You may have only noticed the term in passing, in some 'boring' press release, but you're going to hear a lot more about it in the future. And I'm not altogether convinced that it's going to be a good thing for the Symbian community, at least in its current form. You've heard the expression: 'the thin end of the wedge'...? Well, this could be it, especially once handset manufacturers and network operators start using it as their criteria for what's allowed and what's not.
I'm talking about 'Symbian Signed', of course. You see it in passing whenever you install an application and it invariably comes up with an 'Installation security warning' (because few developers can afford the time, hassle or money to get each version of their applications properly certified). At the moment, these warnings are merely an inconvenience, an extra keypress in the normal installation sequence, but software portals such as Nokia Software Market, Handango and the like are starting to get more insistent about applications being properly quality-tested and signed. Which means that in a year or so's time, software which hasn't been through the Symbian Signed process will be absent from the major download sites. Even more worrying, Symbian OS devices will doubtless appear that are 'locked down', to only accept officially Symbian Signed applications. This could happen at Symbian's end, in the OS, at the device manufacture stage or on the insistence of the network operators (e.g. the paranoid peeps over at '3'). At all three levels, the voice of freedom needs to be heard...
So what's the big deal? Surely, in the great fight (more like a minor skirmish at the moment) against malware, more quality control and authentication is a good thing? Well, yes, of course, but behind the scenes there's something of a great divide opening up. For a developer, being part of the Symbian Signed system starts at 350 Euros per year, plus hundreds more Euros per application, per version released (including minor ones). For a big software house like Symbianware or Epocware, these costs are quite bearable in the grand scheme of things. For small developers, especially OPL programmers of freeware and shareware, an annual certification bill running into thousands of Euros is a complete showstopper.
Now, please don't stop reading just because you're not a developer. This all affects you because it will affect the software you can load onto your shining new smartphone. One of THE strengths of the Symbian scene, even if it's not often recognised as such, is the community involvement in software development. Applications are used by enthusiasts, feedback given and improvements made, on an ongoing basis. Among other things, Symbian Signed implies that applications are more complete at birth, as developers try to avoid the feedback and improvement cycle because of the cost implications. But without that cycle, applications are less capable and usually buggier.
The top two registered shareware programs from the Psion world, back in the late 1990s, RMRBank and Mapper, both of which topped 3000 registrations and have made it onto UIQ and Series 80, were characterised by going through dozens of revisions and updates, during which process they acquired most of their functionality and generally matured. Looking at todays 'Series 80' software scene, for example, I can see a number of commercial applications which have simply been released, warts and all, and never touched again, not even to fix known bugs and issues. Leaving aside exclusion from the major software download sites (which, after all, is their perogative - it's their server space), if 'try-before-you-buy' shareware is forced to be signed in order to work on future devices, then it will stagnate in the same way.
Then there's freeware. We all love it, both for the obvious reason(!) and because we're free to copy it around and pass it onto friends. How can freeware survive in a world where developers have to somehow recoup hundreds of Euros worth of testing costs for each version released? It can't. Neither can the majority of shareware programs or many commercial applications from small developers. And the Symbian OS software catalog will be the poorer by far for their demise, restricted to just applications from the larger development houses with sufficient budget. So what if hundreds of thousands of people download the Symbian SDK/emulators, if only a dozen have the finances to produce a signed, user-installable application?
Do I believe the idea of signing major applications from major download sites is a good idea? Yes, by all means, it gives the novice downloader an extra degree of confidence that the application is all it's supposed to be. But major software portals shouldn't exclude non-Signed applications if they want to keep their market share, as after all who wants to browse a site that only lists 30% of available applications?
Do I believe the idea of locking smartphones down to only run Symbian Signed applications is a good idea? Absolutely NOT. In one stroke, the majority of Symbian developers of all sizes will simply vanish or move to other platforms. So what if a handful of naive users in warez-ridden countries will be better protected against a trivial Bluetooth malware infection? That's a pretty minuscule benefit to balance against the decimation of the platform software catalog.
At the end of the day, it's us the consumers who pay for our smartphones - haven't we got a right to choose what sort of applications and content we want installed? Shouldn't we be given the chance to add the software we need to make our devices even more capable?
Vodafone. Orange. T-Mobile. O2. Nokia. Sony Ericsson. Motorola. Symbian. Are you listening? Hands off our smartphones!
Copyright, Steve Litchfield, Feb 2005
Relevant links: 3-Lib,Symbian Signed