Embed Size (px)
DESCRIPTION
Security Analysis of Palm OS. Martin Vandepas Karin Olsrud Computer and Network Security ECE 478. Outline. Relevancy Information about PDA’s Intro to Palm OS Built-in Palm OS security Security flaws Solutions Future/Conclusions. Relevancy. - PowerPoint PPT Presentation
Citation preview
Security Analysis of Palm OSSecurity Analysis of Palm OS
Martin VandepasMartin Vandepas
Karin OlsrudKarin Olsrud
Computer and Network SecurityComputer and Network Security
ECE 478ECE 478
OutlineOutline
RelevancyRelevancy Information about PDA’sInformation about PDA’s Intro to Palm OSIntro to Palm OS Built-in Palm OS securityBuilt-in Palm OS security Security flawsSecurity flaws Solutions Solutions Future/ConclusionsFuture/Conclusions
RelevancyRelevancy
The ramifications of a break of PDA The ramifications of a break of PDA security can be extremely detrimental.security can be extremely detrimental.
According to Tom Walsh of Enterprise According to Tom Walsh of Enterprise Security, robbers net about $85 per Security, robbers net about $85 per holdup and are caught 80% of the time. holdup and are caught 80% of the time. Information thefts average $800,000 in Information thefts average $800,000 in value and are caught 2% of the time.value and are caught 2% of the time.
Information about PDA’sInformation about PDA’s
PDA’s offer many features such as PDA’s offer many features such as email, telephone/fax, computing and email, telephone/fax, computing and network abilities.network abilities.
They are portable, easy to use and They are portable, easy to use and have wireless capabilities.have wireless capabilities.
They allow the user to obtain up to the They allow the user to obtain up to the minute information 24 hours a day.minute information 24 hours a day.
Intro to Palm OSIntro to Palm OS
VersionsVersions HardwareHardware Data StorageData Storage
VersionsVersions
New 4.1 and 5.0 operating systems to New 4.1 and 5.0 operating systems to be released “early summer”be released “early summer”
Many flaws discussed later in the Many flaws discussed later in the presentation are remedied in these presentation are remedied in these newer versions.newer versions.
HardwareHardware
All PDA’s processors utilize Motorola All PDA’s processors utilize Motorola DragonBall series.DragonBall series.
Extensive programming resources can Extensive programming resources can be found on Motorola’s website.be found on Motorola’s website.
Palm OS 5.0 is looking to use a more Palm OS 5.0 is looking to use a more powerful family of processors to powerful family of processors to increase its current speed of 33MHz to increase its current speed of 33MHz to up to 700MHz.up to 700MHz.
Data StorageData Storage
All data on Palm devices is stored in All data on Palm devices is stored in databases.databases.
Databases contain records in which the Databases contain records in which the actual data is stored.actual data is stored.
There is no data ownership There is no data ownership accommodations or file permissions.accommodations or file permissions.
Built-in Palm OS securityBuilt-in Palm OS security
Uses a default security program.Uses a default security program. No indications to the user about how No indications to the user about how
secure it is.secure it is. User is able to input a password at the User is able to input a password at the
setup stage, then the password can be setup stage, then the password can be used to mark some entries as private or used to mark some entries as private or to be used at the power on/off stage.to be used at the power on/off stage.
VulnerabilitiesVulnerabilities
The Palm OS is currently plagued with The Palm OS is currently plagued with glaring security holes.glaring security holes.
There are multiple possible attacks There are multiple possible attacks depending on the situation.depending on the situation.
What follows are some of the general What follows are some of the general flaws, which is in no way a complete flaws, which is in no way a complete assessment of all the security assessment of all the security deficiencies in the Palm OS.deficiencies in the Palm OS.
Password LengthPassword Length
There is currently no lower limit of characters There is currently no lower limit of characters that the password is required to be.that the password is required to be.
The passwords do not necessarily have to be The passwords do not necessarily have to be both letters and numbersboth letters and numbers
Obviously, without a safeguard that would Obviously, without a safeguard that would make sure that the user’s password is make sure that the user’s password is appropriate, this creates vulnerability.appropriate, this creates vulnerability.
Weak Password Weak Password ObfuscationObfuscation
The method that Palm uses to store the The method that Palm uses to store the password is very weak and quite trivial.password is very weak and quite trivial.
For passwords less than four characters, it For passwords less than four characters, it is simply XORed with a known constant and is simply XORed with a known constant and shifted.shifted.
For passwords greater than four, the For passwords greater than four, the algorithm is slightly more complex but still algorithm is slightly more complex but still easy to decode the password once the easy to decode the password once the method is known.method is known.
