These days, Android is a bit of a hot topic, for many reasons that we all know. It seems that a new device is released every week, the operating system is open source, so everybody can at least play with it and integrate low-level software, applications can be deployed, and most likely much more. Android […]
Back from (unconnected) vacation: Android on the beach
I have been traveling for the past two weeks, including a week of vacation on the beaches of Tunisia, without any connectivity (no WiFi, no data roaming). That all seemed perfect for a vacation; after all, who needs e-mail on the beach? Well, everything would have been perfect, but then Android played me bad tricks. […]
Data Liberation
I just read a nice interview of the founder of the Data Liberation Front, an initiative that at least not everything is evil at Google. The interview is quite nice, as it goes through the motivations behind the creation of the site. However, throughout the interview, the focus seems to be more on the promotion […]
Chip cards for (some) Americans
It seems that the American plastic cards are getting them in trouble, at least when they travel in Europe. Of course, cards without chips still work perfeectly in restaurants, hotels, and stores. However, things are very different at automated machines. If you are in France and you want to pay for underground parking, for renting […]
Proving code correct
Most of us spent some time in school studying program proofs in a way or another. Many techniques exist, but in most cases, their most important use it to make students understand that, sometimes, a computation does not end. Proving programs is hard, but the hardness of the proof greatly depends on what you want […]
What does advertising say about smart cards?
In a recent blog post, Matt Asay looks at the advertising that Google associates to various products, including open source products. His conclusion is that open source is about productivity, since most advertisements that Google associates with queries on “open source” or on open source product names are related to the efficient use of open […]
Live from #esmart: CAP file decompilation
We have had a presentation from Cellnetrix about the decompilation of CAP files. Security specialists have been working on such tools for a while, and we have been using them extensively in software evaluation laboratories. We even have much more sophisticated analysis programs, since at least 2002. So, the presentation was not all that new. […]
Live from #esmart: Fault attacks on Java Card 3.0
That talk, from Guillaume Barbu, an Oberthur and Telecom ParisTech Ph.D. student, really talks to me, by bringing together two of my favorite discussion topics. The main task is about combined attacks, which sounds really good. A Java Card 3.0 card has plenty of countemreasures against logical attacks Context isolation. Objects from an application can’t […]
Live from #esmart: GlobalPlatform 3 roadmap
GlobalPlatform is evolving, but it is very closely linked to Java Card, as it provides the deployment standard that Java Card needs to manage its applications. GlobalPlatform is evolving, and the next specification (GP3) is under way. It will target the next generation of cards, and some of it has already been published in the […]
Live from #esmart: Security, Privacy and Trust for Web Services
The first presentation of the session about Web and Cards is from Xavier Larduinat, speaking on behalf of Eurosmart (a non-profit organization advocating smart secure devices). His interest is here to look at things from the point of view of the user of a Web service, and to figure out how to get a feeling […]