Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Proof of Concept PocketPC Virus Created

Hemos posted about 10 years ago | from the only-a-matter-of-time dept.

Handhelds 152

SpooForBrains writes "The Register has reported that "Ratter" of the virus writing group 29A has created the world's first PocketPC virus as a proof of concept. This one has no payload and is polite enough to ask if it can spread, so the dangers are minimal, but it occurs that the possibility of PocketPC and Symbian virii suddenly makes the concept of bluejacking somewhat more sinister."

cancel ×

152 comments

Reminds me of that windows virus... (5, Funny)

nmoog (701216) | about 10 years ago | (#9736948)

Do you accept the microsoft EULA?

Re:Reminds me of that windows virus... (2, Interesting)

strictnein (318940) | about 10 years ago | (#9737691)

29A in hex = 666 in dec

CRAZY!

E-Darwin (5, Insightful)

Cavio (217880) | about 10 years ago | (#9736950)

Just like biological ecosystems, our information infrastructure has niches, and viral "life" will thrive in any niche it can find for itself. Same with spammers, they are exploiting a niche which exists to make money. Virus writers are exploiting computing niches which allow for this kind of attack.

It is inevitable that any networked system will suffer from these attacks. See the recent Mozilla shell exploits. We have Linux security issues, and as the OS gains popularity, we will start to see virii for it. It will happen.

We have basically created electronic primordial soup. Three cheers for compu-evolution!

Re:E-Darwin (4, Insightful)

Ieshan (409693) | about 10 years ago | (#9736990)

Comparison:

a) There are sadistic people who like to cause people harm by investing time and money into writing virii that inconvenience, destroy data, and render devices useless - meaning to do ALL of these things ON PURPOSE.
b) Viruses evolve.

The fact is, there's no little Virus overlord someplace up in the sky that's trying to cause damage and harm to humans. There *are* lots of other humans who love causing that same damage by writing malicious code.

If everyone decided tomorrow to stop trying to break the machines that others have worked so hard to build, voila - they'd not be broken anymore.

Sadism / Sociopathy has little to do with the Biological Evolution of Viruses. What gives? Why are people so quick to assume that it's okay for people to break things and hurt people just because it's possible to do so?

Re:E-Darwin (-1, Troll)

Carrot007 (37198) | about 10 years ago | (#9737107)

> Why are people so quick to assume that it's okay for people to break things and hurt people just because it's possible to do so?

People are dumb, did you not relise this yet?

Re:E-Darwin (-1)

Anonymous Coward | about 10 years ago | (#9737171)

People in mass are dumb but individual persons are quite smart.

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9737126)



a) There are sadistic people who like to cause people harm by investing time and money into writing virii that inconvenience, destroy data, and render devices useless - meaning to do ALL of these things ON PURPOSE.

True, but since a) you'll never be able to stop this kind of person in general, and 2) those kind of people will always show up when there are technological niches to be exploited, then it simply makes sense to take thier presence as a constant. Sure, it sucks that people do this sort of thing, but it's always going to happen.

Taking this kind of behaviour as a constant, then the "virus evolution" idea has more merit. Instead of random genetic (algorithmic?) mutation, you instead have the constant effect of assholes working on the virus code.


If everyone decided tomorrow to stop trying to break the machines that others have worked so hard to build, voila - they'd not be broken anymore.


If random genetic mutations never happened, there wouldn't have ever been evolution. But they do, and there's nothing anyone can do to stop them.


Sadism / Sociopathy has little to do with the Biological Evolution of Viruses. What gives? Why are people so quick to assume that it's okay for people to break things and hurt people just because it's possible to do so?


It's not okay, but it's always going to happen. So talking about the phenomenon of virus writing like it will or could ever stop is pointless -- it won't.

Re:E-Darwin (3, Insightful)

BigBir3d (454486) | about 10 years ago | (#9737162)

And if people were not writing the viruses for various computer and related platforms, I think the evolution of these platforms would be at a slower pace. It is of no suprise to most people that there are other people out there wanting to test the limits of what can be done.

Re:E-Darwin (1)

cduffy (652) | about 10 years ago | (#9737163)

So? Yes, the growth medium is humans motivated by challenge, or maliciousness, or *whatever* -- but if you take it as a given that somesuch growth medium exists, computer virii behave in several biological ways.

They combine their "genes" as folks splice the new, most effective payloads and mechanisms together; they mutate whenever someone comes up with a new and previously nonexistant technique... etc.

In short -- just because they're made by folks whom society would, generally speaking, be better without doesn't mean that they can't have biological charactristics.

(That said, I'd hesitate to call the folks who made this one "sadistic" -- not only is there no harmful payload, they *ASK THE USER* if it's allowed to spread!)

Re:E-Darwin (3, Funny)

FooAtWFU (699187) | about 10 years ago | (#9737354)

I thought the major point of a virus wasn't to cause damage and harm to humans and evil stuff like that... the point of viruses is to make the machine your zombie and send spam.

Oh, wait. Yeah, I guess you're right. Never mind.

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9737414)

The fact is, there's no little Virus overlord someplace up in the sky that's trying to cause damage and harm to humans.

Just because we don't know of one doesn't mean it's not possible.

Re:E-Darwin (1)

Dr. Evil (3501) | about 10 years ago | (#9737426)

It's not o.k., it's inevitable.

It's also inevitable that somebody is going to try to stop them.

But it is foolish for those people who're trying to stop them to think that they can actually succeed.

