Vulnerability Development mailing list archives
Re: Palm Bean Lock feature
From: Kingpin <kingpin () atstake com>
Date: Sun, 17 Dec 2000 13:00:09 -0500
[For those interested, the advisory in question was for the Secure Computing SafeWord e.iD soft token which stores the PIN and critical information in a Palm database file (original advisory at http://www.atstake.com/research/advisories/2000/a121400-1.txt)] The "Beam Lock" protection bit is a single bit (e.g "beam" or "don't beam") that is associated with each database on the Palm device. Because all databases are readable by any other application on the Palm, it is trivial to cycle through all the databases (or choose a particular database) and change that bit. A tool I wrote awhile back (2 years?) demonstrates this. You can grab it from http://www.atstake.com/research/tools.html -kp On Sat, 16 Dec 2000, Christian wrote:
Hi, Recently on BUGTRAQ, when discussing a vulnerability with a certain piece of Palm software, it was mentioned that: * If an attacker obtains access to the user's Palm device he can copy via IrDA (infrared), or "beam", the "sceiddb.pdb" file. By default this file does not have the "Beam Lock" protection bit set. This bit tells the PalmOS not to allow the beaming of the file. But the "Beam Lock" protection can be easily disabled. Does anyone know how this "beam lock" protection is enabled/disabled? I can't find any way of doing it via the ordinary interface so I assume it's a little more sophisticated than this. Regards, Christian.
Current thread:
- Palm Bean Lock feature Christian (Dec 17)
- Re: Palm Bean Lock feature //Stany (Dec 18)
- <Possible follow-ups>
- Re: Palm Bean Lock feature Kingpin (Dec 18)