Open Signed Online

To see more JOM Software applications, click here

My applications, which need to be signed:

Kredit Exchange

Why do You need it

Symbian OS allows only certificated applications to perform certain operations, for example making a network connection to download or upload data.

You can find an overview at Symbian Signed website (click here) and more information at Symbian Developer Network webpage The Complete Guide to Symbian Signed.

Developing and releasing such applications is possible without certification, but installation is possible only after SIS file has been signed (certificated).

Certain kind of applications are released as non-signed SIS files. Users are supposed to trust the alleged author, sign the given SIS files themselves, install and hope for the best.

This is a huge security problem.

Why didn't I certificate my applications

Certification process has several problems.

  1. I don't have my own certificate, which costs 200 USD per year, every year.
  2. Only companies can get a certificate. I don't own such a company.
  3. Even Express signing costs minimum 20 EUR per signing. First release, possible bug fixes, updates, translations, every new SIS file costs 20 EUR each time, minimum.
  4. Actually each application should be properly tested by an authorized Test House. This is around 200 EUR per SIS file, minimum. Some of the obligatory test cases are ambiguous and might cause delay and higher expenses.

There is supposed to be a way to get freeware applications signed for free. I've heard rumours that at least one application went through this process, got eventually signed and released. If you know the name of this application, please let me know!

There are rumours that Symbian Foundation might be thinking about improvements regarding this issue. No certain information is available yet.

 How to do Open Signed Online

  • Download the SIS file and save locally.
  •  Get your phone IMEI number, type these 5 characters in idle screen: *#06#. You should see small dialog with text "Serial number:" followed by a very long number. This is your phone IMEI.
  • Browse to Symbian Foundation website, Open Signed Online page (click here).
  • Scroll down and type your IMEI and email address. Application is the SIS file you downloaded earlier.
  • For Capability Information, select all needed capabilities. I use always all capabilities, just to make signing little easier (this is a security problem). For my applications just press the Select All button.
  • Type in the security code from the picture into text entry field below the picture
  • View legal agreement from Symbian Foundation. If you're ok with that, mark the checkbox. Otherwise you cannot sign the SIS file.
  • Press the Send button and go to your email box. You should receive a confirmation email with a link, which you have to click.
  • Wait... Second email should arrive, containing another link to signed SIS file. Save it in safe place, this is the file you can finally install! Just remember it works ONLY in device with correct IMEI number.

I always rename signed SIS files, so that I will know which phone it belongs to. For example file.sis becomes file_N82.sis.

Security Issues

  • SIS file could have been renamed.
  • The name of author could have been counterfeited.
  • Files inside SIS could have been modified.
  • There could be additional files inside SIS.
  • Application might do a lot more than what was advertized.

When you sign and install the SIS file by yourself, you pretty much give free hands for it to do almost whatever it wants to do. Symbian OS might be secure, but you just opened the front door!

Happy signing!