You can greatly reduce the likelyhood of somebody authoring viruses with strong detection and deterrants, but that generally has side effects which are worse than the problem.

Viruses are a technical problem, I think they can be solved, they might take a new philosophy in software design, but wrapping up software development and research in laws is a bad idea.

Re:E-Darwin (4, Funny)

meringuoid (568297) | about 10 years ago | (#9737662)

The fact is, there's no little Virus overlord someplace up in the sky that's trying to cause damage and harm to humans.

Another Slashdot evolutionist... there is a Virus Overlord up in the sky trying to cause damage and harm to humans! And he does it because he LOVES you! Why do you keep making him have to hurt you?

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9738138)

"If everyone decided tomorrow to stop trying to break the machines that others have worked so hard to build, voila - they'd not be broken anymore."

And if my aunt had a d**k she'd be my uncle.

Re:E-Darwin (1)

_14k4 (5085) | about 10 years ago | (#9738233)

Your bullet item "A" up there is no different from what the parent poster mentions.

The evolution of this primordial soup is moved along by humans.

Humans like to destroy other humans too. So we've developed to combat that... war, militaries, technology... all because humans fight humans.

So humans like to create virii.. Big deal. What it *does* to is attack other humans, in the end.

(Via their wallet or physically)

So the evolution of computer systems to combat this attack method is in fact a good thing and a *real* thing.

If everyone decided tomorrow to stop trying to break the machines that others have worked so hard to build, voila, we'd no longer have technological advancement.

I'm sure you'd not have a problem driving a Model-T these days no?

Or maybe that battle-born Jeep? It *was* used, after all, in war.. against... *humans*. And after it's weaknesses were found, it... evolved...

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9737049)

If you think the plural of virus (a collective noun, like milk) is virii, do you think the plural of Karmann Ghia is Karmannen Giaeae ?

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9737424)

No, the singular of virii would be virius.

But you're basically right, "virus" in Latin is a stuff-word, which only became a thing-word when it moved into English. It should follow English pluralisation rules, which would indicate "viruses" or -- since it did come from Latin -- "viri" (note: one i).

Re:E-Darwin (3, Interesting)

Anonymous Coward | about 10 years ago | (#9737060)

i really cant wait to start seeing viruses for linux maybe then all you zealots will shut the hell up about MS. As Cavio stated "Linux has security issues" and with security issues and an expanded user base you are bound to get viruses running around, sooner or later it will happen, and it wont matter if there is a patch out within 24 hours of a virus release most people won't patch there computers, most of the problems with computers come from there users. But keeping bitching and moaning about MS one day you'll see, because every OS sucks.

Re:E-Darwin - Optimist? (1)

lcsjk (143581) | about 10 years ago | (#9737251)

I take it you're not and optimist!

Re:E-Darwin - Optimist? (0)

Anonymous Coward | about 10 years ago | (#9737282)

there is a difference between being an optimist and seeing reality. i am all for open source, i am also all for companys making a living off of there products like MS. I have a feeling that open source projects will contuine to catch on, especially projects such as firefox. but the problem will always remain that there will be stupid people using computers, and as long as there are stupid people to open attachments and not install the proper patches we are going to have the same damn problem over and over again.

personally i think there should be some sort of punishment system, if you open an email attachment and get a virus someone should come to your house or place of work and hit in you the head with a baseball bat (first time offender). if that doesnt convince you to watch out then on the second time you get an email virus and open it some should just drag your sorry ass out to the street and beat you to death. i think this would encourage a whole new age of computer fluency.

Re:E-Darwin - Optimist? (1)

B.Hoover (786780) | about 10 years ago | (#9737773)

Boy I sure am glad that you're so kind and loving that you think being a superior computer-user is the most important thing ever to happen to earth. Some of the most computer illiterate people I know are mostly wealthy business owner people... ya know, like the ones who give YOU a job. So beat your paycheck to death, that'd be funny.

Re:E-Darwin (1, Informative)

Anonymous Coward | about 10 years ago | (#9737739)

and with security issues and an expanded user base you are bound to get viruses running around,

You know I keep hearing this..."The only reason that Linux doesn't have as many exploits ...bla bla bla It does not work that way. If that were true shouldn't the worlds most common web server (Apache) have the most vulnerabilities?

Re:E-Darwin (5, Insightful)

pandrijeczko (588093) | about 10 years ago | (#9737176)

See the recent Mozilla shell exploits.

...which were on the Windows version of Mozilla only. Yes, it was a Mozilla problem but the architecture of Windows allowed the hole to be exploited.

We have Linux security issues, and as the OS gains popularity, we will start to see virii for it. It will happen.

Yes, we have Linux security issues, no denying that because Linux is software and software is insecure.

No, we will definitely not see widespread Linux viruses. Here's the reasons:

1. Viruses attack very specific security holes in very specific product versions. The fact that 90% of Internet PC users run Windows, IE & Outlook (Express) creates a perfect community for viruses to spread. In Linux, certain applications (like, say, Mozilla) are very common but spread those over the myriads of different distro versions and the number of common platforms (down to specific library & application version levels) decreases dramatically very quickly.

2. Windows is built with a major security flaw in as much as certain core system applications always have full access to the system. Therefore, if a virus attacks via an application, it can get system-wide permissions. On a poorly administered Linux system, this can also happen but the tendency now is to run applications at a user account level, rather than at root level. Most users are also educated enough not to run constantly as root. Therefore, assuming that you are running a common application version (in 1. above), the effect will be limited by permissions if everything is running as a normal user account.

