NewLC - symbian 9, security platform, signing - Comments

Re: symbian 9, security platform, signing

alh — Tue, 26 Feb 2008 10:18:25 +0100

During reading the Symbian guides I haven't found any mentioning, that they demand the developer to be trusted. I don't think Symbian wants to know the business plans, they just want money. And everything can be solved by the appropriate summ of dollars/euro.

I don't think Symbian cares either.
After all, symbian doesn't create any phones, nor do they have any end user contact.

But the guys who do care though, is the device manufacturers and platform creators (s60, uiq, nokia, S-E, samsung, etc).

Nokia for example, writes at one of the pages above: "When the tests are passed, the application will be Symbian Signed. If the application requires DRM and/or TCB capability, a legal agreement [with Nokia] must also be in place before the application can be certified."

The thing is, that the whole platform security depends on that only a few and very select services have the TCB capability.
It doesn't matter if _you_ aren't malicious, they also want to be very sure that you also wont mess anything up, and leaving a big gaping back door open to break the security of the phone.
And if you do... They want to be able to track you down...

But of course it isn't impossible to get.
Just a lot of red tape...

Re: symbian 9, security platform, signing

rbrunner — Sat, 23 Feb 2008 09:11:06 +0100

I will.

By all means, do. Don't let a few fairy-tale-addicted cowards in this forum stand in the way to your luck.

Will you report back the result? Regardless of outcome? Would be very nice.

Re: symbian 9, security platform, signing

Hex — Fri, 22 Feb 2008 16:41:45 +0100

I at least wouldn't even dare to contact them and apply for TCB - the holy grail of Symbian - without a very convincing business plan and an impressive track record in the mobile scene that shows that I am serious.

From the conversations I have had with Nokia, you will need to submit a business plan/case AND a development plan to assess the feasability of the design.

During reading the Symbian guides I haven't found any mentioning, that they demand the developer to be trusted. I don't think Symbian wants to know the business plans, they just want money. And everything can be solved by the appropriate summ of dollars/euro.

You can start by sending a request to (IIRC)

I will.
It seems to me that nobody ever tried to request such capabilities, because there are too many fairy tails about difficulties, and no success stories.

Re: symbian 9, security platform, signing

paul — Wed, 20 Feb 2008 19:13:47 +0100

Basically at the barest minimum you need to be a Symbian Partner AND a Nokia Launchpad or Pro member for them to even look at TCB.

The reason it that these can serverly compromize the phone and the API's you need are under a Symbian Partner licence so you need to have a solid business record with them before they will talk to you.

From the conversations I have had with Nokia, you will need to submit a business plan/case AND a development plan to assess the feasability of the design.

You can start by sending a request to (IIRC)

Re: symbian 9, security platform, signing

rbrunner — Wed, 20 Feb 2008 18:02:31 +0100

I don't see any non-trivial question right now.

This page
http://developer.symbian.com/main/signed/
tells quite clearly that for publisher IDs it's TrustCenter who is running the show now, and Verisign is out.

And the following link that N/A gave a few posts above already quite nicely sums up Nokia's policy for granting special capabilities:
http://www.forum.nokia.com/main/technical_services/testing/cap_granting.html

Maybe you are sad because there is probably a very real danger that you won't be able to convince Nokia to deal with you. I at least wouldn't even dare to contact them and apply for TCB - the holy grail of Symbian - without a very convincing business plan and an impressive track record in the mobile scene that shows that I am serious.

Re: symbian 9, security platform, signing

Hex — Wed, 20 Feb 2008 16:55:44 +0100

Heh... the experts have finished As I ask some nontrivial question - there's no answer. It's sad, very sad...

Re: symbian 9, security platform, signing

Hex — Tue, 19 Feb 2008 17:11:00 +0100

I've downloaded "The complete guide to Symbian Signed". As I understand, I need "Express signed" to be able to request TCB and other previledged capabilities. In the guide they say that I need to buy the publisher ID from Trust Center:
https://www.trustcenter.de/cs-bin/PublisherID.cgi/en/155102

The publisher ID is also provided by Verisign at step 2
http://www.verisign.com/products-services/security-services/code-signing/symbian-content-signing/

What is the difference between these publisher ID's?

