Posts filed under 'Symbian行业动态'

Symbian Signed改变了!

再次浏览www.symbiansigned.com,发现网站风格变掉了,再一看,支持多种sign方式了。

  • Open Signed, has updated and replaced Developer Certificate signing, making it easy for developers to sign applications for limited deployment to known devices, either for testing or for personal use. The online-only option is coming soon.
  • Express Signed, a new option similar to Self Certification, is available to all developers, either directly (for those who own a Publisher ID), or via publisher partners (for those who do not).
  • Certified Signed, has updated and replaced the mainstream signing option based on independent testing by a Symbian accredited Test House.
  • TCTrustCenter, www.trustcenter.de/order/publisherid/dev, is the Certificate Authority for Symbian Signed, responsible for issuing and validating Publisher ID digital certificates (but existing ACS Publisher Certificates issued by VeriSign will remain valid for Open Signed and Certified Signed).

    • Express Signed最为有用,因为申请了PublisherID,可以每次20美金提交,然后直接就sign好了还给你,对于像屏幕保护这种应用,需要很高的Capability,而其实非常简单,最有效了!

    Popularity: 9% [?]

    Tags: ,

    Add comment 12月 12th, 2007

    Symbian安全机制被破解?

    确实,我在N73手机上获得了所有的Capability,而我的N95因此而“牺牲”。

    所有的焦点在于 SWIPOLICY.INI

    When installing native Symbian OS packages (.SIS files) onto a device, the code performing the installation (the Software Installer, sometimes referred to as SWI) first reads the settings in a policy file in ROM (swipolicy.ini) to determine how the installation should proceed. Swipolicy.ini is configured by a device manufacturer prior to device shipping.

    利用的就是这个漏洞:更新固件的时候,在下载完但还没有更新到手机中之前,修改swipolicy.ini文件,使他包含所有的capabilitiy。

    所以,严格意义上应该不算破解Symbian的安全机制,因为影响到的只有一个手机。但是对于开发者来说还是相当有诱惑力的,可以试验许多以前不可能在Symbian 9上实现的功能,同时你也获得了手机上所有的DLL文件!

    Popularity: 5% [?]

    Add comment 11月 7th, 2007

    标签

    Calendar

    08月 2008
    « Jul    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Posts by Month

    Posts by Category