Next: Infection Techniques
Up: Backdoor Debug Modes
Previous: Backdoor Debug Modes
Solutions for this class of attack can be remedied with minimal changes to the Palm OS. If the device has been placed in the system lockout mode, the Palm Debugger functionality should be disabled. Palm OS 4.0 appears to have removed the activation of debug functionality during the ``system lockout'' mode. In an ideal situation, although a disadvantage to application developers, all debugging functionality should be removed in production devices.
Additionally, logging all Palm Debugger actions, especially with time stamping, aims towards forensics readiness and will aid in post-attack analysis.
If access control features are implemented in future Palm OS versions, as they should be, it should be noted that the permissions remain intact during debug sessions and that global memory accessibility is not allowed.
Kingpin
2001-05-09