Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Palm OS > Palm OS Malware - Pg. 249

OperatingSystemandDeviceVulnerabilities·Chapter7 249 designed for PDAs only, today most of the Palm OS­based devices are smartphones. There is much more to say about Palm OS, and the history of Palm is long and complicated. For additional details on both, please refer to the links at the end of this chapter. Palm OS Security Palm OS is a single-user operating system that does not have the notion of a user or an administrator. On a Palm OS­based device, every application basically has access to every file and database. Further, any application can hook and therefore intercept almost any system call on a Palm OS device. Although this functionality is not used by any of the malicious applications described later in this section, it has the potential for abuse. On the bright side of security for Palm OS is the file system encryption that was introduced with version 5.0 of the OS. Here, files can be encrypted with RC4. AES was added later through a system update. The Palm OS Password Issue Palm OS contains a security feature to control access to private data stored on a device. If activated, the user must enter a password in order to access or synchronize any database marked as private. With Palm OS version 3.5.2 and earlier, the password could be easily retrieved with physical access to the device. Accessing the password was relatively simple