UK mobile application developer Masabi has launched a lightweight Java security package for mobile phones in a bid to make m-commerce applications more user-friendly and secure. Masabi's EncryptME Java mobile security component is the only such application to use officially validated implementations of RSA and AES encryption, …
I know e-commerce, and m-commerce, but what is c-commerce?
google is your friend
Collaborative Commerce - C-commerce
Will it help fix this
Java runtime vulnerability see details at http://isc.sans.org I predict
a lot more of this sort of thing for JAVA as vulnerabilities go anything
that can infect every platform on any OS is kind of a biggie.
re: will it help fix this
I think you were referring to http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102934-1
This is a specific issue for certain SUN JRE's for PC's, and does not affect J2ME.
You are right that any mono-culture is vulnerable to one exploit sweeping through it, but MIDP/J2ME virtual machines on mobile phones are not a mono-culture as they are made by different vendors, running on different OS's and Processors (contrary to popular belief all JRE's are not made by SUN).
Windows is a far worse situation, found in very similar guises on only two major CPU families with similar op codes (the binary codes required to make things happen on the processor when a virus has overflowed data into instruction space).
I have posted more detail about mobile security, with an invitation for people to ask more questions on blog.masabi.com if you have other concerns.
p.s. I think C-Commerce was a typo, we've never heard of it either, and wondered if it was a US translation to "Cellular-Commerce" or something....
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Boffins say they've got Lithium batteries the wrong way around
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND