At 4:04 PM -0800 1999/12/08, Hal Mueller wrote:
>How about this idea: use SysBatteryInfo and/or FtrGet('pose') for the initial test.
>If the first attempt says you're running on POSE, then try to use the HostControl
>stuff to, say, open and then close a file on the host. Still not completely
>unspoofable, but starts to get harder to mess with.
That's somewhat better, as the host control APIs will generally crash when called on a
real device.
There is an underlying infirmity, however, in that it's not possible to prevent
"spoofing" of a trap-based API. You might consider turning the problem around instead,
using some device-specific mechanism to determine if your app is running on a real
device as opposed to running on POSE. For example, examining the ROM token area and
verifying that the token(s) themselves exists within the read-only ROM card space...
or something similar. In any case, this is a tough nut to crack.
Regards,
Jim Schram
3Com/Palm Computing
Partner Engineering
