Anybody know of apps that allow someone to hack somebody else's Palm?
PalmOS doesn't have useful memory protection,
so if you can get somebody to run a trojan application, they're potentially toast.
If you can't, then you're limited to whatever the existing applications do
with the data that you hand them.
Many applications are well written, protect themselves against oversized
or other malicious input, and will only do what their authors expect.
Other applications are poorly written schlock that leave a gun barrel
aimed at your foot waiting for you to shove bullets in them.
Specifically, say you are beaming or receiving a beam from someone else's Palm, but you'd like to know much more than what they had planned on beaming you. So you actually beam them an app that takes their phonebook and calender and dumps it out to you. '
I'd be extremely surprised if the primary Palm beaming apps (including builtins and beambox) are that naive, but you never know. Partly this is because they're tolerably well written, and partly because the early Palm Pilots didn't have much memory, so the obvious data structures for handling most objects are annoyingly small and don't give you ways to get past their boundaries, and most of that clunkiness is still there in the APIs.
Another possible way in is email, if your victim downloads email to a Palm and runs it with an insecure application.
Another way that the Palm accepts application data is hotsync -
if you can put malicious data into the Windows feed for somebody's Palm,
such as downloadable programs, you might be able to get them installed.
Fortunately, Windows is perfectly secure.... but the wetware isn't.
"Dude! Here's a really cool Palm Screen Saver! Dancing Pigs and Everything!"
Actually, this is really my threat model. What I really want to know is that, given the above possibility, is there a "fire wall" for a PDA for this kind of attack?
Certainly not on the Dragonball machines. Not sure if they've improved on newer machines, but without memory protection, any broken application makes it theoretically possible to break the machine. So don't run broken applications that accept input from outside.
PS: I'm also wondering if it's possible to force-beam info out of a sleeping Palm that's in a coat pocket or whatever.
Think about what you just suggested. Beaming isn't something magic, it's a medium for programs to send bits to other programs with some format for what to do with them. If your would-be victim's Palm is asleep, it's not listening for IR.
If you Google for "PalmOS Virus", you'll find references to one PalmOS virus
that somebody cobbled together, though I'm not sure it actually spread in the wild,
and a trojan that masquerades as a Gameboy emulator program.
But most of the viruses for Palm, like most Unix viruses,
run on the Honor System, like the "IBeamYou" address book entry.
