I was delighted when Utimaco (https://www.utimaco.co.uk/) announced that their latest version of Safeguard PDA would include PIM (E-mail, organiser etc) encryption for Windows Mobile 5 devices. As far as I am aware they are the first company to the market to offer this.
Unfortunately, from my experiences it seems that the product has a little way to go before it becomes really useful or even secure. Annoyances with the current version include the fact that it is impossible to uninstall the program short of performing a hard reset, furthermore, if you use your PDA for TomTom or other navigation aids, watch out, because even if you disable auto-lock in the settings the software ignores this and automatically locks your PDA after about half an hour.
Much more worrying than this though, it is possible to bypass the log on procedure altogether, here is how. This works when using the Dell Axim X51v PDA. I had PIM encryption turned on and no PrivateDisk volumes set up.
Log into the PDA as normal, now fill up all the available memory on the unit (not the storage card) an easy way of doing this is to use the recording option. Set the recorder going and leave it until all available memory on the PDA is used up. When this happens recording will stop and Windows will probably warn you that memory space is critically low.
At this point, wait until Safeguard locks the PDA and the Safeguard Authentication screen appears.
When this screen appears, try to authenticate, Safeguard PDA will reject your password even if entered correctly. Try it a couple of times to be sure that you entered it correctly and the software is rejecting it.
Now, perform a soft reset on the PDA. System will reset and instead of presenting the Authentication screen, it will present the Safeguard setup wizard and tell you that Safeguard is not yet configured.
Now Cancel the setup procedure. You are now given full access to the PDA including PIM without entering any password whatsoever. I have repeated these steps twice now and got into the PDA both times.
Of course I let Utimaco know about this problem immediately. In the meantime if you use safeguard be extra careful not to fill up your PDA's internal memory. Beware of any executables downloaded from the net or Bluetooth as these could exploit this flaw.
I'll blog again if I find out any more about this issue.
skip to main |
skip to sidebar
Because there can never be too many geek blogs on the internet..
Be sure to visit my other sites at www.Top-Windows-Tutorials.com and www.VideogamePerfection.com
Labels
- 2010 (1)
- amiga (1)
- arcade (1)
- articles (1)
- backup (1)
- c64 (1)
- caddies (1)
- cake (1)
- conartists (2)
- desktop (1)
- drm (1)
- email (1)
- encryption (3)
- funny (1)
- gadgets (1)
- geek (1)
- gmail (1)
- im (1)
- imap (1)
- insanity (1)
- linden (1)
- lsl (1)
- Microsoft (6)
- mobilephone (1)
- Nintendo (1)
- nostalgia (1)
- online (1)
- packaging (1)
- PC (1)
- phising (1)
- pidgin (1)
- Pocket PC (8)
- pre-owned (1)
- privacy (1)
- programming (2)
- PS3 (1)
- retrogames (1)
- rrod (2)
- sata (1)
- secondlife (1)
- security (1)
- shooters (1)
- stardock (1)
- stupidity (1)
- thunderbird (1)
- trackmania (1)
- trialshd (1)
- updates (1)
- Videogames (9)
- vista (1)
- wga (1)
- windows (2)
- xbox (1)
- Xbox live (2)
- xbox360 (7)
No comments:
Post a Comment