Tag Archives: Mobile Security

Twitter and the Security Imbalance

The problems of Twitter with their OAuth implementation have made the headlines, and a full analysis can be found on Ars Technica. The (very) basic idea of the first issue highlighted in this article is as follows: Twitter provides “secret keys” (more like API keys) to developers. When a key is compromised, it is revoked, […]

Android malware hype

There is no better publicity for a security company than a good scare. Apparently, some guys at Smobile are taking publicity seriously. They have published a report entitled Threat Analysis of the Android Market, which got them some news coverage. The report includes some pretty scary statements, like: 3% of all of the Market submissions […]

Mobile applications may be dangerous

That’s a question that I have been asking myself for quite a while. How dangerous can a mobile application be? How can it be made more dangerous? Or less dangerous? Here’s a grabbag from Internet today. First, the good side, with two Microsoft articles pointed by Bruce Schneier: The first one is about the authorization […]

Live from Cardis 2010: Where is our smart card AppStore?

UPDATED: Added slideshare link. Here is a transcript of my invited presentation at Cardis2010, or at least the things that I thought about before getting there. The slides are available on SlideShare.

Here and Now !

Ajit Jaokar has published a post on Mobile Cloud Computing, in which he asks some questions about mobile computing. I found his questions very interesting, so here are my answers (I kept them short, but I will try to develop some things later): a) Is ‘mobile cloud computing’ a distinct domain in itself? Or is […]

Greetings from China

The Java Card Forum is meeting in China this week. This is a first for me, so I can’t tell how much Beijing has changed in the past 10 or 15 years, because I don’t know how it used to be. So, here is what I have seen (from a very naive point of view): […]

OMTP TR1 gaining support in the UK

Yesterday, I attended the Mobile Barcamp on Security at ETSI. Even though attendance was rather low, the exchanges were interesting, and the unconference format made them even more interesting. It was my first Barcamp, and I really enjoyed it. Among the news and messages spread during the meeting, one struck me, even though it is […]

Let’s tax Google! All of us!

I am French, and I must admit that my government spends a lot of time innovating about technology, in particular in relation with artistic creation. After enacting a wonderful antipiracy law that will cause problems to people with poorer network security skills than their neighbors, a recent report is suggesting to tax Google because it […]

How to secure Santa’s database?

I read very alarming news today, for a lot of kids around the world: Santa’s naughty-nice database has been hacked. The very good article shows all the typical issues related to privacy, and also to the fact that some records are grossly incorrect; all typical issues encountered when such a massive leak occurs. Now, here […]

Unleashing Android on a Nook

Using an open system to develop a closed device is nothing new, and it is working. We can therefore hardly call Barnes&Noble innovators for basing their Nook e-book reader on the Android operating system. In another community, opening closed devices (and especially those that run on an open system) is also a well-known sport, and […]