Linked by Thom Holwerda on Sun 19th Jun 2011 18:26 UTC
Windows Way back in old and boring January of this year, Microsoft announced they would be working together with the Windows Phone 7 homebrew community, with the goal of creating a stable, supported way for homebrew developers and people interested in homebrew applications to enable side-loading on their WP7 devices. Well, they took their sweet time, but the ChevronWP7 team (Rafael Rivera, Chris Walsh, and Long Zheng) and Microsoft have just announced the results.
Order by: Score:
LOL
by WorknMan on Sun 19th Jun 2011 18:59 UTC
WorknMan
Member since:
2005-11-13

Imagine if you bought a PC and they were going to charge you money for the privilege of installing anything not officially endorsed by The Man? People wouldn't put up with this shit on PCs, so why do it on phones?

Note: I realize that this is a slightly better solution than having to constantly work around the manufacturer by jailbreaking, but far from what I would call acceptable. Acceptable to me would be for the vendor to allow me to load whatever the hell I want on the hardware that I bought, without having to pay an extortion fee first.

Edited 2011-06-19 19:00 UTC

Reply Score: 7

RE: LOL
by JAlexoid on Sun 19th Jun 2011 20:40 UTC in reply to "LOL"
JAlexoid Member since:
2009-05-19

I think that is the way the OSX going. iOSization of the whole Apple platform.

I wonder how long it'll take them to enforce running of signed only binaries...

Reply Score: 2

RE: LOL
by Paradroid on Mon 20th Jun 2011 08:56 UTC in reply to "LOL"
Paradroid Member since:
2010-01-05

Imagine if you bought a PC and they were going to charge you money for the privilege of installing anything not officially endorsed by The Man? People wouldn't put up with this shit on PCs, so why do it on phones?


Precisely because it's a phone - a consumer electronic device, not a general purpose computer. It's needs to be reliable and free from malicious software because it has the important task of making or receiving calls.

Despite the fact that I've bailed out of WP7 and got an Android phone, I think Microsoft now has the best solution to keeping everybody happy. Users have the official marketplace with properly vetted applications free from malware and spyware, and if you want to install something that will never appear in the official marketplace you now can.

The fact that you can't completely trust software in the Android marketplace is a disaster.

Reply Score: 1

RE[2]: LOL
by Paradroid on Mon 20th Jun 2011 10:09 UTC in reply to "RE: LOL"
Paradroid Member since:
2010-01-05

Having said that, I definitely agree that this sideloading feature should not be chargeable. Not really in the spirit of the hacking community.

Reply Score: 1

RE[3]: LOL
by tomcat on Tue 21st Jun 2011 01:43 UTC in reply to "RE[2]: LOL"
tomcat Member since:
2006-01-06

Having said that, I definitely agree that this sideloading feature should not be chargeable. Not really in the spirit of the hacking community.


Rrrright, because you want a free pony... waaaaaaaaahhhh

Reply Score: 2

RE[4]: LOL
by Neolander on Tue 21st Jun 2011 05:10 UTC in reply to "RE[3]: LOL"
Neolander Member since:
2010-03-08

So you think that being able to program programmable hardware that has been designed to be user-reprogrammable is some sort of magnificent privilege that people should pay an extra for ?

I mean, I'm okay with paying an extra for reprogramming my microwave and fridge, because it requires special hardware and doc and all. But to reprogram a phone, all the homebrew community needs is a command line tool that enables application transfer to the phone, or does it itself if there are fears of DRM breach etc. This takes 20min to code or so when you know the hardware, and it is almost 100% sure that the WP7 team has already had to develop such a tool for internal use anyway. Why should you be charged a significant extra for it ?

Reply Score: 1

RE[5]: LOL
by tomcat on Tue 21st Jun 2011 20:59 UTC in reply to "RE[4]: LOL"
tomcat Member since:
2006-01-06

So you think that being able to program programmable hardware that has been designed to be user-reprogrammable is some sort of magnificent privilege that people should pay an extra for ?

I mean, I'm okay with paying an extra for reprogramming my microwave and fridge, because it requires special hardware and doc and all. But to reprogram a phone, all the homebrew community needs is a command line tool that enables application transfer to the phone, or does it itself if there are fears of DRM breach etc. This takes 20min to code or so when you know the hardware, and it is almost 100% sure that the WP7 team has already had to develop such a tool for internal use anyway. Why should you be charged a significant extra for it ?


There are engineering costs associated with not only opening up a closed phone but providing any kind of programming architecture. Not opening it up means that your test matrix is a lot smaller. You don't have to worry as explicitly about malware trickling into the ecosystem. You have tighter control over the quality of the apps running on the phone. And you can recoup some of your engineering costs by charging a developer license fee.

While that may be anathema to people who are used to giving away their time for free -- or expecting others to do so, that's simply the way that most consumer electronics devices work. If you want to play in their sandbox, open up your wallet and dust it off. These are for-profit enterprises. PCs are not analogous because they can be built with off-the-shelf components. Try building your own phone. It requires significant engineering investment.

Edited 2011-06-21 21:00 UTC

Reply Score: 2

RE[6]: LOL
by Neolander on Wed 22nd Jun 2011 05:40 UTC in reply to "RE[5]: LOL"
Neolander Member since:
2010-03-08

There are engineering costs associated with not only opening up a closed phone but providing any kind of programming architecture. Not opening it up means that your test matrix is a lot smaller. You don't have to worry as explicitly about malware trickling into the ecosystem. You have tighter control over the quality of the apps running on the phone. And you can recoup some of your engineering costs by charging a developer license fee.

I'm not comfortable with that reasoning for some reasons :
1/You'll need a documented and tested low-level interface for device manufacturers to code drivers anyway.
2/People pay quite a lot of money for their phone, either directly or through their phone plan (with a nice premium in the latter case). Shouldn't part of that money cover the engineering costs of the operating system ?
3/If the hombrew interface is sufficiently obscure, you don't lose control on the app market. Jailbreaking exists, yet I don't think there's anyone here ready to argue that Apple keeps a tight grip on everything related to iOS. By creating a standard way to do it, manufacturers keep control on the jailbreaking process itself, instead of having customers who randomly break the security of their device in an uncontrolled way to get it to work.

While that may be anathema to people who are used to giving away their time for free -- or expecting others to do so, that's simply the way that most consumer electronics devices work.

You're right, my belief that software development can't be both enjoyable and profitable at the same time in the world we're living in may be influencing me there.

PCs are not analogous because they can be built with off-the-shelf components. Try building your own phone. It requires significant engineering investment.

I will invoke laptops as a counter-example. If you believe that laptop design is all about putting well-known components together, I'll ask you why a lot of Acer laptops make the noise of a turbofan while sometimes still overheating to death, whereas many designs from Asus (including, IIRC, Apple laptops) manage to be quite cool and quiet under use. I'll also ask why laptops exist in a very wide range of thickness, from Lenovo's ultra-thick designs to those Adamo and other Macbook Airs which take pride of fitting in an A4 envelope.

Like with phones, laptop manufacturers have to do a part of the design themselves (motherboard, battery, airflow and case, I guess) in order to produce a convincingly good product. Yet somehow, they manage to make enough profits that keeping those devices open is financially doable. Why can't phone manufacturers do the same ?

Edited 2011-06-22 05:42 UTC

Reply Score: 1

RE[7]: LOL
by tomcat on Thu 23rd Jun 2011 23:39 UTC in reply to "RE[6]: LOL"
tomcat Member since:
2006-01-06

1/You'll need a documented and tested low-level interface for device manufacturers to code drivers anyway.


No, it's completely different. You're talking about a very small set of driver DDIs for a limited set of devices; whereas, opening the engineering specs exposes the device to a potentially unlimited set of partners. That will increase your costs.

2/People pay quite a lot of money for their phone, either directly or through their phone plan (with a nice premium in the latter case). Shouldn't part of that money cover the engineering costs of the operating system ?


No. You buy an expensive car, you don't get schematics for the components in that car, either. You don't get schematics for your DVR or your Blu-Ray player or virtually other kind of consumer device.

3/If the hombrew interface is sufficiently obscure, you don't lose control on the app market. Jailbreaking exists, yet I don't think there's anyone here ready to argue that Apple keeps a tight grip on everything related to iOS.


The reason that hacking isn't more common is that manufacturers will void your warranty if you're running a jailbreak device. And I don't blame them. Who would want to support a broken device that's the result of hacking?

