People using the system password lock to secure data on their Palm Treo smart phone may not be as safe as they think they are.
The Palm OS Treos have a flaw in the feature that allows users to access data, according to a security advisory from Symantec posted on Wednesday. Even if the device is locked down, anyone who picks it up can use the smart phone's Find feature to call up data on the device. Text information on Treo applications and databases, like Memos, Calendar and Tasks, can be accessed this way.
People can access the Find feature when the Treo is locked by issuing keyboard shortcut keys on the Emergency Call screen and the Call In Progress screen that pops up when an incoming call is accepted, according to the advisory.
Symantec's advisory also notes that a fix has not been issued.
"Virtually all of your organizations are currently supporting the use of mobile devices in one way, shape or form," says Maarten Van Horenbeeck, commenting on the issue on the Internet Storm Center Web site. "That these may impact the organization's security posture has been proven by new threats, such as cell phone viruses (Commwarrior, Cabir) and Bluetooth hacking. These examples show that an understanding of wireless technology needs to be built into all security capabilities within the organization; not just into policy statements, but also in their respective translation into procedures, guidelines and the supporting awareness programs."
Symantec recommends that users encrypt the data on their smart phones.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
