Slashdot Mirror

Although it sounds like what they're proposing here has some good ideas, the concept isn't groundbreaking. My Blackberry has an emergency callback mode and I've seen in action once. http://na.blackberry.com/eng/deliverables/1487/About_Emergency_Callback_Mode_26287_11.jsp

Right. Just as soon as the iphone gets push email, a keyboard, real management features, and real security. Here are the blackberry certifications. Who has audited the iphone? Nobody, because it has no security.

Come Monday I'll think you'll find most of this will be addressed.

Look for a complete end-to-end solution involving iPhone and Mac OS X Server 10.6 (Snow Leopard) at a price point no one else will be able to come close to; eg. no more per seat licenses, bu-bye Microsoft Exchange. Everything else will fall into place shortly thereafter. Push email, management, security and certification, all of it and maybe even other things that the others haven't thought of yet.

As for a keyboard. Apple will never make a version with a physical keyboard but don't be surprised if the aftermarket doesn't fill that need with micro-keyboards that connect using bluetooth, probably integrated into a carry-case. Apple doesn't need to do it, others will fill that in.

I'm not saying that the iPhone will instantly appeal to everyone, it never will, but the checklist of its shortcomings will get even shorter and people will find fewer reasons why it doesn't work for them.

The fact that the Pre id's itself as a "Apple iPod" to iTunes for synching may mean Apple is turning a blind eye or somehow involved with Pre.

Ummm, you do know that Blackberries have been able to sync with itunes for years, right? They call it mediasync:

http://na.blackberry.com/eng/services/media/mediasync.jsp

Short RIM.

Right. Just as soon as the iphone gets push email, a keyboard, real management features, and real security. Here are the blackberry certifications. Who has audited the iphone? Nobody, because it has no security.

Do you think there is a reason senior executives (and the US president) all use blackberries? They could choose any device, and strangely enough it isn't the iphone.

The fact that the Pre id's itself as a "Apple iPod" to iTunes for synching may mean Apple is turning a blind eye or somehow involved with Pre.

Ummm, you do know that Blackberries have been able to sync with itunes for years, right? They call it mediasync:

http://na.blackberry.com/eng/services/media/mediasync.jsp

Short RIM.

Right. Just as soon as the iphone gets push email, a keyboard, real management features, and real security. Here are the blackberry certifications. Who has audited the iphone? Nobody, because it has no security.

Do you think there is a reason senior executives (and the US president) all use blackberries? They could choose any device, and strangely enough it isn't the iphone.

Hey, new iPhone, meet my BlackBerry Curve 8900.

A whole world of BlackBerry stuff indeed. A whole world of applications. An "app world", if you will.

http://appworld.blackberry.com/

As an aside, TFA says that the NSA is reviewing the security software. I wonder if they got access to the rest of the source-code and reviewed all of the other software?

I'm sure they did. The blackberry platform has been audited from end-to-end by many, including the governments of Canada, UK, USA, Austria, Australia, New Zealand, Turkey, along with non-governmental organizations:

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

No, the proxy compresses it into something smaller and easier to process. It converts it to OBML (Opera Binary Markup Language) aka it pre-compiles it as mentioned higher up the chain. So a phone without the memory and CPU power to run a full rendering engine that supports HTML and CSS (and javascript) can probably still run the smaller more streamlined rendering engine of Opera Mini which doesn't have to deal with all the disparate formats out there on the web. It just has to deal with OBML.

On my phones, I can either use something that looks like this or use Opera Mini which looks like this.

Its a lot more helpful than mere compression.

We are doing a test rollout of blackberries, iphones, and windows mobile devices.

I get blackberries brought to me regularly because they are screwed up or the person does not know how to do what they want to do.

Well, then your users are idiots. Make them watch the simple blackberry 101 video:

http://na.blackberry.com/eng/support/blackberry101/

Even my 9-year niece can figure out a blackberry.

