How to Restrict the Treo Find Function
Which Palm Treos are at Risk
According to Symantec, the vendor that discovered this problem, several Palm Treos were found to be at risk from Sprint, Cingular and Verizon. These include the following models:
- Treo 650
- Treo 680
- Treo 700p
Palm stated that they would be doing a software revision to fix the Cingular Treo 680 and the Sprint and Version Treo 700p. They do not have plans to fix the other models.
The Find Function Vulnerability
The security problem lies with the Find function. Although a user can lock their cell phone, in certain circumstances, it’s possible for someone to use this Find feature to search for data. The content of your clipboard could also be viewed. Presumably, someone would search for text strings they thought were contained on the device such as passwords, credit card names and so on.
There are two scenarios where someone could access data on a locked device according to the Symantec advisory. One scenario requires the user to access the Emergency Call Screen. The second scenario occurs when accepting an incoming call.
Unofficial Security Patch
If your phone isn’t one of the ones Palm plans to fix or you don’t want to wait, there is an unofficial patch. The patch, SecurityLockFindFix.prc, was created by Donald Kirker. The fix monitors whether the Find key has been pressed and then checks to see if the device is locked. If the device is locked, it won’t allow the request to go through.
As with any security patch, it’s always advisable to backup your information in case the fix doesn’t work with one of your other installed programs.
You can also follow the progress of this issue at the SecurityFocus web site.
Related Article
- Deleting Cell Phone Data before Upgrading
Last Updated (Tuesday, 08 September 2009 20:50)
