“To that end, Steve mentioned that he digs Nokia’s approach of requiring that apps be digitally signed so they can be traced back to their developers, an effort to stem ‘viruses, malware, privacy attacks’ that he thinks will flourish on a ‘highly visible target’ like the iPhone. There’s a problem, though: there’s no telling when the last time is that Steve touched a phone not of his own creation, but we’ve used S60 devices pretty recently (like, today) and we have it on good authority that you can disable certificate verification for installed apps. Think iPhone users are going to have that option? Probably not. Apple’s still visibly concerned about keeping the iPhone under its perceived draconian control (even though it’s been busted wide open time and time again), and we’ve no doubt that trend will continue in full effect with the SDK. It’s a huge, landmark upgrade from the web-based SDK developers have now, yes — but we’d recommend Steve screw around with an N95 for a while before he heaps any more love on the way Nokia goes about its business.”
There’s a lot of commentary being written about the iPhone SDK which can be summed up in four words: “I told you so”. Notably, John Gruber is sitting back in his armchair, cracking open a beer, and congratulating himself for calling it right.
There’s one problem: no one, not even John, has any clue about what shape or form Apple’s SDK is going to take. While it’s clear that you’ll be able to make applications for the iPhone, there’s no indication of what features of the iPhone you’ll be able to access. File storage? Both the EDGE network and WiFi, or just WiFi? Jobs refers to “broad access to the iPhone’s amazing software platform” – but “broad access” isn’t the same as “access to all the features”.
What’s notable is that Jobs refers to signed applications as “a step in the right direction”, although of course he gets it wrong in implying that all Nokia applications must be signed. That suggests to me that whatever security methods Apple adopts will be more restrictive that code signing – and that suggests to me that Apple will keep a very tight rein on what developers can do, and who is allowed to develop and distribute software for the iPhone.
Will, for example, Apple only allow software to be installed on the iPhone via iTunes, after they have “approved” the code? I don’t know, you don’t know – and John doesn’t know either. So perhaps before we get too happy about the arrival of an iPhone SDK, we ought to just wait and see what crops up in February.