<div class='os_post_top_link'><a href='http://www.smartgamer.org/forums/viewtopic.php?t=19&sid=c5965436ef6794343efd76b6838f4f77' target='_blank'>http://www.smartgamer.org/forums/vi...efd76b6838f4f77</a><br /><br /></div>This is what I was afraid would happen with the signing of applications for the Orange SPV. Douglas Beck, one of the <a href="http://www.dig-concepts.com/">most talented game programmers</a> I've met, had this to say on Smartgamer.org:<br /><br />"Even though my titles are already certified, the remaining process of getting the logo, certification and the applications digitally signed has been at a complete standstill for over a month. My attempts to expedite the process have gone completely unanswered. It's very disappointing for me personally. It has already cost me in lost opportunities. I also take pride in timely releases and relying on other organizations that don't care much is a new situation that I don't care for much. My games have been complete for months now. I'll release them just as soon as I can. I have been pressing the issue for the last two months with limited success."<br /><br />Note to Orange: if you're going to force developers to go through application certification, and make they pay for the privilege, at least get a good system in place!

Is the idea of certification to ensure compatibility and stability or to make money? If stability is the issue, then remove the software warranty if non-tested apps are installed. If it is a money licensing issue, then I will buy the first phone that does not have these silly restrictions.

then I will buy the first phone that does not have these silly restrictions.
... and is available in the US ;)

--janak

That's a bunch of crap...even with Windows XP you can use non-digitally signed drivers, it just gives you a warning before you go ahead with the install.

... and is available in the US ;)


Yes, and that problem too. The US is a great market for these devices... I don't understand the delay tactics in releasing here - most other technologies are introduced here first. The issues of standard wireless technology adoption seem to be settled now with GSM/GPRS and the new CDMA.

Because Smartphones are not yet available in the U.S., I’m guessing that there are probably two different ways to install programs on a Smartphone: Over-the-Air and via ActiveSync.

If an application is installed “over-the-air”, it needs to go through Orange’s cellular network to get into the phone, so I can see that somewhere there will be a lawyer that will say this makes Orange at least partially liable if the app either damages the phone or performs an action that was costly to the user (by using billable airtime). And by requiring signing/certification, Orange is simply trying to protect themselves. But, if liability was the reason for the signing/certification, couldn’t Orange simply add a clause to their service agreement to release them of liability for any software that the user installs on their device?

The user should at least have the ability to install any app of their choosing via ActiveSync with the inherent/legal understanding that Orange is not responsible for any ill-effects of the software because the application was not purchased from Orange, nor was their service used to install the application.

Basically, I feel that any argument Orange comes up with to justify the signing/certification process should also be applicable to the Pocket PC - Phone edition devices, because a Pocket PC Phone Edition app could do similar bad things. But why doesn’t AT&T, Sprint care what apps the user installs on those devices, even if they are installed Over-The-Air?

In my opinion, the signing/certification requirement is simply a way for Orange to receive a “cut” of any software that a user buys for their Smartphone.

Douglas destiny is what I feared the most the first time I heard about application signing. I join in with the crowd and think that installing applications is something I would like to control myself. The comparison to the drivers in Windows XP is relevant and so are ActiveX controls in Internet Explorer. In IE I can choose to select whatever security level I wish (and live with the consequences), and that should be my choice as an "owner" of my phone.

The most relevant objection I've heard was that phone networks are sometimes important lifelines (SOS calls and such) and if there is a virus (worst case) in my phone I could be prevented to call the hospital or police in an emergency situation. However, many similarly important applications exist already on the Internet, and the same thing can, and does, happen there.

I think the success of the PC and the Internet was based on freedom. Freedom to build my applications, publish them and let people decide whether they want to install them or not.

The thing that makes me most upset is that I get a bad taste of censorship. What's next? Controlling and signing the data that is sent over the network? 8O No, freedom is the only way to go. Let the flowers grow!

Jason, how about a user poll on "Do you like application signing?":
1. No, I won't buy a smartphone until signing is history
2. No, but I can live with it
3. Yes, if it is a free and there's a quick process
4. Yes, if it's a quick process
5. Yes, I think it's great!

In my opinion, the signing/certification requirement is simply a way for Orange to receive a “cut” of any software that a user buys for their Smartphone.
I couldn't agree more. If there is a technical reason why any application needs to be signed before it can be run on the phone, then the design of the phone/network needs to be called into question (as to whether its completely idiotic or just plain stupid).

From what I understand, the situation is as follows. Orange, not Microsoft, required the enabling of root certification meaning that any and all applications need to be signed before they can be run.

