The recent outbreaks of PDA viruses, such as the Liberty Crack and Phage, show that virus threats to PDAs are real, and that virus programmers are looking at PDAs as a potential playground for their viruses. We believe the PDA environment is, sadly, now ripe for viruses because of increased user dependence, interconnection, and applications.

Methods of delivery
In order for viruses to cause damage to Palm devices, the code must have an entry point to a PDA. Three methods of virus delivery have been identified: synchronization, infrared beaming, and network access.

Synchronization
Synchronization is the most prevalent method of transferring data. This functionality is used to synchronize desktop PC and device data in order to back up data, manage files, and install new device applications. All PDA operating systems have this functionality. The Palm's synchronization application is HotSync. Although synchronization is convenient for users, it's also the easiest way to deliver a virus to a user's PDA.

Synchronization allows users to connect and manipulate data on PDAs from their desktop computers. With a single point of access to email, fax, and SMS (Short Message Service) functionality, viruses may send mail and manipulate files on the device from a desktop PC and vice versa.

Infrared beaming
Many of the popular PDAs available today are equipped with IR (infrared) ports. Infrared ports allow communication capabilities without the need of cables. IR ports can transfer data at a rate around 4 Mbps using the IrDA (Infrared Data Association) protocol. The IrDA is a point-to-point protocol data transmission standard. In most PDAs, the infrared signal has a range of 4 to 36 inches. PDAs with IR ports can be used to transmit data between two IrDA-enabled devices. For the purpose of this article, infrared beaming will be defined as the transfer of data between two PDAs.

Although the IR capabilities of PDAs enable the devices to seamlessly receive and send data, this means that the IR capabilities enable devices to easily receive and send potential viruses. Presently, PDAs are designed to trigger an incoming data alert message whenever the IR ports receive data. However, this message can be disabled, and malicious programs can be exchanged between devices without the user ever knowing. Although most users today don't make use of the infrared transmission capabilities on their PDAs, analysts believe that infrared beaming will become widespread in the near future.

Network access
Of the three methods that viruses can use to attack PDAs, network access will pose the greatest threat for transferring viruses. In order to be susceptible to attack via network access, a user must have a PDA that is Internet and messaging capable. When emails with attached executable files are run on handheld devices, there's a potential risk that the file contains harmful code.

Handheld devices generally contain pre-installed mail clients that are programmable. This means that malevolent software writers may only need to interface with existing mail clients rather than create their own network-capable agent. Viruses, however, aren't limited to utilizing the programmability of the Web browser or mail client. They can also gain remote access to the Internet by opening listening server ports and then sending or receiving additional malicious programs.