Security Vulnerabilities in the Palm OS version 3.x

PDAs using the Palm OS(R) are becoming more popular by the day; sales are up quarter after quarter. Is the data on your Palm device at risk? Yes! Take a moment and think about the data on your Palm device you do not want to be public knowledge: credit card numbers, PINs, banking information, passwords, client lists, sales strategies, competitive information. 'But I have a password set for power on and I use private records' you say. Unfortunately these precautions do not mean your data is secure. It is true that someone must be in physical possession of your Palm device to do most of the things discussed in this article. By their very nature Palm devices are easily stolen or misplaced allowing them to fall into malicious mischievous or simply curious hands. This article will examine the security features standard with the Palm OS(R) version 3.x their vulnerabilities and some alternative security software which help remedy these vulnerabilities. The classic ideals of information security apply to a Palm device as well as to a network. The key to any good security strategy is defense in depth. A good perimeter (in this case a robust locking system at boot) and encryption of data on the Palm device protected by another strong password make up an adequate defense for most individuals.