Touch screen or no touch screen. There’s more differences between Windows Mobile Standard and Professional than the touch capability of the screen. Application security is one of the major differences. When you install software on Professional based devices, the most you are asked is if you trust this unsigned application. If you say yes, then that application has full access to the device and any API’s that it would like to interact with. That’s not the case with Windows Mobile Standard based devices. When installing an application on Standard, you will still be asked if you trust this unsigned application.
Beyond that, if the application is signed with a certificate that is in the privileged store, then it will run as a privileged application. If it’s signed with a certificate that is in the unprivileged store, then the application does not have privileged access. What’s all that mean? Well, unless the application is privileged signed, then it won’t be able to access restricted parts of the device. There are a couple good articles over on MSDN that outline the security model on Standard devices. I recommend reading “Windows Mobile Powered Device Security Model” and “Application Security”.
So what actions are considered privileged? Without turning this article into a developers focus, I’ll just say; typically this is anything that interacts with the core functionality of Windows Mobile. If you are looking for more details on exactly what APIs, and registry settings are effected, then check out this article on MSDN.
This is all great, but how do you turn off privileged mode so that your favorite application can run without any problems. You can change the security values on your device using the codes outlined on this MSDN page. You need to define what security policies you want to change and build an XML provisioning file with those inside. Then using a privileged application, run this settings file on the device. And that is the tricky part of this whole process. Finding just the right application that is signed with the correct level of privilege to allow you to change the two-tier security level on your phone is not an easy task. Stay tuned for part II of this article entitled “Removing Application Lock on Windows Mobile Standard Devices”, where I will provide the answer to that very question.