3. Linux is so customisable that it is relatively straightforward to create a very tightly secure distribution "out of the box". There is in-built kernel-based firewalling, for example and unneeded services are left turned off very easily.

4. The average Linux user is far more Internet-savvy than the average Windows user - and that's not, in any way, devaluing some of the very knowledgeable Windows people that I do work with, for example - but average Joe Bloke at home runs Windows & only tries Linux when he starts to feel like he knows a little more about how PCs and networks actually work.

To put things in perspective a little, UNIX-type systems are susceptible to directed buffer-overflow type attacks where the intruder has done some homework, scanned a particular server, worked out what daemons it runs and then what versions of daemons he/she can attack. That's why good UNIX sysadmining is knowing what daemons to run and keeping them patched to the latest versions.

But please be under no illusions - the architecture of Linux is simply not designed to allow transmission of viruses. The only time this could ever happen is if a high proportion of Linux users ran the same distro version and very common applications.

Re:E-Darwin (-1, Troll)

Anonymous Coward | about 10 years ago | (#9737328)

why is this modded insightful? Surely everyone on /. knows this by now?!

john.e.boy

Re:E-Darwin (1)

GlassUser (190787) | about 10 years ago | (#9737547)

2. Windows is built with a major security flaw in as much as certain core system applications always have full access to the system. Therefore, if a virus attacks via an application, it can get system-wide permissions. On a poorly administered Linux system, this can also happen but the tendency now is to run applications at a user account level, rather than at root level. Most users are also educated enough not to run constantly as root. Therefore, assuming that you are running a common application version (in 1. above), the effect will be limited by permissions if everything is running as a normal user account.

This is blatant FUD. This can only happen on a poorly-configured windows system. It works just like you describe as how linux works.

Re:E-Darwin (4, Interesting)

pandrijeczko (588093) | about 10 years ago | (#9737701)

This can only happen on a poorly-configured windows system.

I accept that but would argue that a Windows system comes "out of the box" poorly configured for security.

Also, take a script on UNIX/Linux and it's permissions are determined purely by the user who ran it, hopefully not root - therefore its effect on the system must be limited.

On Windows, you can disable ActiveX and VB scripts from running, for example, but I do not know of a way of running them safely with limited permissions. (I possibly bow to your greater knowledge of Windows security here.)

Finally, I'd ask you to consider Windows user general mentality anyway. Most home user types are going to be running their systems at home with Admministrator accounts or with themselves set as Administrators for everything they do. On the otherhand, UNIX people do what they can at their own user levels while only resorting to root to do what they need to at that time.

All of these facts illustrate how a virus/trojan program has more (potentially) devastating effects on a Windows system than a UNIX one.

Re:E-Darwin (1)

GlassUser (190787) | about 10 years ago | (#9737779)

I accept that but would argue that a Windows system comes "out of the box" poorly configured for security.
Only has poor as you make it. Of course there's going to be a single default admin account on a fresh system. Just like root on *nix. When you need a user, just add them. There are all sorts of flashy wizards for users that can't grasp "net user username password /add".

Also, take a script on UNIX/Linux and it's permissions are determined purely by the user who ran it, hopefully not root - therefore its effect on the system must be limited.
I don't see how this is different from windows?

On Windows, you can disable ActiveX and VB scripts from running, for example, but I do not know of a way of running them safely with limited permissions. (I possibly bow to your greater knowledge of Windows security here.)
I don't see why you're picking on one class of program or one scripting language. ActiveX in web pages is bad, and I'm sure you'll agree - there's no need to install binaries from random web pages, ever. But why single out vbscript? As far as permissions or system access, it's no different from ECMAscript, Perl, or PHP, on windows. They all go through the same script host and have the same system interfaces exposed. And they're all limited by the permissions of the account ultimate running them.

Finally, I'd ask you to consider Windows user general mentality anyway. Most home user types are going to be running their systems at home with Admministrator accounts or with themselves set as Administrators for everything they do. On the otherhand, UNIX people do what they can at their own user levels while only resorting to root to do what they need to at that time.

All of these facts illustrate how a virus/trojan program has more (potentially) devastating effects on a Windows system than a UNIX one.,/i>
I really don't think it's one mentality vs the other (at least at this level). I think it's more an absolute measure of skill. Some people know how to use a computer, some don't. Simple education will fix that.

Re:E-Darwin (4, Interesting)

Sepper (524857) | about 10 years ago | (#9737833)

This is blatant FUD.

It is, but there is an once of truth in it. The default behavior.

By default, Windows Xp Home runs me as admin, and I had remove permissions for it the be secure...

By default, Mandrake runs me as user. I had to learn to change to root.

But I think the best behavior is with OS X (which I don't own). It prompt you with a password windows each time you need admin access. To me the says: 'STOP! think about what you are doing! Are you sure, you know what you are doing?'

Kinda like the way my sister caught Sircam.exe but when the thing poped-up in ZoneAlarm, she got the reflex to click 'No': "I don't know this application, And everything seems to work OK without it, so there...". She was infested all right, but it didn't spread... (and didn't clog her dial-up line). And off, I did have the "AAAHH! VIRUS!" Reaction when I saw the same pop-up on her computer... Now she google for the file when she don't know... I'm soo proud of my sister, growing up before my very eyes *snif*

Education, can go a long way, but if people can't know they have problems, we can't help them... Default install would go even further... If would force so people to think...

