Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Crackers can zap data off Palm Pilots

From: InfoSec News <isn () C4I ORG>
Date: Thu, 25 Jan 2001 02:35:03 -0600
Forwarded by: r o <ltlitaly () hotmail com>

@stake seems like a company really struggling to find some business
especially when they employ these types of scare tactics.  I think
most people know that most mobile devices aren't secure, @stake should
try some different marketing tactics because reading through the lists
on the Palm developers forum, most of the coders are a little tired
from them.  But eventually there will be some secure devices, just
wait.  Then, I'm sure that @stake will still be crying about something
new.



From: InfoSec News
Reply-To: InfoSec News
To: ISN () SECURITYFOCUS COM
Subject: [ISN] Crackers can zap data off Palm Pilots
Date: Sat, 20 Jan 2001 02:26:47 -0600
http://www.vnunet.com/News/1116644
By Ian Lynch [19 Jan 2001]

Security consultants @stake have added to the weight of expert opinion
that business use of PDAs such as a Palm Pilot may be a security risk.
@stake, a US-based security consultant, has written a piece of
software code that can zap passwords off targeted Palm Pilots through
taking advantage of the PDA's hotsync function. Hotsync is used to
transfer data between the user's PC and a Palm Pilot.

Called Notsync, the code fools the targeted Palm Pilot into thinking
it is talking to the user's desktop computer, rather than a hacker's
PDA. The hacker then downloads the target's password via the target
machine's infrared port.

[...]

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: