The MIDP 2.0 specification defines as untrusted a MIDlet suite for which the origin and integrity of the JAR file cannot be verified by the device. This does not mean that the MIDlet cannot be installed or executed; it just means that the access to restricted operations requires explicit user permission. All MIDP 1.0 MIDlets are by default untrusted.
Untrusted MIDlets can call any API without permission if the API is not protected. That includes all classes in the following packages:
java.util java.lang java.io javax.microedition.rms javax.microedition.midlet javax.microedition.lcdui javax.microedition.lcdui.game javax.microedition.media javax.microedition.media.control
In case an untrusted MIDlet suite tries to invoke a protected API and
does not have the permission, for example if the user rejects the permission's
prompt, a SecurityException will be thrown. The MIDlet
should catch those exceptions and handle them properly.
It is also worth noticing that the Nokia's UI API is not protected.
This includes the classes in the com.nokia.mid.sound and com.nokia.mid.ui packages.