Windows isn't the problem, Ignorance is the problem. Education is the solution.

Re:E-Darwin (0)

Anonymous Coward | about 10 years ago | (#9737871)

This is blatant FUD. This can only happen on a poorly-configured windows system. It works just like you describe as how linux works.

No. Their are STILL windows apps that are running as "root" or even worse running as the machiene itself. Both Microsoft and other 3rd party vendors set up software to run as "root"

Re:E-Darwin (1)

16K Ram Pack (690082) | about 10 years ago | (#9737588)

There's some other reasons...

Open source code allows for more scrutiny. Not just in the exact details of the code, but in terms of overall approach.

It's not a monoculture. If an approach by one app or service seems to give security issues, maybe people will approach it from another route. Also, because it's not a monoculture, people can come up with alternative solutions, and let the market evolve to choose the best one.

"Binding" does not occur, so applications work as applications, not as part of the operating systems. This should provide more checks and balances.

Because things are not added to be "flavour of the month"/forced upgrades/more revenue channels, there is more chance of long-term stability. People will add the things they need to do their job.

Re:E-Darwin (1)

danielpavel (243201) | about 10 years ago | (#9738192)

4. The average Linux user is far more Internet-savvy than the average Windows user - and that's not, in any way, devaluing some of the very knowledgeable Windows people that I do work with, for example - but average Joe Bloke at home runs Windows & only tries Linux when he starts to feel like he knows a little more about how PCs and networks actually work.
True -- Linux's current barrier-of-entry is rather high. But for Joe Bloke to run Linux at home, Linux will have to lower at Joe's level. That must be done carefully, because it obviously can be done very wrong.
The only time this could ever happen is if a high proportion of Linux users ran the same distro version and very common applications.
I think that doesn't sound that much far-fetched when millions of Joe Blokes run the Linux they bought at Wal-Mart's (assuming that's where we're heading).

-silent

No danger yet. (5, Insightful)

vi (editor) (791442) | about 10 years ago | (#9736953)

For spreading viruses need a sufficiently high density of potential victims. So your PoketPC is safe. The story is completely different if someone get this done on cell phones.

Re:No danger yet. (2, Informative)

mischalla (246688) | about 10 years ago | (#9737132)

Quote from the article: "...The same group created a virus capable of infecting mobile phones running the Symbian OS, called Cabir, in June. Cabir - like Duts - was a proof-of-concept exercise..."

First (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9736959)

GW Bush sucks!

First Post! (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9736960)

Yeah!

Can it really spread? (5, Interesting)

yohanes (644299) | about 10 years ago | (#9736962)

Unless there is a flaw on the implementation of the phone can this kind of virus really spreads?

Not phones, not big news (but here's a link anway) (2, Informative)

LondonLawyer (609870) | about 10 years ago | (#9737360)

Unless there is a flaw on the implementation of the phone can this kind of virus really spreads?

It's not a phone virus, it's a Pocket PC virus.

From the article:

The first computer virus to infect handheld devices running Microsoft's PocketPC OS was discovered over the weekend... Cabir - like Duts - was a proof-of-concept exercise. In both instances, 29A sent its malicious code straight to anti-virus firms.

To my mind, the word "discovered" doesn't really apply here.

Previous attempts have been made to monkey around with handhelds. Google is now overflowing with this latest 'news' but I am pretty sure this is not a first. Palms have had their IR connections compromised. Pocket PCs were never going to be bulletproof in the first place.

This threat assessment [cewindows.net] might be useful to someone.

Re:Can it really spread? (1)

antin (185674) | about 10 years ago | (#9737383)

Don't most virii just exploit flaws in something or other? I suppose it depends on your definition of virus - but these days it seems all the internet worms spread through security holes. So yeah, perhaps a perfect phone would be immune, but it is desinged by humans afterall... and a large team at that no doubt.

It *asks* if it can spread? (4, Funny)

Ieshan (409693) | about 10 years ago | (#9736964)

Proof of Concept Amish Virus!

You have been infected. This virus works on the honor system. Please delete all files on your computer. Thank you.

Re:It *asks* if it can spread? (0)

Anonymous Coward | about 10 years ago | (#9737007)

You forgot to add "and send this virus to all of your friends".

Re:It *asks* if it can spread? (2, Funny)

ssbljk (450611) | about 10 years ago | (#9737120)

well, that concept has bug
it should be written "enemies" instead of "friends"

Amish computer ?? (3, Funny)

Fred_A (10934) | about 10 years ago | (#9737465)

Shouldn't that be "please shred all files in your desk drawer" ?

How many times? (5, Insightful)

Anonymous Coward | about 10 years ago | (#9736968)

How many times does it need to be said that the plural of "virus" is "viruses", not "virii"??

Re:How many times? (3, Funny)

Anonymous Coward | about 10 years ago | (#9736983)

manyii.

Re:How many times? (1)

Huring (757464) | about 10 years ago | (#9737058)

Shouldn't that be Manii?

Re:How many times? (0)

Anonymous Coward | about 10 years ago | (#9737079)

That's the plural of "man", you insensitive clod! :p

Re:How many times? (4, Informative)

Anonymous Coward | about 10 years ago | (#9737005)

How many times does it need to be said that no one realy cares?

Re:How many times? (2, Insightful)

chegosaurus (98703) | about 10 years ago | (#9737706)

(Note for those with a tendancy to take everything literally: the "you" in this post is general - it doesn't refer specifically to the parent poster. It is also meant for those who speak English as their first language.)