Daily?
http://na.blackberry.com/eng/devices/blackberrystorm/storm_specifications.jsp

BES supports all three major groupware suites:

http://na.blackberry.com/eng/services/server/

I wish they would design a BlackBerry that didn't have a camera

That would be the 8820. I have one. Very nice. I think Obama has an 8830.

It's not about the 'archival' of data. The Blackberry taps into YOUR traditional mail infrastructure. If you back it up, then your messages are archived.

The point is, Obama wants to have conversations that are NOT archived. So much for "change". The Obamasiah is just another politician.

No, it's more about the fact that an external company is granted access (usually via VPN) to your internal network (or at least part of it) and, more specifically, they get to keep a copy of your authentication credentials (so they can watch your new mail arrive, copy it, and delivery it to your device). Allowing a 3rd party company VPN access to a US government network with the Whitehouse mail server and, oh by the way, a copy of the president's username and password... well NOW maybe you can understand why they're nervous about security.

Not at all. You really don't understand the blackberry platform (neither do the people who modded you insightful). Start by looking at blackberry security certifications: http://na.blackberry.com/eng/ataglance/security/certifications.jsp

With a blackberry enterprise server (BES), no outsider connects to your email system, has access to the encryption keys, access to your email or access to your password.

The BES software is installed on YOUR windows (2000, 2003, 2008) server. A regular user account on this server connects to YOUR email server (exchange, notes, groupwise), and gets your email. This user account has permission to read/send YOUR email.

When new email arrives on YOUR server, the BES account grabs the message, the email is compressed and encrypted with the handheld's encryption key using AES-128. Only then is the message sent outside your network to RIM. This connection is outbound on tcp port 3101 to srp.na.blackberry.net. No other external internet access needed. RIM only receives the encrypted message (RIM can't decrypt it, since RIM doesn't have the keys). RIM then forwards the message to the cell phone carrier, who sends it to the handheld. The handheld receives it and uses its decryption key to read the message.

For additional paranoia you can use PGP or S/MIME in addition to the native AES-128 encryption. The BES is made up of 8 or so services. These can be installed on different computers, and only the blackberry router service connects to the internet.

Frankly it would be better if he were addicted to an iPhone

You gotta be kidding. Apple knows nothing about mobile security. Tapping an iphone in a certain way will unlock it. The content is not stored encrypted. There is no remote wipe. Apple retains full control of your iphone and can remove applications whenever Apple feels like it.

yet they don't have enough sense to contact RIM to have them submit the specs and code review for configuring government only blackberry servers that our government has full control of and enable the blackberries in government to use that server?

Already been done. The blackberry platform has been audited from end-to-end by many government agencies:

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

Or, why not take away his personal blackberry, and give him a government-issued one? They're already so prevalent throughout the government, so why not give him one? Then you can do the BES thing and have remote wipe, and have all emails sent through it archived. And given the encryption already on it, I'm sure it's usable for classified stuff as well.

Classified? No. While blackberries are very secure and have been audited from end-to-end by many government agencies, they are currently certified for "Sensitive But Unclassified" information by the US government.

For example, blackerries aren't tempest shielded.

I may be wrong about this but I seem to remember speaking to the guy in my IT organization about Blackberry and AES encryption on the Blackberry devices. He said that is an option but it is not the default configuration

That may have been the case a long time ago, but for at least the last 3 years the default is to support 3DES and AES, and use the most secure method supported by the handheld. You can explicitly disable 3DES or AES by policy.

There are some old blackberry handhelds that only support 3DES, but they are rare (I've never seen one).

and you have to specifically configure it. My organization has about 250,000 e-mail accounts and does not use the AES encryption he said.

Not a good idea - the 3DES algorithm is 30 years old. It doesn't have any major flaws, but the keyspace is small, and can be brute-forced with a little work. (with $1,000,000 in computer power, 3DES is easily brute-forced).

He would know since he designed the system.

He didn't design it, Research In Motion designed it. You have to setup your email system RIM's way, or not at all :)

You really ought to switch to AES. Much more secure, and it's even less computationally intensive on your servers. Most AES benchmarks rate it a few percentage points faster than 3DES.

