Now working alongside Apple, Tiny Code, a onetime repository for fixes and updates to some unauthorized third-party iPhone applications, briefly leaked some information this week on the handset maker's plans for distributing authorized applications via its website.

Chief among the revelations was that Apple will apparently manage and distribute software for the iPhone and iPod touch written using its upcoming Software Developers Kit (SDK) through its ubiquitous iTunes Store.

"Tiny Code no longer produces fixes or applications for firmware 1.1.3. We can't say much, but we are working with Apple and with their SDK for the next firmware release and SDK applications and we shouldn't be missed for long," the developer wrote in a message on its website that has since been remove. "We will no longer update our Installer.app repo for legality reasons and you should see us soon on iTunes."

In a sidebar item also since removed from the site, Tiny Code also wrote "Now targeting fw 1.1.4 alpha 2," implying that applications written using the iPhone SDK will only function on iPhones running the still unreleased iPhone software version 1.1.4.

While announcing Apple's formal intent to offer an official SDK for the iPhone and iPod touch last October, company chief executive Steve Jobs also hinted that his firm was taking extra precautions to develop a distribution system that would protect users from viruses, malware, and privacy attacks -- one that many have long speculated would involve the iTunes Store in some fashion.




"While this makes such a phone less than 'totally open,' we believe it is a step in the right direction," he wrote. "We are working on an advanced system which will offer developers broad access to natively program the iPhone’s amazing software platform while at the same time protecting users from malicious programs."[ View this article at AppleInsider.com ] (http://www.appleinsider.com/article.php?id=3752)

You call that a leak? I'm not exactly shocked that 3rd party apps are going to be available through itunes. But since its not official yet I guess I will pretend I'm actually surprised and shocked by this. :rolleyes:

Leak? Wait. Didn't you guys attend MacWorld this year?

It was made pretty clear at MacWorld that Apple would be handling this.

You call that a leak? I'm not exactly shocked that 3rd party apps are going to be available through itunes. But since its not official yet I guess I will pretend I'm actually surprised and shocked by this. :rolleyes:

"What...oh, ALIEN BABY!? THAT IS SHOCKING...I...I AM SHOCKED! SHOCKED!"
-Andy the Bomb

Seriously, can I get an "effing duh?" Of course it was going to be through the iTunes store. How else was it going to work?

Leak? Wait. Didn't you guys attend MacWorld this year?

It was made pretty clear at MacWorld that Apple would be handling this.


100% agreed! Common knowledge at the very least. So much for breaking news.

Am I the only one who doesn't want a "totally open" phone? I'm all for 3rd party apps on phones, but with the always on nature of cell phones and increasing complexity of their OS I want some built-in stopgates against malicious and poorly written code. Has a horribly inept coder I'd hate to think that anyone could easily install code I wrote on their phone. :D

Am I the only one who doesn't want a "totally open" phone? I'm all for 3rd party apps on phones, but with the always on nature of cell phones and increasing complexity of their OS I want some built-in stopgates against malicious and poorly written code. Has a horribly inept coder I'd hate to think that anyone could easily install code I wrote on their phone. :D

Obviously you never heard of Symbian OS.

Am I the only one who doesn't want a "totally open" phone? I'm all for 3rd party apps on phones, but with the always on nature of cell phones and increasing complexity of their OS I want some built-in stopgates against malicious and poorly written code. Has a horribly inept coder I'd hate to think that anyone could easily install code I wrote on their phone. :D

I totally agree. Furthermore, the non-geek iPhone owners I know don't really even care (or necessarily want) third-party apps because they are afraid it will make the phone too complicated or something will stop working right as a result of it. I think third-party apps are ESSENTIAL, but it's a good idea to have some control over it.

The only problem I see is that Apple might make it so that there is no such thing as freeware or shareware on the iPhone. If you have to pay for everything you download, that would really suck. You at least need to be able to install a demo first and check it out before buying. If that happened, AppTap would still reign. No doubt there will be pirating on the iPhone no matter what.

