Re: Palm Pilots --- Security Risk?

Tue, 4 Jan 2000 10:54:31 -0800 

Hi,

On 4 Jan 00, at 16:01, Labranche S. 1Lt - 43CS/SCBB wrote:

> The requests are coming in for Palm Pilots (III and V).  I am wary about
> spending funds on these devices since it may influence network security.

All address data and many other things are Hotynced to your PC. So a 
Trojan Horse may install a program on your PC which looks for certain 
files and mail them to the attacker. The easiest way to do this is 
BackOrifice2000 ;-)

If you have really secret information on your Palm, install a tools like 
Secret! which encrypts valuable information using 3DES or other crypt 
algorithms. When those databases are Hotsynced, their backup is also 
encrypted on your PC.

But this does not protect you from malicious applicarions on the PALM 
itself.
Imagine this: I create an .PRC file for the Palm itself which is carried 
by a Trojan like BO2K to your PC.

When the Trojan executes, it copies the .PRC file in your install 
directory on the PC. Thus, the next Hotsync transfers this file to your 
Palm. If you have PalmOS 3.3 and the PRC is small, it will install very 
fast. Most users don�t check the Hotsync log, so it�s fine.

Now the PRC on the Palm can get any information you like from the Palm, 
for example if it is attached to the Hackmaster, you may query encrypted 
information like stored with Secret!, it may even get screen snapshot of 
decrypted information and store this in an additional .PDB-file on your 
Palm. If you mark the backup bit, this file gets Hotsynced to your PC. 
There you can obtain the file with your Trojan, BO2K or others.

You have to observe things regulary. Don�t use Hackmaster. Don�t trust 
everyone. The PALM is a networked device like any other, except that the 
"network connection" is not "live"...you will have similar security like 
you have with products like E-Gap...





Kind Regards / Mit freundlichen Gruessen,

--
Frank M. Heinzius          MMS Communication AG         .~.
mailto:[EMAIL PROTECTED]        Eiffestrasse 598             /V\
http://www.mms.de          20537 Hamburg, Germany      // \\
Phone: +49 40 211105-40    Fax: +49 40 210 32 210     /(   )\
-- spam forbidden --       -- PGP key available --     ^^-^^
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to