Hi Alfred,

On 7/24/07, Alfred Reibenschuh <alfredreibenschuh@gmx.net> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Alex Karasulu wrote:
> All good points.  You interested in working on the midlet?
>
> Alex
>

if that means svn commit access (*drool*) ...

Eventually yes but let's see a couple patches to evaluation if you are not a butcher :).  Does not
sound like it - but after a couple patches I should be able to determine enough.  So start putting
these issues you have in JIRA then knocking them off and attaching the patch to a JIRA issue.
As advice try to keep the task small and directed so it's easier to evaluate what you're doing in
your patch diffs.  Also avoid unnecessary refactoring or formating of code that obscures the gist
of what you're doing in the diff.

ok, seriously, why not.

Great!  I think your security concerns can lead to some positive things for the midlet design.

Would love to have someone that is interested in the midlet involved.  There are so many
advances we can work on with the midlet.  Right now it's just minimal and generic.  For example
we could product midlets that take advantage more more phone features based on the version of
the phone.

Also I wanted to put a self destruct setting into the midlet that destroyed the credential info in
the phone or locked up the midlet some how if the user tried to break in by brute forcing the pin.

Say N consecutive unlock events lead destroy the secret key and counter.  If user gets it right
before N failures consecutively the failure counter clears.  The counter should be persisted
across restarts.

I also have some ideas on leveraging bluetooth too but you may not be interested in that.

what environment should i have installed to make this happen?

Just install IDEA or Eclipse, JDK 1.5.0_xx and check out tsec and start working on the code.

If you have issues gimme a ring.

Regards and welcome :),
Alex