So this means he WILL have to let go of his Blackberry after all. How secure is data passing to a Blackberry, (the server, towers etc..)?

This wasn't a blackberry, but they are very secure. They use AES to encrypt all data, and the cellphone company doesn't have the decryption keys. Blackberries have been audited by a number of governments and non-governmental organizations.

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

You're missing the point--it's not that they can't build a retention system, it's that they don't want one. They don't want every word or thought (or lobbyist/Abramoff buying them off) captured for posterity.

But wait! I thought that was only due to the EVIL George Bush/Haliburton/Cheney conspiracy! This is about CHANGE! Open government! Yes we can!

Sadly, this is not the coming of the Obamassiah. Obama is just another crappy politician, albeit more left-leaning than most.

Plus, the NSA would probably shit a brick if the Pres had a Blackberry since every BES packet flows through a foreign country.

Every ENCRYPTED BES packet flows through a foreign country. Fixed that for you.

Further, the blackberry platform has already been audited by the US government (and others, like NATO, UK, etc). The US government accepts blackberries for information that is "Sensitive But Unclassified". Some of the President's work falls into that category.

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

I'm sure the NSA could modify blackberries to be more secure, especially if the President really, really wants one.

i'll second the better browser on 4.5. I updated mine to 4.5 to address an RSA issue (which didn't work) but I like the update. For one, I can now use my 6gb microsd chip. Not much changed just a bit nicer look/feel.

get the OS for your carrier here:
http://na.blackberry.com/eng/support/downloads/download_sites.jsp

If you are paranoid about security, what the hell are you doing trusting Exchange or Crackberries? Smartphones support SSL and you can run your own IMAP server.

Why should I trust a smartphone? Iphone & googlephone have known backdoors from the manufacturer. Does your smartphone store email on the device in encrypted form? Do they support remote lock & remote wipe like a blackberry?

On the other hand, Blackberries have been audited & certified from end-to-end by many organziations:

NATO, Fraunhofer Institute for Secure Information Technology (Germany), Communications Security Establishment (Canada), Communications Electronic Security Group (UK), Center for Secure Information Technology (Austria), Defense Signals Directorate (Australia), Government Communications Security Bureau (New Zealand), National Institute of Standards and Technology (United States), Turkish Standards Institute (Turkey).

Who certified your smartphone?

You are right - RIM gives access to their telephony functions to carriers, not to the 3rd party developers. That's what I meant. That is why you don't have Skype, Gizmo, or any other true VoIP clients on Blackberries, even via WiFi.

Here's their API. You can't program a phone with it.

Whatever you think of Best Buy, they have a successful internal community in Blueshirtnation.com. A google search turns up quite a lot of industry praise on those guys. It was even written up the Groundswell book by Forrester.

If you want your bosses to buy, make sure you give them plenty of examples of other companies being successful at it.

For me, the biggest business benefit to the call center is knowledge sharing, but you have to be careful because communities need a critical mass in members to be successful (or a highly dedicated internal resource building content and encouraging participation). Only the biggest call centers could make it self-sustaining. However, another idea might be to launch a peer-to-peer support community and invite your customers in. You can have a private area for employees, but have a larger area where customers can ask support questions. And unlike email, once a question is answered, everyone can use it. Dell, Lenovo, Juniper, Linksys, AT&T, Blackberry all have successful support forums.

On IRC, I use it at work but my frustration is that it has no real history - I've seen the same questions come up time and again. On a forum you can search and find past discussions.

Disclosure: I work for Lithium Technologies , an online community provider.

Proprietary encryption, like any other proprietary software, is untrustworthy. You don't really know what you have or who can read the encrypted data when it's encrypted with proprietary software.

You know nothing about the blackberry platform.

The blackberry platform has been audited from end-to-end by NATO, Communications Security Establishment (Canada), Communications Electronic Security Group (UK), Center for Secure Information Technology (Austria), Defense Signals Directorate (Australia), Government Communications Security Bureau (New Zealand), the Fraunhofer Institute for Secure Information Technology (Germany) and others.

