On Thu, 27 Oct 2016 09:18:35 +0000 김보곤 <[email protected]> wrote:
> Samsung Enterprise Portal mySingle > > Two points I would like to insist is > > > > 1. > > I believe blocking sideloading is very good way to protect to snick > out paid-application to the public which is asset of developers. > > As you can see, I'm a member of gear watchface designer which provide > designer tools to create gear watchface. > > We did lot's of effort so now designer needs only minites to get the > certificaiton information not like ios does. > > This also contributed to Tizen Studio. > > As a result, lots of designers can join to tizen eco system with very > quality watchface application. > > And this is one of reasons people like gear watch series. > > When we want to get trust by designers and developers for high > quality application , we need this mechanism. And what has certificates got to do with this? If I wish to "steal" a watch face I can find the files and copy them off device. If SMACK/kernel permissions don't stop me from reading them, I can duplicate them somewhere else. The kernel should be keeping them unreadable from a regular shell user. I can use such files to make an Android wear app. I could make and submit a new Tizen app to the app store and violate copyright. I could use them to make an apple watch app. The vast majority of normal users will never use sdb or any shell and jump through several commands to install something. To get the TPK to begin with I would have to buy it (unless the store protocol is very broken). Do you want me to make a proof of concept tool that will actually automatically request a new signed certificate just like the SDK and then install a TPK? Perfectly possible. If the Tizen SDK can request signed certificates for a device I have next to me, then it can be done in large volume for everyone wanting to pirate a TPK. If you then want to make this harder and more painful the "look how easy it is" goes away and things become even more incredibly painful. Let me give you an example for developers who have actually done this and had to deal with the pain. They have a phone, develop on PC #1. then take it to their SDK install on laptop #2... phone refuses to install apps because its a different certificate. They have to issue a new certificate. Every time they go from desk to couch and back doing their work they have to re-issue a certificate. Not very friendly. > 2. > > "sdb install" > > Please do not assume sdb can be used only USB is connected. I do not assume this. > Gear series has no USB, can connect sdb through wifi. > > As a result, gear has more flexible design point without usb port. I know this. Why do you think I suggest we should bring back usbnet. Use SSH. It's a far more solid, well tested and featureful solution for "shell access and command controls" to a device. It's far better tested than the "wifi support" added to sdb. There's even sshfs. It has full user authentication. Allows for passwords or public key auth. Can be done locally (usbnet) or over wifi, over btnet. Any IP connection. It would instantly disallow anyone from messing with your device just because you plug it in to some PC to charge as it will deny access to anyone but the user(s) authorized. And it has been hardened by decades of being attacked on the internet. Sdb does not. > "sdb install" in reference phone. > > reference phone, you can install application with "sdb install". No one can buy a reference phone. They are unavailable. Unless you got incredibly lucky to be given one at a TDS or TDC... and even then most of these devices given out now are no longer supported. Go find a reference watch. A reference TV. They do not exist. Not that someone can get by simply purchasing one. Have these and we begin to have a different story. But then people use reference devices to "steal watch faces or apps", so you by logic should argue against such things are developer/reference devices... or such devices can NEVER install anything from the tizen app store which makes them pretty useless. > We need reference phone for the developers convinience not freeing > sideloading. And no such thing exists. Until then disallowing side-loading is a very very very poor idea because it drives developers away. :( > BRs > > --------- Original Message --------- > > Sender : 하이츨러 <[email protected]> Master/S/W > Platform팀(S/W센터)/삼성전자 > > Date : 2016-10-27 17:53 (GMT+9) > > Title : Re: [Dev] WG: RE: Antwort: Re: Privilege Platform > > On Thu, 27 Oct 2016 08:32:58 +0000 > 김보곤 <[email protected]> wrote: > > > Samsung Enterprise Portal mySingle > > > > What you explained is what android does. > > I know that. > > > What we do is what ios does. > > I know that. > > And all the effort of "Tizen is Open Source" falls flat on its face > the moment we do this. The simple answer is "Android is a far more > Open Os that Tizen is and that is my honest advice to anyone. This is > a shame but it is the truth." and this is the actual response from > people who run into this certificate "I need permission to buy my own > furniture" thing. > > If you actually read feedback from developers you'll find it's one of > *THE* most painful thing about dealing with Apple and that development > environment. > > "Why I hate iOS as a developer" > > https://medium.com/@Pier/why-i-hate-ios-as-a-developer-459c182e8a72#.abqom74n7 > > Read "Certificates and provisioning profiles" > > If you wish to invoke the way Apple do things... then I shall invoke > the response from developers like above. And this response is far from > unique. I can find a lot of pain people go