Re: symbian 9, security platform, signing

Hex — Tue, 19 Feb 2008 14:15:00 +0100

I never heard that the DRM, AllFiles and TCB capabilities have a price, where you pay the price and then get it. I think how to treat you will be decided on a case-by-case basis by the "powers that be".

For Windows Mobile there were two types of code signing:
1) code signing for applications that don't need previledged API.
2) code signing for applications that uses previledged API.

Furthermore, if you write a driver for Symbian, are you sure that you will be able to use it, regardless of capabilities? I am not sure, but as far as I know Nokia's 3rd edition phones won't load drivers from anything than ROM. If this is true, are you ready to produce ROM images containing your driver and flash a limited number of phones with it?
Just out of curiositiy: What driver is it anyway? What in a phone or connected to a phone needs a driver?

I want to make File system plugin. It should be loaded by RFs::AddFileSystem(). It should be able to be loaded from C:\Sys\.
I've dumped security information for efat32.fsy by petran and found out, that to make my own FSY I'll need:
TCB
CommDD
PowerMgmt
ProtServ
DiskAdmin
AllFiles

Re: symbian 9, security platform, signing

rbrunner — Tue, 19 Feb 2008 13:45:29 +0100

I never heard that the DRM, AllFiles and TCB capabilities have a price, where you pay the price and then get it. I think how to treat you will be decided on a case-by-case basis by the "powers that be".

Furthermore, if you write a driver for Symbian, are you sure that you will be able to use it, regardless of capabilities? I am not sure, but as far as I know Nokia's 3rd edition phones won't load drivers from anything than ROM. If this is true, are you ready to produce ROM images containing your driver and flash a limited number of phones with it?

Just out of curiositiy: What driver is it anyway? What in a phone or connected to a phone needs a driver?

Re: symbian 9, security platform, signing

Hex — Tue, 19 Feb 2008 12:03:28 +0100

Symbian made the certification too complex. At Windows Mobile we've just sent an email to microsoft where we've described the API we wanted to use. Then they approved it and we've paid the money. In a week we were able to implement drivers for windows mobile.

I don't understand what is "Forum Nokia/S60 evaluation of the request" step. Also I couldn't find any prices for DRM, AllFiles and TCB capabilities certificate. The only thing i've found is:
http://www.verisign.com/products-services/security-services/code-signing/symbian-content-signing/
What capabilies will be granted by such ACS?

Re: symbian 9, security platform, signing

N_A — Tue, 19 Feb 2008 07:25:47 +0100

Just getting a certificate for TCB is not enough for developing a device drivers.

For Nokia phones, and getting programs signed with "sensitive capabilities" like TCB, read this for starters:
http://www.forum.nokia.com/main/technical_services/testing/cap_granting.html

Re: symbian 9, security platform, signing

Hex — Mon, 18 Feb 2008 15:18:24 +0100

Is it possible to buy the ceritificate for TCB capability? I want to develop drivers for Symbian 9.x

Re: symbian 9, security platform, signing

puterman — Wed, 04 Apr 2007 14:47:44 +0200

habier: The installer creates a checksum of every installed binary, which is stored on the internal disk, so tampering with binaries on the memory card means that you can't run them anymore.

Re: symbian 9, security platform, signing

habier — Thu, 29 Mar 2007 23:24:14 +0200

hi,

thanks Eric. I supposed it was not possible to modify ur own exe in v9.

Perhaps dumping the flash, parsing the fat and modifying the file from outsite the phone,and writing the flash again... its a not factible way but it would be interesting to test it

Thanks for your answers.

Re: symbian 9, security platform, signing

eric — Thu, 29 Mar 2007 21:46:15 +0200

Quote

But i have a question yet. WHat it happens when u must to correct a bug or to add a small modification after signing? I guess its necesary to sign again?

Yes!

Quote

But in the moment the application was installed, if the binaries (main .exe for example) are modified (by a way or by other) in the aplication installation directory directly, the system will load this modified binary?? or it will keep a checksum of the installed filed yet?

You won't have write access to your binaries so no possibility to modify your executables. That is a drawback with Symbian Signed: you cannot deliver updates or fix bug frequently. A new cerification is necessary for each release.

symbian 9, security platform, signing

habier — Mon, 26 Mar 2007 19:08:57 +0200