Windows Mobile 5.0 Security Model FAQ

Certificates (SSL) Q: What is required to install a new certificate to the ROOT store?A: Adding ROOT certificates currently requires trusted code or manager access. On most Pocket PC devices this won’t be a problem, but some Smartphone devices are deployed in a restricted configuration where this will be a problem. Q: Okay, I have…


DPI-aware NetCF v1 apps

.NetCF 2.0 has great support for hi-dpi devices, but v1 does not have anything built in.  Luckily, it’s not that hard to add hi-dpi support to Forms-based apps.  Just add a call to DpiHelper.AdjustAllControls(this); to the end of your form’s constructor.  And if you do any manual drawing, you can use DpiHelper.Scale() to convert hard-coded…


JavaScript and C#

I was wondering if there would be any demand for a product that allowed you to call managed code from JavaScript.  It seems like it should be doable, using a technology like Mirror, and would allow you to rapidly create apps with a rich HTML UI and deploy them over the web.  However, you could…


Windows Mobile Application Execution Security Policies

There’s a good description of the trust levels in Windows CE at this MSDN page, so for this post I’ll discuss how the security policies in Windows Mobile 5 affect what trust level an application will get.Privileged Applications policy (or two-tier policy) (4123)If this policy is set to 0, applications can run untrusted or trusted,…


Of Anniversaries and Vacations

Forgive me this indulgence.  Today is my 12th Anniversary at Microsoft.  I actually started as an electrical engineer hired to build a super computer to do video on demand.  Strangely, the whole, “Microsoft builds a supercomputer” thing didn’t go very far.  In fact they canceled the project a few days after they hired me–before I…


Who’s Using My RAM?

(Note: If words like “RAM” and “ROM” and “XIP” look strange to you, there is an entry here that explains their meanings.) In my recent “Where’s My RAM” entry, I explained why you tend to see a difference between what the WM5 device reports as “Total” RAM and what you know the device actually has. …


Diagnosing Installation Failures

When a CAB file fails to install, we pop up an ambiguous error message.  We could put more detailed info there (and there is a bug sitting in our database saying we should investigate doing so) but the reality is that when a CAB fail, there’s really nothing the typical user can do to fix it themselves… they…


Start & Stop ActiveSync

Windows Mobile 5 is so jam packed with cool new APIs that some of the smaller (but still very useful!) ones fall through the PR cracks.  Here are two that I just got remineded of by a post in the smartphone.developer newsgroup: ActiveSyncStart & ActiveSyncStop These device-side APIs do exactly what the names imply.  To kick off…


Where’s my RAM?

So you just bought a brand new WM5 device.  The box says it’s got 64M of RAM.  You go digging through control panels on the device and find one that says it’s only got 50M.  Is something wrong?  Should you be worried about this?  The short answers are “No” and “No.”  This blog entry will…


Application Execution Security 101

This post will be a quick reference to the application security model in WM 2005. I’ll gloss over some fine details in order to cover the broad points. For CreateProcess() or running any executable   First, examine the signature on the binary. The three possibilities are that it is signed privileged, signed unprivileged, or unsigned….