The new virus war zone: Your PDA

As more PDAs and smart phones get connected to the Internet, they're increasingly vulnerable to the world of viruses.

Call it a social illness. As handheld devices become increasingly interconnected, PDAs and smart phones will become more vulnerable to viruses, say players in the security industry. Handhelds may even provide new paths for viruses and malicious code attempting to enter corporate networks.

"(Companies) are realizing that the PDA is a hole in the security net," said Ryan McGee, product marketing manager for McAfeeB2B.com Corp., the anti-virus software subsidiary of Network Associates Inc. "The devices don't have a lot of security. It is something that they have not managed to squeeze in."

Over the weekend, a program posing as a hack for the Liberty 1.1 Game Boy emulator turned out to be a Trojan horse that erased applications when users installed it on Palm personal digital assistants. Liberty Crack, as the program is known, became the first Trojan horse to affect a handheld.

While the Trojan horse has done little damage, that could change. Experts say it's only a matter of time before viruses and other malicious code become widespread.

"Currently, it's not a big deal, but it portends a grim future for Internet appliances," said David Perry, director of public education for anti-virus vendor Trend Micro Inc. "The VX society wants publicity, so I have to think that a Palm virus is not far behind."

The number of potential victims is growing as well. In 2003, there will be almost 19 million handhelds and 13 million smart phones sold worldwide, according to market research International Data Corp.

Only a few -- mostly annoying -- incidents have affected handheld users to date.

In early June, a virus writer angry with Spain's Telefonica created a variant of the "ILOVEYOU" virus that spammed thousands of cell phones by sending a flood of messages to the phone monopoly's e-mail-to-cell-phone gateways.

So far, so good

While the attack showed the possibilities for spreading viruses to Internet-connected devices, currently only a fraction of handheld and cell phone users are online, making the synchronization process the most likely avenue for the spread of malicious code.

Such is the case with the Liberty Crack Trojan horse. The program has spread because users believe it to be a way to circumvent paying for the Liberty 1.1. application, which allows them to play Game Boy games on the Palm.

Once a user copies the program to a PC and syncs his or her Palm device, the Trojan horse deletes applications from the handheld. The fix is simple: The applications can be restored by resetting the handheld, removing the Liberty Crack file from the computer, configuring the HotSync utility to "desktop overwrites handheld" and then resynchronizing the PDA. No macros, no problem

Handhelds -- including the Palm, those based on Microsoft Corp.'s Pocket PC platform and many smart phones -- don't have much in the way of security; but they don't have the "features" that enable viruses to easily spread on PCs, either.

"None of the pocket applications (such as Pocket Word and Pocket Excel) support macros or executables," said Rebecca Thompson, a Pocket PC product manager for Microsoft. Macros allow viruses and bugs to be written in powerful scripts, the language for the likes of Melissa, the "Love" bug and ExploreZip.

"I don't think we have a major feature gap by not having scripting, and we take security very seriously," Thompson said.

Just the act of synchronization -- essentially backing up data -- limits the damage done by potential viruses.

Chaos around the corner?

"If someone who uses a device like this gets infected, it's different from a PC," said Ken Smiley, a handheld analyst for Giga Information Group. "I can instantly load my OS out of ROM and resync my data. (A virus attack) ends up being little more than an inconvenience."

The situation could get worse, however.

IDC expects the number of wireless device users with two-way access to the Internet to increase to 61.5 million by 2003 in the United States. By mid-2001, the research firm forecasts that all cell and PCS phones -- of which there are 75 million in the United States alone -- will be Internet-enabled using the Wireless Application Protocol (WAP).

WAP Forum CEO Scott Goldman said that, since WAP-enabled phones will not have rewritable memory, they will be immune to viruses. But another technology may not be so lucky.

Airborne viruses

The wireless technology known as Bluetooth allows devices within 150 feet of each other to communicate and pass information. At present, few security measures exist to prevent viruses from spreading using the technology.

"The fact that everything is connected to everything makes it possible that you pick up a piece of hostile code from others and carry it home," Trend Micro's Perry said.

While Bluetooth is still under development, the ubiquity of proposed Bluetooth terminals -- from PCs to taxis to tollbooths -- could put handhelds and other devices in danger.

"There will be a door that is left unguarded," Perry said. "And Bluetooth could easily be that door."