Crackers can zap data off Palm Pilots
Crackers can zap data off Palm Pilots
Contact:[email protected]
This is a multi-part message in MIME format.
------=_NextPart_000_0005_01C084A2.2EAE09E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Crackers can zap data off Palm Pilots
Security consultants @stake have added to the weight of expert opinion that
business use of PDAs such as a Palm Pilot may be a security risk.
@stake, a US-based security consultant, has written a piece of software code
that can zap passwords off targeted Palm Pilots through taking advantage of
the PDA's hotsync function. Hotsync is used to transfer data between the
user's PC and a Palm Pilot.
Called Notsync, the code fools the targeted Palm Pilot into thinking it is
talking to the user's desktop computer, rather than a hacker's PDA. The
hacker then downloads the target's password via the target machine's
infrared port.
Infrared ports have a range of 50cm to 100cm, but @stake said amplifying
systems can increase the range threefold.
The consultant said its Notsync code could be written by any competent
hacker, and is warning firms to make sure they know what company information
is being held on their employees' PDAs.
Notsync's author, Mudge, vice president of R&D at @Stake, said: "They are
completely vulnerable."
According to handheld manufacturer Psion, 70 per cent of IT managers are
concerned about how to integrate mobile
working and applications into office networks. The firm said around 75,000
people received handhelds for Christmas.
@stake believes the line between personal and corporate information on
mobile technology is becoming blurred, and that this may put sensitive data
at risk through exposing links to corporate networks.
The firm believes that users often use the same password on their PCs as
other devices, thus exposing the corporate LAN from the Palm Pilot. It says
organisations should make it standard practice that employees use different
passwords for their various computers.
Mudge said: "Wireless is extending the frontier of the corporate network and
lowering the level of security, while magnifying the problems."But he added:
"We're not trying to scare anyone here. We're trying to stress that
companies must adopt a strategic approach to wireless security.
"There's an opportunity with wireless to accentuate security and have it
thought of as an enabling activity rather than as an after-the-fact
reaction."
"Companies may not need to increase their security budget," said Mudge, "but
they do need to focus more intensely on where they are spending. They need
to know which data is sensitive to them, where it is and what it's doing."
http://www.vnunet.com/News/1116644
------=_NextPart_000_0005_01C084A2.2EAE09E0
Content-Type: application/X-Microsoft-OLE-object;
name="Picture"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="Picture"
0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAPgADAP7/CQAGAAAAAAAAAAAAAAABAAAAAQAAAAAAAAAA
EAAAAgAAAAEAAAD+////AAAAAAAAAAD/////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////9
////BAAAAP7////+/////v//////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////1IA
bwBvAHQAIABFAG4AdAByAHkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAWAAUA//////////8CAAAAFQMAAAAAAADAAAAAAAAARgAAAAAAAAAAAAAAAOARhBfMhMAB
AwAAAMABAAAAAAAAAQBPAGwAZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAoAAgH///////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAFAAAAAAAAAACAE8AbABlAFAAcgBlAHMAMAAwADAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAACAQEAAAADAAAA/////wAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAADaAAAAAAAAAAMATQBhAGkAbABTAHQAcgBl
AGEAbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAIB/////wQA
AAD/////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAwAAAAAAAAA/v//
/wIAAAADAAAABAAAAP7////+/////v//////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////8BAAAC
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA/////wMAAAAEAAAAAQAAAP////8CAAAAAAAAABoAAADTAAAAmAAAAAEACQAAA0wAAAADABwA
AAAAAAQAAAADAQYABQAAAAwC0wAaAAcAAAD8AgAAAAAAAAAABAAAAC0BAAAIAAAA+gIAAAAAAAAA
AAAABAAAAC0BAQAcAAAA+wIMAAkAAAAAAJABAAAAAAACAgJNUyBTYW5zIFNlcmlmAAQAAAAAAP//
//8BAAAAAAAwAAQAAAAtAQIAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATkFOSQAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAaAAAA1AAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAABAAAAAAAEAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFIAaQBj
AGgARQBkAGkAdABGAGwAYQBnAHMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAcAAIA////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAA
AAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAD///////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////////wAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////
////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
------=_NextPart_000_0005_01C084A2.2EAE09E0--
Back to the Index