It is ridiculous to make an NDA for basic functionality of a product like it is done for most of smartcard operating system interface specifications!
The security of a smart card OS must not rely on the confidentiality of an unrestricted interface to the outside world.
Nevertheless this procedure is typically requested by security evaluators. Which leaves even more doubts …
Leave a Comment » | 
Security, Smart Card OS | 
Permalink
Posted by unitedaccess
There is nothing like security. Security is just another word for the budget of the attacker.
This general statement also applies to smart cards.
Common Criteria, ITSEC, FIPS … no guarantee to withstand a professional hacking attempt.
By the way: a security evaluation typically does not reveal bugs in the operating system!
Leave a Comment » | Security | Permalink
Posted by unitedaccess
You are currently browsing the archives for the Security category.
United Access GmbH
United Access GmbH 