Am I the only one who doesn't want a "totally open" phone? I'm all for 3rd party apps on phones, but with the always on nature of cell phones and increasing complexity of their OS I want some built-in stopgates against malicious and poorly written code. Has a horribly inept coder I'd hate to think that anyone could easily install code I wrote on their phone. :D

The easy way to handle that is to not add anything. There you go, you can pretend you have a closed phone.

Leak? Wait. Didn't you guys attend MacWorld this year?

It was made pretty clear at MacWorld that Apple would be handling this.

Where was this made clear? I just don't remember anything like that.

Friggin hell AppleInsider, i was the one that found out about this first and told you about this in an email and i posted about it in the forums this morning yet you don't even mention my name like MR did.

Thanks.

BTW, i've got a screenshot of the site without a friggin AppleInsider logo on it if anyone wants one, i don't know why somebody would want one...its just my act of defiance :D http://tinyurl.com/239ppr

Friggin hell AppleInsider, i was the one that found out about this first and told you about this in an email and i posted about it in the forums this morning yet you don't even mention my name like MR did.

Thanks.

BTW, i've got a screenshot of the site without a friggin AppleInsider logo on it if anyone wants one, i don't know why somebody would want one...its just my act of defiance :D

It's possible that AI procured this from a different source and hasn't gotten around to even reading your submission yet.

I do your see name on the MR sites as the submitter with their noon EST posting. If it helps, I give you mad props, kudos, and will name my first born iPhelim (is that pronounced phlegm?), much to the chagrin of my wife. :D

The only problem I can forsee with this is if Apple doesnt like a particular app (for example because its competes with & its better than one of theirs) they can totally block its distribution.

Umm, now which software company does that remind me of :\?

Friggin hell AppleInsider, i was the one that found out about this first and told you about this in an email and i posted about it in the forums this morning yet you don't even mention my name like MR did.

Thanks.

BTW, i've got a screenshot of the site without a friggin AppleInsider logo on it if anyone wants one, i don't know why somebody would want one...its just my act of defiance :D

The paperwork for your MBE has been submitted.

The easy way to handle that is to not add anything. There you go, you can pretend you have a closed phone.

my guess is that he'd like to have *some* apps. just with less risk of viruses.

It's possible that AI procured this from a different source and hasn't gotten around to even reading your submission yet.

I do your see name on the MR sites as the submitter with their noon EST posting. If it helps, I give you mad props, kudos, and will name my first born iPhelim (is that pronounced phlegm?), much to the chagrin of my wife. :D

Hahaha! Much appreciated, it's Irish and is pronounced fay-lum.

I doubt if they found it on their own though, i had a forum post on here almost a day ago now and submitted it like 4 hours before their post.

The paperwork for your MBE has been submitted.

Excellent, we need to get it in as soon as possible 8-)

The problem I have with Apple controlling what software can be put on a device is that I want to write my own software. Right now I am a ADC online member, but if every online member could write their own applications than the system would be totally open. Therefore, I conclude that Apple is going to start charging me and/or hassling me for writing my own software.

Also, while I can see that it is important to make sure that people's phones are free from malware, and I can see why Apple doesn't want people doing an end run around ATT, I don't see any argument for not letting people freely install whatever they want on an iPod Touch.

"While this makes such a phone less than 'totally open,' we believe it is a step in the right direction," [ View this article at AppleInsider.com ] (http://www.appleinsider.com/article.php?id=3752)

Translation:
We wanted a totally open iphone but instead we sold out once apple showed us the money ;)

I'm fine with a slightly closed system as long as I can get an iChat client that uses the data connection instead of SMS. If Apple doesn't supply that, I'll hold off buying an iPhone until it does. Or jailbreak the probable 32GB 3G model.

The problem I have with Apple controlling what software can be put on a device is that I want to write my own software. Right now I am a ADC online member, but if every online member could write their own applications than the system would be totally open. Therefore, I conclude that Apple is going to start charging me and/or hassling me for writing my own software.

Also, while I can see that it is important to make sure that people's phones are free from malware, and I can see why Apple doesn't want people doing an end run around ATT, I don't see any argument for not letting people freely install whatever they want on an iPod Touch.

