Those who read my blog will know I haven’t been a great fan of Symbian platform security, particularly Symbian Signing. As early as March 2006 I said I thought that that platform security wasn’t a "walk in the park". 

More recently I posted on the problem with Symbian Signed Tests and later noted that Symbian had some proposed new tests.

Without much fanfare, the new criteria have been published. They are very much simplified. I have already started recommending to my customers that they wait until after January 5th to sign their applications, when the new criteria become active.

While I am pleased with the simplified tests I am slightly disappointed that the opportunity wasn’t taken to remove the tests completely and just use a scheme, much like Android, where only the author is validated. If it works for Android then why not also for Symbian?

As the Symbian code base becomes more open (published), it will be interesting to see if new device vendors choose to to turn off capability-based platform security. They might, for example, replace it with a simpler security scheme based on validating (and possibly revoking) the author.

Related Articles:

• New Proposed Symbian Signed Tests
• Symbian and Java Signing
• How to Satisfy Symbian Signed & Nokia Criteria
• New Symbian Signed Test Criteria Issued
• New Symbian Signed Test Criteria
• Symbian Signed Evolution
• Symbian DevCerts and Validity Periods
• Symbian Signed Applications
• Symbian Signed and Piracy
• Symbian Signed AllFiles and TCB
• First Series 60 3rd Edition Freeware
• Symbian OS 9.1 Implications
• Signing and Certification
• Symbian Break in Binary Compatibility

This entry was posted on Monday, December 7th, 2009 at 4:07 pm and is filed under Symbian, Series 60, Mobile. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.