through. > > But even worse, why don't you spend some time speaking with open > source developers you will give you an earful on just how insulting > such treatment of developers is. I do this. You should. This is a > great way to send developers away, not attract them. And people > wonder why developers are not flocking to write apps for Tizen. > > > And tizen has decided ios way from very beging of tizen. > > Actually that is COMPLETELY wrong. From the very beginning Intel > pushed very heavily for side-loading WITHOUT restrictions. I was > there. Samsung pushed for not even allowing it at all. In the end we > kind of got our way with this "You can side-load but only if we give > you permission" method. > > > Both way has pros and cons and deciding which way is just platform > > policy without exact answer. > > And I'm saying that we chose the worst possible way. It goes against > everything Open Source is about. I've been in the Open Source world > for over 20 years. I have a good idea of what it really means. This > kind of certificate thing is anti Open Source. > > > In my personal opinion, easy install means easy install malware > > application as well, and it took many years in android to prevent > > installing malware for instance adding such logics to check "allow > > untrusted installs" after people were damanged to install malware > > application through text or something. > > If someone like a developer CHOOSES to install something, that is > THEIR CHOICE. They do the install. If you require it be installed on > command-line then fine. Developers will. But disallowing it entirely > is purely insulting. It says "we do not respect YOUR freedom nor YOUR > ability to decide anything for yourself, so we'll just block you > instead." > > > So I think deciding blocking sideloading as a platform policy was > > not a bad idea. > > It's a horrible idea. > > > I just intented to inform him current situation because I think > > every members in here who know about it to share with others. > > Correct. But do not expect such a situation to go un-challenged. I > have personally spoken with developers who have sworn at this policy > and instantly given up on Tizen right on the spot. I've seen the > results on driving developers way. Unlike those people who just > silently left and disappeared, I'm standing up for them and am making > a point. We have ACTIVELY tried to drive them off by doing this. > > If you had to install using sdb (or even better we should bring back > usbnet support and openssh so you have to set up a user AND password > or ssh public key auth to enable this for your device and then have to > scp/sdb push then locally do "tpk install xxx") then you'll find the > people who need this feature (developers) have it without barriers > that they are not familiar with anyway, and regular people will not > accidentally install things that could be harmful. > > > BRs > > > > --------- Original Message --------- > > > > Sender : 하이츨러 <[email protected]> Master/S/W > > Platform팀(S/W센터)/삼성전자 > > > > Date : 2016-10-27 16:54 (GMT+9) > > > > Title : Re: [Dev] WG: RE: Antwort: Re: Privilege Platform > > > > On Thu, 27 Oct 2016 07:19:28 +0000 > > 김보곤 <[email protected]> wrote: > > > > > Samsung Enterprise Portal mySingle > > > > > > Hello, > > > > > > > > > > > > Sideloading, (https://en.wikipedia.org/wiki/Sideloading) which > > > means to install packages not comming from tizen store is not > > > allowed because of security reason. > > > > > > So there is no such way to do it. > > > > "security reason". A very poor excuse. I'm sorry but this policy is > > an excuse to just make life HARD for developers. Just because some > > organizations love to retain total control over their products even > > after sale, does not make it a good or nice thing to do. > > > > The real issue here is to retain total control. Anything else is an > > excuse. I'm being realistic. Someone has to stand up for users and > > developers and their freedoms and rights, and in my experience > > almost no one does. Even if anyone does, it's always fobbed off as a > > "security issue". > > > > A message to users: You need to make your voices heard. No one will > > change anything at all unless you stand up and effectively revolt > > and protest. The mindset is one of "But this is for your own good! > > Security! We are being so nice to you!". Unless you all love things > > this way... you need to say something very loudly and clearly > > because the very few who will stick up for you will not be listened > > to. > > > > If someone enables "allow untrusted installs" or similar, then goes > > and installs something ... this is not a security issue. They are > > WILLINGLY and KNOWINGLY installing software on THEIR device THEY own > > and THEY bought. They are not accidentally clicking a link on a a > > website and then suddenly having an app installed they didn't know > > would be. > > > > Imagine this. You buy a house or an apartment. You spend a large > > amount of money on it. You then want to move in. The person/company > > you bought the apartment or house from, or the bank you borrowed > > money from says "Oh no. You can ONLY buy furniture from OUR company > > store because of security reasons. You can't move your existing > > furniture in, or buy used furniture from your friend. It's a > > security reason!" > > > > What would your response be? That is EXACTLY what we are doing here. > > Treating users as a liability even if they have chosen a path of > > possible risk. How DARE someone have the freedom to buy ANY > > furniture they like and place