I was assuming that Apple would be taking a cut of whatever the charge for the software is going to be and the rest would go for the coder. Sorta like the model most game console makers use. But what if the coder wants to give their app away for free? It probably still has to get signed by Apple. I guess we will all find out for sure on the 26th.

The only problem I can forsee with this is if Apple doesnt like a particular app (for example because its competes with & its better than one of theirs) they can totally block its distribution.

Umm, now which software company does that remind me of :\?

That's what I was thinking. How much is Apple going to control what is allowed and not allowed? For example, instant messaging clients. Will those just be totally disallowed because they would take away AT&T profits from SMS messages? Or will it perhaps be hobbled by only working via Wi-Fi?

Perhaps it's not the best comparison, but I look how controlling and limited the selection of iPod games is. It's taken a year and a half for the iTunes Store to amass a mere 30 games. And very few of those are actually original. To me, that doesn't bode well for the future of iPhone/iPod Touch apps at the iTunes Store.

Perhaps it's not the best comparison, but I look how controlling and limited the selection of iPod games is. It's taken a year and a half for the iTunes Store to amass a mere 30 games. And very few of those are actually original. To me, that doesn't bode well for the future of iPhone/iPod Touch apps at the iTunes Store.

My thoughts exactly...

As far as I am concerned, Apple should be able to provide an SDK that lets developers write apps that are just as secure as any app that is written for OSX for a Mac.

Frankly, I think that getting apps only from iTunes is a stop gap measure to ensure that the apps are "conforming" to Apple's standards, and that within a year you will see the ability to buy and install apps from many online sources.

This just seems to go along with Apple slowly (I use that term advisedly since 4 million phones isn't all that slow) entering the market with a phone that only uses EDGE and is tied to a large carrier, and then moves to 3G, and then eventually to a much more open environment for iPhone sales.

I would liken the whole thing to Apple's own stores. They are not the only place to buy the hardware/software, but they do account for a huge amount of Apple's sales.

I believe that selling the apps only via iTunes will be similar to the beginning of Apple's own stores, and will probably still be the place where they sell a huge number of iPhone apps, but that eventually there will be other places to buy the apps and install them on your phone.

Apple is methodically creating the iPhone marketplace the way it did with the iPod, and the way it has with the Apple Store. In a year or two, since the entire Apple universe seems to be moving to OSX, I believe you'll be able to find a lot more games, and apps, etc. for ALL of the hardware that runs OSX, and I believe it won't be only on iTunes.

(If what I write does not come true, and you quote me a year or two down the road, I will disavow writing any of this and blame it on a malfunction of my Windows-based computer! ... yes, yes, yes, my next computer will be a Mac... I just can't afford a new computer yet, okay?)

:D

Being able to drag and drop install applications via the Finder onto the iPhone would be sweet. While using iTunes as the center for everything, I am starting to feel a proper synch API would be cool, so other applications can share in synching their data with the iPhone/iPod/iTouch.

I'm fine with a slightly closed system as long as I can get an iChat client that uses the data connection instead of SMS. If Apple doesn't supply that, I'll hold off buying an iPhone until it does. Or jailbreak the probable 32GB 3G model.

would a 3G jail broken phone work on verizon? Or are the two not comparable tech wise even if both are 3G?

Am I the only one who doesn't want a "totally open" phone? I'm all for 3rd party apps on phones, but with the always on nature of cell phones and increasing complexity of their OS I want some built-in stopgates against malicious and poorly written code. Has a horribly inept coder I'd hate to think that anyone could easily install code I wrote on their phone. :D
My thoughts exactly. To counter the argument that the iPhone is running a version of OS X, so it is secure, the iPhone will have something the Mac doesn't: a large market share, which will make it especially attractive to malicious hackers.

My thoughts exactly. To counter the argument that the iPhone is running a version of OS X, so it is secure, the iPhone will have something the Mac doesn't: a large market share, which will make it especially attractive to malicious hackers.

Mobile phones haven't been that attractive for that just yet, maybe in a few years. Phones from any brand haven't really been targeted much yet. Even though iPhone might be big in its segment, there might only be 5 million of them right now, small compared to Mac's 20+ million installed base and a few hundred million Windows installed base.

