Pocket PC Talk Logo

Your Source for the latest news and articles about the Pocket PC!

cheap iPhone cases

Week of June 25, 2006

Block stacking taken to outrageous extremes with Big Box of Blox!

THE MIDLANDS, UK - June 29th 2006 - Astraware and Digital Eel are excited to announce the release of Big Box of Blox for Palm OS(R) and Windows Mobile(R) handhelds.

Big Box of Blox is a block stacking game taken to outrageous extremes! Using stylus or button controls, players arrange the three-blox-high stacks as they fall. Match blox in groups of three or more, vertically or horizontally, to eliminate them - but that's not all!

Don't just stack the blox. Smash them, blast them, mutate them or explode them in a shower of flames! Use special blox including jokers, bombs, frogs, mushrooms, fireballs and slot machines to clear the board before it reaches the top!

Choose from five exciting game modes: Flaming Peelout, Blok Atak, Groink, Mushroom King and Asylum Cubez or even create your own combination using the special Custom Mode. Faithful to the critically-acclaimed PC version, Big Box of Blox features cool psychedelic graphics, awe-inspiring animated backgrounds, brain crunching sound effects and an epic music soundtrack. The game's graphics reflect the dark and mysterious nature of the PC original, but PDA owners are sometimes known to go outside into the light, so Big Box of Blox also includes a gamma adjustment slider so you can select anywhere from dark and atmospheric to vibrant and acidic.

"We originally intended to make a nice normal blox stacking game, however, we failed to accomplish this goal marvelously. Big Box of Blox is anything but normal," explained Digital Eel co-founder, Rich Carlson.

Big Box of Blox is available for devices running Palm OS(R) 5.0 upwards, and Windows Mobile(R) for Pocket PC and Smartphone 2003, 2003SE and 5.0. The game is available from the Astraware website priced $19.95 with a special limited time release discount for Club Astraware members.  (Source: Press Release)


Posted Thursday, June 29 2006 by ChrisD
Rating: 1.8 Comments ()

iDo S601 Review

iDo S601 is unknown in Europe, but, in our opinion, this device has many chances to be successful. There are a lot of innovative details compared to the majority of Pocket PC, that lately are getting always more similar. Of this device we particularly appreciated its sizes, its weight, the upkeeping of IRDA and the software.

Maybe the screen could be improved, but altogether iDo S601 is an excellent convergent
mobile device.  (Source: www.iDo-Users.net)


Posted Tuesday, June 27 2006 by ChrisD
Rating: 3 Comments ()

The Ten Most Critical Wireless and Mobile Security Vulnerabilities (Updated) ~ The Experts’ Consensus

Inspired by the SANS Top 20, this list is a consensus of industry experts on wireless and mobile vulnerabilities that require immediate remediation. It is offered as a public service by the Mobile Antivirus Researcher’s Association

(www.mobileav.org). We welcome your feedback; this is a “living” document that will be updated frequently.

MARA membership is diverse. The spectrum of MARA members ranges from individuals such as authors, researchers and university professors, all the way  to antivirus vendors, military experts, and publicly-traded, multi-billion dollar security corporations.

Membership in MARA is free. Candidates must have a proven history of scholarly publications in the field of mobile security or antivirus fields. Prospective members must also provide character references and sign a strict code of ethics against computer crime. If you your interests fall within the mobile security and antivirus fields, we need your help.

Wireless

1. Default WiFi routers
By default, wireless routers are shipped in an un-secured state. The result of this is that an attacker can easily connect to and configure the router to meet his or her own needs. The risks include changing the DNS server settings to a static IP that is owned by the attacker; or, uploading a hacked firmware version to the router that could put the attacker in full control of the data. Sniffing programs, wireless scanning drones, attack scripts, and more can be easily installed on the router, all of which would go undetected.

In addition to the active attacks against unconfigured routers, these devices can be used as a gateway for attackers to launch viruses/attacks/spam sessions. Since most routers have very limited logging, the attacker could have a nearly-perfect anonymous connection. Any attempt to trace the attack back to its origination will dead end at the wireless router.