Weak Password Weak Password Obfuscation cont.Obfuscation cont.
Most importantly, during every HotSync Most importantly, during every HotSync operation, the user’s encoded password operation, the user’s encoded password is transmitted. is transmitted.
HotSync VulnerabilityHotSync Vulnerability
In an office environment, someone In an office environment, someone could walk up to your computer with an could walk up to your computer with an empty handheld, press the HotSync empty handheld, press the HotSync button, and the HotSync program will button, and the HotSync program will “restore” all your information onto that “restore” all your information onto that persons handheld.persons handheld.
HoySync Vulnerability HoySync Vulnerability cont.cont.
Each time a handheld is HotSynced, it Each time a handheld is HotSynced, it checks in a specified directory to see if checks in a specified directory to see if any new files have been added and any new files have been added and automatically adds them. A hacker automatically adds them. A hacker could simply place a program in this could simply place a program in this add-on directory and it would be add-on directory and it would be transferred to the PDA and executed transferred to the PDA and executed automatically. automatically.
Creator ID SwitchingCreator ID Switching
Creator ID is a four character code used Creator ID is a four character code used by the OS to identify programs.by the OS to identify programs.
When a button is pushed or an When a button is pushed or an application is started, the OS looks application is started, the OS looks through the database for a matching ID through the database for a matching ID and executes the program. and executes the program.
Malicious applications can easily add a Malicious applications can easily add a Creator ID identical to a legitimate one.Creator ID identical to a legitimate one.
Data OwnershipData Ownership
Without any facilities in place to protect Without any facilities in place to protect ones code or data on a Palm, attacking ones code or data on a Palm, attacking programs have full access to all the programs have full access to all the data on a user’s Palm device.data on a user’s Palm device.
This opens the door to attackers and This opens the door to attackers and allows them to do a multitude of allows them to do a multitude of damage, often times without the damage, often times without the knowledge of the user.knowledge of the user.
SolutionsSolutions
movianCryptmovianCrypt PDA DefensePDA Defense OnlyMeOnlyMe FileCryptoFileCrypto
movianCryptmovianCrypt
Uses 128-bit AES encryption key to encrypt Uses 128-bit AES encryption key to encrypt individual records.individual records.
It replaces standard Palm Operating It replaces standard Palm Operating System.System.
Provides option to disable encryption on a Provides option to disable encryption on a per-application basis.per-application basis.
In the event of a stolen or lost handheld, the In the event of a stolen or lost handheld, the password is not stored on the device itself.password is not stored on the device itself.
PDA DefensePDA Defense
One of the highest levels of security One of the highest levels of security available for handhelds.available for handhelds.
Used by all branches of military, FBI Used by all branches of military, FBI and the white house.and the white house.
When “bomb” is enabled, all data will be When “bomb” is enabled, all data will be erased from handheld if unauthorized erased from handheld if unauthorized attempts are made to access the attempts are made to access the device.device.
OnlyMeOnlyMe
A unique program used for password A unique program used for password protection.protection.
Cracker Time Lock-each five times a Cracker Time Lock-each five times a password is entered in incorrectly, the system password is entered in incorrectly, the system locks for a designated period of time.locks for a designated period of time.
For purposes of password comparison, user For purposes of password comparison, user can use keys such as To Do which would can use keys such as To Do which would correspond to the letter C or number 3 in their correspond to the letter C or number 3 in their password.password.
FileCryptoFileCrypto
Uses a 128-bit AES data encryption.Uses a 128-bit AES data encryption. Increases user authentication by Increases user authentication by
implementing a PIN and passphrase implementing a PIN and passphrase system at the login stage.system at the login stage.
Future/Conclusions Future/Conclusions
Palm has recognized the vulnerability Palm has recognized the vulnerability issues and is beginning to correct them issues and is beginning to correct them in the latest versions of its products.in the latest versions of its products.
Competitors of Palm, like Texas Competitors of Palm, like Texas Instrument and Microsoft, have also Instrument and Microsoft, have also been quick to address the issue of been quick to address the issue of security in its products.security in its products.
Future/Conclusions cont.Future/Conclusions cont.
Consumers can expect to see more products Consumers can expect to see more products that allow them to increase security for their that allow them to increase security for their handhelds, including smartcards, biometric handhelds, including smartcards, biometric capabilities, and motion detectors.capabilities, and motion detectors.
It is only until companies recognize that It is only until companies recognize that handheld security is as important as network handheld security is as important as network security that the current situation will be security that the current situation will be under control.under control.
