<div class='os_post_top_link'><a href='http://asia.cnet.com/newstech/communications/0,39001141,39183863,00.htm' target='_blank'>http://asia.cnet.com/newstech/communications/0,39001141,39183863,00.htm</a><br /><br /></div>The recent <a href="http://www.smartphonethoughts.com/forums/viewtopic.php?p=39079">Symbian-based concept virus</a> has got the main stream media in a dizzy. Is your Windows Mobile-based Smartphone safe? Is there any chance a virus could infect and destroy your phone or data? CNET asked Mike Wehrs, from Microsoft's Mobile Devices Division and here's what he had to say.<br /><br />"To allay such fears, Microsoft has built multiple security features into its Smartphone OS, a Symbian rival which is also used in hybrid devices which blends the functions of a cell phone with a personal digital assistant, claimed Mike Wehrs, director of technology and standards for Microsoft's Mobile Devices Division. If all else fails and the worm manages to proliferate, patches for Windows-based smart phones can be distributed and downloaded quickly via cellular networks to curb the outbreak, he told CNETAsia at the sidelines of the CommunicAsia trade show here. ..."Even if the handset OEM (Original Equipment Manufacturer) or operator decides not to turn those security features on, every piece of code that attempts execute on the phone triggers a dialog box," Wehrs stressed."<br /><br />The article also mentions that Symbian has just started to implement a certificate system in their OS. So what do you think? Is your phone secure? Does Microsoft's 'over-the-air' patch system make you feel all warm and fuzzy?

Interesting points, but I have a few issues with what's been said.

First of all, Symbian has always had application security (the 'Symbian Signed' thing is something different) and, like Windows Mobile, it has been up to the network operator how tight that security is. My ER6 and Series60 (first version) devices have always warned me when a security certificate was invalid, missing or just plain wrong when installing software - and always informed me of who owned the certificate if all was Ok. It is up to the operator to decide whether or not I can be trusted to install that software. Also, think about it like this - if Symbian are only now beginning to implement their security, why are users of the Symbian based 3G mobile (Motorola A something-or-other) still complaining that their phone has been application locked?

Also, that promise by Microsoft to send patches should any problems appear. Great, Windows Update on my Smartphone!? I can see my GPRS counter spinning like a one-armed-bandit already! And if the issues are at the OS level, will this involve re-flashing whenever there's an update?

... best to get it right first time ...

I think we'll find ourselves in a place where our phones are like our desktops - as secure as we want them, where security is inversley proportional to the features activated.

Just my opinion.