You call yourselves geeks, you chew people out for the smallest technical error in a linux thread, you go apeshit if someone refers to "Hans Solo" or says Python has cleaner syntax than perl, but you don't take the time to learn the rudiments of the English language.

English is a geek's dream. So much more rich and complicated than anything computing has to offer. Full of curiosities, paradoxes and rules, and incredibly elegant and powerful. Dig in. Enjoy. You can read some pretty amazing books while you're at it.

You confuse "you're" and "your", "they're" and "their", "loose" and "lose", and when someone takes a moment of their time to try and teach you a little something, you call them a "Nazi".

When your C compiler chokes on "maloc" do you whine that "it's obvious what I meant and anyway, languages evolve"?

If you present the linguistic skills and maturity of a nine year old, you might find it's hard to get people to listen to your opinions, however valid they might be.

I'm not nitpicking for the sake of it, I really want people to go out and enjoy learning a valuable skill. Language is wonderful. Make the most of it.

Re:How many times? (0, Funny)

Anonymous Coward | about 10 years ago | (#9737022)

About as many times as it needs saying that multiple punctuation marks are unnecessary!

Re:How many times? (2, Funny)

phatlipmojo (106574) | about 10 years ago | (#9737063)

Sounds like someone has never suffered through a nasty virius.

Re:How many times? (1, Funny)

Samuel Nitzberg (317670) | about 10 years ago | (#9737090)

Groups of unrelated viruses :

Viriis ?
Viriiii ?
viriiiiis?

Viruseses ?

I give up

Re:How many times? (0, Redundant)

Carrot007 (37198) | about 10 years ago | (#9737123)

I'll pluralise how I like thnk you, get back under your log.

Re:How many times? (2, Insightful)

dasnake (738419) | about 10 years ago | (#9737214)

That depends on the language you use.
I don't really care about english, but in the common jargon the plural is 'virii' and in my mother language (italian) is just 'virus'.
A more complete article could be found at: http://en.wikipedia.org/wiki/Plural_of_virus/ [wikipedia.org]
For the people who will reply that english is the language in use on slashdot I would like to point that probably it's the english+jargon the language actually in use :P

Re:How many times? (0, Offtopic)

chegosaurus (98703) | about 10 years ago | (#9737266)

And that the plural of box is boxes?

And that the plural of pizza is not pizza's?

And don't even get me *started* on "Unixen"!

This is news? (4, Insightful)

tobechar (678914) | about 10 years ago | (#9736969)

I mean, c'mon people, the pocket pc is running windows. This virus isn't exactly revolutionary.

At least now I can justify the Zaurus [pdabuyersguide.com] over the 'other guys'!

Dear tobechar (2)

Letter (634816) | about 10 years ago | (#9737074)

Dear tobechar,

I'll turn this around and say "at least now I can justify the PalmOne Tungsten C [palmone.com] . Why not use an OS actually designed for handhelds?

Love,
Letter

Re:This is news? (1)

NanoGator (522640) | about 10 years ago | (#9737758)

"At least now I can justify the Zaurus over the 'other guys'!"

You'd jump to the $700 'distant 3rd' palm device that's nearly twice as big just to get around the potential of getting a virus that would be hard pressed to get to your system by simply adjusting your bluetooth settings? Pardon me, but the worst case scenario is you reset the PDA and re-sync it.

Yet another reason to run Linux on your PDA (4, Insightful)

jerith (324986) | about 10 years ago | (#9736972)

We've come to expect decent security on desktops and servers, why not PDAs as well? At least it may make manufacturers think twice before jumping on the MS bandwagon.

Re:Yet another reason to run Linux on your PDA (-1, Flamebait)

Anonymous Coward | about 10 years ago | (#9737082)

So I'll write a deceiving shell script for the Zaurus that deletes /home, would that give people a reason to switch to Palm or Symbian or whatever the next highest platform is?

Re:Yet another reason to run Linux on your PDA (2, Interesting)

NanoGator (522640) | about 10 years ago | (#9737870)

"We've come to expect decent security on desktops and servers, why not PDAs as well? At least it may make manufacturers think twice before jumping on the MS bandwagon."

Seeing as how niether the PocketPC nor the PalmOS was built from the ground up with the idea of getting on the net right away, I'm not sure why you'd put any more faith in any PDA short of the Zaurus with its Linux based roots. (Yes, I realize you basically stated this in your subject line, but I don't see how you could ignore Palm in this case given their large market.)

I will say this, though: PDA's aren't like computers, at least not today. Your PDA is chained to your computer. It is, for all intents and purposes, a peripheral. You can't, for example, get on the net with either a Palm or a PocketPC and download/install an app. You have to go through the syncing operation. Because of this very nature of these devices, you can rather easily switch to a brand new unit or get back up to speed on one that's been completely reset. (Doubly useful if your PDA is damaged/stolen, which they are far more prone to than virus damage.) In short, virus security is not that high of priority. It is 'a reaason' to be using Linux on your PDA, but it's so low on the totem pole compared to usability that I wouldn't expect a lot of people to give it that serious of thought. Sad? Maybe. Whoopee, download a patch.

I'm not trying to completely poo poo your point. It's valid. I'm just trying to put it in the proper perspective. The lesson I learned from this story isn't that I should ignore the idea of getting a Palm or a PocketPC, but rather that I should turn lock down the Bluetooth feature on whatever PDA I end up getting. The nice thing about BT is that it does have a trust based relationship doohicky going on with it. I know that's true for PocketPC, and I cannot imagine that the Palm or Zaurus wouldn't respect it either. That's just plain good sense whether the OS is secure or not.

