April 18th, 2002, 09:27 PM
Palm security vulnerabilities
Here is a security flaw to the Palm OS....
Beaming programs. -- The Palm will automatically pick up the nearest beam by IR. I've read stories on the net that people (in larger towns) go around using their Palm and trying to transmit by IR on buses and subways. When they find a Palm that's on and receiving, they send an app they compiled and hope the user accessess it.
The program is disguised as something else (two examples here are; 1- name it and icon it the same as another, to confuse the user to accidentally use the wrong one (ie: Address & Clock), or 2- call it a useful utility or game and hope they check what it is.
The program does one of two things, it either attempts to delete the whole Palm (using PalmDOS and some modifications) or writing a crashing program that will require a hard reset. (which causes all data to be lost.)
I've also heard about a .pdb file that is on runtime and activates with the Clock alarm setting.
I've been trying to find this site that I am mentioning from, but can't for the life of me remember the URL... I'd check my history but it was on a 'puter at college.
April 18th, 2002, 09:35 PM
Hmmm... I wonder what kind of people hack PalmOS?
April 18th, 2002, 09:39 PM
FINALLY something i can actually talk about!!!!
IR beaming goes one way, you cant get anything back, and the user MUST accept the beam.
lemmie ask you this... the palm asks you if you want to recieve the application after it has been beamed. it ALWAYS asks you..... why would you accept a random application that just appeeares on your palm?
April 18th, 2002, 10:42 PM
April 19th, 2002, 04:16 AM
Thanks for the finds AcidSpectrum!
I knew some of them but some I did not. It's always good to know!
SarinMage, I totally understand what you are talking about, but how often have you seen a younger person find something and go "ooh!" ? Some people can be dumb....
BTW, what Palm are you using?
April 19th, 2002, 04:18 AM
How would someone be able to find a reciever Palm if someone is not using the Palm (unless it's accidentally on)??????
April 19th, 2002, 07:32 AM
I think its a total dumb form of hacking and wouldnt concider it hacking........ now WinCE on the other hand has alot more features...... that i can actualy work with..... but palm is just nothing more then an advanced orginizer..... i dont know, just personal oppinion i guess
but making palm into a linux terminal is uber that can be fuuuun
April 19th, 2002, 02:54 PM
/me has to try linux on his palm...