How MIFARE Uses Cookies

[X Y]

That "Secure element" or "trusted platform module" is often insecure and great target of cybercriminals (see Qualcomm TrustZone downgrade bug or https://en.wikipedia.org/wiki/Trusted_Platform_Module#Attacks). I don't see any point in restricting implementations to use some kind of proprietary trusted "secure" element. It just makes backup more difficult or annoying (just like implementing google recaptcha on your site - I had to solve it 4 times!). It should be up to me, user, to decide where to store any secure data and there should be simulators of these keys but sadly they made Android API too high-level. Corporations like Mifare would like to sell us some proprietary custom solutions and change tech every couple of years so that they can earn more $ every year. And that's the main point. Corporations are controlling users and users don't control nor own the hardware and software. And we are not even talking about patent war and patent trolls...

---

+ 0  |  - 0

[Author]

Posts