Reply Score: 2

RE[2]: LOL
by Not2Sure on Tue 21st Jun 2011 21:33 UTC in reply to "RE: LOL"
Not2Sure Member since:
2009-12-07

I will just trust anything in the Amazon marketplace! ;)

Reply Score: 1

RE: LOL
by tomcat on Tue 21st Jun 2011 01:41 UTC in reply to "LOL"
tomcat Member since:
2006-01-06

Imagine if you bought a PC and they were going to charge you money for the privilege of installing anything not officially endorsed by The Man? People wouldn't put up with this shit on PCs, so why do it on phones?


Stop whining and build your own phone, if you don't like their terms.

Edited 2011-06-21 01:41 UTC

Reply Score: 2

RE[2]: LOL
by Neolander on Tue 21st Jun 2011 05:04 UTC in reply to "RE: LOL"
Neolander Member since:
2010-03-08

Stop whining and build your own phone, if you don't like their terms.

You see, that's precisely the problem which he's talking about. You don't have to build your PC yourself to get the "right" to program that computer you own yourself. Any PC will do.

Phones, however, are another story...

Reply Score: 1

Hmmm...
by Neolander on Sun 19th Jun 2011 19:01 UTC
Neolander
Member since:
2010-03-08

Symbian has always been open to this


Yes and no. It's... complicated.

The security model of Symbian only lets self-signed sideloaded apps do so many things with the device. For most uses, this will be more than sufficient (you can even access telephony functionalities and such), but still some things are blocked. You can't distribute your binary to everyone and just tell them to install it, as an example. To do that, you need to pay some money to Nokia and have them check and digitally sign your applications.

More details :
http://www.developer.nokia.com/Community/Wiki/Capabilities_%28S...
https://www.symbiansigned.com/app/page
http://www.developer.nokia.com/Community/Wiki/index.php/Category:Sy...

Edited 2011-06-19 19:05 UTC

Reply Score: 1

RE: Hmmm...
by Neolander on Sun 19th Jun 2011 19:51 UTC in reply to "Hmmm..."
Neolander Member since:
2010-03-08

Or better, for an individual description of each flavour of Symbian Signed :

***Open Signed Online***
http://www.developer.nokia.com/Community/Wiki/Open_Signed_Online_~*...

Free of charge, not for commercial use. Application is signed by Nokia for use on one single phone, then put online for 30 days and kept usable for 3 years. Access to relatively "sensitive" capabilities (power management, system settings alteration).

***Open Signed Offline***
http://www.developer.nokia.com/Community/Wiki/Open_Signed_Offline_~...

Only for corporate developers. Requires a special certificate costing $200/year. Access to even more sensitive capabilities (direct communication with device drivers essentially). Deployment on up to 1000 devices, with the same 3-year validity limit as before. The application is still checked and certified by Nokia before signing.

***Express signed***
http://www.developer.nokia.com/Community/Wiki/Express_Signed_%2...

Only for corporate devs. Require the aforementioned certificate, plus a $10 token per signed application. Allows devs to sign their applications themselves (although they are still subject to random audit by Nokia). Applications are freely deployed, and their certificates have a 10-year validity limit. Access to same capabilities as Signed Online.

***Certified Signed***
http://www.developer.nokia.com/Community/Wiki/Certified_Signed_~*~@...

Similar to before, but the token costs $150 and applications must be submitted to some sort of VIP signing service that's trusted by Nokia (Sogeti HT). Applications may get full access to the device, although some capabilities require agreement with device manufacturers (ex : accessing the unprotected version of DRMd content, altering application's security capabilities and other system files).

Reply Score: 1

RE[2]: Hmmm...
by JAlexoid on Sun 19th Jun 2011 20:43 UTC in reply to "RE: Hmmm..."
JAlexoid Member since:
2009-05-19

I'm 99.9% sure that homebrew falls under the ***Open Signed Online***
And Apple allows none. So yeah... Apple is till the odd one out.

Reply Score: 2

RE[3]: Hmmm...
by ourcomputerbloke on Sun 19th Jun 2011 21:17 UTC in reply to "RE[2]: Hmmm..."
ourcomputerbloke Member since:
2011-05-12

I'm 99.9% sure that homebrew falls under the ***Open Signed Online***
And Apple allows none. So yeah... Apple is till the odd one out.


I've read this here a few times in various articles, and someone, can't remember who, posted this link

http://developer.apple.com/programs/ios/distribute.html

that has a section about Ad Hoc Distribution,

Share your application with up to 100 other iPad, iPhone, or iPod touch users with Ad Hoc distribution. Share your application through email, or by posting it to a website or server.