And if you're even more paranoid, blackberries support the use of S/MIME and PGP on top of their existing encryption.

Happy now?

You smoke something really really good. There are so many issues with blackberry security that it is scary. To start - everything goes through their "cloud". They own your keys.

Jesus fucking christ, you know nothing about the blackberry platform.

If you have a blackberry enterprise server, RIM does not have the keys. The keys are on your device, and on your blackberry enterprise server, nowhere else. It goes through RIM's cloud, but RIM simply transmits the encrypted message. RIM is unable to read the message, because they don't have the keys. Not long ago, RIM had to explain this in little words to the government of India, saying that they would love to assist the Indian govt in decrypting messages, but RIM didn't have the keys.

What makes you think that there's no backdoor in there? If someone as big as IBM/Lotus Notes will put a backdoor in, can a small company like RIM, which actively targets the govt market, not put something in?

Well, unlike Notes, the blackberry platform has been audited from end-to-end by NATO, Communications Security Establishment (Canada), Communications Electronic Security Group (UK), Center for Secure Information Technology (Austria), Defense Signals Directorate (Australia), Government Communications Security Bureau (New Zealand), the Fraunhofer Institute for Secure Information Technology (Germany) and others.

Further, blackberries are used by senior government people all the time. Would the government let their senior people use blackberries if they had known backdoors?

They have a model for the Blackberry in the works.

I really doubt it. The blackberry platform has been audited from end-to-end by the Communications Security Establishment (Canada), Communications Electronic Security Group (UK), Center for Secure Information Technology (Austria), Defense Signals Directorate (Australia), Government Communications Security Bureau (New Zealand), National Institute of Standards and Technology (USA), Turkish Standards Institute (Turkey), NATO, the Fraunhofer Institute for Secure Information Technology (Germany) and others.

Since this device is designed for forensic investigation by either law enforcement or corporate compliance investigators,

There is no need for corporate compliance investigators to use this. If your company has a Blackberry Enterprise Server (and you should), the BES manages, tracks & controls absolutely everything on the blackberry already. The BES can be configured to keep track of every call, text message and even where the phone is (if the phone has GPS).

Law enforcement has an easy solution: get a warrant from a judge!

I would not be surprised if it hooks into low level OS calls put in place for this purpose. The NSA has a back door into virtually all systems out there.

I doubt all the institutions listed above didn't notice the back door. Even if they all are in on the conspiracy, blackberries are used by senior government officials in the USA, Canada, Australia, etc. Even Barack Obama uses one. Would they use them if their government knew there was a secret gaping flaw?

If you roll in the Java world, then check out the Blackberry. It's really easy to develop for, there's a bunch of tools out there, and installing and removing apps is a breeze through the USB cable. (or a server for that matter)

Has anyone done any development for the Blackberry on Linux? I use Eclipse for most of my development these days, and it looked like the only Blackberry Eclipse plugin/toolkit was an unfriendly Windows binary. Anyone have any better experiences with it?

I'm not about to put together another machine or waste money on a Windows license just to develop cell phone software, especially when it seems that there's no specific reason why there isn't a readily available Linux port of their toolkit.

Yeah, I'm just waiting for some person to post a link to one and make this post look stupid.

I find that many times when I am in poor coverage areas (areas without 3G reception, for instance). My iPhone 3g (2.0.1) will show 1 or 2 bars of signal strength, yet my Blackberry 8700c (also on AT&T), will show full signal.

However I have certainly noticed this signal strength issue -- at least compared to the Blackberry when in areas with poor 3G reception.

I have an explanation. Your Blackberry is GSM GPRS/Edge only.
http://na.blackberry.com/eng/devices/device-detail.jsp?navId=H0,C63,P65#tab_tab_specifications

Try switching off 3G on your iPhone in that area and see if the reception for Edge is the same as your Blackberry.

There are currently no 3G Blackberry units on the market.

with Andriod, you already *can* develop your own apps.....there was a whole competition sponsored by Google for it. For that matter, you can develop your own apps for Windows Mobile, too....and Blackberry....and Symbian...and even the *gasp* iPhone.....

