Security Basics mailing list archives

Re: Securing iPAQ h3950 using Windows Mobile 2003

From: Eric Maiwald <emaiwald () fred net>
Date: Tue, 14 Oct 2003 14:11:24 -0400 (EDT)

On Sun, 12 Oct 2003, Roy sgan-cohen wrote:

1. Is there a way to limit the sync only to a specific computer and to

disable the sync to any other computer ? Is there a utility that does that
simply (aside HP's Security Enhancements) ? Is it possible to write this c
heck alone for the iPAQ (based on certificates for example) ?

Not that I am aware of. If you take a device and hook it up to a computer
with active sync on it, it will try to establish an association.

2. Is it possible to enforce all the PDAs to a certain security policy ?


Yes, but you need to add third party software. [disclaimer - I work for a
company that makes such software] With the third party software you can
set a policy for passwords, file encryption, network traffic, etc. The
exact functionality depends on which product you purchase.

3. Is it possible to disable the IR for instance, or the use of an

application or bluetooth etc. ? (If it involves changing registry keys,
please tell me which keys should I change)

My understanding is that the answer is yes to IR. I am unaware of the
capability to turn off Bluetooth. I do know that there are projects at
several vendors and in the US Government to turn off the communications
and recording capabilities of the devices.

4. Is it possible to use encrypting methods based on PKI for iPAQ running

Mobile 2003 ? (sending encrypted mail, encrypting the file-system, etc.) all
based on the existing PKI infrustructure in the organization and using
(if possible) the smart cards already available for the users.

Yes. There are third party products that do this (Certicom for example).
You can also purchase a sleeve (called Blue Jacket) that will accept a
smart card - I know if works for the DoD CAC smart card.

Eric

Eric Maiwald, CISSP
Director, Product Management and Support
Bluefire Security Technologies, Inc.



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Securing iPAQ h3950 using Windows Mobile 2003 Roy sgan-cohen (Oct 14)
- Re: Securing iPAQ h3950 using Windows Mobile 2003 Eric Maiwald (Oct 14)