Over the years, the Java ME/MIDP security model has been widely criticized. Keeping asking users for security confirmations on untrusted programs is painful and dangerous. I must admit that I don’t like it, and that I don’t like the idea of confirming any potentially dangerous idea. There are many solutions to that, that can even […]
Category Archives: Mobile Security
SMS messages are dangerous!
The SMS system has been used as a universal entry point into mobile phones. SMS messages can not only bring you the latest news from your kids or friends, they can also be used to trigger mobile applications, or even to modify the configuration of your phone. Trust Digital is a company that specializes in […]
Update on Android and the SIM card
One year ago, I blogged on Android security. I recently received a comment asking if my impression had changed now that Android actually exists, even on devices. Well, no. Not at all.
Distributing mobile applications (again)
I like to see my favorite news source agree with me. This time, it is Wired.com, who published a Top-10 list of 2008 technology breakthroughs, topped by … the iTunes Application Store. Of course, one of the reasons why I like this choice is that I own a compatible device, but it is not the […]
Distributing mobile applications
As an iPod Touch owner, I was quite happy to learn that I would be able to use my “DS” (as my kids call it) to place a few calls using this application. The most interesting sentence of the article actually comes from a BBC interview of Truphone’s CEO: “We’ve decided to focus on devices […]
Visa’s mobile payment announcements
Visa has made a number of announcements around mobile payments yesterday. This list is quite impressive, because it spans quite a large number of activities. Let’s start by the story with Nokia. It is built around the upcoming Nokia 6212 Classic, a device that supports NFC, and on which interesting Java applications could be built […]
Live from Smart Mobility: Application frameworks
Even tough Smart Mobility is very much focused on security, mobile application frameworks are at the heart of the debate. Many speakers, including myself, have more or less compared some features of various mobile application frameworks. Of course, our coverage was quite varied, but the main focus has definitely been on traditional platforms, including Symbian, […]
Smart Mobility: Mobile Application Security
Part of the Smart Week, the Smart Mobility conference has started this morning. I am speaking in the afternoon, about a comparison of access control in mobile application frameworks. In support to this talk, I will write a few posts on this topic, ans also try to follow a little what happens at the conference. […]
Adam Gowdiak strikes again
Adam Gowdiak made a name for himself in the J2ME community in 2004, by publishing at the Hack-In-The-Box conference a paper about a nice attack on a Nokia device, based on a flaw he found in the bytecode verifier used at the time. He is back in the news this summer, with an undisclosed hack […]
Are you aware?
I have been looking for a while for interesting location-based mobile services. I have always had the feeling that location is a big hype, and that it is not that easy to build interesting and non-intrusive services (yes, I believe that location-based advertising is intrusive). Mapping is obvious, of course, and finding friends can also […]