Re:Yet another reason to run Linux on your PDA (1)

Pantheraleo2k3 (673123) | about 10 years ago | (#9738154)

-1, Outdated

To take a recent example, the Sony Clie UX50. It has built in WiFi and Bluetooth. You can use the builtin web browser to go to a Web site and download the .zip file with the things you need. You save it on an expansion card or the internal virtual card. You use the included software to unzip the files, then move them to main memory and they're installed.

Yes, it's only one PDA. Yes it is somewhat involved. Yes it only works on programs that aren't distributed in .exe Windows Setup program format. But it can be done

Re:Yet another reason to run Linux on your PDA (1)

SpinyManiac (542071) | about 10 years ago | (#9738224)

That's just not true.
This [www.phm.lu] is one application that can be installed on the device. The default download is to install through Activesync, but you can download the .CAB.
For those of you with no WinCE experience, launching the CAB will install the program.

Famous last words (5, Insightful)

visgoth (613861) | about 10 years ago | (#9736974)

"We don't expect a major outbreak," said Eugene Kaspersky, head of anti-virus Research at Kaspersky Labs. "Duts is unable to spread independently, only infects a limited number of files, and signals its presence in the system when attempting to propagate."

Duts may not be able to spread, but take out the bits that make it "benign" and you've got the makings of a real annoyance. Even if the source for this particular virus is kept safely out of the hands of malicious individuals, the fact that its now been proven do-able means others will try.

Already too late (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9736976)

Every time I line up 3 or more gems in bejeweled, my palm sends out penis enhancement emails. Anyone know how to fix this?

Like the typical outlook virus (3, Interesting)

Gopal.V (532678) | about 10 years ago | (#9736991)

Outlook Express: "do you want to open this file ?"
Joe Blow: "Yes"
** pc crashes ...
Ok, so how's this virus different ?.
Anyway Pocket PC viruses are going to be rarer than one for Macs ...

Reminds of Donut [zdnet.com] , the .NET virus ... but there hasn't been a real one in the wild yet ?.

bash$ alias kill='chmod -R 0666 /'

Re:Like the typical outlook virus (1)

poot_rootbeer (188613) | about 10 years ago | (#9738116)

Anyway Pocket PC viruses are going to be rarer than one for Macs ...

And Apple Newton viruses are going to be even rarer than THAT!

(and now, someone will reply with an obligatory Newton handwriting-recognition joke.)

bluejacking (2, Informative)

mpost4 (115369) | about 10 years ago | (#9736997)

The user to my understanding still has to accept the incomming file. so just make it a polocy (like email) don't open a file unless you are expecting it. Better yet turn of bluetooth discoverbility.

Re:bluejacking (2, Insightful)

b06r011 (763282) | about 10 years ago | (#9737174)

The user to my understanding still has to accept the incomming file

as far as i know, it is possible to display a message on someone's phone without them giving consent. the trick is to create a bogus name in your phone book, and then send that. alot of phones will display a message like

"Buisness card recieved from Jon Smith - save y/n?"

however, to spook someone out (which is really the ultimate goal of bluejacking) you create a 'name' like

"is that a nokia?"

or when the beeps and bemused looks let you work out which poor sucker you have snagged something like

"Nice t-shirt - blue is your colour :D"

i guess it would be possible to get something nasty into someone's phone, but even with the vcards, it's only the name that gets displayed. although i admit it's mean to tease people with impunity from the other side of the tube train; it could be very useful on a long journey with one of those people that we all love - you know the ones who have a long conversation with a friend for a few hours. of course, when i say conversation, i mean monologue...

I've been bluejacking for some time now (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9737009)

I pick up tons of chicks that way. I usually populate the name field with something like "hey baby want to touch my penis?" and they totally swoon.

Yeah, I've gotten laid about 1000 times using that method.

'Course, most of you slashdotters are going to be as smoove with the ladies as I am, but this might give you a fighting chance.

Viruses spreading themselves (1)

PhysicsGenius (565228) | about 10 years ago | (#9737015)

over the "air waves" reminds me of The Adolescence of P-1 [sfandf.com] . When I read it, in the early 90's, I thought "yeah right". Now that viruses can spread so easily, though, any program can essentially hijack the CPU of any computer, which makes the idea of an AI taking over all our computer systems even more plausible.

Swedish virus (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9737026)

This is a swedish virus. Please send this message to everyone on your address book and then delete all files on your computer. Thank you.

Oh No! (0, Funny)

Anonymous Coward | about 10 years ago | (#9737030)

A virus! It'll format the PocketPC's harddrive and install spyware!

Trustworthy computing...a myth? (3, Insightful)

bogaboga (793279) | about 10 years ago | (#9737040)

What happened to the Trustworthy Computing paradigm? I guess if you now mention that to [Sir] Bill G., you might not get all that much! On the other hand, I ask myself why these coders (or virus authors) do not direct their energy to coding for OSS. So many projects need a hand. My help goes in submitting bug reports and cash whenever possible. [But] I could be wrong here, may be some already do something for OSS.

