Information Security News mailing list archives
Padlock Your Palm
From: InfoSec News <isn () C4I ORG>
Date: Wed, 14 Feb 2001 01:03:23 -0600
http://www.forbesbest.com/0226/060.html [Pretty bland article, Even for the calibre of Forbes. But I have never heard about the story in the first paragraph, and if anyone knows more details, I want to hear them. Especially with HIPAA and doctors loving their PDA's! The fifth paragraph on the first page seems like it barely belongs here, However I would love to see a Freedom application for the wireless Palm pilots, And again, if anyone knows of anonymity products for PDA's, Please drop a line. - WK] Edited by Nikhil Hutheesing Best of The Web 02.26.01 Last summer a couple of teenagers hacked into the network of an Internet health company, intercepted 14,000 patient records and discovered that a classmate was infected with HIV. They then cruelly boasted about their findings on a Web chat room, exposing their classmate's identity. This, however, wasn't a typical computer hacking incident. The network these kids broke into was a peer-to-peer wireless network of Palm personal digital assistants. The PDA network was being tested by a group of physicians, nurses and clinicians who wirelessly swapped patient information from one PDA to another. The teens, it seems, walked into the company armed with another Palm PDA. Using the technology that allows one PDA to synchronize with another, they were able to intercept patient data as it was beamed around the company . Since there are few wireless PDA networks today, such break-ins are almost unknown. But Lawrence Ponemon, a senior partner for PricewaterhouseCoopers, warns that as third-generation cell phones and PDAs with powerful processors become common, they will become more vulnerable. The problems will multiply as wireless networking technologies, like Bluetooth, allow devices to talk to one another. "Such information could be used to create a central profile of you that will be used by marketers, hate groups and would-be terrorists," says Ponemon. This risk is real because service providers, like GoAmerica and Verizon Wireless, will be required to implement location-based services so that the FCC can make sure that as you move around, you aren't being overcharged by your carrier. The byproduct is that the providers will know details about your life and habits: when you leave work, what route you take and whether you stop at Hooters on the way home. In the hands of stalkers, terrorists or, say, pesky marketing companies, such information could be compromising. A terrorist, for example, could figure out where a group of high-level executives or politicians regularly congregated. So how do you protect your handheld? First, turn on the password-protection feature. It's a nuisance to type in a password, but it'll help keep your data safer. Use your PC to check the wireless privacy policy of sites. If there is no special policy, don't access the site from your PDA. In the future, buy devices that have the new privacy-preference cookies built in. These cookies regulate the data that comes and goes from your PDA, according to your specifications. Expect these cookies in future Blackberry and Palm devices and cell phones. Also, check with your provider to see if its service works with companies like Zero Knowledge, Pravada and Anonymity Online. These outfits let you create truly anonymous pseudonyms so that transactions can't be traced back to you. [...] ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Padlock Your Palm InfoSec News (Feb 13)