Monday June 11, 2007 iPhone should learn security through obscurity, the Java ME way
I'm not sure I totally agree with Adrian Kingsley-Hughes' blog post assumption that the nice homogeneous iPhone environment will be less secure (on Stevie-boy's 10 million unit estimate) than the security you get with Java ME technology having security through obscurity (of the WORA promise on cell phones). See: Is security an effect of the sucky WORA of Java ME??? Here's a quote: The fact is that it’s tough enough to write legitimate mobile applications using something like J2ME (Java2 Micro Edition) that’ll work smoothly across a small number of phones. The combination of an abundant lack of standards and the number of companies competing aggressively means that no single platform has managed to capture enough users to create a critical mass.I don't know about that. I think Java ME security comes from higher attention to keeping the Java ME language and platform secure. The result of the rarity of viruses on cell phones is not because it's hard to write cross-device Java ME MIDlets. There are plenty of good MIDlets that are very good at being cross-device compatible, from Google Maps, to GMail, to Opera Mini, to Jewel. If virus writers can write a virus they will. But, put up enough security hurdles to make the virus writer's life difficult (while keeping legit MIDlet writers like Google, Opera, Digital Chocolate, JAMdat, etc. lives (hopefully) less difficult), results in what we see now, not sucky WORA. Virus writers do what every good engineer does: cost/benefit analysis. If it looks too costly (with too many security hurdles), they move on. You don't try breaking into a house with bars on the window, an ADP sign on the front lawn, and a German Sheppard named Bruno on the porch. |
Hinkmond
Comments are closed for this entry.
Theme originally based on design by Bryan Bell
