On 03/01/2001 @stake published a security advisory regarding a security hole in PalmOS 3.x based devices which would allow anybody in physical possession of the unit to retrieve and/or modify any information stored on the device by entering one of two shortcuts (namely .1 and .2), even if the Palm was locked. Please refer to http://www.atstake.com/research/advisories/2001/a030101-1.txt for the complete text of the advisory and a complete description of this security hole. ShortFix has been developed to put the built-in "Security" application to the same level of security as its competitors. Running ShortFix will remove the offending shortcuts from the system, preventing anyone to enter the debug or console mode by using these shortcuts. After use ShortFix can be removed from the device. No other shortcuts or data will be affected.
|File Size||13.67 kB|