Android SDK - http://code.google.com/android/download.html
Windows Mobile (Compact Framework) SDK - http://msdn.microsoft.com/en-us/netframework/aa497273.aspx
Blackberry SDK - http://na.blackberry.com/eng/developers/
Symbian OS SDK - http://www.symbian.com/developer/techlib/v8.1adocs/doc_source/index.html
iPhone SDK - http://developer.apple.com/iphone/

Let us know when you've developed something cool. Maybe even post a Slashvertisement.

Layne

The "pot" here is not talking to the "kettle". It is talking to us -- don't use fax or blackberry, if you don't want China to intercept the information.

You gotta be kidding. My blackberry uses 128-bit AES encryption to send information to/from my company's blackberry enterprise server.

I really doubt the Chinese can crack that. The blackberry platform has been audited from end-to-end by NATO, Communications Security Establishment (Canada), Communications Electronic Security Group (UK), Center for Secure Information Technology (Austria), Defense Signals Directorate (Australia), Government Communications Security Bureau (New Zealand), National Institute of Standards and Technology (USA).

After a couple changes for readability purposes:
Your cellphone carrier can update all of your cellphones firmware, whether [the phone is] on or off. If you think they can't turn on the microphone and listen as well, you're living in [a] dreamworld.

It's already happened.

Some phones do have the ability to have updates pushed down to them by the carrier. Generally speaking, phones with internet ability are more likely to allow this - the more "corporate friendly" the device, the easier it's likely to be.

Personally, I'm a (palm) Treo user - it doesn't have daemons listening which would allow the carrier to do this, even if I have internet access. Firmware updates are a big deal - it's not something that can be done remotely. Applications can be downloaded using the browser, but it's a manual process.

Windows mobile phones generally don't have this functionality, either - it would be difficult to hide, and there are too many things that could go wrong, as well as differences in hardware. Java-based phones make this easier.

The perfect example of this is the BlackBerry - they even Advertise this functionality.

You don't know much about blackberries. A government wouldn't use IMAP.

There are so many ridiculous things here.

1. A government would use a blackberry enterprise server (BES).
2. The BES platform and devices has been audited from end-to-end [blackberry.com] by the UK government's spies (GCHQ). They know what they are doing and how to manage blackberries securely.
3. With a BES, you can control every little detail on the blackberry. The UK government has standards for this.
4. With a BES, you can:
- force the blackberries to use strong encryption to store & transmit encrypted email
- force the blackberries to use strong encryption on the removable media card
- force the blackberries to use a strong password to lock the device
- force the blackberries to lock after a configurable period of inactivity
- force the blackberries to lock after a configurable period regardless of activity
- force the blackberries to use two-factor authentication such as an RSA key fob or smartcard
- disable bluetooth and other functions
- prevent data transfer by USB
- lock the blackberry remotely
- wipe the blackberry remotely
- if it has GPS, trace the location of the blackberry

It's a bit hard to believe that my 50-person company has a better blackberry policy than the UK government. But that's nuLabour for you.

There are so many ridiculous things here.

1. A government would use a blackberry enterprise server (BES).
2. The BES platform and devices has been audited from end-to-end by the UK government's spies (GCHQ). They know what they are doing and how to manage blackberries securely.
3. With a BES, you can control every little detail on the blackberry. The UK government has standards for this.
4. With a BES, you can:
- force the blackberries to use strong encryption to store & transmit encrypted email
- force the blackberries to use strong encryption on the removable media card
- force the blackberries to use a strong password to lock the device
- force the blackberries to lock after a configurable period of inactivity
- force the blackberries to lock after a configurable period regardless of activity
- force the blackberries to use two-factor authentication such as an RSA key fob or smartcard
- disable bluetooth and other functions
- prevent data transfer by USB
- lock the blackberry remotely
- wipe the blackberry remotely
- if it has GPS, trace the location of the blackberry

It's a bit hard to believe that my 50-person company has a better blackberry policy than the UK government. But that's nuLabour for you.