Re:Trustworthy computing...a myth? (0)

Anonymous Coward | about 10 years ago | (#9737105)

On the other hand, I ask myself why these coders (or virus authors) do not direct their energy to coding for OSS.

test

Mr Billy G is NOT a Sir (3, Informative)

NeonSpirit (530024) | about 10 years ago | (#9737314)

I know it's being predantic, but Bill G has an honorary knighthood. Only citizens of countries which reconise the queen as head of state can have full or substantive awards.

The rules are explained a little better here [wordiq.com]

obligatory (1)

Ari_Haviv (796424) | about 10 years ago | (#9737056)

Can your Palm do this?

I'm surprised we haven't seen Palm viruses. (1)

MtViewGuy (197597) | about 10 years ago | (#9737157)

Given how many PDA's and combo PDA/cellphones out there run PalmOS, I'm surprised that someone malevolent "cracker" hasn't created a virus that will cause problem with PalmOS-based units already.

And when that happens and it spreads in the wild, the results will be ugly. =(

Re:I'm surprised we haven't seen Palm viruses. (2, Informative)

brandorf (586083) | about 10 years ago | (#9737348)

There already are PalmOS viruses. See here [f-secure.com] for an example. The key difference is that PalmOS has had only recently gotten any sort of wireless connectivity. So these virus all spread via human intraction (i.e. Hotsync of an infected file, or IR beam of an infected file).

Give it time and there will be ones that spread via bluetooth or WiFi.

Re:obligatory (2, Insightful)

Sepper (524857) | about 10 years ago | (#9737621)

I know the parent post was meant to be funny, but if you could make a palm virus, it could potentially be devastating. Don't know of any phone that runs PocketPC OS (Although i'm sure there are some...),but I know PalmOS runs on Phones (Like the Treo 600...). Any virus that could spread by calling could cause A LOT of trouble... like long-distance calls at random...

But unlike the Pocket PC OS, Palm OS is mutli-threaded, single-task OS. You would have to trick the OS into making the virus a new Thread of the current process... Not impossible but a bit harder to do...

I see to remember a article that compared the Pocket PC OS with PalmOS, stating that, while PalmOS was inferior, It was better designed for the job (it did not try to do everything)... I don't have the link (I'm at work)

Any Palm dev/coder out there that could comment?

Pocket Antivirus (2, Funny)

Caniffe (515270) | about 10 years ago | (#9737068)

"Is that a virus in your Pocket or are you just happy to see me?"

Bluetooth viruses... (5, Insightful)

Audigy (552883) | about 10 years ago | (#9737070)

It would be interesting if the affected Bluetooth-enabled Nokia phones mentioned in a previous article a few weeks ago were somehow able to transfer their goods to PocketPCs ... ...come on now, how many people do YOU know with a Bluetooth-enabled PocketPC, who leave Bluetooth discovery on? (I have an iPaq 2215, but Bluetooth is off to save battery life)

This is a neat proof-of-concept, but I think these virus creators should go back to hacking cell phones if they want to make waves. :)

Re:Bluetooth viruses... (2, Informative)

S3D (745318) | about 10 years ago | (#9737303)

So called "Nokia virus" was a more a sham then a real threat. To spread it would require three time answer "yes" on different security warnings: "Recieve message via Bluetooth...?" Yes "Install Caribe ?" Yes "Application is not signed , identity can not be veryfied install on your own risk..." Yes. There is no way to bypass thouse messages.
It would be interesting if the affected Bluetooth-enabled Nokia phones mentioned in a previous article a few weeks ago were somehow able to transfer their goods to PocketPCs No it's not possible, Symbian and PocetPC are not binary compatible.

No Worries... (3, Funny)

wbav (223901) | about 10 years ago | (#9737078)

if you have an ipaq 1940/45. It seems if something writes to the "filestore" the rom becomes corrupt and it has to be sent back to hp. As my main memory is basically full, I'll know when a virus hits; my ipaq's rom will need to be reflashed.

Speading viruses via Sybian? (1, Insightful)

Gothmolly (148874) | about 10 years ago | (#9737098)

The idea of spreading viruses via Sybian seems far more sinister, and far nastier. All things considered, it was only a matter of time before the Sybian was used as an infection vector.

What this really proves... (3, Insightful)

agraupe (769778) | about 10 years ago | (#9737100)

This proves that every networked computer device can be infected with a virus. This makes it stupid and illogical to assume that there will be no security holes on any given OS. What matters is how severe those security holes are, and how quickly they are patched. It is in that area that linux is firmly ahead of Microsoft (and perhaps OS X, I'm not sure).

How many devices are vulnerable to bluejacking? (0)

Anonymous Coward | about 10 years ago | (#9737148)

The answer is here in this report 21kb PDF [zero-sum.net] .

Re:What this really proves... (1)

Dan East (318230) | about 10 years ago | (#9737281)

The article doesn't mention anything about exploiting security holes. I get the impression that the virus spreads using any standard file transfer method. Obviously it could also spread over IrDA file transfer, but that doesn't mean it somehow exploits a weakness in that connectivity.

Also, why bother looking for and exploiting security holes when you've got ActiveSync? It allows the host PC full access to the Pocket PC filesystem, including the ability to execute programs. I would be far more afraid of a standard Windows virus / worm that decides to wipe out all the data on my Pocket PC when I ActiveSync than an actual Pocket PC virus.

