On Wed, 2009-06-17 at 00:11 -0400, Michael StJohns wrote: > At 11:33 PM 6/16/2009, Daniel Benoy wrote: > >So the card user could put an applet on the card that used up all the > >space, and that would be bad for the card issuer? Are there any other > >reasons a business would keep their key secret? > > Say you insert your card into a hacked machine. Hacked machine erases your > company's applet and your keys. Card is useless. Hacked machine > "TERMINATES" your card (see GlobalPlatform specs). Card is useless. > > You start hacking on the card and accidentally delete the company applet and > your cert - company has to go through the process of re-issuing which is time > and money.
If the card is in your possession, you can render it useless in more direct ways. > > You claim the card is lost - company reissues you a new one, but you erase > and repurpose the card. I guess that one makes sense. > > 100 unissued cards are stolen from the company locker and erased, sold and > repurposed. Those would probably have the default key on them. > > The keys are a way of locking the card to the issuers purpose. They impose > policy on the end user that the end user can't defeat. I guess that makes sense. > Mike > > > > >Can you download applet code? I guess that would be a good reason. > > > >On Wed, 2009-06-17 at 02:40 +0200, Sébastien Lorquet wrote: > >> That's not cruel, that's a business and security practice: imagine > >> that card free space is sorta "rented" by card owners to application > >> providers :-) > >> And allowing to install evil applications on already issued cards is > >> always a bad thing, even if it cannot harm other on-card > >> applications : There's an applet firewall that enforces strict data > >> sharing rules, who usually prevent any bit to cross application > >> boundaries! > >> > >> Sebastien > >> > >> On Wed, Jun 17, 2009 at 1:30 AM, Daniel Benoy <[email protected]> > >> wrote: > >> Great, thanks for the reply :) I've been googling all over, > >> but I > >> couldn't really find an explanation for this basic question. > >> For some > >> reason that baffles me, smart cards aren't popular even among > >> the nerdy > >> community :p > >> > >> So, would I be correct in saying that you get no security > >> benefit from > >> changing the issuer domain key, except that whoever gets your > >> card would > >> be unable to use it for their own stuff? That actually sounds > >> like a > >> cruel 'feature', to poison the cards against competitors. > >> (Prevent me > >> from wiping out my visa card and installing MuscleCard on it, > >> for > >> example :p) > >> > >> I suppose perhaps there's some hypothetical scenario, though, > >> where > >> someone could secretly take your card, and install some > >> malicious > >> program on it, which stores their pin or otherwise does > >> something > >> tricky... Hm. > >> > >> > >> On Tue, 2009-06-16 at 23:11 +0200, Sébastien Lorquet wrote: > >> > Hi, > >> > > >> > GP keys are used to manage the card contents, ie add/remove > >> applets > >> > and packages. > >> > > >> > The worst an attacker can do is remove the applet instance > >> along with > >> > its data and reinstanciate it. But data allocated in the > >> applet is > >> > never readable from the outside, otherwise banks would not > >> use chip > >> > credit cards :-) > >> > > >> > You current keys are probably > >> 404142434445464748494A4B4C4D4E4F, like > >> > all development cyberflex cards :) > >> > So they're not really secret until you change them using the > >> PUT KEY > >> > command. > >> > but don't forget to write them down somwewhere in a secure > >> place :-) > >> > > >> > In general if the card is for you only, you don't need to > >> change the > >> > security domain keys. > >> > > >> > Regards, > >> > Sebastien > >> > > >> > >> > _______________________________________________ > >> > Muscle mailing list > >> > [email protected] > >> > http://lists.drizzle.com/mailman/listinfo/muscle > >> > >> _______________________________________________ > >> Muscle mailing list > >> [email protected] > >> http://lists.drizzle.com/mailman/listinfo/muscle > >> > >> > >> _______________________________________________ > >> Muscle mailing list > >> [email protected] > >> http://lists.drizzle.com/mailman/listinfo/muscle > > > > > >_______________________________________________ > >Muscle mailing list > >[email protected] > >http://lists.drizzle.com/mailman/listinfo/muscle > > > > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.drizzle.com/mailman/listinfo/muscle
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
