[SR-Users] CAcert root in Lumicall

Daniel-Constantin Mierla miconda at gmail.com
Wed Feb 15 13:10:57 CET 2012 

Hello,

On 2/14/12 1:56 PM, Daniel Pocock wrote:
>> I installed it from the download page, worked fine on android 2.2 -- had
>> no time to test it yet, but I noticed some "warning" messages during
>> installation. Not sure if it is specific for each android phone type or
>> for android in general, but I was alerted that I will allow the
>> application do to a lot of "nasty" things, like taking my gps position,
>> making calls that can cost me money, etc... Being open source and people
> The warnings are a common problem for Android apps
>
> There is no opportunity for the developer to annotate the warning screen
> or make the warnings more specific
ok, just wanted to know about, my best mobile device is the laptop :-) ...

>
> E.g. permission to modify SD card: the Lumicall app only needs
> permissions to export a backup of the SIP settings, it does not, for
> example, need to delete pictures and movies.  But Android doesn't allow
> that distinction.  As a developer, I have to choose:
> - give user backup feature with nasty warnings
> - give user no backup feature
>
> However, I have been reflecting on this, and I think I am going to
> remove some features (e.g. the backup function) so that users will be
> less intimidated.
>
> Another strategy is to modularise the app: e.g. divide Lumicall into 3
> apps, each with less permissions, and they collaborate using
> inter-process communication (IPC)
Not sure it will help much, from my point of view -- having too many 
apps to install for getting a proper user experience is not good.

Maybe making configurable options to enable/disable some features is 
better, explaining what everyone does and accesses.

I started the app and requires to fill some data and do a missed-call. 
Can you add an option to skip the step and go to setting up details for 
using a custom SIP service?


>
>> like myself a devel could check and be safe about if they have a doubt,
>> but I wonder if "usual" people will not become afraid of installing it.
> The source code is an important issue for me too: I have now implemented
> SRTP, and almost finished implementing ZRTP.  I really believe that such
> source code should be open so that people can have proof that it is
> secure (no back doors for someone to monitor calls and sell juicy rumors
> to British newspapers)
:-)

>
> Rather than putting the code on Sourceforge, I'm setting up a site,
> opentelecoms.org (which is also the Java namespace for the library code)
> - but I'm trying to choose between running it with a monolithic solution
> like FusionForge, or separate systems like MoinMoin, Bugzilla, gitosis -
> I'd be interested in any suggestions about that, as I want the site go
> beyond the basic goal of distributing source code, and make it a useful
> resource to the wider VoIP community.

It would be useful, but I guess it will take some maintenance time. 
Maybe you can host the project somewhere that provides all needed tools 
(bug tracker, mailing lists/forums, scm, a.s.o.).

Cheers,
Daniel

-- 
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda

More information about the sr-users mailing list