UK mobile application developer Masabi has launched a lightweight Java security package for mobile phones in a bid to make m-commerce applications more user-friendly and secure. Masabi's EncryptME Java mobile security component is the only such application to use officially validated implementations of RSA and AES encryption, …
I know e-commerce, and m-commerce, but what is c-commerce?
google is your friend
Collaborative Commerce - C-commerce
Will it help fix this
Java runtime vulnerability see details at http://isc.sans.org I predict
a lot more of this sort of thing for JAVA as vulnerabilities go anything
that can infect every platform on any OS is kind of a biggie.
re: will it help fix this
I think you were referring to http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102934-1
This is a specific issue for certain SUN JRE's for PC's, and does not affect J2ME.
You are right that any mono-culture is vulnerable to one exploit sweeping through it, but MIDP/J2ME virtual machines on mobile phones are not a mono-culture as they are made by different vendors, running on different OS's and Processors (contrary to popular belief all JRE's are not made by SUN).
Windows is a far worse situation, found in very similar guises on only two major CPU families with similar op codes (the binary codes required to make things happen on the processor when a virus has overflowed data into instruction space).
I have posted more detail about mobile security, with an invitation for people to ask more questions on blog.masabi.com if you have other concerns.
p.s. I think C-Commerce was a typo, we've never heard of it either, and wondered if it was a US translation to "Cellular-Commerce" or something....
- Put down that Oracle database patch: It could cost $23,000 per CPU
- DAYS from end of life as we know it: Boffins tell of solar storm near-miss
- The END of the FONDLESLAB KINGS? Apple and Samsung have reason to FEAR
- Pics It's Google HQ - the British one: Reg man snaps covert shots INSIDE London offices
- Bose decides today IS F*** With Dre Day: Beats sued in patent spat