yup: "(Note: the findings herein affect WebOS 1.3.5. Palm has since released WebOS 1.4, which fixes these vulnerabilities, though not all handsets or carriers are running this version. Due to contractual agreements, the public disclosure of this information was delayed.)"
On 4/21/10, Craig Froehle <[email protected]> wrote: > IIRC, that was done on OS 1.3.5. I believe I read somewhere that > since then, 1.4.x has fixed many, if not all, of those issues. > > On Wed, Apr 21, 2010 at 8:56 AM, George Kontos <[email protected]> > wrote: >> Palm's WebOS, the software on which the company's Pre smartphone is based, >> is 'riddled' with dangerous security flaws, according to security >> researchers who said they were able to crack the operating system via text >> message. >> A probe of WebOS uncovered a number of easy-to-find bugs, giving the >> impression that Palm had put minimal effort into security, researchers >> from >> Intrepidus Group said in an advisory >> <http://intrepidusgroup.com/insight/2010/04/webos-examples-of-sms-delivered- >> injection-flaws/> published on Friday. The firm also published a video >> <http://intrepidusgroup.com/insight/webos/> demonstrating a Palm Pre >> being >> cracked via text message. >> The researchers demonstrated text messages being used to point the >> device's >> Web browser to a particular Web site, forcing the device to begin >> downloading a message and turning off the handset's radio, among other >> actions. >> http://www.zdnetasia.com/researchers-crack-palm-s-webos-via-text-message-620 >> 62753.htm