Mobile phones haven't been that attractive for that just yet, maybe in a few years. Phones from any brand haven't really been targeted much yet. Even though iPhone might be big in its segment, there might only be 5 million of them right now, small compared to Mac's 20+ million installed base and a few hundred million Windows installed base.

Not to mention Symbian OS (S60 and UIQ). There are no "real" viruses in the wild for these two OS's and their millions more of them than the OS on the iPhone.

Not to mention Symbian OS (S60 and UIQ). There are no "real" viruses in the wild for these two OS's and their millions more of them than the OS on the iPhone.

Thats because Symbian isn't 100% open either only approved and signed application have access to the most sensitive parts of the phone. The same way that Apple is doing. Other wise their would be trojens and spyware on Symbian phones.

What can be done to get around this. Crack approved Symbian applications and distribute them for free with trojens and spyware hidden inside.

This is a disaster.

1 - This is nothing but a poorly hidden attempt to control what types of apps go on the phone. AT&T doesn't want VOIP on iPhone, Apple wouldn't want anything that would impact their bottom line (apps that compete with their 1st party offerings). This has nothing to do with security - as others have said, Symbian phones are fine, despite being fully open.

2 - This is completely non-competitive with the Blackberry. Blackberry has an established protocol to install software over-the-air. Visiting a mobile website is a good way to install an app (signed of course) to a Blackberry, which is MUCH easier and encourages MUCH wider adoption than, say, forcing the user to sync up every time they feel like installing an app.

Applications that are hoping to attract users will be deeply hurt by this.

would a 3G jail broken phone work on verizon? Or are the two not comparable tech wise even if both are 3G?

Nope not today it won't. Verizon used CDMA technology and the iPhone uses GSM.

Verizon has announced that its 4G data network will be a GSM variant called LTE (Long Term Evolution) That is more likely to be compatible with the iPhone. Verizon won't make the switch for another 3-4 years. By that time Apple's carrier contracts will be finished.

Thats because Symbian isn't 100% open either only approved and signed application have access to the most sensitive parts of the phone. The same way that Apple is doing. Other wise their would be trojens and spyware on Symbian phones.

What can be done to get around this. Crack approved Symbian applications and distribute them for free with trojens and spyware hidden inside.

From what I can tell, Nokia requires signing, but not that a given app be approved directly by Nokia.

This is a disaster.

Serve a little hyperbole this afternoon?

This has nothing to do with security - as others have said, Symbian phones are fine, despite being fully open.

Symbian phones are not completely open.

SymbianSigned.com (http://developer.symbian.com/main/signed/)

Applications that are hoping to attract users will be deeply hurt by this.

Not really.

From what I can tell, Nokia requires signing, but not that a given app be approved directly by Nokia.

Yes this is true but I'm just pointing out that Symbian does have a app signing process. If an app does not meet the requirements that Nokia has set for gaining approval then the app will be rejected. That is why it isn't 100% open.

If Apple will restrict what apps can be approved based on their functionality we will all have to wait and see.

This is a disaster.

1 - This is nothing but a poorly hidden attempt to control what types of apps go on the phone. AT&T doesn't want VOIP on iPhone, Apple wouldn't want anything that would impact their bottom line (apps that compete with their 1st party offerings). This has nothing to do with security - as others have said, Symbian phones are fine, despite being fully open.

2 - This is completely non-competitive with the Blackberry. Blackberry has an established protocol to install software over-the-air. Visiting a mobile website is a good way to install an app (signed of course) to a Blackberry, which is MUCH easier and encourages MUCH wider adoption than, say, forcing the user to sync up every time they feel like installing an app.

Applications that are hoping to attract users will be deeply hurt by this.

Why would you have to sync when you can download off the iTMS with a iPhone/Touch now? I don't think Apple cares if they are competitive with Blackberry or not.

If you can only get apps on the phone through iTunes, it will also make it impossible for companies to write custom internal apps. At my company a lot of people have iPhones now, and it would be awesome to give them access to internal apps through their iPhones.

