The next generation is getting closer than ever, with e forecast release in Q1 2008. Some demos were already present at Cartes, on both Gemalto and Oberthur booths. No major breakthrough in terms of cards, as both of them have been using USB tokens, about which they were not that talkative. The focus, in both …
This year seems to see the arrival of interesting newcomers in the mobile phone market. Apple has started an iPhone that also happens to be an iPod, and Google has recently announced that they will participate to some kind of a gPhone, which includes Google’s client applications. This is nice, but if we think as …
It is time for my yearly local conference, and this time, I am blogging live from it. I missed the first day, but here I am for the second day, and the Java Card session. This year, it is Oberthur who presents Java Card 3.0, more precisely Vincent Guerin, one of their JCF representatives. His …
The iPhone is back in the news, this time as the target of an attack. This attack seems to me like a new one on mobile phones. The Safari vulnerability that it exploits also exists in the workstation version of the program. Apple is here falling victim of their “reuse” strategy: by using the same …
Over a week after the launch, it is a duty as a blogger to mention the iPhone. I am not going to explain how great it looks and feels, and I am not going to talk about the latest iPhone hacks. In fact, I will react on an old Steve Jobs quote that I saw …
The DESKey.getKey(byte[], short) method definitely is one of the most controversial methods of the Java Card 2.1 API. This method is quite simple; as stated in its description, it “Returns the Key data in plain text”. This definition is of course a nightmare for smart card security people: not only does it access the value …
The specification of the Next Generation Java Card (aka Bandol) will not be publicly available before beginning of 2008, but the information that has been disclosed so far is sufficient for developers to start thinking about the architecture of future applications. The JavaOne session by Jean-Jacques vandewalle and Laurent Lagosanto provides the appropriate material to …
One of Bandol’s major innovations is the adoption of the servlet programming model. This can be considered as an acknowledgement by the smart card industry of the role of secure personal server for smart cards. Now, we just have to make sure that issuers share that vision. On technical matters, we are faced with the …
I have chaired a session at the SIM Summit, whose topic was the technical challenges to be met in order to satisfy operator requirements. The speakers were mixed between operators and vendors. The session was very informative, especially because there seems to be a good convergence between the actors. In order, the hot topics are …
After last year’s push for a phone based on SavaJe (a “small” Java SE technology made for PDAs and mobile phones), the big buzz at this year’s JavaOne will be that Sun is buying SavaJe’s technology, opening the world of mobile phones to mainstream Java SE technology. At the same time, we are working hard …