So I'm a bit confused. Can someone clarify for me how Apple is the odd one out when it seems their option is less restrictive than Symbian? Is there something I'm misinterpreting?

Reply Score: 0

RE[4]: Hmmm...
by Thom_Holwerda on Sun 19th Jun 2011 21:25 UTC in reply to "RE[3]: Hmmm..."
Thom_Holwerda Member since:
2005-06-29

So I'm a bit confused. Can someone clarify for me how Apple is the odd one out when it seems their option is less restrictive than Symbian? Is there something I'm misinterpreting?


By default, Symbian blocks applications without a certificate. However, you can disable this block - you'll get a warning you can dismiss. This way, you can distribute an application any way you like. The OP failed to mention this.

just to clarify: this is a switch in the UI - not a hack. It's implemented by Symbian developers. Go to Tools > App mgr > Options > Settings.

Edited 2011-06-19 21:29 UTC

Reply Score: 1

RE[5]: Hmmm...
by ourcomputerbloke on Sun 19th Jun 2011 21:32 UTC in reply to "RE[4]: Hmmm..."
ourcomputerbloke Member since:
2011-05-12

By default, Symbian blocks applications without a certificate. However, you can disable this block - you'll get a warning you can dismiss. This way, you can distribute an application any way you like. The OP failed to mention this.


Ahh ok. So are applications distributed in this manner able to access the full functionality of the device, or are there certain things that are available only to signed applications?

Just so we know we're comparing "Apples" with apples so to speak.

Reply Score: 1

RE[6]: Hmmm...
by Thom_Holwerda on Sun 19th Jun 2011 21:36 UTC in reply to "RE[5]: Hmmm..."
Thom_Holwerda Member since:
2005-06-29

I dunno, I've installed countless applications that way and have never felt anything being held back or whatever.

Also, since last year, application signing has become entirely free. http://www.developer.nokia.com/Community/Blogs/blog/nokia-developer...

Reply Score: 1

RE[7]: Hmmm...
by ourcomputerbloke on Sun 19th Jun 2011 21:59 UTC in reply to "RE[6]: Hmmm..."
ourcomputerbloke Member since:
2011-05-12

I dunno, I've installed countless applications that way and have never felt anything being held back or whatever.


Cool. It would be interested to know for certain though, like I said, just for a true comparison.

I've also just phoned a friend to confirm something I thought I recalled him telling me. His daughter attends a highschool with an "iPhone" program (iPhone, iTouch, iPad) and according to his daughter all of the better apps developed by the students are posted to an intranet where anyone in the school with an iDevice can download and install them. It's a school of 1800 students so seemingly the 100 Ad Hoc restriction doesn't apply. I've heard Apple provide a lot of additional tools for educational institutions for management and crap so maybe this is enabled through that program.

Also, since last year, application signing has become entirely free. http://www.developer.nokia.com/Community/Blogs/blog/nokia-developer...


Ah yep, just had a read of that the the links to the Ovi store publishing stuff and it all looks similar to what I've read about publishing on the iTunes App Store. Free for free apps and revenue shared for paid apps. Apple probably charges more but it's Apple, it's expected.

Reply Score: 1

RE[7]: Hmmm...
by Neolander on Mon 20th Jun 2011 05:49 UTC in reply to "RE[6]: Hmmm..."
Neolander Member since:
2010-03-08

I dunno, I've installed countless applications that way and have never felt anything being held back or whatever.

Things are held back, you just don't see it. Again, see what self-signed apps can and can't do here : http://www.developer.nokia.com/Community/Wiki/Capabilities_%28S...

Also, since last year, application signing has become entirely free. http://www.developer.nokia.com/Community/Blogs/blog/nokia-developer...

Only for distribution on the Ovi store, which is fully under their control, so in this respect they are not much more lovable than the others actors.

Reply Score: 1

RE[5]: Hmmm...
by VZsolt on Mon 20th Jun 2011 04:52 UTC in reply to "RE[4]: Hmmm..."
VZsolt Member since:
2008-10-31

Wrong!

The UI setting you mentioned provides another level of filtering. If you set it to All, you'll be able to install self-signed applications (with seriously limited capabilities) along with Express/Certified Signed applications. The other choice disallows self-signed stuff.

There is no user accessible setting to disable the Platform Security's certificate checks. It's possible though by using ROMPatcher+ for example, but that's not less complicated than jailbreaking an iPhone for example.

