Feeds

OMTP says mobile Web 2.0 is a beach

Now to get everyone to agree what that means

Providing a secure and efficient Helpdesk

Operator talking shop the Open Mobile Terminal Alliance has embarked on an ambitious plan to bring Web 2.0 to mobile phones, called Bondi to reflect the joy of surfing.

There is general agreement that AJAX-style applications would be a good thing on a mobile phone, both in terms of applications embedded in web pages and widgets embedded in the phone interface, but deciding what such applications should be allowed to do is more difficult.

Apple's iPhone ran into this problem when Steve announced that there would be no native applications, since AJAX could do anything an application could want. The problem is that mobile phone applications want to make phone calls, send text messages, check location information and integrate with other applications. But all of these things are prevented by the sandbox that protects users from malicious content.

So the iPhone will get native applications in addition to AJAX ones, but the OMTP reckons there can be a middle ground. Standard APIs will allow scripts access to phone functions, but not all scripts will be made equal.

Identifying which script should be allowed and which kept from accessing the phone is the tricky bit. Digitally signing scripts is possible, but requires secure certificate distribution and management - a process at which the mobile industry has proved remarkably inept.

Yesterday saw the first meeting of the Bondi working group, who will be deciding how much freedom is too much for untrusted applications, and how to identify those applications that deserve a little more trust. Apparently digital signitures will be on the agenda, but accompanied by the domain listing approach, where access to the APIs is restricted to scripts loaded from known sites.

Domain listing will appeal to the operators who make up the OMTP membership: though much less secure than digital signatures it's very simple to implement and gives complete control to the network operator.

The working group won't be publishing the first version of Bondi until the Autumn, although more details should emerge in the next month or two, and in proper OMTP style it already has a logo. ®

Protecting against web application threats using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
Apple Watch will CONQUER smartwatch world – analysts
After Applelocalypse, other wristputers will get stuck in
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.