Infection Techniques

Common to most virus applications, and intrinsic to worms, is the notion of self-replication. Through self-replication and propagation, the malignant code can infect programs, devices, users, or combinations thereof. Hence, it is important to look at avenues available to such programs to better understand the risks at hand and determine areas to analyze for solutions.

Generic applications can be loaded in a number of different fashions. They can even execute without user knowledge or interaction. Any method of loading data onto the Palm OS device can act as an entry point for virus or malicious code infection. Four major entry points for the Palm OS devices are: HotSync operations, serial ports, infrared beaming, and wireless radio. Additionally, applications can be loaded using the Palm Debugger as described in §5.

Possibly more threatening and intriguing is the potential for cross-architecture pollination and infection. As with biology, the life cycle of a pathogen may involve more than one species of host. A virus could easily be designed to infect a desktop PC and contain a secondary payload for the Palm OS device. Alternatively, a virus on a Palm OS device could contain a payload aimed to compromise a desktop PC.