sign it, OK not a big deal for corporations! But what about free software, what about developers writing their own stuff? What about sharing? What about bug fixes, and this is really important! And DRM stupidity!!!!!!

And I wonder why Windows Mobile is so popular, the most fastest growing division of Microsoft if you did not new that ;)!!!!

Imagine if you could run only signed apps on your PC? Not a very happy world I think :(!

I can feel your pain.

I just wanted to keep the conversation polite and constructive, because I believe this is the best (only?) way to really change things. If the conversation gets too defamatory, people at Nokia&Symbian probably would just ignore it.

As Shel Israel put it: "If you came into my home and were rude to me or another guest, I would ask you to stop. If you continued to be rude, I would ask you to leave."

Hope you'll understand...

Not Symbian Signed related but another extremely annoying "new feature" of S60 3rd Edition is the new MIME type for SIS files. Causes a lot of problems and in many cases makes it impossible to download software directly to the phone, if the same server or folder has to share files for both old and new S60 platform version. For example, while I was able to set the new MIME type on my Downloads server (by making a separate folder for S60 3rd Edition files and putting a separate .htaccess file with MIME type configuration there), it is not possible to do so with the folder where my discussion forum posts' attachments are stored. As long as majority of people still use S60 2.x phones, I have to keep the old MIME type to preserve compatibility, which makes it impossible to download anything from there using an S60 v3 phone. There is a new SISX extension introduced with Symbian OS 9.1. Why Nokia did not make it the only extension if they really had to change the MIME type? In such case there would be no such conflicts.... In UIQ 3.0, which is also Symbian OS 9.1 based, SIS files still have the old MIME type...