n8fr8
commented
13 years ago The SaferMobile project is developing a suite of J2ME MIDP 2.0 applications intended to run on Symbian s40 and s60 phones, primarily those sold by Nokia. This is a project funded to provide human rights defenders, activists and journalists a way to, when in danger of being detained, to quickly erase data from their device, and automatically alert a trusted contact via SMS.
This suite relies upon access to extended user data, such as their address book and calendar, as well as the ability to automatically send SMS messages, and remove data from the SD storage card.
In theory, our application can be granted these permissions by signing it with a "Trusted Third-Party Certificate" as distributed by Thawte or Verisign. In fact, we have done this, and, in theory, it is working. The user is prompted once to grant access to the feature, but they are able to then set "Allow Always" after that. Unfortunately, on many Nokia phones, there is no ability for the user to "Always Allow". In some cases, only the Operator or Manufacturer certificate can provide this capability.
What we are looking for is the ability to have our app suite signed by a manufacturer or other enhanced permission certificate. This would solve a number of our usability issues on devices that have a more constrained or complex certificate issues.
As an example, Blackberry now offers a centrally managed, free app suite signing process, that does not require using a third-party CA, and enables access to all permissions.
djhalliday
Send some language over to Katrin.