In 2000, Symantec Corp. discovered some unique viruses. They were written to attack Palm OS handhelds. It was only a matter of time before a hacker figured out how to exploit this operating system. In response, last year Symantec created Symantec AntiVirus for Palm OS. Recently, the company released a new version: Symantec AntiVirus 2002 for Palm OS (see Figure A).

More antivirus programs for the Palm OS
Symantec is one of at least three antivirus makers to offer products protecting PDAs using the Palm OS. F-Secure Corp. of Helsinki, Finland, offers F-Secure Anti-Virus for Palm OS ($30), as well as antivirus applications for the Symbian and Pocket PCs.

Trend Micro Inc. of Cupertino, CA, maker of PC-cillin for Wireless devices, offers PC-cillin, with updates, for free (for the time being). PC-cillin versions are also available for Palm, Symbian, and Pocket PC platforms. Given that the competition is cheaper, and that at present the virus threat is small, is it worth it to invest in Symantec’s product?

An emerging threat
The answer is not now, but soon. So far, there are four viruses that can infect Palm devices, according to Symantec’s Security Response Web site. Four viruses may not appear to be much of a threat. But Symantec’s Laura Garcia, the application’s product manager, says that more viruses are around the corner.

“The threat will evolve over the next few months or the next year,” she said.

Garcia explained that the OS’s massive popularity as well as infrastructure developments such as beaming between devices, wireless Internet, and Palm-based cell phones, make Palm handhelds increasingly vulnerable.

“We are monitoring very closely the adoption of wireless applications within both the Palm and Pocket PC platforms,” she said. “Today, we are looking at the spread of viruses from direct Internet connections or infrared connections. As direct Internet connections become more prevalent, it will become easier for viruses to spread.”

Here’s a rundown on existing Palm OS threats, the latest of which was discovered in October:

  • Phage—Discovered September 2000, Phage has the distinction of being the first known Palm virus. When activated, it deletes all applications and files on the handheld.
  • Vapor—Discovered the same month as Phage, Vapor marks all Palm applications with the hidden attribute. Relatively harmless, a reset will make the application icons reappear.
  • Liberty—Liberty is considered the first Palm Trojan Horse. It was released as a so-called “crack” for a Gameboy emulator program called Liberty. When one activates the Trojan, it deletes all files.
  • Palm MTX—Discovered in October 2001, this virus piggybacks on the Windows MTX virus. The Palm code doesn’t do anything malicious; it may be a concept test.

Symantec has assigned these viruses a low-threat rating. That’s because they haven’t spread much among Palm OS users. In Symantec’s terms, they don’t exist in the wild.

Figure A

Symantec AntiVirus 2002 for Palm OS®

Symantec Corp.

Suggested retail price:
Palm OS 3.x, 4.x; 2 MB RAM; 50 KB available space in handheld; Windows 98, Me, NT, 2000, or XP
Updates and virus definitions:
One-year subscription included. Subscription renewal: $9.95
Sold as a download. Also comes bundled with Norton AntiVirus 2002 Professional Edition ($69.95)

Different methods—so far
In contrast to many Windows viruses, malicious Palm code doesn’t yet take the form of e-mail attachments, macros, or hidden code snippets. Instead, the four known viruses are written as Palm applications. The PRC files need to be activated by tapping their silk-screen icons.

But that’s not to say future viruses won’t use the methods now seen on PCs.

“Viruses can come into the Palm directly from e-mail,” Garcia said. “Technically, that is possible today; we just haven’t seen it.”

She noted that while at present Palms are infected via PCs, in the future, Windows PCs may become infected via Palms.

How it works
Symantec AntiVirus 2002 for Palm OS provides real-time and on-demand virus scanning similar to PC antivirus programs.

Figure B
Symantec’s improved interface is another reason to consider its product.

Setup loads the application and virus database into the Palm Installer tool; in addition, it adds Symantec’s Live Update feature to Windows. Live Update automatically retrieves the latest program version and virus database from Symantec’s Web site. It’s one advantage of Symantec’s application—the other antivirus programs require you to manually download updates to the virus database. 

Another advantage over the other products is Symantec’s Windows interface (Figure B), which has been steadily improving since its products were first introduced. (The 2002 interface is the best yet.) When Symantec AntiVirus 2002 for Palm OS is purchased as part of Norton Antivirus 2002 Professional Edition, both apps are combined in the same interface, making it convenient to keep track of their activity.

Once Setup is run, the app is installed during the next Hotsync. After installation, it’s necessary to reset the handheld.

Once installed, Antivirus 2002 for Palm OS automatically scans all file activity. This real-time scanning kicks in whenever files are opened or copied, as well as when they’re beamed via infrared, or transferred via Hotsync or the Internet.

To force a scan (called on-demand scanning), start the application and click Scan. After the scan, a summary lists the number of applications checked and the number of threats found, if any.

Should the program discover a virus, an alert window names the threat and offers you the options of deleting it, bypassing it, or allowing it (in case you believe the alert was triggered in error).

So far, two features of its PC antivirus programs are missing from Symantec’s application—a separate e-mail scanning tool and the ability to quarantine viruses. Garcia said that even without an e-mail scanner, the real-time scanner will catch malicious code from e-mails before it can do damage. In addition, because existing threats to Palm devices must be deleted, a quarantine feature isn’t needed yet.

With virus threats still so rare, $40 just adds too much to the TCO of handhelds, especially as PC-cillin offers the same features for free (for now). However, handheld users who also need a data protection program for their PCs may find it useful to purchase Norton AntiVirus 2002 Professional Edition, as it’s convenient to work with both PC and Palm antivirus programs within the same interface. When threats to handhelds truly materialize, the ability to use Live Update, plus whatever new features Symantec will no doubt add, will make a stand-alone purchase and a yearly subscription cost worth considering.

Are Palm viruses a concern?

Have you purchased antivirus software for your Palm handheld or are you waiting for the threat to become greater? Send us some mail or post a comment.