• BlackBerry® smartphones that support Wi-Fi*:
  • BlackBerry® Pearl(TM) 8120 smartphone
  • BlackBerry® Curve(TM) 8320 smartphone
  • BlackBerry® 8820 smartphone

• BlackBerry® smartphones that support Wi-Fi*:
  • BlackBerry® Pearl(TM) 8120 smartphone
  • BlackBerry® Curve(TM) 8320 smartphone
  • BlackBerry® 8820 smartphone

• BlackBerry® smartphones that support Wi-Fi*:
  • BlackBerry® Pearl(TM) 8120 smartphone
  • BlackBerry® Curve(TM) 8320 smartphone
  • BlackBerry® 8820 smartphone

• BlackBerry® smartphones that support Wi-Fi*:
  • BlackBerry® Pearl(TM) 8120 smartphone
  • BlackBerry® Curve(TM) 8320 smartphone
  • BlackBerry® 8820 smartphone

I have no experience with Blackberries. Do they support traditional wifi (802.11a/b/g/n?)

Some models do.

I thought emails and all that went through Blackberry's central servers before being passed on to the organization's or corporation's servers.

Depends. If you have a blackberry enterprise server, you manage the encryption entirely in-house. The company (RIM) is only carrying the encrypted message, and RIM doesn't have the keys, you do. The government of India was in the news recently, threatening to cut off blackberry service, since they can't decrypt the messages.

If you don't have a blackberry enterprise server, RIM manages the encryption on your behalf. In this case RIM has the keys.

I know this data is encrypted, but does it meet the encryption requirements laid down for electronic medical records in HIPAA?

Absolutely. They have a sales division dedicated to health care.

I also wonder about Blackberry service coverage. In many of the buildings where I work, I don't get cell service (Sprint) and my peers do not either (AT&T, T-Mobile, Verizon, etc).

That really depends on your local provider, and how much concrete & steel you have in your building. If you really want to, you can buy a cellular repeater to carry cell phone signals through the building. Expensive though.

There is local wifi available, but can Blackberry use that?

Some blackberries can do wifi.

Just wondering what the limitations of the seemingly "perfect" Blackberry platform really are.

I never said it's perfect, just that it is the best of what is available.

The thing I found most annoying is that you can't make the phone ring & vibrate at the same time. It can ring only, vibrate only, vibrate then ring, but not both simultaneously.

If you have a headset plugged in to the blackberry, when the phone rings, the ringing sound is made by the regular ringer, not through the headset.

Every system has a backdoor.

Nope. Many do, but it's not mandatory.

These products would not be allowed onto the American and/or Indian markets without the gov't approval.

So? That doesn't mean they have backdoors. The Blackberry platform has been audited from end-to-end by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States, Norway and Turkey. Also approved by NATO and the Fraunhofer Institute for Secure Information Technology in Germany.

That is quite a range of political viewpoints. Blackberries are also used by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States for official business.

Do you think these governments would let their staff use a system with easy backdoor access? After all, the Russians & Chinese have lots of good cryptographers and still spy on the West (and vice versa).

After all, corporations and gov't are merely quid-pro-quo whorehouses sold to the highest bidder. When the gov't needs illegal wire-taps, Verizon and Sprint allow them secret rooms to listen in on calls. When Haliburton (and KBR) need more revenue, the gov't hands out no-bid contracts. When the gov't dislikes literature, Amazon and Wikipedia ban America Deceived (book). We The People had our gov't sold out from beneath us.

At this point you're descending into left-wing kookiness, which is outside the scope of a technical discussion.

Sure, that's what they say to the public...

I know you're joking, but the Blackberry platform has been audited from end-to-end by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States, Norway and Turkey. Also approved by NATO and the Fraunhofer Institute for Secure Information Technology in Germany.

There may be back doors, but that is a pretty wide spectrum of institutions.

And frankly, you really don't need a back door. The blackberry is a secure conduit between a handheld device and an email server. So what if you can't crack it in transit. Just go to the email server, and seize that. Or throw the guy with the handheld in jail until he answers your questions.

