Palm security vulnerabilities
Results 1 to 8 of 8

Thread: Palm security vulnerabilities

  1. #1
    Banned
    Join Date
    Mar 2002
    Posts
    968

    Exclamation Palm security vulnerabilities

    Here is a security flaw to the Palm OS....

    Beaming programs. -- The Palm will automatically pick up the nearest beam by IR. I've read stories on the net that people (in larger towns) go around using their Palm and trying to transmit by IR on buses and subways. When they find a Palm that's on and receiving, they send an app they compiled and hope the user accessess it.

    The program is disguised as something else (two examples here are; 1- name it and icon it the same as another, to confuse the user to accidentally use the wrong one (ie: Address & Clock), or 2- call it a useful utility or game and hope they check what it is.

    The program does one of two things, it either attempts to delete the whole Palm (using PalmDOS and some modifications) or writing a crashing program that will require a hard reset. (which causes all data to be lost.)

    I've also heard about a .pdb file that is on runtime and activates with the Clock alarm setting.

    I've been trying to find this site that I am mentioning from, but can't for the life of me remember the URL... I'd check my history but it was on a 'puter at college.

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    1,463
    Hmmm... I wonder what kind of people hack PalmOS?

  3. #3
    The Lizard King SarinMage's Avatar
    Join Date
    Jan 2002
    Location
    California
    Posts
    561
    PALM OS!!!

    FINALLY something i can actually talk about!!!!


    IR beaming goes one way, you cant get anything back, and the user MUST accept the beam.

    lemmie ask you this... the palm asks you if you want to recieve the application after it has been beamed. it ALWAYS asks you..... why would you accept a random application that just appeeares on your palm?

  4. #4

  5. #5
    Banned
    Join Date
    Mar 2002
    Posts
    968
    Thanks for the finds AcidSpectrum!

    I knew some of them but some I did not. It's always good to know!

    SarinMage, I totally understand what you are talking about, but how often have you seen a younger person find something and go "ooh!" ? Some people can be dumb....

    BTW, what Palm are you using?

  6. #6
    Banned
    Join Date
    Mar 2002
    Posts
    968
    BTW...

    How would someone be able to find a reciever Palm if someone is not using the Palm (unless it's accidentally on)??????

  7. #7
    Banned
    Join Date
    Sep 2001
    Posts
    522
    I think its a total dumb form of hacking and wouldnt concider it hacking........ now WinCE on the other hand has alot more features...... that i can actualy work with..... but palm is just nothing more then an advanced orginizer..... i dont know, just personal oppinion i guess

    but making palm into a linux terminal is uber that can be fuuuun

  8. #8
    The Lizard King SarinMage's Avatar
    Join Date
    Jan 2002
    Location
    California
    Posts
    561
    /me has to try linux on his palm...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides