A few bits from Helmut Scherzer, from G&D: The digital natives don’t want to escape the Web. We went from visual Web to the social Web, and they will go to the next step with the semantic web, where knowledge is well classified and organized. big companies are very big. The CEO of Toshiba estimatee […]
Chip to Cloud live, day 1: Opening panel on eID in Europe
This is the conference formerly known as e-Smart. Apart from changing its name, the conference has also moved from Sophia Antipolis to Nice. No more bike riding from home to conference this year. However, the new setting at Acropolis is really nice, with a lot of room. To celebrate that, I have decide to attend […]
Who inherits your data?
I was pointed this morning by HBR to an interesting article about inheritance and iTunes. The basic story is that, since you only purchase licenses to use content from Apple or Amazon, and since these licenses are not transferable, things don’t look very good. However, apparently, there may be some kind of a void in […]
Back to JavaOne
After a one-year lapse, I am going to be back to JavaOne this year, on the first week of October. This will be my 14th JavaOne, and my two sessions will be the 16th and 17th I give there. I used to say that I mus have been one of the most prolific JavaOne speakers […]
Payment Card Security Codes
It is not always easy to explain the advantages of using smart cards for payment security, because most people lack knowledge about the security of payment with a card. So, here is some information about it, and in particular about the codes used to authenticate a valid payment card. Every card is identified by a […]
Cloud (mis)authentication
I just read an amazing and chilling story about cloud authentication and hacking. Some guy just lost a big chunk of his digital life, because cloud authentication is not secure, or maybe even more, because cloud authentication is not enough standardized/regulated/watched. In his case (read the story, I won’t repeat it here, and it is […]
Some people don’t like phone security
It seems that FBI isn’t able to perform smudge attacks very well. Apparently, they have been defeated by Android’s “pattern lock” on a Samsung phone. Well, my friends must be smarter than the FBI, because both of the guys who tried to defeat my pattern lock using a smudge attack succeeded. The fun part is […]
Protecting your contactless card
As I mentioned in NFC Payments 101, current contactless cards aren’t protected against the simple attack that consists in performing a transaction while your card is in your pocket. Since some models don’t require anything else than tapping the card, the attack is workable. Well, that may change. researchers for the University of Pittsburgh’s RFID […]
NFC Payments 101
I have been writing a few posts about NFC payments, and I am lacking a basic background post showing where I come from, so here it is: my own little NFC Payments 101. It may not be fully objective, not even fully correct (I haven’t directly worked on this topic for a while). You are […]
Google Wallet has a Vulnerability (not on SE)
The game has started for Google Wallet. Some guys are looking for vulnerabilities, and of course, finding some. You can read the papers to get all the details on this attack. Basically, they have been smart enough to use a salt before hashing the PIN value to avoid brute-force attacks. However, they haven’t been smart […]