Symbian^3 questions

Some apps can be bought outside ovi store. For example, I bought Gravity via the official website because I wanted to use pay pal and not my phone credit. I did the same with quick office. Regarding multi-tasking, yes, it is pure multi tasking:icon14:

1. I think Symbian and Maemo/Meego are the only ones at the moment with full pre-emptive multi tasking, and the developers don't have to explicitly code the application with multi tasking in mind. In that way, it ru

iOS offers a very limited subset of multi tasking, based around several specific APIs. Android seems to take a totally different direction.

2. Plenty of other resources for software - you could always buy from handango, or download from places like Nokias own Beta Labs.

Thanks for your fast answers!
So its possible to download and install software that is not tested in any way if it could be harmful (trojans, spyware etc.)?

Miracoli wrote:

Thanks for your fast answers!
So its possible to download and install software that is not tested in any way if it could be harmful (trojans, spyware etc.)?

Since you can download from anywhere, the obbvious answer to the above question is: "Yes, of course its possible."

But most of us only download from trusted sites. Symbian has been around for so long that most users know which sites they can trust, and of course, we rely on AAS (and other sites) for reviews of software which may be useful.

Regards
Neil

miracoli wrote:Thanks for your fast answers!
So its possible to download and install software that is not tested in any way if it could be harmful (trojans, spyware etc.)?

As nbriscoeuk said, its possible, but in the history of Symbian there's only been one virus, and even that was more a proof of concept.

In fact, overall mobiles have been relatively missed on such issues - it just hasn't really happened.

clonmult wrote:As nbriscoeuk said, its possible, but in the history of Symbian there's only been one virus, and even that was more a proof of concept.

In fact, overall mobiles have been relatively missed on such issues - it just hasn't really happened.

now with Windows Phone 7 who knows .. I sure as heck won't be going there!

seki wrote:now with Windows Phone 7 who knows .. I sure as heck won't be going there!

I tend to think that iOS is more likely to be targeted due to its "popularity" and Apple not always being that quick at fixing security flaws. WP7 is "just" a new interface on top of Windows CE; nothing particularly wrong with it, and at least they've tried something new in the interface, which isn't something you can say about Nokia, Apple or Google - all those 3 have variants on what is effectively the same interface.

Does the blackberry connect still works on E7 / N8 or the new nokia messaging is just simply as fast as that one and a good replacement for a blackberry subscription?

Cheers

TheSpecialBoy wrote:Does the blackberry connect still works on E7 / N8 or the new nokia messaging is just simply as fast as that one and a good replacement for a blackberry subscription?

Cheers

From memory, the blackberry connect was never as good as it is in their native environment - thats only from colleagues who trialled the service a few years back. The app/service may well work on S^3 devices, not had the urge (or the need) to try it.

Personally of the belief that BB is only really of any use when connected in a corporate mail environment, otherwise its just a fashion accessory. I supported a large corporate BB roll out years back, familiarity breeds contempt. Not looking forward to an upcoming promotion that will involve me getting a BB .... :frown:

Thanks for your answers so far, they were very helpful.
Theres one more question i have:
Since apps can be written in c/c++ and therefore buffer overflows (attacks) would be possible, how does symbian protect against that (aslr, nx-bit, propolice etc.) and are apps running in a sandbox (or something similar to that)?

best regards
miracoli

Re buffer overflows - Symbian C++ makes it extremely difficult to write code that has these problems without knowing about it. The OS will panic your application (terminate it) very often if you treat memory and descriptors like you do in regular C/C++. All the APIs belonging to the OS use descriptors, and everything which deals with descriptors performs boundary checking and enforces the rules very strictly.

It's one of the design decisions that lead a lot of people to criticize it for being hard to program.

With the new Qt interfaces and more open source code being used, something else needs to be done.

[edit] it's also not so easy to exploit as on most OS, assuming you did get something executable in memory somewhere it shouldn't be. It's similar to the nx bit - executable memory pages containing code are not writeable by user processes so any memory belonging to an application you have targeted for a buffer overflow is not likely to be able to execute any code you manage to put in there. The only exception to this is if you have specifically created executable memory - which almost no applications ever do.

Thank you! The (i hope) last question i now have is:
Can Apps only use their own Resources (sandboxing) or could they read sensible data out of the system or other apps?
best regards

Platform security lets applications have both. There is a file system area reserved for each application which is protected by the OS and private to the application. Only system level OS components with the highest trust level can access other apps' private directories.

There are also shared areas of the file system, and any application can read/write into those.

You should read up about platsec at forum nokia - http://wiki.forum.nokia.com/index.php/Symbian_Platform_Security_Model

There you will get a much better idea about what is in place than I can explain quickly here.

Thanks, i'll have a look at it.