It took me a while to write something about it, but at last Cartes, some ex-colleagues were showing something refreshing that made me feel a bit younger at Cartes: a new virtual machine, whose specification is available here.
I got a demo of the VM, as well as a detailed speech about all the features that are supposedly better than Java Card’s Virtual Machine. What they were saying sounded good, and it is quite likely that their VM is better than the Java Card VM. However, they’re not the only ones: the Java Card Connected VM is much better than the traditional one; the Multos VM was (I think) a better VM than Java Card’s.
But of course, we know what has happened: Java Card won against Multos, and introducing the new Java Card Connected VM was not (yet?) a success. The reasons were never technical, but only linked to marketing. So would DKard stand any chance against Java Card? Does the smart card market need an alternative to Java Card?
Well, no. The SIM card model, which is Java Card’s main market, has now entered its “long tail” phase, and the time has come to introduce optimizing technologies, and simply make Java Card more efficient to produce, manage, etc.
The main hurdle facing DKard is of course its lack of ecosystem. Java Card has been at the center of smart card technology for the past 15 years, and many specs, from GlobalPlatform to ETSI specs, fit it very well. In order to provide an alternative, it will be necessary to build a similar ecosystem, which may not always be easy. Just to give an example, the peculiar way of handling transient data in Java Card has pervasively invaded all specification and become the norm: proposing an alternative model amy be very difficult.
Now, there are good things about DKard. It is an open source technology, which may bring an alternative in the smart card world (provided of course that the numerous smart card patent trolls don’t slaughter the initiative too early). An open source security token would be a welcome alternative for some projects, for instance WebPKI’s cloud token.
To close on a positive note, I don’t believe that an alternative on Java Card can be viable on any market that is well adapted to Java Card, such as the SIM market. However, for entirely new applications, there may be some room for new and open platforms. This includes new smart card applications, as well as entirely new fields, such as the Internet of Things. I still believe that the various smart card virtual machines (and microcontrollers) can be very efficient ways to manage the Internet of Things. Just add a few I/O ports, and we have a very nice controller. Now, that’s a whole new market, where a reference to Android could be just as sexy in 2011 as a reference to Java was in 1997.
small typo : the link should be http://www.dkard.org
Eric,
I think dkard is important.
I hope and expect it will bring more “power to the people”.
As this VM can run on several platforms, I hope we’ll see more connected anythings.
Remember the frenzy of early home computing ? I’d like to see this again.
You know the peeps behind dkard, so bright and quick-minded people.
They were a real loss for the company.
I wish them not to cross the path of trolls.
I hate patent trolls, they prevent others to create.
Jerome
Don’t forget that Gemalto has gone after Google and Android against the DEX file format for patent infringement. They could do the same here (it would even be a lot easier) and kill the project.