This is a disaster

2 - This is completely non-competitive with the Blackberry. Blackberry has an established protocol to install software over-the-air. Visiting a mobile website is a good way to install an app (signed of course) to a Blackberry, which is MUCH easier and encourages MUCH wider adoption than, say, forcing the user to sync up every time they feel like installing an app.

Has anyone realized that there's the iTMS on the iPhone/iPod touch? Because they could just add another section to that version. Et voila, no more problems with plugging it into the computer.

I'm sure there'll be a workaround to iTunes. maybe Installer.app will just stay around and serve as another source of 3rd party apps

Check, check, check, check, check it: http://forums.macrumors.com/showthread.php?p=4980135&posted=1#post4980184

Check, check, check, check, check it: http://forums.macrumors.com/showthread.php?p=4980135&posted=1#post4980184

He's kicking himself.

Yes this is true but I'm just pointing out that Symbian does have a app signing process. If an app does not meet the requirements that Nokia has set for gaining approval then the app will be rejected. That is why it isn't 100% open.

If Apple will restrict what apps can be approved based on their functionality we will all have to wait and see.

Not 100% true. There is a signing process but you can get around it. The signing process if mainly to tell the phone that this app has been signed, but I can turn off the checking for signed applications and tell the phone to simply accept anything I want to install.

Not 100% true. There is a signing process but you can get around it. The signing process if mainly to tell the phone that this app has been signed, but I can turn off the checking for signed applications and tell the phone to simply accept anything I want to install.

I hope as soon as the SDK is out - someone designs a way to use the alpha keyboard to find a contact for a phone call - it can't be difficult since you can do so for txting - it's too hard to flip through all contacts under any given alpha letter to find who you want to dial - my shortcut is to use the txt directory - send a one letter txt and then stay in text and hit "call"

Thats because Symbian isn't 100% open either only approved and signed application have access to the most sensitive parts of the phone. The same way that Apple is doing. Other wise their would be trojens and spyware on Symbian phones.

What can be done to get around this. Crack approved Symbian applications and distribute them for free with trojens and spyware hidden inside.

Wrong. For Symbian, only signed apps get access to the most sensitive parts by default. The user can switch a preference to allow all apps, in the knowledge that security will be weaker that way.

Amorya

For Symbian, only signed apps get access to the most sensitive parts by default. The user can switch a preference to allow all apps, in the knowledge that security will be weaker that way.

I don't think Apple will go this route. Since they seem to create consumer software for the "lowest common denominator" I don't think this will be an GUI-accessible option. Perhaps it will be achievable with a little Unix/BASH knowledge and some rigor morale, but not out of the box.

"While this makes such a phone less than 'totally open,' we believe it is a step in the right direction,"
Translation:
We wanted a totally open iphone but instead we sold out once apple showed us the money ;)
I think this quote is actually attributable to Steve Jobs and not Tiny Code, though the article left it less than clear (I believe the quote was actually posted in another article months ago).

I keep trying to be optimistic and open minded about what Apple is going to do, but I fear the worst (severe limits on how, what types and who can publish apps that are installable, and Apple insisting on a cut/piece of everything). The fact of the matter is that any device with a good security and memory protection model is "safe" (to the degree of bugs and weakly-thought-through design in place), and don't install anything from a source you don't trust. If OS X is that bad, we shouldn't be using our Macs either.

Wrong. For Symbian, only signed apps get access to the most sensitive parts by default. The user can switch a preference to allow all apps, in the knowledge that security will be weaker that way.

I looked up about this. Not all Symbian phones allow for turning off signed applications. Only certain lines of phones allow this. Then on top of that some certain carriers don't allow for turning off signed applications. Some carriers disable the turn off option.

I don't think Apple will go this route. Since they seem to create consumer software for the "lowest common denominator" I don't think this will be an GUI-accessible option.

I wouldn't call this playing to the lowest common denominator. I would call it consistency. Apple is unlikely to set up a application signing program. Then allow unsigned application to circumvent the program.

I looked up about this. Not all Symbian phones allow for turning off signed applications. Only certain lines of phones allow this. Then on top of that some certain carriers don't allow for turning off signed applications. Some carriers disable the turn off option.



