Forgot your password?

Comment: Re:If I wandered into the bank.. (Score 1) 210

by wkk2 (#46885533) Attached to: Target Moves To Chip and Pin Cards To Boost Security

Citi sent me a chip card on request. I don't know if it's configured for chip/pin or signature. I've tried readers that have chip slots but I have yet to find one in the US that works. One company asked their supplier and was told the card slots were disabled.

My laptop can read the chip id but I don't want to try anything else since it might lock the card.

Comment: Re: This is why encryption isn't popular (Score 1) 399

by wkk2 (#44530189) Attached to: Ask Slashdot: How Do I Request Someone To Send Me a Public Key?

Also, assumes that the card generates good key pairs and doesn't use some secret process that allows private key recovery from the public key. This has been done by card suppliers in the past.

As a side questions: Does any CA have a process for signing S/MIME certificates that can be generated outside of a browser?

Comment: Re:Too expensive? (Score 1) 229

by wkk2 (#40170733) Attached to: Ask Slashdot: Equipping a Company With Secure Android Phones?

I suspect that no off the shelf product is secure from the network side. The hardware needs to have two independent blocks: a communications module and a application module. The two need to be linked with a well defined API so that the communications module can't change the application code and there is a good point for an audit. There are probably regulatory issues like GPS to emergency services, not being able to hang up an emergency call, etc. You need to be able to load the application code from a secure interface with signed code etc. A smart card slot for application module key material would be a plus. Good luck trying to find one and good luck getting approval to sell one with these features.

Lisp Users: Due to the holiday next Monday, there will be no garbage collection.