Has Nokia stopped piracy?

Submitted by Robert MacLean on Fri, 11/27/2009 - 11:26

Nokia5800 The Nokia 5800 I have runs on the Symbian S60 5th Edition operating system and it seems to be a decent OS, but built into it is the most interesting anti-piracy system I have seen. So how does it work? Note: I am not an expert in this, this is my view after a few weeks looking into it, so I may be wrong.

First every application needs to specify what features it uses and based on that it can either be flagged into one of three categories:

  • Unprotected
  • Protected
  • Testing

Testing has no security, and is just good for testing. However for the other two, they must be signed with a SSL certificate. For unprotected applications you can self sign, in other words using the certificate on the phone to sign the application. For protected you’ll need a certificate from a certificate signing website - which there are just a few of and these sites also require you to signup as a publisher which costs $200. So once you pay $200 and you go through the process you can sign an application however it is locked to the IMEI of the phone. This means that the application can only ever be run on a specific phone.

Now the security model falls over, if you go out and get the publisher details since you could take other peoples applications and strip out the existing certificate and sign it with your own, but that costs $200 (and you are logging with a central company what software you are signing, so that they may be able to track it). Why I think this works is because almost every single application out there is much cheaper than $200. In fact for $200 you can get so many apps legally that I question who would pay $200 if they were not a legitimate publisher.

I think this process is much better than the iPhone’s app store - since you do not need to get a companies permission to sell the software. You can build it, host it anywhere and viola it is available.

A similar process is available in Windows Vista+ x64 for drivers, which must be also signed in a similar process. I am wondering if this should not occur for all applications in Windows as well - however there are a lot of changes that would need to be implemented.