More about WM5 Security

More about WM5 Security

This comment was originally posted in PocketPCThougths forum. I thought that would be a good idea to publish it here due to the fact that I have been talking about this issue since WM5 was released.

“It's definitely a dark day and a pivotal point in the CE platform...Read on if you are a small developer.


We switched from Palm development to Windows CE development a few years ago for precisely this reason: that Palm put up too many barriers for developers. It's one of the reasons we predicted the Palm platform would die -- and this was back in their heyday (about 2001). We new Microsoft would win out because they made things so free and easy for developers. Its the rich and diverse choice of 3rd party apps, as much as the platform itself, that seems to drive the success of CE.


Now, however, Microsoft apparently thinks they have enough momentum and market share to pull back on the free development tools. Maybe they are right.


But the cost of a "legal" copy of VS2005 will now exceed the modest income some small developers make on their apps. It's going to drive a lot of good, solo programmers out of the CE platform for good.


But there is another problem. WM5.0 now has it's most intimate parts "locked" so that some apps require a signing certificate from Verisign in order to run. And to get a Verisign cert you have to buy signing tokens at $400 for a 10-pack. That means if you have a fairly complex app with several DLLs, .exes, etc., it's going to cost you hundreds of dollars for each version you release!


What's worse is that to even test the app on your device, you have to buy these signing tokens. You can try using the SDK cert to test on the emulator, but that only works on the emulator. You can't use it on the actual device. And you know the emulator can be useless for testing network apps. So you have to spend your precious, expensive certs just on test versions. You could easily run up hundreds if not thousands of dollars more at this point.


Oh I almost forgot...after you buy the Verisign tokens, you still can't get a privileged cert unless you go ask Microsoft to approve it. And for this they require you to first "logo certify" the app with a 3rd party test partner like QualityLogic. That's going to cost you another $500 bucks.


As bad as all the expense is, there may be a worse feature: developers now depend on Microsoft in order to survive. Because they can revoke your privileged cert at any time!


Security expert Bruce Schneier wrote about the dangers of forced signing way back in 2001. Just imagine if you desktop PC could only run signed apps. You would not be able to run any of the great freeware that independent developers put out. It would certainly kill much of Microsoft's market share in the PC space, and would drive consumers to Linux. In short, it's unthinkable. So why are they enforcing signing on the Windows Mobile platform, which is still young and less likely to withstand the blow?


As a small developer you are between a rock and a hard place. Windows Mobile development is now trapped between the prohibitive cost of VS2005, and the restrictive forced signing of WM5.0.


Slightly bigger companies will be able to survive. Many small developers won't. And when the smaller developers die out, there will be no pressure on bigger companies to write good software. Why should they? All their good competitors -- the independent developers -- are now out of business.

_________________

http://www.airscanner.com/

Winner -- Best Security Software 2005

Smartphone and Pocket PC Magazine”