[geeks] palm security

David Cantrell geeks at sunhelp.org
Tue Sep 11 05:17:16 CDT 2001


On Tue, Sep 11, 2001 at 12:10:23AM -0400, Joshua D Boyd wrote:
> Someone picked up my palm3 to look it over today.
> 
> I realized that if it was ever stolen, or if certain people read through
> it, it would be a Very Bad Thing(tm) in many ways, personally,
> professionally, and possibly legally.
> 
> Anyone ever hear of anyway to secure these things?  My current plan is to
> dump stuff more routinely, but frankly I need a place to be able to record
> things like passwords (there are too many to remeber), and I would like to
> be able to record personal notes without fear also.

I use Keyring for storing passwords <http://gnukeyring.sourceforge.net>.
It's not 100% secure but it does the job, and I was impressed to see their
website explaining its weaknesses and potential attacks.  That demonstrates
to me that they have actually thought about the product instead of just
drooling "encryption ... mmm ... secure".

There are several apps and hacks for 'securing' a Palm.  Search on
<http://www.palmgear.com> for examples.  I don't use any such apps myself,
as they're too much of a pain for day-to-day use, and because to be really
effective they'd need to work at a pretty low level in the Palm OS and I'm
worried about losing data to crashes etc.  If I ever need to start keeping
memopad records secure, then I'll use one of the memopad replacements which
supports secure records.

Incidentally, don't rely on making records 'private' to keep them secure.
All that does is flip a single bit in the record which the built-in apps
will honour but which third-party apps are free to ignore.

-- 
David Cantrell | david at cantrell.org.uk | http://www.cantrell.org.uk/david

"Every normal man must be tempted at times to spit on his hands,
 hoist the black flag, and begin slitting throats." -- H. L. Mencken



More information about the geeks mailing list