- Communication only with desktop PC. In the most basic systems (without WiFi communication or telephonic systems) it could only infect the desktop PC to which it is able to connect, either by USB, Serial, infrared, Bluetooth etc.
- Short-range wireless connection. Here the virus could spread easily. In WiFi systems the connection is permanent with zero cost for the end user, meaning the user would never worry about the possibility of excessive bandwidth consumption causing a virus, a very clear sign of a handheld device being infected. To this problem one needs to add the Hot Spots a hacker could use to introduce a virus into a network, completely safeguarding their anonymity. Bluetooth also offers this type of connection, although a user who knew how to configure it properly would not at any time be exposed to a viral danger.
- Telephonic communication. Here it is necessary to distinguish between three different situations: GSM, GPRS and 3G. For GSM, the user would be able to detect improper use of the device’s communication system as the line would remain busy and the device would also indicate its communication status.
In addition, it needs to be remembered that viruses in handheld devices must be specifically designed for the devices. It is almost impossible that “classic” viruses will infect. Let’s analyze them.
- Boot viruses. The device is always booted, except when the battery runs out or a reboot is forced. Here the system runs a check which would prevent a boot with a boot type virus from occurring, but this is not for any security reasons, rather as a result of an integrity checking error.
- File viruses. The API developed for handhelds devices is in no way compatible with other systems’ APIs. Neither Symbian, Pocket PC nor PALM is capable of running software devised for platforms which are not specifically theirs.
- Macro viruses. Among its tools, Pocket PC includes by default a version of Word called “Pocket Word” and another in Excel called “Pocket Excel”. The transfer of information between the two removes any possible macros in the documents. Only macros produced with Excel 4.0 and stored in the same spreadsheet are maintained, but the Auto_Deactivate, Auto_Activate, Auto_Close and Auto_Open functions, which may contain risks in Excel 4.0, are not converted.
- Script Worms. Pocket PC does not include script interpreters, which means they cannot be run.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.