Check out the new USENIX Web site. next up previous
Next: Desktop Conduits Up: Application Installation Procedure Previous: Application Installation Procedure

Recommendations

Since the user places each individual program in the directory or otherwise intentionally labels the applications to be uploaded, user verification at synchronization to confirm the applications should be a trivial solution. This could be achieved by automated prompting on the host PC or by manually inspecting the contents of the /Palm/<user>/Install directory. However, many users have a learned behavior to simply accept system prompts without careful examination.

Cryptographic signing of applications by the vendor then verified by the user or Palm device will also reduce the chances of illegitimate code being loaded or executed on the device.

Kingpin
2001-05-09