Here is another question related to NFC, this time about what I understand of NDEF signatures (could be incomplete). The NFC Forum has recently added the possibility to include a signature record in tags. Adding such a signature can be used to ensure that the content of the tag (say, a URL) has been written […]
Android Malware, Permissions, and Side Channels
New Android malware keeps popping up, and the latest one to be publicly discussed is very typical of what we are seeing these days. And frankly, I haven’t found them very impressive. In short, the attack consists in recording phone calls, identifying calls to credit card support lines, then analyzing the recording to identify the […]
Q&A: NFC attacks
Over the years, I got quite a few questions about Java Card and related technologies. As a diverging extension to the tutorial, and as a way to bring back some technical content here, I will try to write a few Q&A entries on a regular basis. The first one is about NFC attacks, a topic […]
2011: The year of mobile malware? Nope.
One of the discussion topics at this week’s Mobile Security Barcamp in Sophia Antipolis was mobile malware, with some people claiming that 2011 will be the year of mobile malware. I agree with them that, as mobile takes more and more power, and as platforms like iOS and Android become more and more common, they […]
The Mobile Trust Manifesto
Mobile computing is at a turning point, as the past few years have seen numerous improvements of the capacities of mobile devices. Here are a few of the main characteristics that have dramatically improved: Personal. Mobile phones are becoming some kind of personal hub, on which all communications means are concentrated, in particular around social […]
Mobile Trust, from M-Pesa to Bump
Mobile banking in Africa is becoming a well-known example of how technical and business innovation can benefit poor people around the world (on NPR, for isntance). Such systems now existing in other countries, but they are all more or less based on the same technical and business models. On the technical side, these financial applications […]
LG Thinq and smart appliances
Beside Motorola’s Atrix 4G and the many tablets, one of the very nice announcements of CES is LG’s Thinq, with significant press coverage. Connecting home appliances sounds kind of obvious, and the ubiquitous availability of smartphones and tablets makes it even more obvious. I have many times left my clean laundry sit in the washer […]
Small steps
After way too much time, I finally upgraded WordPress to a more recent release. I now feel modern and clean. However, the main change is philosophical, as I have changed my way to get revenue. I have removed the Google ads, which were in most cases completely irrelevant, and I have replaced them with a […]
Best Wishes for 2011
A new year is beginning, and I would like to take this opportunity to thank all the people who have been reading this blog, commenting on it, and basically supporting me throughout these years. Although I have not been very active, the year has been tough, and this blog has brought some support at crucial […]
A new VM for smart cards?
It took me a while to write something about it, but at last Cartes, some ex-colleagues were showing something refreshing that made me feel a bit younger at Cartes: a new virtual machine, whose specification is available here. I got a demo of the VM, as well as a detailed speech about all the features […]