it in the home THEY bought and paid > > for? It could be a security issue! The furniture may be bugged and > > listen to conversations! It may accidentally catch fire on its own! > > We must protect those innocent customers from their own bad > > decisions!It's true that a lot of people will do bad and risky > > things, but punishing EVERYONE is pretty arrogant. Yes, I know you > > can get permission with a personal certificate so just YOU can > > install signed apps that YOU sign on YOUR device. Imagine you > > needed permission from the people you bought your house from to get > > a special sticker that allowed to you bring furniture into your own > > home you already paid for? It's insulting. > > > > Think about it. Put yourself in someone else's shoes. Imagine you > > actually had to use Tizen every day and you were developing software > > for it and were asking friends and family to try it out before > > uploading to a store? Imagine you just wanted to share it with your > > colleagues and never publish it? ... Think about it. > > > > > BRs. > > > > > > --------- Original Message --------- > > > > > > Sender : Robin Wertz <[email protected]> > > > > > > Date : 2016-10-21 19:58 (GMT+9) > > > > > > Title : [Dev] WG: RE: Antwort: Re: Privilege Platform > > > > > > Hello thanks for your Help, > > > > > > so my problem is, we write an application for the samsung gear 2. > > > We will install this application on 80 smartwatches. We have dont > > > internet on this location. We dont will update all smartwatches > > > over connection with tizen. How can i do that ? > > > > > > the idea was that we write a second application an "Updater". This > > > Updater downloaded the new wgt file from us server and > > > uinstalled/installed this. Have anywho a good idea how to > > > implemented this ? > > > > > > thanks Robin > > > > > > > > > > > > > > > Von: 이동선 <[email protected]> > > > An: Robin Wertz <[email protected]>, Philippe Coval > > > <[email protected]> Kopie: [email protected] > > > <[email protected]> Datum: 21.10.2016 02:17 > > > Betreff: RE: [Dev] Antwort: Re: Privilege Platform > > > ──────────────────────────────────────────────── > > > > > > > > > > > > Hi, > > > > > > There are 3 privilege levels(public, partner, platform) in tizen > > > api. The platform privilege level is only for developers of device > > > manufacturers. So I don't think you can get a platform privilege > > > level. If you have an accout of tizen wiki, you can get detailed > > > information with the following URL. > > > - > > > https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview#Application_Singing_and_Certificates > > > > > > BR, > > > > > > --------- Original Message --------- > > > Sender : Robin Wertz <[email protected]> > > > Date : 2016-10-20 20:17 (GMT+9) > > > Title : [Dev] Antwort: Re: Privilege Platform > > > > > > > > > Hi, > > > i have a certificate as partner, but i cant use the > > > packagemanager.istall privilege. Tizen will the platform level for > > > this. > > > > > > > > > > > > Von: Philippe Coval <[email protected]> > > > An: Robin Wertz <[email protected]> > > > Kopie: "[email protected]" <[email protected]> > > > Datum: 20.10.2016 10:01 > > > Betreff: Re: [Dev] Privilege Platform > > > ──────────────────────────────────────────────── > > > > > > > > > > > > > > > > > > On Thu, Oct 20, 2016 at 9:53 AM, Robin Wertz > > > <[email protected]> wrote: Hallo Tizen Developers, > > > > > > i have a little Problem. I develop an app for the samsung Gear S2 > > > classic and will use the privilege > > > http://tizen.org/privilege/packagemanager.install. But tizen > > > required the privilege Level platform for this privilege which i > > > dont have. How i can get the platform privileg ? > > > > > > > > > Hi > > > > > > So you should apply as a partner, > > > I never applied for it but I know a program like that exists > > > > > > Maybe this is also interesting you and the mailing list > > > > > > 2016-10-27 : Build powerful and secure apps on the Samsung GearS3 > > > Knox Tizen Wearable SDK > > > https://wiki.tizen.org/wiki/Events#NEXT_OR_CURRENT_EVENTS > > > https://seap.samsung.com/content/tech-webinar-tizen-wearable-sdk-october-27-2016 > > > Hope it helps _______________________________________________ > > > Dev mailing list > > > [email protected] > > > https://lists.tizen.org/listinfo/dev > > > > > > > > > > > > ──────────────────────────────────────────────── > > > > > > 이동선 李東宣 DongSun Lee > > > 책임 Senior Engineer > > > Security Lab (S/W R&D Center) > > > Samsung Electronics co., Ltd. > > > E-mail : [email protected] > > > > > > ──────────────────────────────────────────────── > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > Dev mailing list > > > [email protected] > > > https://lists.tizen.org/listinfo/dev > > > > > > > > > > > > > > > > > > 김보곤 책임(Bogon Kim) > > > > > > > > > > > > Mobile Communication Division > > > > > > Samsung Electronics.Co.,LTD > > > > > > Mobile 82 - 10 - 3583 - 0881 > > > > > > Email [email protected] > > > > > > Software, System and Samsung > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 김보곤 책임(Bogon Kim) > > > > > > > > Mobile Communication Division > > > > Samsung Electronics.Co.,LTD > > > > Mobile 82 - 10 - 3583 - 0881 > > > > Email [email protected] > > > > Software, System and Samsung > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 김보곤 책임(Bogon Kim) > > > > Mobile Communication Division > > Samsung Electronics.Co.,LTD > > Mobile 82 - 10 - 3583 - 0881 > > Email [email protected] > > Software, System and Samsung > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
