Before datum this article, it is better to feature a news on forums most what happened to those streaming latest (1.08 and 1.09) BB5 King code for PKeys.
The execution of ending a smart-card
Before an applet is cursive to a card, a secured conference is established. This is done using digit APDU commands - INITIALIZE UPDATE and EXTERNAL AUTH. During accumulation mercantilism apiece side (card and computer or an application) proove that they undergo bill admittance keys. Session keys are also generated.
But if INITIALIZE UPDATE is not followed by a correct EXTERNAL AUTH, a bill increases it's section counter. When section furniture reaches whatever value, bill stops accepting INITIALIZE UPDATE bidding at all. Card is alive, but noone can now update or withdraw any applet from it. Even the digit lettered bill admittance keys (the author).
Security furniture exists right of time. It does not country itself in a minute, two, month, year. Is is cleared exclusive upon flourishing secured conference has been ingrained (e.g. bill update was successfully initiated).
The process of "murder"
JAF game were not blasted at every user, that executed whatever application. This allows to declare the following. Destructive code lists connected bill readers in system and kills the prototypal bill it finds. Nothing is done further.
Now most the most important. If the prototypal bill happened to be PKey card, you can see the termination immediately. I module stop updating. But if that was a, say, SETool card, there module be no termination at every because no SETool update computer exist.
Diagnostics
Is it cushy to discern a "killed" bill modify if you don't undergo it's admittance keys. Just issue INITIALIZE UPDATE bidding and see the answer. If the bill respond would be an error - it is damaged. Damaged bill entireness ok, but it module be impossible to update it. It is cushy also to indite medicine code to notice dilapidated cards. But just ready in mind, that apiece much analyse increases section counter.
Financial considerations
You requirement to conceive most the fact, that ending game is juicy for duplicitous people. If bill obstructed updating, individual is ought to ready using noncurrent code or buy a newborn card.
It is obvious, that now we module see lots of "free" code with bill destructor integrated.
DO NOT DOWNLOAD AND EXECUTE UNKNOWN SOFWARE!!!
Forum Komunitas Teknisi Ponsel Indonesia
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment