Background
The evolution of handheld computers can be closely compared to the evolution of the personal computer. When PCs first began to gain widespread acceptance and sales skyrocketed, the public placed most of its emphasis on the benefits that PCs could bring to businesses and individuals. The threat of viruses wiping out mission-critical data and causing trillions of dollars in damages was never mentioned. PDAs are undergoing a similar experience as their sales increase. From 1998 to 1999, 1.3 million PDAs were sold in the U.S., a 73.8% increase in sales. Even more astonishing, from 1999 to 2000 U.S. sales of PDAs grew at an incredible 170% with 3.5 million units being sold. Overall, analysts at the Gartner Group expect worldwide sales of PDAs to exceed 33.7 million units in 2004, as shown in Figure A.

FIGURE A

Here are the projected worldwide PDA sales. Click picture for a larger image.

Similarly, Forrester Research (at http://www.forrester.com) believes that PDAs will play a vital role in the business economy as the mobile workforce increases from 35% to 57% of the total workforce in the next two years.

The reason devastating viruses have not hit PDAs yet is because their comparatively simple operating systems make it hard to write viruses that spread automatically. Also, most handheld devices don't have hard drives, but instead use limited ROM (Read Only Memory) and RAM (Random Access Memory). Any preinstalled applications reside in ROM, where they aren't susceptible to viral attacks. On the other hand, both third-party applications and user information are stored in RAM, where viruses can attack. [However, with the advent of devices like the HandEra 330, which support CompactFlash cards, including the IBM Microdrive, we are, in fact, starting to see hard disk technology become available for Palm OS devices. - Ed.]

The processing power of PDAs is much less than the processing power of a desktop computer. However, experts predict that the functionality of handheld computers will increase as the devices gain widespread acceptance, increasing the ability of viruses to attack.

Finally, most PDAs don't presently make use of wireless connections. Yet, the Gartner Group predicts that in 2004, 40% of PDAs will use wireless technology for direct access to Web content and enterprise networks, therefore presenting a dangerous avenue for virus attack.

Recent attacks
The first virus to hit PDA devices was the Liberty Crack, also known as Palm.Liberty.A. This Trojan horse virus hides in a program that modifies the Liberty 1.1 emulator to illegally allow users to run Nintendo Game Boy games on the Palm OS. After the user runs the crack, Palm.Liberty.A will delete all files not preloaded on the PDA.

PalmOS/Vapor.741 is a second, but less malicious, Trojan horse virus, and it makes all application icons disappear. Although the programs are not deleted, the user must still resynchronize with a PC to restore the infected files. This virus never made it out into the general public.

A third virus, Palm OS/Phage.963, hit Palm devices on September 21, 2000. This virus specifically targets wireless units using the Palm OS. Unlike previous PDA viruses, which use file sharing, Phage also uses email as a direct means of transfer. After the virus enters the Palm device, it attacks all non-preloaded programs in the device. When the user tries to load an infected application, the screen displays a dark gray pattern and then closes the program. If a program is installed on the handheld, it will only be attacked if an infected program is run while the clean program is running.