Comments on: Smart Mobility: Mobile Application Security https://javacard.vetilles.com/2008/09/17/smart-mobility-mobile-application-security/ A weblog on Java Card, security, and other things personal Thu, 18 May 2017 07:26:32 +0000 hourly 1 https://wordpress.org/?v=4.0.32 By: Eric Vétillard https://javacard.vetilles.com/2008/09/17/smart-mobility-mobile-application-security/#comment-3225 Wed, 17 Sep 2008 21:28:33 +0000 http://javacard.vetilles.com/2008/09/17/smart-mobility-mobile-application-security/#comment-3225 Sure, it is possible to get malware signed in any framework; it is even the point I want to make.

There are two reasons why I singled out Windows Mobile: first, it is a native platform, in which it is much easier to write a virus; second, and more importantly, its signing process used to only authenticate the developer, without paying any attention to the application. But of course, it is possible to do the same thing in Symbian. Hopefully, it is a bit more difficult.

]]> By: Pierre Heuzé https://javacard.vetilles.com/2008/09/17/smart-mobility-mobile-application-security/#comment-3223 Wed, 17 Sep 2008 13:49:05 +0000 http://javacard.vetilles.com/2008/09/17/smart-mobility-mobile-application-security/#comment-3223 In relation to code signing, this is a general issue not only on windows mobile but any platform. At least in the best case code signing provides some degree of confidence that the signer is accountable for what has been signed. But the signing process isn’t a warranty that the application is without virus or even works correctly !

]]>