Penetration Testing mailing list archives
[PEN-TEST] Palm Pilot Security
From: Mike Ahern <mc_ahern () YAHOO COM>
Date: Thu, 25 Jan 2001 09:43:33 -0800
A Quick Question... Does anyone have any real life experience in evaluating the security of Palm Pilot systems? Someone is proposing using the Palm along with RSA/Security Dynamics soft token, and as a method of gaining some remote network access. I am being asked to sign off on it. I understand that the Palm units may be password protected, but that on the original Palm Pilots you could remove the batteries to reset the unit & password. Also I understand that new Palm 5 units use an internal lithium rechargable battery, and have a reset button that can be used to "reboot" the Palm Pilot. I also am aware that the L0pht guys found a way in the past to undermine the security of the Cryptocard soft token. Anybody aware of methods to hack past the password protection on the Palm? I assume that like anything else, physical access equals potential for 100% system compromise. Anyone aware of any RSA/Security Dynamics soft token security issues on the Palm Pilot? Any thoughts or experiences shared (lessons learned) would be appreciated... - Mike __________________________________________________ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/
Current thread:
- [PEN-TEST] Palm Pilot Security Mike Ahern (Jan 25)
- Re: [PEN-TEST] Palm Pilot Security Crist Clark (Jan 25)
- Re: [PEN-TEST] Palm Pilot Security Rory (Jan 25)
- Re: [PEN-TEST] Palm Pilot Security Aviram Jenik (Jan 29)
- <Possible follow-ups>
- Re: [PEN-TEST] Palm Pilot Security Mitch James (Jan 25)
- Re: [PEN-TEST] Palm Pilot Security Ng, Kenneth (US) (Jan 29)
- Re: [PEN-TEST] Palm Pilot Security Wall, Kevin (Jan 29)
- Re: [PEN-TEST] Palm Pilot Security sporty o'one (Jan 29)
- Re: [PEN-TEST] Palm Pilot Security Scott Treacy (Jan 29)
- Re: [PEN-TEST] Palm Pilot Security Walsh, John (Jan 29)
- Re: [PEN-TEST] Palm Pilot Security DK (Jan 29)
(Thread continues...)