Hello folks, As some of you know, in the past few months I've been writing an anti-virus program for Palm OS. Not because I think that Palm OS viruses are a serious problem or anything like that, but because I bought a Palm OS device (Tungsten E) for my mother and wanted to learn to program for it. And what better way to learn to program from it than to write a real program for it. And, since during the past 17 years I've been writing mostly anti-virus programs, that's what I decided to write.
Given that I started with virtually zero knowledge about the Palm OS environment, it is excusable that even such a relatively simple application took several months to develop. I don't think that the result is very bad, either. (Please, no wisecracks about the big Exit button. Yes, I've read the Zen of Palm. However, I've talked to real users, too. Virtually every new Palm OS user gets confused if the application doesn't have a clearly labeled way to exit.) I think that now my application is ready for its first public beta test. Please realize, though, that the emphasis is on "beta". Don't think about it as a way to get an early version of the application for free. (The final version will be distributed free of charge anyway.) Think about it more like an application that most likely will crash your device in creative ways when you least expect or want it. Do not install it without making a full backup copy of your device. Even better, try it on various emulators and simulators first. I disclaim any responsibility, if you're not satisfied with the performance of my application. You can download the application from there: <http://www.people.frisk-software.com/~bontchev/palmos/f-prot_download.html> I am using the PalmSource Installer. Therefore, the above URL should work, no matter whether you access it from a 'net-enabled PDA running PalmOS or from a PC running Windows, MacOS or Linux. Well, at least that's what the documentation of the PalmSource Installer claims. I've tested it only from a PC running Windows and from a simulator with 'net access. So, I encourage you to try it from any of these four environments. (Of course, if you do it from a PC, the application won't end on the device until you HotSync it with that PC.) If you are using the SmartUpdate for Palm OS application available from <http://www.palmgear.com/index.cfm?fuseaction=software.showsoftware&prodid=99028> I support that, too. Simply tell that application to get its configuration file from <http://www.people.frisk-software.com/~bontchev/palmos/smartupdate.xml> Of course, this works only from a 'net-enabled PDA (or emulator/simulator). There is a bit of a problem, though. My application is a virus scanner. But how to test that without a virus? Contrary to popular belief, there *are* viruses (and Trojan horses) for PalmOS. However, the ethical principles of my profession (and the policies of the company I work for) strictly forbid me to distribute viruses to people who are not qualified anti-virus researchers. How to solve this problem? Well, there is another anti-virus application for PalmOS, called "PalmOS Antivirus": <http://www.reg.net/product.asp?ID=10191> No, it is most definitely not made by PalmSource. It seems to be made by some private guy named Adam Roessel. As an anti-virus program, it sucks. I suspect that it sucks even as a PalmOS application - I could easily point half a dozen design flaws in it. However, there is one useful thing about it. The package, in which it is distributed, contains a separate application in the file named "testanti.prc". This is, so to say, a "test" virus. No, it is not really a virus - in fact, it is not malicious in any way. When launched, it just displays a message and that's it. But "PalmOS Antivirus" detects it as a virus - so that the users can see how the scanner reacts when finding one, without really giving them access to dangerous programs. So, I have decided to implement detection of this test file too. I handle it as an overwriting virus - meaning that I'll report it as a virus and will disinfect it by deleting the database that contains it. The only way in which my handling of it is different from the handling of "normal" malware is that I don't list it in the list of malware that my scanner can detect. So, feel free to download this so-called "PalmOS Antivurus" and use the application "testanti.prc" from it to test mine too. (Gee, I'm even doing advertising for the competition, sort of. :-)) Things that I'd like you to test: 1) Does the program work as advertised. If it crashes, I want to know about it, in a reproducible way. If some option doesn't work, I want to know about it. 2) Test it under as many environments as possible - and tell me what these environments are. I have tested it only on: PalmOS 3.5 Emulator, PalmOS 4.0 Emulator, Tungsten E simulator, Sony Clie simulator, Treo 650 simulator and a realy Tungsten E device. (That doesn't mean that you shouldn't test it under these environments - maybe I've missed something.) Test it with gremlins, if you know how. 3) Test the ability of the program to update its virus definitions database over the 'net. (From the main form, select Database/Internet Update from the menu or use the /U shortcut.) I don't have a 'net-capable device myself, so I've tested this feature only with the simulator. Please have in mind that the URL from which the database is accessed is hard-coded in the program and is likely to change in the future - meaning that this beta version will most likely become incapable of updating its database over-the-net when the official version is released. Note: So far one tester reports that after the update-over-the-net is complete, his device (Treo 650) resets itself. I can't reproduce this with the simulator. Please test this with a real device, so that we can determine whether it's a reproducible bug of the program or something specific to that particular tester's device. 4) Test the various kinds of on-access scanning - scan on launch, scan after HotSync, scan after SD memory card insertion. Known problems: 1) If you reset the device while the scanning of the main memory (i.e., not of the SD memory card) is still in progress, any malware that was found will not be deleted - even if the program asked you whether to delete it and claimed that it was deleted. (It *will* be deleted if you abort the scan from the user interface by tapping on the Cancel button.) This is an artifact of how PalmOS works. I probably can fix it (I can think of at least two workarounds), but it is not worth the trouble. 2) Scanning of a single database (from the main form, Scan/Scan Single Database from the menu or the /G shortcut) is not implemented (and the program says so). I am not sure whether it is worth the trouble of implementing this feature. I might remove this menu item from the official release, instead of implementing it. Do you see a real need for it? Your feedback is welcome. Unimplemented things. These things most probably won't make it into the first official release - although I do plan on implementing them later: 1) Scanning the applications beamed to the device, as well as those received via Bluetooth, SMS, e-mail or other 'net-related way. I have no clue how to implement these specifically, but I have a general idea how to implement a workaround that will handle them all (without being able to distinguish between them). It's somewhat wasteful but it ought to work. 2) DIA support. I have collected a bunch of documentation and samples on this issue and have a vague idea how to do it - but I've never done such a thing before and it is likely to take some time and effort. 3) Internationalization. As it is, the application currently is simply not designed to be easily translated into other languages. I plan on fixing this - but probably not for the first official release. 4) Conduit for updating the database of virus definitions for devices without 'net connection and for translating the report file into a text file on the PC. I have absolutely no clue how to write conduits. I realize that they are essentially Windows DLLs - but I'm not a Windows programmer and haven't written a DLL before, so I'll have to start learning from scratch. I'm sure I'll manage it eventually, but it will take time and efforts, so it won't be ready for the first official release. Well, that's it, folks. Feel free to download and try the beta version. Please send any feedback by e-mail to [EMAIL PROTECTED] Regards, Vesselin -- For information on using the PalmSource Developer Forums, or to unsubscribe, please see http://www.palmos.com/dev/support/forums/
