Friday, July 12, 2002
Holes put Linux handheld at risk
Posted by Jason Dunn in "OFF-TOPIC" @ 04:32 PM
http://story.news.yahoo.com/news?tmpl=story&ncid=73&e=3&cid=73&u=/zd/20020712/tc_zd/943176
Lest anyone think that only Windows platforms have security issues, this article is about a problem with the Sharp Linux-based handhelds.
"Sharp's Linux ( news - web sites)-based, business-oriented Zaurus handheld suffers from security holes that could let hackers grab private data off a corporate network, according to researchers at Syracuse University. In an advisory posted Wednesday to a Syracuse University computer-science Web site, researchers said they had found vulnerabilities in Sharp's Zaurus SL-5500 and Zaurus SL-5000D handhelds. The flaws let attackers take control of the device's file system, giving them the power to overwrite files or lock the device so no data can be input through the keypad or touch screen.
The biggest potential threat, though, exists when the device is wirelessly connected to a company's network, where sensitive data might be stored. The flaws would enable attackers to download and upload files. "These vulnerabilities mean that the Zaurus can be used as a launching point to attack the network," said K. Reid Wightman, one of the researchers who worked on the advisory." Source: JonnoB
Lest anyone think that only Windows platforms have security issues, this article is about a problem with the Sharp Linux-based handhelds.
"Sharp's Linux ( news - web sites)-based, business-oriented Zaurus handheld suffers from security holes that could let hackers grab private data off a corporate network, according to researchers at Syracuse University. In an advisory posted Wednesday to a Syracuse University computer-science Web site, researchers said they had found vulnerabilities in Sharp's Zaurus SL-5500 and Zaurus SL-5000D handhelds. The flaws let attackers take control of the device's file system, giving them the power to overwrite files or lock the device so no data can be input through the keypad or touch screen.
The biggest potential threat, though, exists when the device is wirelessly connected to a company's network, where sensitive data might be stored. The flaws would enable attackers to download and upload files. "These vulnerabilities mean that the Zaurus can be used as a launching point to attack the network," said K. Reid Wightman, one of the researchers who worked on the advisory." Source: JonnoB