Dan East

And the dialog box states, (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#9737109)

"All your pockets are belong to us"

You did not get Latin. get over it. (0, Offtopic)

stud9920 (236753) | about 10 years ago | (#9737178)

You did not get Latin classes. Get over it. There is nothing to be ashamed of. That language is only useful to scholars, and even a Romance language speaker will get a better grasp at his own language by learning a near (foreign romance) or far (German) cousin language. So don't try to make up a plural form for Latin words. the plural form of virus is not virii, that would be the plural form of virius. "Virus" is apparently one of the few neuter words of the second declination, and has no plural. more info [debian.org]

As Uncle Cecil (1, Interesting)

ewn (538392) | about 10 years ago | (#9737361)

As usual, The Straight Dope [straightdope.com] has an exhaustive entry on the issue:

The one inescapable fact is that in classical Latin, there was no plural of the word. In English, the only correct plural is viruses.

Pocket PC issues (3, Interesting)

Dan East (318230) | about 10 years ago | (#9737200)

Creating a Pocket PC virus is a trivial matter. It uses the PE format, so I'm sure it would be very simple to adapt virii to infect Windows CE files - basically just a recompile of the virus source to XScale / ARM (assumming it is not in x86 ASM).

Windows CE is actually more secure than Windows XP because the majority of the OS is in ROM. Those files are protected at the file system level - it is not even possible to read or copy the files, let along modify them.

After an infection one could always do a hard reset to quickly have a clean device that is at least usable.

Also, the amount of damage that could be inflicted would be moderate because most PDAs are synchronized with a host PC. So the information on the PDA is essentially backed up multiple times a day.

The real concern would be a virus that could propogate over multiple platforms running different processors. This is one reason to be afraid of .NET / C# bytecode.

Dan East

Re:Pocket PC issues (ROM isn't magic) (4, Interesting)

jetmarc (592741) | about 10 years ago | (#9737472)

> Windows CE is actually more secure than Windows XP because the majority of the OS
> is in ROM. Those files are protected at the file system level - it is not even
> possible to read or copy the files, let along modify them.

Keeping files in ROM does not inherently constitute a better virus protection.
Of course, altering a ROM file is (usually) impossible. However, any complex
operating system has a lot of options for RAM or FLASH based files to "hook-in",
and RAM and FLASH are certainly not impossible to alter.

A virus that hooks into the startup sequence of a pocket device is as effective
as a hypothetical one that managed to alter the ROM of that device. Sure, a
ROM device might have a "wipe-all" reset button that gets rid of the virus,
but it would get rid of all personalization data as well - files, installed
software, addresses etc.

So, how does that make the ROM device less vulnerable to virus attacks? It
can't be rendered completely unusable. Ok. But all the other threats continue
to exist. You can loose your data, you can spread the virus to other devices,
you could even sync a multiplatform virus to your desktop PC, etc.

Marc

Re:Pocket PC issues (1)

djeaux (620938) | about 10 years ago | (#9737794)

Also, the amount of damage that could be inflicted would be moderate because most PDAs are synchronized with a host PC. So the information on the PDA is essentially backed up multiple times a day.
For PDAs that are regularly synch'ed to a desktop, couldn't the desktop antivirus be tuned to scan files destined for the handheld (or the handheld itself, for that matter)?

I know this option wouldn't be viable for the increasing number of folks who are fetching content wirelessly... But for folks using their PDAs in "plain vanilla" situations, the desktop is a gateway of sorts & could be the logical place for virus checking.

Oh great... (3, Funny)

Steve Cox (207680) | about 10 years ago | (#9737243)

If memory space for running programs on my PDA was not limited enough. Now I'll have to waste more of it running a virus checker.

Steve.

Re:Oh great... (0, Flamebait)

Oddly_Drac (625066) | about 10 years ago | (#9737398)

"If memory space for running programs on my PDA was not limited enough. Now I'll have to waste more of it running a virus checker."

Run the virus checker on your sync platform and stop whining.

Re:Oh great... (0)

Anonymous Coward | about 10 years ago | (#9737578)

> Run the virus checker on your sync platform and
> stop whining.

The thought of running it on the desktop hadn't escaped me. It would be able to scan all of the software I install via ActiveSync.

Then I realised it was a pretty crap idea

If I have a WiFi card in my PDA I access the mail server and the web directly. If (or when based on other Outlook products) someone finds an Pocket Outlook exploit, what use is your desktop then?

If someone finds an exploit for bluetooth or irda, what use is your desktop then?

Hell, with my WiFi card my PDA is always visible on the network. No firewall either!

Great idea. I can use the desktop to attempt to clean up the mess of my PDA after it has got a virus.

Steve.

Re:Oh great... (1)

Steve Cox (207680) | about 10 years ago | (#9737641)

Sorry. I made my reply to your post from another machine and went in as AC(0).

The general idea was:

CRAP IDEA.

If the PDA has bluetooth/irda you can get it that way (should an exploit be found). More importantly, if it has WiFi it will probably go into the mail server directly. Additionally, if you have WiFi, then you have an IP address which can also be attacked.

The desktop cannot help you at all in these cases.

Steve.

Also mentioned (1)

floydman (179924) | about 10 years ago | (#9737403)

on CNET news [com.com]

You don't need viruses (2, Funny)

gilesjuk (604902) | about 10 years ago | (#9737565)

Windows Mobile is easy enough to mess up without viruses. It implements the registry like on desktop Windows, only it's harder to backup.

Quite a few people on the E800 forum I read have had problems where their Bluetooth stops working.

Satanic? (0)

Anonymous Coward | about 10 years ago | (#9737809)

This virus was written by a satanic cult that listens to heavy metal music!
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...