I wouldn't call this playing to the lowest common denominator. I would call it consistency. Apple is unlikely to set up a application signing program. Then allow unsigned application to circumvent the program.

Which phones are these? I have yet to see one phone that does not allow you to install whatever you want and I have 3 SYmbian OS phones right now, N81, N82, E61, and I just sold an E90 (all Nokia's), and none of them prevented me from allowing all applications.

Which phones are these? I have yet to see one phone that does not allow you to install whatever you want and I have 3 SYmbian OS phones right now, N81, N82, E61, and I just sold an E90 (all Nokia's), and none of them prevented me from allowing all applications.

Its what I've read. From your account the Nokia N and E line allow this. But can you account for every Symbian phone on the market?

Its what I've read. From your account the Nokia N and E line allow this. But can you account for every Symbian phone on the market?

I never said I could account for every phone on the market. I said what my phones, and the previous phones that I have owned have allowed.. Once again, I ask, which phones are these that you read about?

which phones are these that you read about?

I read it in an article talking about the Sony/Ericsson P1i.

"I've been downloading software for the p1i for quite a few days now and find that the p1i has stringent security checks upon installing 3rd party software. Therefore you must find programs that are signed (you dont have the option like S60 V3 - nokia n series, to turn off signing)"

I read it in an article talking about the Sony/Ericsson P1i.

"I've been downloading software for the p1i for quite a few days now and find that the p1i has stringent security checks upon installing 3rd party software. Therefore you must find programs that are signed (you dont have the option like S60 V3 - nokia n series, to turn off signing)"

Do you mind elaborating a bit more about what it says, as I have a very good friend with a P1, and he installs whatever he wants on it. I will grant you that UIQ is different than S60, or S80, or S40 but this is the first time I have heard this.

Do you mind elaborating a bit more about what it says..

They don't really elaborate. That's basically all it says. Here is something else I found.

"It turns out that some operator branded phones cannot accept self-signed applications - they can only accept those that have gone through the Symbian Signed (tested by 3rd party) process." (http://mobilephonedevelopment.com/archives/240)

They don't really elaborate. That's basically all it says. Here is something else I found.

"It turns out that some operator branded phones cannot accept self-signed applications - they can only accept those that have gone through the Symbian Signed (tested by 3rd party) process." (http://mobilephonedevelopment.com/archives/240)

I read the article and got this:

It turns out that some operator branded phones cannot accept self-signed applications - they can only accept those that have gone through the Symbian Signed (tested by 3rd party) process.

To recap, all unbranded phones allow running of limited capability applications and just warn the user at install time or run time when a particular phone feature is accessed by the program. This type of application is still signed by the developer but hasn’t undergone Symbian Signed testing.

So it would seem that if anyone were to purchase an unbranded phone, all of these issues go away. Makes sense and further in the article it would seem that Vodafone Japan, as an example, removes the allowance of installing apps so that you can probably purchase them through Vodafone Japan.

Moral of the story. Buy an unbranded phone. Further moral of the story, buy an iPhone and unlock it and put whatever card you want inside.

P.S. Thanks for the info.

I don't think Apple will go this route. Since they seem to create consumer software for the "lowest common denominator" I don't think this will be an GUI-accessible option. Perhaps it will be achievable with a little Unix/BASH knowledge and some rigor morale, but not out of the box.

I think the same. Which sucks.

I wouldn't call this playing to the lowest common denominator. I would call it consistency. Apple is unlikely to set up a application signing program. Then allow unsigned application to circumvent the program.

The whole point of signing, in my opinion, is so that the user knows exactly what is running on their machine, and who wrote it.

If Apple allow anyone to sign their app, no matter what it does, for free, then I don't care if there's no way to turn off the feature. It would still be secure enough, because when an app is installed it would tell you who wrote it. Only install things from sites you trust!

But if Apple starts playing security watchdog and vetting applications before allowing them to be signed, then that's gone too far. If that happens, I may stick with jailbroken 1.1.2, and hope a significant number of developers also do.

Amorya