05-12-2005, 07:00 PM
|
|
Developer & Designer, News Editor Emeritus
Join Date: Aug 2006
Posts: 12,959
|
|
MSDN: Windows Mobile 5.0 Application Security
"Every Windows Mobile�based device implements a set of security policies that determine whether an application is allowed to run and, if allowed, with what level of trust. To develop an application for a Windows Mobile�based device, you need to know what the security configuration of your device is. You also need to know how to sign your application with the appropriate certificate to allow the application to run (and to run with the needed level of trust)."
With increasing mobility comes the need for an increasing amount of security. This MSDN article outlines some of the fundamental changes to security in Windows Mobile 5.0. Any developers looking to implement security policies in their Windows Mobile 5-compatible applications should give this a thorough readthrough.
|
| |
|
|
|
05-12-2005, 09:04 PM
|
|
Oracle
Join Date: Mar 2005
Posts: 980
|
|
Well, that's the "pain-in-the-a..." system already implemented in the SmartPhone edition of the current OS. And if you look around the web using google for "Application Lock" you will find 1000s of post from people looking for a way to go around it and install what ever they want in their phones. The implementation of that kind of security is something good for MS and partners making money with the business of "Digital Signing" applications. It's 1000s of times better if each user could implement the level of security he needs, at least from the point of view of consumers it seems to me better than have some companies deciding what is better (secure) for us.
In another hand, these security imposed policies make the prices go up because a developer who pay 1000 dollars just to sign one application for one year will pass that cost to us users. 0X
|
| |
|
|
|
05-13-2005, 10:42 AM
|
|
Intellectual
Join Date: Jul 2003
Posts: 221
|
|
Agreed - this does seem to be for the benefit of suppliers not customers. "I'm sorry, that's not a T-Mobile approved application"
And it really sticks a knife in the back of the large number of small scale developers for the Windows Mobile platform. $1000 is quite a big startup tax, and as ctitanic says, it has to be paid by someone.
|
| |
|
|
|
05-13-2005, 12:32 PM
|
|
Oracle
Join Date: Mar 2005
Posts: 980
|
|
Quote:
|
Originally Posted by mr_Ray
Agreed - this does seem to be for the benefit of suppliers not customers. "I'm sorry, that's not a T-Mobile approved application"
And it really sticks a knife in the back of the large number of small scale developers for the Windows Mobile platform. $1000 is quite a big startup tax, and as ctitanic says, it has to be paid by someone.
|
It can be more if you take in consideration that any freelance developer always has more than one application, I would say that at least 4000 dollars have to be paid under this concept per year. And 4000 dollars for a freelance developer is a lot of money.
People dont let be fooled by these "security" claims from Microsoft and their partners. All this is about money nothing about security. The system it self may be was designed thinking about the security of our devices but in the reallity it has became a big bussiness sucking money from developers.
|
| |
|
|
|
05-13-2005, 01:00 PM
|
|
Ponderer
Join Date: Aug 2006
Posts: 102
|
|
I'm unclear as to what this means for WM5 users.
Will they be able to choose to run unsigned apps and will those apps run without a certificate?
What would be interesting is if some PPC developers could post here about whether they expect their apps to require certification in order to run on "off the shelf" devices.
For example, if the developers of Pocket Breeze, Pocket Informant, TomeRaider or <insert your favourite app here> chose not to pay for certification, would end-users still be able to run their apps?
If the answer is mostly "no", then future looks bleak for hobbyist coders, and users who enjoy having masses of freeware apps to play with.
/\
|
| |
|
|
|
05-13-2005, 01:29 PM
|
|
Oracle
Join Date: Mar 2005
Posts: 980
|
|
There are several levels of security and according to these levels the application wont be able to run, will run but wont be able to access some part of the registry and some OS APIs and there is another level where still exist some restrictions in the registry and in some APIs but less than in the second level.
To give you an idea of what I'm talking. In any Cingular USA phone, user wont be able to Set ON the cleartype font changing the registry (this option is not available as an option for users).
An application like Tweaks2k2 can go around the 3rd level and in some cases of the second level but it wont be able to work at all in the 1st level above mentioned.
Users will receive a warning message everytime that they install an application saying that the application is coming from an untrust source if the application is not signed, that scare potential customers.
I believe that even to access the contact database the application needs to be signed but I have not tested this.
Today (Home screen plugins) are affected and even Home Screen Themes, to give you an idea.
Does the system protect your Phone? Yes, up to certain point. There are always ways to go around any security system and if somebody wants to create a virus they will use these workarouds. It protects by not letting users to install unsigned applications which are the majority of the application that you can find in the market today.
|
| |
|
|
|
05-13-2005, 01:31 PM
|
|
Oracle
Join Date: Mar 2005
Posts: 980
|
|
One more example, the other day I found a addin for the SmartPhone inbox to check hotmail. Well, that addin was or is not signed and the developer had to put a warning at SmartPhone.net asking users to try it first just to be sure that it can be installed because to change in any way the inbox configuration the application has to be signed. 
|
| |
|
|
|
05-13-2005, 03:26 PM
|
|
Ponderer
Join Date: Dec 2004
Posts: 94
|
|
Quote:
A device that is one-tier is one where any process that runs, runs trusted. A device that is two-tier is one where a process runs either trusted or normal. On a two-tier device, only privileged applications run trusted.
Currently, Pocket PC only supports one-tier. Smartphone supports either one-tier or two-tier, but the vast majority of Smartphones are two-tier.
|
If you notice, PocketPC developers are going to remain relatively unaffected here, for now. What happens right now is that if an application is unsigned, you get a prompt asking you if you trust this application. If you say yes, then you can run the program and you don't get prompted about it again. This is precisely how XP SP2 works.
If I read this correctly, it's the SmartPhone developers who are going to be running into problems, not the PocketPC developers (unless the PPC Phone Edition comes under the SmartPhone category, which it doesn't seem very likely to).
|
| |
|
|
|
05-14-2005, 09:43 PM
|
|
Pupil
Join Date: Oct 2003
Posts: 24
|
|
The default configuration for Windows Mobile 5.0 Pocket PC is called "one tier prompt". That means that the user will be prompted whether they want to allow an application to install/run. The one tier means that once an application is running, it runs fully trusted. Fully trusted means it has access to 100% of the device resources.
The default for Windows MObile 5.0 Smartphone is two tier prompt. Here again, the user is prompted whether they want to install/run the application if it is unsigned. If they say yes, the application runs untrusted which means it has access to 95% of the registry entries and APIs in the system. These APIs and registry entries are those used by most of the applications on the market ... only apps which need very low level access (e.g. security applications which re-route file access) or system registry entries will not run.
If the app is signed with a cert, depending on whether the cert is in the privileged or unprivileged certificate store, it runs with the appropriate degree of trust. For most applications and most shipping handsets, being signed with the Mobile2Market unprivileged cert will mean your app will install and run.
In most cases, the user is completely in control of what is allowed to install and run on their handset.
__________________
James Pratt
This posting is provided "AS IS" with no warranties, and confers no rights.
|
| |
|
|
|
05-14-2005, 10:56 PM
|
|
Oracle
Join Date: Mar 2005
Posts: 980
|
|
Sorry but in Smart Phones the user is in control of NOTHING!
|
| |
|
|
|
|
|
Linear Mode
