Last two weeks been very manic….went up to Edinburgh to deliver a course at the Edinburgh training centre. Didn’t get to see much of the city but will certainly go back for a weekend visit, what I did see was pretty spectacular. What was great was the fact that although you were in the city you could still get to see some pretty amazing “Vista’s”… ( wow that word is now so much in my vocabulary now ).
Second week doing a gig for MS Academic Insight were I spoke to nearly 50 academics on the wonders and joys of .NET. Had a lot of fun and the hotel was fantastic. More often and not Im in London hotels and going to a rural hotel was a breath of fresh air, the staff spoke English ok in this case with a Brummie dialect but that’s ok Im a Brummie too. There were extremely helpful, and just little touches like Breakfast cooked to order goes a long way…A fellow speaker felt the need to praise the hotel on his blog too ( http://www.robmiles.com/ ), mainly for the in room tea tray. The hotel was the Stourport Manor Hotel
Rob was there to deliver a talk on Windows Mobile, and I must say things have come on along way since my original IPaq and NSBasic. I can now develop using full loaded Visual Studio and .NET code…Rob was very passionate about Mobile, mainly due to richness in applications that you can now develop. Since in the case of a smart phone you have access to camera, blue tooth, phone GPS, and GPRS/3G ( Internet ). Such a vast array of devices compact and mobile…
He demo’d a neat space invaders game were you can take a picture of your co-worker and then use that picture as the evil alien and blaster them to smithereens… The funniest app was the SMS Roulette were game would select a random name from your contacts and then a random greeting be it nice or bad and send it….A great pub game as Rob put it…
So this was indeed neat you had full access to all the resources on the phone…After the initial laughter of this app, it got me and at least one other delegate thinking.. At no point did we get a warning from the app saying it was about to use the SMS service it just did…So the application spent my money without actually asking me…What else could it do…could it farm my contact list and email it to evilspammers.com..Who knows…
When I asked the question about security, there is a step you need to go through to get your app onto a phone whereby you need to get it signed by someone like Orange. However they don’t see what the app does, they simply confirm that you are supplier. It would seem to me that MS has missed the boat here again on security, I will feel very nervous about running smart phone apps unless I can sandbox them.
For example it would seem to me that the first time an app is installed its permissions should be restricted to CAS level “internet zone” . If it wishes to elevate permissions to do such things as SMS I should get a list of services I will be happy to grant to it. For example SMS, and potentially to which number. Thankfully they did see the security issue with the camera and managed code cannot access the camera, it can only load a picture from the store..So at least some one was awake at Redmond for the 5 minute mobile security meeting. Come on MS you have made manage code have the ability to be so much more secure please use it…..
Rant over…..After seeing it though I want one…so I’m going to order a smart phone ASAP….I have a feeling that one of the next killer apps will live on a smart phone…
No comments:
Post a Comment