[gui-talk] Windows CE, Symbain Wide Open to Attack

Joel Deutsch jdeutsch at dslextreme.com
Sat Oct 14 10:04:24 CDT 2006 

Thanks very much.

----- Original Message ----- 
From: "Stephen Guerra" <stephen at independentliving.com>
To: "'NFBnet GUI Talk Mailing List'" <gui-talk at nfbnet.org>
Sent: Saturday, October 14, 2006 5:17 AM
Subject: Re: [gui-talk] Windows CE, Symbain Wide Open to Attack


An operating systems on PDA's or sum notetaker


-----Original Message-----
From: gui-talk-bounces at nfbnet.org [mailto:gui-talk-bounces at nfbnet.org]
On Behalf Of Joel Deutsch
Sent: Friday, October 13, 2006 8:59 PM
To: NFBnet GUI Talk Mailing List
Subject: Re: [gui-talk] Windows CE, Symbain Wide Open to Attack


What is Windows CE?

thanks.

----- Original Message ----- 
From: "Christopher McMillan" <chrismcmillan at earthlink.net>
To: <gui-talk at nfbnet.org>; <rehab at nfbnet.org>; <nfb-talk at nfbnet.org>
Sent: Friday, October 13, 2006 5:40 PM
Subject: [gui-talk] Windows CE, Symbain Wide Open to Attack


Windows CE, Symbian wide open to attack


Growing number of vulnerabilities turning up in both platforms

John E. Dunn   Today's Top Stories    or  Other Security Stories
October 13, 2006 (IDG News Service) -- Windows CE is at an especially
high 
risk of attack according to a new analysis of malware threats. Kaspersky
Lab researcher Alexander Gostev has produced the report, it which 
it is noted that the mobile version of Windows remains wide open to
software 
exploits compared to desktop versions, and allows easy programming
access to 
core operating system functions.
Gostev refers to the growing number of vulnerabilities that have
affected 
the platform, starting with the Duts proof-of-concept virus of 2004 that
was 
able to exploit a security hole unknown to Microsoft, making it a
zero-day 
flaw. "There's no doubt that these vulnerabilities exist. The question
is 
only who will detect them first - a virus writer, or a white hat
security 
researcher," said Gotsev. "The main environment used to develop
malicious 
programs will be .Net, and a significant number of these viruses will 
exploit vulnerabilities in Windows CE."

Although rival Symbian is a harder platform on which to create native 
malware -- programmers require expensive tools to build Symbian 
applications -- Gotsev is almost as scathing on its security design.

He details a newly documented and verified vulnerability that would
allow an 
attacker to cause a denial-of-service on a Symbian system simply by
sending 
a small file capable of choking the Web browser, thereby slowing it
down. 
"Even a cursory glance and a few simple experiments reveal that Symbian
is 
riddled with errors," he said.


To date, mobile malware and exploits -- which typically spread using a 
mobile device's Bluetooth connection -- have been a mostly theoretical 
issue, prompting some to question their significance.

But the pessimism surrounding Symbian seems justified. In 2005, the 
TrojanDoombot.A , which harbored the Commwarrior.B worm, went turned up
to 
bother a small number of Symbian Series 60 devices. More recently, the
worm 
Commwarrior.Q hit the platform again.

Reprinted with permission from

For more news from IDG visit IDG.net
Story copyright 2006 International Data Group. All rights reserved.


------------------------------------------------------------------------
--------


_______________________________________________
gui-talk mailing list
gui-talk at nfbnet.org http://www.nfbnet.org/mailman/listinfo/gui-talk



------------------------------------------------------------------------
--------


No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.408 / Virus Database: 268.13.3/474 - Release Date:
10/13/2006



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.408 / Virus Database: 268.13.3/474 - Release Date:
10/13/2006

_______________________________________________
gui-talk mailing list
gui-talk at nfbnet.org http://www.nfbnet.org/mailman/listinfo/gui-talk


__________ NOD32 1.1803 (20061013) Information __________

This message was checked by NOD32 antivirus system. http://www.eset.com


_______________________________________________
gui-talk mailing list
gui-talk at nfbnet.org
http://www.nfbnet.org/mailman/listinfo/gui-talk



-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.408 / Virus Database: 268.13.3/474 - Release Date: 10/13/2006




-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.408 / Virus Database: 268.13.3/474 - Release Date: 10/13/2006

More information about the gui-talk mailing list