Are handheld viruses a significant threat?

S ince its introduction in 1997, the Palm line of handheld computers has become a popular product choice, with many millions of units sold worldwide. A large number of third-party applications exist, from personal organizer programs to spreadsheet applications, email, and Web browser clients. Many of these programs are low-cost share-ware, available for downloading from individual Web sites, centralized Web repositories, or from CD collections. With such a large number of applications available from dis-parate sources it is interesting to note that only recently have reports emerged about the first publically disseminated malicious Palm applications. The Trojan-horse Palm program " Liberty, " reported in August 2000, deletes all applications on the handheld. The first virus carrying the Palm program " Phage, " reported in Sep-tember 2000, infects applications installed on the handheld with copies of itself. Both are rated as low-risk by antivirus companies [3]. At press time neither of these malicious applications were classified as " in the wild " —viruses that exist and are considered to be spreading [4]. We would like to think that the Palm handheld, at least as it is currently used, is not a very attractive proposition to a malicious virus writer. Palm software is distributed as a serialized Palm resource (PRC) file of the application that can be stored on the user's local file server/workstation. When the handheld and the local file server/workstation are synchronized (hotsync'd) the PRC file is installed as an executable on the handheld. A Palm virus spread in this way will have limited success: following initial infection, subsequent spread to other programs is generally limited to the handheld unit alone. Once a program is infected (on the handheld) it must be uploaded to the user's worksta-tion/file server and distributed from there before it can become a threat to other handheld units. While users regularly synchronize databases (containing application data) on the handheld with their workstation, it is unusual to upload programs since the original backup copies are already saved on the user's workstation. It is unlikely that a Palm virus would be accidentally distributed by a developer. Palm applications are typically coded and cross-compiled on a local workstation, generating a PRC file ready for down-loading. If a development environment does come in contact with a Palm virus, while it is possible infection may occur on development handhelds (or emulators), it should not transfer to the development PRC files so …