by Fernando de la Cuadra - International Technical Editor at Panda Software - Thursday, 14 October 2004.
In addition, it needs to be remembered that viruses in handheld devices must be specifically designed for the devices. It is almost impossible that “classic” viruses will infect. Let’s analyze them.
- Boot viruses. The device is always booted, except when the battery runs out or a reboot is forced. Here the system runs a check which would prevent a boot with a boot type virus from occurring, but this is not for any security reasons, rather as a result of an integrity checking error.
- File viruses. The API developed for handhelds devices is in no way compatible with other systems’ APIs. Neither Symbian, Pocket PC nor PALM is capable of running software devised for platforms which are not specifically theirs.
- Macro viruses. Among its tools, Pocket PC includes by default a version of Word called “Pocket Word” and another in Excel called “Pocket Excel”. The transfer of information between the two removes any possible macros in the documents. Only macros produced with Excel 4.0 and stored in the same spreadsheet are maintained, but the Auto_Deactivate, Auto_Activate, Auto_Close and Auto_Open functions, which may contain risks in Excel 4.0, are not converted.
- Script Worms. Pocket PC does not include script interpreters, which means they cannot be run.
In view of this situation, viruses in these types of devices are still at an initial phase only, without any actual viral infection cases up to now. Exceptions such as Cabir (a virus that exploits a vulnerability in Symbian) and Duts (which infected Pocket PC systems but without any automatic spreading capability) are just that, exceptions, and not real indicators of the viral activity in these devices.