246 Chapter7·OperatingSystemandDeviceVulnerabilities MIDlet Permissions and Signing Although MIDP 2.0 MIDlets have access to security-critical system resources, most of them do not need access to all but a few specific resources such as the network (for example, the Internet). The resources an individual application has access to are regulated with a set of permissions. Each resource is handled by a dedicated permission. The number of resources depends on the individual type of mobile phone. Each permission has four individual settings through which the user can decide how an application can access a resource. The four settings are shown in Table 7.1. A simple example would be an application that needs access to the file system and the Internet. Here, the user could always grant file system access using the Always allowed setting, while setting the permission for network access to Ask every time so he can see and control when the application tries to access the network. The Java environment asks permission by displaying a message box and the user simply accepts or rejects the request. Table 7.1 Permission Settings Setting Ask every time Ask first time only Always allowed Not allowed Resulting Action User is always asked for permission before resource can be used User is only asked the first time the resource is used The resource can always be used without the users permission The resource is not usable at all by the application Security settings are always bad for the user since he/she cannot easily decide what level of access is needed and what is good or bad for him/her. To solve this issue, application vendors have the possibility of specifying the permissions needed by their applications. In order to keep malicious applications from having permission to access sensitive resources, applications that come with predefined security permissions need a cryptographic signature. The signature insures that a MIDlet was not altered and that the author of the software is known to the issuer of the cryptographic certificate. Through this, it can be assured that the MIDlet can be trusted to not perform any malicious behavior. Details on the security of MIDP and J2ME can be found in the "Links" section at the end of this chapter. Past Vulnerabilities J2ME can be regarded as being quite secure because the number of known security issues has been relatively low since its introduction. This section will present vulnerabilities that existed in