2. Rogue Access Points
Wireless access points are easy to install. As a result, many individuals within companies have taken it upon themselves to set up an authorized access point, without informing the network administrator. Typically, these access points are not protected, which means they can be used by an attacker just as they can by a valid user.

Rogue access points can also be used to lure valid users away from their corporate network. If an attacker can setup an access point with a stronger signal than the valid one, the target’s computer automatically connects to the attackers AP. This is by design, and abuse is difficult to prevent since many systems will adjust connection details (type of encryption, channel, etc) without any interaction from the user.

3. Wireless Zero Configuration
When a computer connects to an access point, it generally stores the details of that connection locally. The next time the computer is turned on, the wireless network card immediately looks for the connection and re-establishes the connection – without user intervention.

This is accomplished by sending out a probe request into the airwaves with the SSID of the requested access point contained in the packet. The AP sees this packet and sends back a probe response, thus kicking off the connection routine. However, since the SSID value is sent as plain text, anyone with a sniffer can see it. They can use this information and configure an AP with the requested SSID, which will then detect the requested SSID and respond as expected. Programs like Karma automate this process and can quickly establish a connection with a wireless user, thus taking over their web connection, email, and more.

This function can be turned off by disabling it in the Services list of Windows XP. Other operating systems can be controlled by manually setting up the connection each and every time the wireless card is enabled.

4. Bluetooth exploits:
BlueSnarfing: OBEX protocol exploit that allows hackers to secretly access the mobile phone’s calander, pictures, phone contact list, etc. without the owner knowing.

BlueBugging: Allows hackers to send SMS messages from a remote vulnerable phone spoofing the sender. This is not the same as BlueSnarfing, and it effects only some phones.

BlueJacking: By renaming the name of the phone, the hacker can trick victims into accepting bluetooth connections. Normally, the name of the phone will be what make and model the device is. If the hacker changes it to “click here for free cash” the victim will often mistakenly click the pop up, thus allowing the hacker to connect to the device. BluJacking can be used by hackers to infect phones, to show obscene movies, etc.

BlueTooth DoS attacks: As with most things, bluetooth is also vulnerable to certain types of denial of service attacks. Hackers can send invalid Bluetooth requests to a mobile device or phone and this will take up the whole channel. This hinders legitimate devices from making contact via Bluetooth with the attacked device.

5. WEP Weaknesses
WEP encryption is still one of the most common security implementations, and passwords can easily be cracked using Airsnort. It takes less then an hour to crack a busy access point’s password; the more packets captured, the faster it is to crack.

Handheld Mobile Devices (Smartphones and PDAs)

6. Clear Text Encryption Passwords
Mobile devices are portable. They get lost, stolen, and can quickly and easily be accessed when left lying around. Unfortunately, there are many third-party “encryption” programs that do not properly secure sensitive information such as username/password info, financials, etc. We have found that some of the most popular mobile encryption programs even store the password in plain text in the registry.

7. Malicious Code
"Airborne" mobile viruses have been increasing in complexity at a surprising pace. In the space of just one year, malware for mobile devices evolved to a complexity that took 20 years on desktop PCs. For example, we have already seen blended Trojan and virus threats that can spread through Smartphones using multiple wireless protocols. This could be problematic, as current mobile devices cannot support sophisticated antivirus software on current platforms.

Much of this “blended threat” malware activity has been seen on the Symbian Smartphone platform. For example, “Skulls” was one of the first trojans to infect Symbian Series 60 smart phones. When launched, the application claims to be an “Extended Theme Manager by Tee-222.” However, it then disables all other applications on the phone and replaces their icons with a skull and crossbones. Worse, it was more recently merged with Caribe to form the first “crossover” malware for smartphones.

