Posts by Richard Taylor

No Signing please...

Signing really doesn't help for several reasons:

1. signing is a very expensive exercise if you support a lot of phones (and don't kid me that Android will be write once, run everywhere). So there goes the student/amateur/small developer set, which is the vital groundswell

2. signing won't guarantee that an app-generated SMS isn't premium rate, or that the data being sent isn't sensitive

3. signing means nothing to the end-user

My experience is that the application doesn't improve in quality by going through the signing process - the only 'faults' its exposes are very minor problems.

As far as I can tell, signing is just another way to make money out of developers. Maybe that's where Symantec comes in? :-)

If this is to be an 'open' OS/API, then the applications also need to be 'open'. Yes, there's a risk placed on the user, but not that different to that of a PC app.

The right thing to do is educate the user, not lock out developers.