Comments on: Design for security https://javacard.vetilles.com/2009/05/07/design-for-security/ A weblog on Java Card, security, and other things personal Thu, 18 May 2017 07:26:32 +0000 hourly 1 https://wordpress.org/?v=4.0.32 By: Bruce Hopkins https://javacard.vetilles.com/2009/05/07/design-for-security/#comment-3579 Mon, 11 May 2009 04:21:26 +0000 http://javacard.vetilles.com/?p=316#comment-3579 No,

I’m not a SIM vendor employee, but I got a huge background in Bluetooth. :-)

– Bruce

]]> By: Eric Vétillard https://javacard.vetilles.com/2009/05/07/design-for-security/#comment-3577 Fri, 08 May 2009 21:12:08 +0000 http://javacard.vetilles.com/?p=316#comment-3577 Waooh! I immediately looked up your site to check if you were a SIM vendor of any kind. I actually am related to a SIM vendor, and I may not have suggested what you did.

Maybe it goes a long way to show how depressed the SIM industry has become, or maybe it is something else. In particular, the fact that it is hard to believe that the Nokia’s, Apple’s and Google’s of this world are ready to let apps store stuff on the SIM.

Still, this is a technological answer, and unless it becomes widely accepted, it will not become a theft deterrent. Globally, this is where people like us stop being efficient, and where designers (object designers, not software designers) come in the loop.

]]> By: Bruce Hopkins https://javacard.vetilles.com/2009/05/07/design-for-security/#comment-3576 Fri, 08 May 2009 21:03:56 +0000 http://javacard.vetilles.com/?p=316#comment-3576 Hmmm…

This seems too easy to me.

1. Store all sensitive data on the SIM

2. Install an app that automatically backs the data up over Bluetooth

3. Install the carrier-approved self destruct application

4. When it is determined that the phone is lost, then call the carrier and tell them to issue a self-destruct SMS

5. Problem solved. You data is backed up, so even if you get a unintended self-destruct SMS from the carrier, you should be fine.

Am I missing something here?

]]>