Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/23/2009
07:59 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Unified Test Initiative Taps ChosenSecurity For Mobile Code-Signing Platform

Platform aimed at Java developers using the newly relaunched Java Verified program

NEWTON, MA " July 21, 2009 " ChosenSecurity today announced that the Unified Test Initiative (UTI) is using its TC TrustCenter division to provide a mobile code signing platform for global Java developers using the newly relaunched Java Verified program.

ChosenSecurity's TC TrustCenter offers on-demand digital certificate management services.

The UTI is a mobile industry cooperative with the goal of growing supply and demand for high quality mobile Java applications by reducing fragmentation. UTI is achieving this by providing a comprehensive test battery, known as the Unified Testing Criteria, against which mobile Java developers can test their applications. UTI members are: ACCESS, LG Electronics, Motorola, Nokia, Orange, Samsung, Sony Ericsson, Sun Microsystems and Vodafone Group.

The Java Verified program is managed by the UTI and has been serving the mobile industry for over five years. It has a new streamlined testing and signing process that includes ChosenSecurity's vetting and signing services. Program enhancements provide developers with tools to ensure quality throughout the entire testing process. Enhancements also provide the ability to test applications across a greater number of devices at a significant cost savings, compared to previous testing models. Applications that pass Java Verified program testing are digitally signed and returned to developers, earning them a mark of quality that will help speed their path to market and permit the applications to run, without excessive security prompts, on the device. For more information visit: http://javaverified.com.

To date, the Java platform has attracted an estimated 6.5 million software developers, making it the largest and most active developer community in the world. Java powers more than 4.5 billion devices including 800+ million PCs, 2.1 billion mobile phones and other handheld devices, 3.5 billion smart cards and a range of other devices.

"We selected ChosenSecurity's vetting and mobile code signing services for Java Verified because of its 10+ years of experience in the security market, proven vetting program and technical expertise," said Martin Wrigley, chair of UTI. "We consider ChosenSecurity's TC TrustCenter an important partner in making our Java Verified program successful."

"We are honored to be offering our services to the world's 6.5 million Java ME developers through UTI's Java Verified program," said Bob Steinkrauss, president and CEO, ChosenSecurity, Inc.

About TC TrustCenter As the first to provide on-demand managed PKI services over the Web, TC TrustCenter provides trust globally to digital communications between employees, clients, partners and suppliers. For more than 10 years, TC TrustCenter has been providing a broad range of cost effective project and industry PKI solutions, with considerable references of international customers. Its portfolio ranges from solutions for phishing protection, security of online transactions, and electronic invoicing to broad PKI solutions and managed security services. Its on-demand digital identity solutions are cost-efficient, highly secure and fast to implement. TC TrustCenter is accredited according to the German Signature Act, European Signature Act, Identrust, SAFE, T"VIT and SISAC. For more information, see www.trustcenter.de/en About ChosenSecurity, Inc. (www.chosensecurity.com) ChosenSecurity provides digital trust between employees, clients and suppliers doing business electronically through on-demand certificate management services. The company's solutions enable a wide range of digital trust applications to provide strong authentication, secure e-mail, digital signatures, data encryption and support compliance with privacy and other regulations. ChosenSecurity was the first to provide digital certificate management through a Software as a Service model and remains the leader through its breakthrough economics, versatility and implementation speed for enterprises. Unlike traditional PKI and private certificate authority options, ChosenSecurity solutions can be implemented in 70% less time and 70% less cost.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19040
PUBLISHED: 2019-11-17
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":{"value":"<script>' substring.
CVE-2019-19041
PUBLISHED: 2019-11-17
An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by th...
CVE-2019-19012
PUBLISHED: 2019-11-17
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or ...
CVE-2019-19022
PUBLISHED: 2019-11-17
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git r...
CVE-2019-19035
PUBLISHED: 2019-11-17
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.