If you had the source to cherry this wouldn't happen? How is that? Open source confirms malicious SMSs?

This would have happened. It might have taken less than a few days to see what's inside the SMS, but we know nonetheless.

As long as you flash your phone, this will happen. Also, hundreds of thousands flash without ever coming here to check. Even if you compiled your own PR 1.2, you wouldn't have gone through the sources, it's huge. Not in any amount of time we'd be happy to wait.

I'm afraid that, case in point, out only shield is Nokia's honesty.

Also, I'll repeat, as it seems I'm alone in this. Some of us don't really care the percentage of the OS that's open, as the OS has done nothing wrong by me. Closed core apps and lack of documentation did. And Nokia ain't opening Phone, and it ain't writing docs any time soon.

It could be 100 percent open, heck, it could be naked holding its x-ray. Phone would still be closed, still buggy, still no features and no docs. Cherry would still be there, happily sending SMS, as the notmynokia would probably still create the darned file instead of commenting lines and recompiling.

How does OS openness bare on cherry? (as this thread is about the MyNokia subscription)?

This part. Apparently the fact that some folks are getting charged, multiple times for a SMS that's nigh unavoidable is the problem right now. Don't you agree?

If it were truly open, people would have seen that, avoided it, and kept going.

But cherry is not part of the OS?

Sorry, I have a distinction between OS and apps, as I come from a closed environment. OS, as a moded Linux, is fine. Added closed packages are not OS.

For example, Notepad, even if shipped with Windows, is not the OS, as it's not a needed part, not a developer interface, replaceable, etc.

Shipped with doesn't mean part of. I know that since you have centralised repos and are all or most OSS, distinction is blurred.

The telephony stack/SMS portion of Maemo != Notepad.exe on Windows

If so, remove it, no problems, right? Good luck with that.

I've stated it, and you missed it somehow... that's one of the closed bits that has affected people. And instead of being knee deep in a semantics battle about what it is and what it isn't... I'd suggest that folks really spend the time in finding out what else the close bits are doing and how to avoid it.

And if anything, why are people so damn happy to point out one or two words meanwhile people are paying for something they shouldn't have.

I have a feeling that if Nokia created an opt-in registration system that was linked to an anti-theft protection system, they would get very high opt-in rates.

I.e. Register your phone number, name and IMEI, and then if one day you report your device stolen, we will help you track your device, and it will be blocked from future updates, etc.


Michael

I didn't know Debian didn't have a (OSS) telephony stack, I thought it was just the app that was closed. Oh well.

No. That would be Maemo.

Have fun trying to remove that portion fully that basically is explained away nonchalantly in the OP.

Gerbick,

You're pretty much on every other post in this thread.

Maybe you need a breather? Sometimes, when discussion doesn't lead to anything, the best tactic is a bit of silence.

You're right.

Gerbick, take a breather. I'm taking over the shift now. Thanks for the good work and, as always, I grok your mouth music.

It's as much part of the OS as anything else that comes packaged in the firmware. I think what you MEANT to say is that it's not part of the kernel. If what you mean by 'operating system' is literally just the Linux kernel, you would be right. If what you mean by 'operating system' is literally the entire package handed to you as the system and dependencies that work together to provide the user with a way to work with the kernel (i.e. everything from the UI to the command line to the apps that make the kernel useful) then you're incorrect. Cherry is part of the package and it runs whether you like it or not as part of the operating system along with all the other close-source pieces of crap that Nokia forces down your throat that you can't remove without damaging the actual open-source kernel and applications that Nokia have hooked into their crap. Yes. Crap. it's provable on the maemo bugzilla site that it's crap if bugs are found but won't get fixed or aren't open enough for anybody else to fix them.

How nice for you that the OS hasn't done a single thing you didn't like. I wonder how you even know all of what it's doing, really, if it's not entirely open so that you know what type of behavior it's actually going to have, ala the privacy picking rotten cherry. Methinks Maemo needed to get pitted.

GOOD NEWS, EVERYONE! Nokia has already gathered your information! They've already HALF-IMPLEMENTED your idea!

Well, following that explanation, allow me to rephrase. Kernel and some parts of the system did no wrong by me. None that I could see, the phone could have transmitted stuff over WAN, I'm not dumping EVERY packet sent.

I guess you are right. I don't know that other parts did no wrong, they could have uploaded my contacts to Nokia.

I never noticed the kernel do anything wrong. Which, in this form, means squat.

Who would have thought Nokia would ever rank in security and trust below a few companies we'll not name here? Hm.

So, I'll repeat the question I posed here the second day this SMS thing popped on the forums: Did we ever get a response from Nokia on this issue? Because no, the above isn't a response.

I guess the response is "yes we did it", for one, and "no regrets and no promises we won't do it again". So, good news, everyone, indeed.

Last useful news I saw on the subject was in BMO:

Anything in the last 3 weeks?