Yesterday, at the Web 2.0 Summit, Eric Schmidt started his “discussion” with Tim O’Reilly and John Battelle by Android and NFC. And what he said about the technology is like a dream for many NFC stakeholders, who have been waiting for signals from big players. First, the upcoming Nexus S will support NFC. This is […]
Mobile security remains flaky on smartphone apps
With my colleagues, I have been looking at the security of mobile applications for a few years, and in most cases, I have been amazed at the lack of security in these applications. Most mobile developers simply don’t seem to care. A security and forensics company has recently looked into mobile applications, and got some […]
Smudge attacks on Android
Researchers have done some interesting work about “smudge attacks” on Android phones. All Android phone owners will have guessed that this attack targets the authentication pattern that is used to unlock an Android phone. And all these owners also know that smudge really is dangerous for this authentication technique. I have tried it with a […]
About e-Smart: Java Card attacks
I was not at e-Smart this year, but here are some early reports from colleagues who attended the sessions. Over the coming days, I will comment on a few selected presentations. First, one of my favorite topics, which was covered Friday morning: attacks on the Java Card platform. There were two presentations this morning on […]
The end of JavaOne 2010
So, that’s it, JavaOne is fnished for me. It has been quite dense, with many sessions and a few interesting discussions. It leaves me with mixed feelings, though. On the good side, Oracle has shown some commitment to a Java roadmap, and this enormous conference has proven that Oracle plays at a different level; this […]
Live from JavaOne: Call and Pay with Java
This talk is about the Mobile Telephony API (JSR-253) and Payment API (JSR 229) that can be added to MIDP/MSA phones. These JSR’s have been defined by Siemens/BenQ, and there were left in IP limbo after the demise of the company. Apparently, this transition time is over, work has resumed on these JSR’s, and they […]
Live from JavaOne: Java Card and Smart Meters
The funny thing about this presentation is that I have first been invited to attend the e-Smart version of it (this week as well, in Sophia Antipolis). When I declined, they told me that the same talk was given at JavaOne, so here I am. From Onzo’s Tim Holley and Oracle’s Jean-Yves Bitterlich, this is […]
Live from Oracle OpenWorld: Cloud and Identity
At midday, it is time for a little break in my smart card day, and go listen to an Oracle OpenWorld session. I might as well leverage today’s professional look to blend better into OOW’s suit-dominated crowds. The funny thing is that every OOW session I have seen ended up turning into a blatent advertising […]
Almost live from JavaOne: NFC Applications with JavaCard and Java ME
For that session, no live coverage: I am giving the speech, with Sebastian Hans, from Oracle. Our focus is on the practical aspects of such a deployment. We are not providing basic Java Card code, but focusing on the problems that developers are likely to encounter when working on real NFC stuff. Small attendance, about […]
Live from JavaOne: Mobile Payment with JSR-290 and JSR-177
Now, let’s get into the smart card business, with a first session about mobile payment. Internet banking is amazingly common in Korea. 63M subscribers in 2010, and 66% of inquiries, and 33% of deposits and withdrawals. 7% of that is mobile. On PCs, most banks use an ActiveX plug-in, which provides an easy interface to […]