As a symbian developer i never thought "symbian Platform security" could be broken!! Well it has already been done according to this post at http://symbaali.info/ he even has a post like this
"Goodbye S60 Platform Security, Hello CAPABILITIES!"Symbian was boasting about their platform security.This came as a slap on their face. In fact Symbian would be in a state of shock now since the hack was fueled by Nokia's Firmware update "NSU" .
This person was able to intercept firmware downloaded by NSU make some modifications and then flash it on to the device and voila!! you have a device which can grant full all access to the symbian file system system.
He refers to using a simple "SWIPOLICY.INI" file which is SoftWare Instalation Policy
the description can be found in Symbian developer library and is well documented.
According to the document
When installing native Symbian OS packages (.SIS files) onto a device, the code performing the installation (the Software Inst aller, sometimes referred to as SWI) first reads the settings in a policy file in ROM (
swipolicy.ini) to determine how the installation should proceed.
Swipolicy.iniis configured by a device manufacturer prior to device shipping.
This document describes the contents of tha
t policy file and the effect the settings have upon software installation.
Swipolicy.iniis not divided into sections and parameters can occur in any order. This document applies to Symbian OS v9.x and onwards.
On a phone,
swipolicy.iniis located in
z:\system\data\. On the emulator, this corresponds to
Finally after flashing the modified firmware file t he File wil dictate how the SWI [sofware installer, which is responsible for all the installation happens on the phone] behaves.
Below is the screen shot of the file location after flashing :
AllowUnsigned = false
MandatePolicies = false
MandateCodeSigningExtension = false
Oid = 184.108.40.206.5.6
Oid = 220.127.116.11.6.7
DRMEnabled = true
DRMIntent = 3
OcspMandatory = false
OcspEnabled = true
AllowGrantUserCapabilities = true
AllowOrphanedOverwrite = true
UserCapabilities = NetworkServices LocalServices ReadUserData WriteUserData UserEnvironment
AllowPackagePropagate = true
SISCompatibleIfNoTargetDevices = false
RunWaitTimeoutSeconds = 600
AllowRunOnInstallUninstall = false
DeletePreinstalledFilesOnUninstall = true
The hack is simple and straight forward, yet it may not be that simple to execute from everyone but the point is, even such a security can be broken!!
This has been confirmed by the Forum nokia champions like antonypranata.
Now its all left to symbian and Nokia to battle it out ant the next few weeks would be very interesting.
The hack isn't just about granting full access to 3rd party applications, it has much more severe.Lets wait what the giants have to say about this. Symbian and Nokia i think never had been challenged to this heights. well its a wake up call to all the big corporate.