What you explained is what android does.
What we do is what ios does.
And tizen has decided ios way from very beging of tizen.
Both way has pros and cons and deciding which way is just platform policy without exact answer.
In my personal opinion, easy install means easy install malware application as well, and it took many years in android to prevent installing malware for instance adding such logics to check "allow untrusted installs" after people were damanged to install malware application through text or something.
So I think deciding blocking sideloading as a platform policy was not a bad idea.
I just intented to inform him current situation because I think every members in here who know about it to share with others.
BRs
--------- Original Message ---------
Sender : 하이츨러 <c.haitz...@samsung.com> Master/S/W Platform팀(S/W센터)/삼성전자
Date : 2016-10-27 16:54 (GMT+9)
Title : Re: [Dev] WG: RE: Antwort: Re: Privilege Platform
On Thu, 27 Oct 2016 07:19:28 +0000 김보곤 <bogon82....@samsung.com> wrote: > Samsung Enterprise Portal mySingle > > Hello, > > > > Sideloading, (https://en.wikipedia.org/wiki/Sideloading) which means > to install packages not comming from tizen store is not allowed > because of security reason. > > So there is no such way to do it. "security reason". A very poor excuse. I'm sorry but this policy is an excuse to just make life HARD for developers. Just because some organizations love to retain total control over their products even after sale, does not make it a good or nice thing to do. The real issue here is to retain total control. Anything else is an excuse. I'm being realistic. Someone has to stand up for users and developers and their freedoms and rights, and in my experience almost no one does. Even if anyone does, it's always fobbed off as a "security issue". A message to users: You need to make your voices heard. No one will change anything at all unless you stand up and effectively revolt and protest. The mindset is one of "But this is for your own good! Security! We are being so nice to you!". Unless you all love things this way... you need to say something very loudly and clearly because the very few who will stick up for you will not be listened to. If someone enables "allow untrusted installs" or similar, then goes and installs something ... this is not a security issue. They are WILLINGLY and KNOWINGLY installing software on THEIR device THEY own and THEY bought. They are not accidentally clicking a link on a a website and then suddenly having an app installed they didn't know would be. Imagine this. You buy a house or an apartment. You spend a large amount of money on it. You then want to move in. The person/company you bought the apartment or house from, or the bank you borrowed money from says "Oh no. You can ONLY buy furniture from OUR company store because of security reasons. You can't move your existing furniture in, or buy used furniture from your friend. It's a security reason!" What would your response be? That is EXACTLY what we are doing here. Treating users as a liability even if they have chosen a path of possible risk. How DARE someone have the freedom to buy ANY furniture they like and place it in the home THEY bought and paid for? It could be a security issue! The furniture may be bugged and listen to conversations! It may accidentally catch fire on its own! We must protect those innocent customers from their own bad decisions!It's true that a lot of people will do bad and risky things, but punishing EVERYONE is pretty arrogant. Yes, I know you can get permission with a personal certificate so just YOU can install signed apps that YOU sign on YOUR device. Imagine you needed permission from the people you bought your house from to get a special sticker that allowed to you bring furniture into your own home you already paid for? It's insulting. Think about it. Put yourself in someone else's shoes. Imagine you actually had to use Tizen every day and you were developing software for it and were asking friends and family to try it out before uploading to a store? Imagine you just wanted to share it with your colleagues and never publish it? ... Think about it. > BRs. > > --------- Original Message --------- > > Sender : Robin Wertz <robin.we...@clausohm.de> > > Date : 2016-10-21 19:58 (GMT+9) > > Title : [Dev] WG: RE: Antwort: Re: Privilege Platform > > Hello thanks for your Help, > > so my problem is, we write an application for the samsung gear 2. We > will install this application on 80 smartwatches. We have dont > internet on this location. We dont will update all smartwatches over > connection with tizen. How can i do that ? > > the idea was that we write a second application an "Updater". This > Updater downloaded the new wgt file from us server and > uinstalled/installed this. Have anywho a good idea how to implemented > this ? > > thanks Robin > > > > > Von: 이동선 <ds73....@samsung.com> > An: Robin Wertz <robin.we...@clausohm.de>, Philippe Coval > <philippe.coval....@gmail.com> Kopie: dev@lists.tizen.org > <dev@lists.tizen.org> Datum: 21.10.2016 02:17 > Betreff: RE: [Dev] Antwort: Re: Privilege Platform > ──────────────────────────────────────────────── > > > > Hi, > > There are 3 privilege levels(public, partner, platform) in tizen api. > The platform privilege level is only for developers of device > manufacturers. So I don't think you can get a platform privilege > level. If you have an accout of tizen wiki, you can get detailed > information with the following URL. > - > https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview#Application_Singing_and_Certificates > BR, > > --------- Original Message --------- > Sender : Robin Wertz <robin.we...@clausohm.de> > Date : 2016-10-20 20:17 (GMT+9) > Title : [Dev] Antwort: Re: Privilege Platform > > > Hi, > i have a certificate as partner, but i cant use the > packagemanager.istall privilege. Tizen will the platform level for > this. > > > > Von: Philippe Coval <philippe.coval....@gmail.com> > An: Robin Wertz <robin.we...@clausohm.de> > Kopie: "dev@lists.tizen.org" <dev@lists.tizen.org> > Datum: 20.10.2016 10:01 > Betreff: Re: [Dev] Privilege Platform > ──────────────────────────────────────────────── > > > > > > On Thu, Oct 20, 2016 at 9:53 AM, Robin Wertz > <robin.we...@clausohm.de> wrote: Hallo Tizen Developers, > > i have a little Problem. I develop an app for the samsung Gear S2 > classic and will use the privilege > http://tizen.org/privilege/packagemanager.install. But tizen required > the privilege Level platform for this privilege which i dont have. > How i can get the platform privileg ? > > > Hi > > So you should apply as a partner, > I never applied for it but I know a program like that exists > > Maybe this is also interesting you and the mailing list > > 2016-10-27 : Build powerful and secure apps on the Samsung GearS3 > Knox Tizen Wearable SDK > https://wiki.tizen.org/wiki/Events#NEXT_OR_CURRENT_EVENTS > https://seap.samsung.com/content/tech-webinar-tizen-wearable-sdk-october-27-2016 > Hope it helps _______________________________________________ > Dev mailing list > Dev@lists.tizen.org > https://lists.tizen.org/listinfo/dev > > > > ──────────────────────────────────────────────── > > 이동선 李東宣 DongSun Lee > 책임 Senior Engineer > Security Lab (S/W R&D Center) > Samsung Electronics co., Ltd. > E-mail : ds73....@samsung.com > > ──────────────────────────────────────────────── > > > > > > > > _______________________________________________ > Dev mailing list > Dev@lists.tizen.org > https://lists.tizen.org/listinfo/dev > > > > > > 김보곤 책임(Bogon Kim) > > > > Mobile Communication Division > > Samsung Electronics.Co.,LTD > > Mobile 82 - 10 - 3583 - 0881 > > Email bogon82....@samsung.com > > Software, System and Samsung > > > > > > > > > > > > > > > > > > > > > > > >
|
|
|
_______________________________________________ Dev mailing list Dev@lists.tizen.org https://lists.tizen.org/listinfo/dev