I have the Blackberry 8830 and use MidpSSH. With the full keyboard on the blackberry and wide screen (relatively speaking) it works great for terminal access.

"RIM's idea of 'PUSH EMAIL' is: "buy this $5000 software from us to give your email server "RIM PUSH EMAIL" and god help you if their racket of a service fails, not to mention their complete lack of hardware innovation in the last decade."

Well, at least the parent poster shows himself to be a complete and total idiot. I guess $5000 is the codename for $0, since you can have your own install of BES for free?

http://www.blackberry.com/select/professional/express.shtml

I don't see what the fuss is about putting a cellphone pic on facebook, my Blackberry Pearl has been able to do this for ages

http://na.blackberry.com/eng/devices/features/social/facebook.jsp/

No kidding! Some others that aren't hard to find...

http://developer.motorola.com/
http://na.blackberry.com/eng/developers/
http://www.microsoft.com/windowsmobile/developers/
http://www.nokia.com/A4126236

Thank heaven that Apple paved the way, it's amazing these other companies in the mobile market were able to adapt so quickly...

(All links are for developers, I didn't check but I think all have SDKs available.)

Unless it's like the Blackberry. They allow anyone to use most of the API calls, but require the developers to pay a fee for access to some of the API calls and sign the applications so that the Blackberry knows which programs to allow to access the licensed API calls.

In their case it's more to control the riskier functions, so you can make a free unsigned game which only really needs graphics and the keypad without signing the code but anything that runs a risk of doing something like making a call, eavesdropping or deleting your data needs to be signed.

http://na.blackberry.com/eng/developers/downloads/api.jsp
The fee's tiny ($20) for access, but that's tiny really so it's more about being able to control the programs using those API calls.

Symbian might be similar since the GP said for "certain type of capabilities". The fee's huge by comparison though, so perhaps they want the revenue more than the security benefits.

Yeah you're right, no one develops enterprise applications in Java for smartphones...

Right, because every other platform that lets you run your own applications has been subject to malware that has actually existed in the wild, right?

Oh, what? They haven't?

Sorry to say, but this story smells apocryphal, given that you explicitly mention she had a "high-end" Nokia, which would be running S60. No S60 "viruses" ever existed that sent MMS messages. If you can find one and identify it, I'd be interested in seeing it. The only S60 viruses that have ever been shown to exist in the wild propagated over bluetooth and did nothing but propagate.

The "Security" issue IS a red herring. The iPhone has been wide open to anyone who runs 3rd party software on it for nearly a year now, and yet there is NO iPhone malware. If the concern is over security, then implement a granular permissions system like S60, where you can decide what each app can do at install time, but keep in mind that no phone virus that causes monetary harm has ever been proven to exist, for any mobile platform.

The security handwaving is a bullshit reason for Apple to make damn sure they control exactly what you run on the phone. No VOIP, no SSH clients, nothing that will use too much data, nothing that might bite into a revenue stream Apple wants to create. They can couch it in terms of "it's for the security of the network!," yet somehow, every other network and every other device can run whatever apps you want on it and there's no problem.

"BlackBerries do a few things extremely well. (Email, calendar, and... That's about it.) They're not very expandable/flexible."
Really?
Well here are two navigation programs for the Blackberry
http://na.blackberry.com/eng/builtforblackberry/navigation.jsp.
Here is a collection of software for the Blackberry. http://na.blackberry.com/eng/builtforblackberry/
Here is a list of Favorite apps for the Blackberry from blackberry users.
http://www.blackberryforums.com/aftermarket-software/316-updated-blackberry-killer-software-utilities-thread.html
And this is a site for Blackberry Freeware.
http://www.blackberryfreeware.com/
There may be more software for Windows Mobile but the Blackberry seems to do a lot more than just Email and Calendering.
So as you can see using Java doesn't have to cause the downside that claim it does while offering great flexibility in the underlining CPU that native code just will not provide. Seems like Microsoft might even agree. http://msdn2.microsoft.com/en-us/netframework/default.aspx Seems like they are moving to .net for mobile devices.