Protecting Mobile Devices from Hackers - Page 2

 By Paul Korzeniowski
Page 2 of 2   |  Back to Page 1
Print Article

New Devices, New Issues

Breaking into a mobile device is not simple. The Palm OS is much less complicated than a PC operating system and therefore has fewer potential entry points. Also, handheld devices are small and have only a few megabytes of memory compared to the tens or hundreds available on PCs. Hackers have to code judiciously to get their software to run on handheld devices, noted Symantec's Nachenberg.

Fixing defective code is also simpler than with a PC. By turning a handheld off and rebooting it, a user rids a system of problem codethe only downside is that any interim data stored in the device is lost.

However, handhelds also raise new potential problems. These devices contain all or part of their operating system on flash read-only memory cards; theoretically a virus could render the entire system, rather than a few programs, unusable.

Help Is on the Way

Help is emerging for security managers. Computer Associates International Inc., in Islandia, N.Y, Network Associates, Symantec, and Trend Micro Inc., in Cupertino, Calif. have developed security products for handheld systems.

The device's minimal main memory has made product development challenging. Typically, security software loads lists with the names of tens of thousands of viruses and then compares them to any downloaded software.

Since there isn't enough room on handhelds for our existing software to run, we are use a different technique to check for viruses, noted McGee of Network Associates. The company's handheld security software operates on PCs as users synchronize desktop and handheld information. While this approach offers vendors more room for writing their applications, a virus could operate for days or weeks on a system without the user noticing.


Minimizing Risk

Companies can take steps to minimize the risk. Palm encourages users to synchronize their data regularly. Not only does doing so ensure that they always have a current backup of their data, but it also means that getting rid of any undesired application simply entails running the reset program.

Enterprises should also institute policies against loading unknown applications onto the devices. This step may not be popular with users who wish to store personal software, such as games, on their devices, but it will help companies ward off attacks.

Users who are concerned that someone might maliciously beam a virus onto their device from another Palm handheld can password-protect their systems. When the intruder tries to load the defective software, the system will prevent it.

Strong security policies can help companies prevent problems with handheld devices, noted Jan Sundgren, an associate analyst at Giga Information Group, a Norwell, Mass. market research firm. As they become more aware of the potential problems, I expect corporations to put them in place. //

Paul Korzeniowski is a freelance writer in Sudbury, Mass. and specializes in networking and telecommunications issues. His electronic mail address is paulkorzen@aol.com.

This article was originally published on Nov 26, 2000
Get the Latest Scoop with Networking Update Newsletter