Well, Apple is everywhere in the news these days … I really enjoyed the news of the first iPhone worm being unleashed in Australia. The question I ask today is: how bad is that news? It sure sounds bad at first. worms are not the kind of beasts that we want to see on our […]
Tag Archives: Mobile Security
Apple news and rumors
Apple is not my usual cup of tea, as there are way enough sites that make a living on Apple rumors. I recently took a look at one of them, Apple Insider, to check on a few things happening there, and I found three interesting articles, all somehow linked to mobile security.
Proving code correct
Most of us spent some time in school studying program proofs in a way or another. Many techniques exist, but in most cases, their most important use it to make students understand that, sometimes, a computation does not end. Proving programs is hard, but the hardness of the proof greatly depends on what you want […]
iPhone training for thieves
Yet another profession needs to turn computer-literate, or at least smartphone-literate. Stealing devices like iPhone’s and Android devices, as we owners increasingly use services that allow us to locate our lost/stolen precious phones. In the story recalled by the Pittsburgh Post-Gazette, the thieves were elaborate enough to think about asking the victim for his credit […]
Should we sign malware?
The distribution of mobile applications heavily relies on digital signatures. Applications must be signed before they are distributed. The problem with signatures is that we have often been warned that “we should not trust applications that have not been signed”. Although this is absolutely true, and although anybody who has followed a Logics 101 class […]
Design for security
There is an ongoing compeition in England about combining design and security to improve the security of mobile phones, and more precisely, to limit the stealing of phones. This sounds like a wonderful idea, because design can make attacks unpractical and/or more difficult to implement, therefore making a stolen phone less valuable. I can’t wait […]
Cllient issues for Smart Card Web Servers
Just like any other Web server, a Smart Card Web Server (SCWS) depends greatly on the capabilities of its clients. A presentation by Peter-Paul Koch to Google gives a very good overview of the capabilities of the various mobile browsers. What you can read in this presentation is quite sad. There have been many discussions […]
Android Trojan horses
Over the years, the Java ME/MIDP security model has been widely criticized. Keeping asking users for security confirmations on untrusted programs is painful and dangerous. I must admit that I don’t like it, and that I don’t like the idea of confirming any potentially dangerous idea. There are many solutions to that, that can even […]
SMS messages are dangerous!
The SMS system has been used as a universal entry point into mobile phones. SMS messages can not only bring you the latest news from your kids or friends, they can also be used to trigger mobile applications, or even to modify the configuration of your phone. Trust Digital is a company that specializes in […]
Can our industry help President Obama?
According to Wired News, Mr. Obama will not be able to use his Blackberry any more when he will be President of the USA, because of security concerns. He may even have to refrain from using e-mail. The funny thing is that the issue goes further than security. In the USA, there is a Presidential […]