Application Transfer

Through the use of launch codes sent by the Palm OS during the loading of an application (via the HotSync process or IR beaming), it is possible to have an application self-execute after it has been transferred to the target device. Using an infection technique such as described in §6.1, it would be trivial for malicious code to be loaded and executed on a Palm device with the legitimate user having no knowledge of the event.

A typical sequence to execute an application by transfer is as follows:

The newly transferred application will first receive a sysAppLaunchCmdSyncNotify launch code from the OS to specify that the device has successfully received the application. If the handling of this launch code sets an alarm for an immediate or future time, the application will be started again with a sysAppLaunchCmdAlarmTriggered launch code when that time is reached. The AppLaunchWithCommand API function can be called with a sysAppLaunchCmdNormalLaunch launch code in order for the application to begin normal execution.