Reply Score: 1

RE[5]: Hmmm...
by tuma324 on Mon 20th Jun 2011 11:22 UTC in reply to "RE[4]: Hmmm..."
tuma324 Member since:
2010-04-09

"So I'm a bit confused. Can someone clarify for me how Apple is the odd one out when it seems their option is less restrictive than Symbian? Is there something I'm misinterpreting?


By default, Symbian blocks applications without a certificate. However, you can disable this block - you'll get a warning you can dismiss. This way, you can distribute an application any way you like. The OP failed to mention this.

just to clarify: this is a switch in the UI - not a hack. It's implemented by Symbian developers. Go to Tools > App mgr > Options > Settings.
"

Symbian is still a PITA even with that option of disabling SSL, I have a Nokia phone and every time I wanted to install an app I would get these SSL errors, tried to disable it, tried changing system date, tried everything, but the error still persisted, and it wasn't a app-specific error because I have tried with a few apps.

Not to mention most apps on Symbian suck big time. I made a mental note to never use or buy a Nokia or Symbian based phone ever again.

Android is my next phone.

Edited 2011-06-20 11:23 UTC

Reply Score: 1

RE[4]: Hmmm...
by thegman on Mon 20th Jun 2011 08:16 UTC in reply to "RE[3]: Hmmm..."
thegman Member since:
2007-01-30

Apple ad-hoc distribution only allows up to 100 users, so it's good for closed-beta tests, or maybe an app only used by staff of a small company. But it's not useful for anyone wanting their app to be used by more than 100 people.

Reply Score: 1

RE[4]: Hmmm...
by JAlexoid on Mon 20th Jun 2011 11:14 UTC in reply to "RE[3]: Hmmm..."
JAlexoid Member since:
2009-05-19

Duude... You can't even install that app on your OWN device without paying a yearly $99 fee or jailbreaking.

Reply Score: 2

RE[3]: Hmmm...
by Neolander on Mon 20th Jun 2011 05:40 UTC in reply to "RE[2]: Hmmm..."
Neolander Member since:
2010-03-08

Yes and no. The problem with Open Signed Online is that you can't easily redistribute your software, as every new user will have to contact Nokia and repeat the signing process again.

As "superior" signing methods require you to sign on the behalf of a company, I guess that homebrew must stick with self-signed, which has several limitations (you are limited with basic user-mode applications rights, no advanced system capabilities) and displays a warning each time the application is installed.

Thankfully, I was wrong about self-signed applications : they'll work on any device, provided that the user has disabled certificate checks and that he accepts the warning. They just have limited capabilities.

Edited 2011-06-20 05:49 UTC

Reply Score: 1

Good and not so...
by djmsync on Mon 20th Jun 2011 11:12 UTC
djmsync
Member since:
2009-04-01

This is great news for WP7 users, but if we were to compare WP7 unlocking and iOS jailbreaking there will be a great difference : iOS jaibreaking is free, WP7 unlocking will not be free, it depends on Chevron's fee amount the success of this solution.

Reply Score: 1

RE: Good and not so...
by tomcat on Tue 21st Jun 2011 01:42 UTC in reply to "Good and not so..."
tomcat Member since:
2006-01-06

This is great news for WP7 users, but if we were to compare WP7 unlocking and iOS jailbreaking there will be a great difference : iOS jaibreaking is free, WP7 unlocking will not be free, it depends on Chevron's fee amount the success of this solution.


Whereas one is actually supported: WP7

Reply Score: 2

Awesome!
by SaschaW on Mon 20th Jun 2011 13:23 UTC
SaschaW
Member since:
2007-07-19

This is really awesome! I am glad I purchased a WP7 phone!

Reply Score: 1

still a few steps to go
by marblesbot on Tue 21st Jun 2011 08:46 UTC
marblesbot
Member since:
2009-12-25

I only use phones to make phone calls, so I shouldn't even care, but I am of the opinion that once you purchase ANY hardware, you can do whatever you want with it without fear of getting shutdown, bricked, or sued. This is possibly a step in the right direction, as long as the fee is small. Although, this fee should have some guarantee of some sort. As in if you ruin your phone by installing homebrew, Microsoft will take responsibility, if you pay the small fee. If you choose to not pay the fee, there should be no fear of consequences, but you install homebrew at your own risk. I don't know what any user agreement looks like when buying one of these phones, and I don't know what "apps" or "homebrew" for phones are, so maybe I am totally off here.

Reply Score: 1