Apparently, there is a different level of certification that could have been selected whereby only applications that utilise the phone's communications facilities need to be certified. In other words, any appplications that run "locally" (i.e. 99% of third party software) would not need a signature.

It's quite simple. This situation is a complete farce, and I defy anyone to tell me otherwise.

This just confirms my opinion on the SPV. The hardware is fairly OK (though chunky) but the user interface is not intuitive and is difficult to use - for the first time I had to resort to a manual! Orange have a lot on their plate marketing and their disorganisation can only damage it's sucess further. I shall stay with my XDA!
Regards
Griph

Jason, how about a user poll on "Do you like application signing?":


I think this would be an interesting idea - but I suspect we all know what the results would be like! Don't forget that this is a really biased site (I mean in a "nice" way!) :D. Everybody who visits here is a real enthusiast.

To be fair to Orange I suspect that they don't (yet) know who the SPV will appeal to. Will it be "enthusiasts" or "ordinary" users who want extra features (mobile e-mail etc)?

App signing is always going to be an anathema to the former group ("Heh - I'm quite capable of making my own mind up :evil:") but there is a better case to be made for it with the ordinary (less skilled) user. Even they would (probably) disagree with a simple "do you want app signing" question. But they would also be the type of people who couldn't understand why their brand new Orange SPV wasn't working any more. They would (from experience) completely fail to appreciate that it wasn't Orange's fault that they (the user) had installed a non-signed app that created a conflict. They would simply blame Orange for a sh.. product.

They would (from experience) completely fail to appreciate that it wasn't Orange's fault that they (the user) had installed a non-signed app that created a conflict. They would simply blame Orange for a sh.. product.
I see your point of view here, but...

1. Why not have a warning message pop up when installing an unsigned app stating that the phone manufacturer is not responsible if the app breaks the phone, blows all the fuses in your house, gets you abducted by aliens, etc.?

2. Correct me if I'm wrong, but surely one of the fundamental points about the new MS Smartphone is that it is more powerful than your average phone, i.e. closer to a "proper computer". What's the point of making a phone this powerful if it can only run a handful of programs that Orange/VeriSign can be bothered to approve?

2. Correct me if I'm wrong, but surely one of the fundamental points about the new MS Smartphone is that it is more powerful than your average phone, i.e. closer to a "proper computer". What's the point of making a phone this powerful if it can only run a handful of programs that Orange/VeriSign can be bothered to approve?

Personally I think you're right BUT neither of us (nor Orange - I think) KNOW for sure. Maybe there's a market for a simpler device that just adds e-mail/games etc BUT in a strictly controlled environment?

On the other hand I don't want to be seen to support App Signing. I think Orange are being stupid and your "you have been warned" route is far more sensible. An earlier post mentioned the possibility of the Lawyers getting involved and saying OTA uploads might be seen to make Orange responsible. I think this could well be true. But an unsigned app loaded via ActiveSync (with warning) ought to be possible.

Overview:
We know how much your phone / PDA means to you our customers. As such we feel it is essential to let you know about the consistently dreadful service that we have received from Orange in the UK.

The detail :
24th December 2001 Bought PDA Phone from Orange Shop for £399. That’s a lot of money for a phone. We were persuaded to take out insurance given the value of the phone.
Two weeks later the phone malfunctioned. We contacted Orange who said they would send one within the next four days. Having waited in between 9am and 5pm for four days we contacted Orange. They apologised and promised to send it the following day.
This happened a further three times before we eventually received a replacement handset. Each time there was no warning that they would not bother to deliver.
This unit then malfunctioned again in April. The phone was less than 6 months old. We were told by Orange that we could have a replacement if we paid £100. All this despite the unit being faulty within 12 months. They asked us why we had had four phones already which of course we had not.
At this point we asked how much to disconnect and unlock the phone. We’d had enough. The fee was £120 in advance which we paid. Guess what ? Four weeks were spent with Orange trying to unlock the phone and us on the phone trying different procedures with them. More time wasted. Bear in mind that we were often on the phone for half an hour or more at a time not including the numerous attempts to get through.
We were eventually told they didn’t know how to unlock the phone despite us having paid for the service.
We are now left with an expensive piece of junk that we cannot use with another service provider.
We have since moved to O2 and we are very happy to report that they are EXCELLENT.
This whole article was written whilst waiting for somebody to answer the Orange Helpline. It could have been written twice over in the time it took to get through.

Links:
Still want an Orange phone or PDA ? You can visit them here.