Skulls and Caribe also merged to form Metal Gear, a trojan that masqerades as the game with the same name. Metal Gear uses Skulls to deactivate the devices antivirus. Thus, it was the first anti-AV malware for Symbian phones. The malware also drops SEXXXY.sis to the device, an installer that adds code to disable the handset menu button. The Trojan then uses Caribe to transmit itself to new devices

Another example of blending is the Gavno.a Trojan, which is spread via a file called patch.sis (it masquerades as phone patch). Gavno uses a malformed file to crash an internal Symbian process, thus disabling the phone. The effect is to disable all handset buttons and to completely prevent the user from making calls. It may also cause a continual rebooting loop. It is only 2kb in size, and it has already seen variants merged with Caribe to spread to other phones

Other examples of viral evolution include the following:

  • A newer development, and one that may be the most troubling, is the new breed of “cross-platform” mobile infectors. For example, the first mobile phone virus capable of infecting a PC was the Cardtrp worm. Cardtrp infects handsets running the Symbian 60 operating system and spreads via Bluetooth and MMS. If the phone has a memory card, it will drop the Win32 PC virus known as Wukill onto the card.

    Conversely, the most recent type of malware does the opposite: it now cross-infects mobile devices from a PC. The first example of such malware, and the subject of this article, is a Trojan dubbed “crossover”, which spreads from a Win32 desktop machine to a Windows Mobile Pocket PC handheld.

    When executed from Win32, the Trojan checks what version the current OS is; if it is not Windows CE or Windows Mobile, the virus makes a copy of itself and puts a startup command in the registry key of local-machine-current-version-run. The trojan then quietly waits for an activesync connection to be detected; it can wait indefinitely. When an Active Sync connection is detected, the trojan automatically copies itself to the handheld device and remotely executes the trojan. The handheld device is now infected. The Trojan will then begin to delete documents on the handheld.

    Unlike the Dust virus, Crossover does not require a complex exploit in the host operating system in order to succeed. Nevertheless, it is a significant step forward in mobile malware evolution. It also raises the question: using the OpenNETCF library and the Microsoft CF library, will it be this easy for virus writers to continue to port the 100,000+ examples of PC malware to Smartphones and PDAs?

    8. Autorun –
    Windows Mobile devices contain a little-known autorun feature that can provide an attacker with a quick and easy method of infection. When a media card is inserted into the PDA, Windows Mobile will copy over the autorun.exe (if it exists), create a copy in the /Windows directory, and execute it. WM5 does question the user if the application can be launched, but previous version of WM and Pocket PC do not. The file remains on the PDA until the media card is removed. A user can prevent this by creating a read-only dummy executable called autorun.exe and put it in the /Windows folder.

    Voice Over IP

    9. Multiple VoIP attacks
    Voice over IP (VoIP) is available on many of the portable handheld devices on the market via natively installed software or third party add-ons. The flexibility and low costs of VoIP makes it an extremely attractive feature. A user can often locate an open wireless network and use VoIP instead of their cell phone service, which may not even provide coverage in the local area. However, there are numerous problems with VoIP that can create an unstable and insecure environment for users.

    VoIP is mostly sent in an unencrypted format. As a result, anyone can see the connection information and capture/record the conversation. Programs like VoMiT and Cain &  Abel can easily capture and record conversations. Other programs like sipbomber can kick a user offline. In addition, SiVus (a VoIP scanner) can quickly locate VoIP enabled systems (phones or servers), and scan them for vulnerabilities that can cause overflows or DoS attacks.

    Miscellaneous

    10. Lost and stolen devices:
    This is perhaps the greatest threat for inadvertent disclosure of enterprise data. To help mitigate this, all mobile databases (including patient medical records, financial institution customer lists, etc.) should be encrypted. Layered security such as encrypted file systems, etc. are also important. Remote data wipe is controversial, as it has the potential of being exploited by mass-deleting network worms. A good, written security policy and user education are also important. Mobile devices should all have a login copyright banner, along with return information (optionally advertising a reward for returning lost devices).

    Disclaimer

    Please send feedback and comments to us at www.mobileav.org. Copyright (c) 2006 MARA.

    Permission is granted for the redistribution of this advisory list electronically. It may not be edited in any way without the express, written consent of MARA. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please contact MARA for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use on an AS IS condition. There are no warranties with regard to this information. Neither the individual authors nor MARA accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.  (Source: Mobile Antivirus Researcher’s Association)


  • Posted Monday, June 26 2006 by ChrisD
    Rating: 4 Comments ()

    Copyright 2004-2010 Chris De Herrera, All Rights Reserved
    A member of the Talksites Family of Websites
    All Trademarks are owned by their respective companies.