.KEYWORD virus
.FLYINGHEAD POCKET PC PROTECTION
.TITLE Pocket PC Viruses: Myth or looming threat?
.FEATURE
.SUMMARY Is a virus lurking on the doorstep of your Pocket PC waiting for the perfect moment to steal your files and destroy your favorite device? Has it already arrived? How can you protect your machine? Jason Carter has the answers.
.AUTHOR Jason Carter
Is a virus lurking on the doorstep of your Pocket PC waiting for the perfect moment to steal your files and destroy your favorite device? Has it already arrived? The simple answer is no. Is it coming? Probably, so you had best be prepared.
.H1 The good news
At the moment, the Pocket PC is, by all accounts, virus free. Though rumors exist, there are no confirmed instances of a virus related to the Pocket PC. This is, in part, due to the fact that the Pocket PC currently presents some lingering problems for virus writers.
First, virus executables, like normal programs, need to be compiled for a specific type of processor. Compilation is the process by which a programmer’s code is translated into a machine language that your computer can understand. Viruses compiled for the Pocket PC wouldn’t execute on a desktop PC processor and vice-versa. Beyond that, a virus compiled for the Cassiopeia wouldn’t necessarily run on an iPAQ because they also run on different processors. This goes a long way to combat a universal type of virus that infects desktops and all Pocket PCs alike.
The other popular option for virus writers is to use interpreted code, like VBScript or JScript. Programs such as Internet browsers and email clients can run these programs without requiring any compilation whatsoever. This same method gave us the ever-popular Love Bug virus. Presently, these programming methods are limited in terms of the actions they can perform on the Pocket PC.
For example, a gentleman on one of Microsoft’s news groups was recently trying to find a way to create a folder on the Pocket PC using JScript. He found that there’s no support for such actions currently, and no one reports that such support is coming (what is really needed is a version of Windows Scripting Host made for the Pocket PC). These types of limitations make a pocket version of the Love Bug virus unlikely.
.H1 The bad news
Anyone that has followed the evolution of computer viruses knows that even as you read this article, somewhere a virus writer is probably working diligently to find a creative way to infect the Pocket PC. Sadly, it’s a challenge that attracts many who seek to prove their abilities at the expense of the rest of us. Even as users are attracted to the Pocket PC because of its continually advancing computing capabilities, these same capabilities make it increasingly more vulnerable to a virus attack. As you increase the device’s complexity and abilities, you also raise the level of risk. It’s the price you pay.
You should also bear in mind that the threat is not limited to the Pocket PC itself. As more Pocket PCs interact with each other (via Infrared) and with the Internet (via wireless technologies), they become a threat to the networks and desktops they interface with. Not long ago, floppy diskettes presented a major problem for desktop PCs because they often acted as carriers for viruses. Pocket PCs could soon pose the same threat.
.H1 Anti-virus software
Currently, only McAfee.com is publicly offering an anti-virus solution for the Pocket PC. Both Symantec and Trend Micro claim to have solutions on the way, and Computer Associates even announced a solution that would be used with Symbol’s Windows CE-based solutions back in January of this year. See http://www.cai.com/press/2000/01/symbol.htm for the press release. I’ve been in touch with Computer Associates and can find no such product currently available for the Pocket PC. I was sent a demo that supposedly contained it, but I was unable to find any such beast on the CD. The problem with traditional anti-virus software models is that an installation to a Pocket PC would require more memory than most units currently possess. McAfee’s solution runs on the desktop PC only, but Computer Associates claims that their solution runs on the device itself.
.H2 McAfee.com
McAfee.com’s solution, called VirusScan for Windows CE, resides on your desktop PC and scans your Pocket PC whenever you connect. The product is a part of McAfee.com’s offerings and requires ActiveSync 3.0 or higher. McAfee.com sells VirusScan for Windows CE as a one-year subscription priced at $29.95, which includes updates that you can download manually or automatically on a chosen schedule.
Again, McAfee’s solution requires no installation on the Pocket PC itself and is set by default to activate whenever you connect to your desktop PC. Similar to its desktop cousin, it gives you the option to scan all files or simply Program files. You can also include your ROM files in your scan and choose Scan Now if you prefer to launch a manual scan, as you can see in Figure A.
.FIGPAIR A Here are the console features for McAfee.com’s VirusScan for Windows CE.
The scan itself works fine but can take a few minutes to run, especially if you choose to scan all files or add the ROM files in as well. It runs simultaneously with your synchronization, so it doesn’t slow you down too much. However, if you’re trying to synchronize quickly before running to a meeting, you’ll probably find yourself canceling the automatic scan. I was disappointed, though, that you never receive a message after the scan letting you know that no virus was detected.
While I trust McAfee’s help file that clearly states you will be alerted if a virus is detected, I still need the sense of closure a summary of the scan provides. I’m just sensitive that way. As for its accuracy in detecting Pocket PC viruses, only time will tell. McAfee’s reputation in the virus field is solid enough to buy a little bit of trust from me, though.
The real drawback to McAfee.com’s solution, however, is its inability to protect you from infections in the wild. While it does provide your desktop protection from an infection carried by the Pocket PC and scans the device itself for viruses, it cannot prevent you from picking up a virus when you’re roaming free and disconnected from your desktop.
You could still catch a virus from infrared contact with another Pocket PC or via a wireless connection to the Internet or some other source. This virus would be detected the next time you connect to your machine, but if the virus were meant for your Pocket PC, the damage could already be done. Again, memory restrictions on current Pocket PCs hinders McAfee’s ability to provide a full solution on the device itself, but some sort of offering would be nice as memory size increases.
.H1 Playing it safe
The best way to deal with a virus is to never catch it in the first place. The rules that apply to safe computing practices on your desktop also generally apply to your Pocket PC. So here is a list of suggestions for the paranoid:
.BEGIN_LIST
.BULLET Obtain and use a virus solution for your Pocket PC. The choices may be slim at the moment, but some protection is better than none;
.END_LIST
.BEGIN_LIST
.BULLET Be sure that all desktop PCs you connect to also employ some form of virus protection;
.END_LIST
.BEGIN_LIST
.BULLET Never install a program unless you know and trust the source;
.END_LIST
.BEGIN_LIST
.BULLET Never open email attachments unless you not only trust the sender, but are expecting the file attachment as well. Just ask anyone who opened one of those unexpected ILOVEYOU files for further verification on this suggestion;
.END_LIST
.BEGIN_LIST
.BULLET Only share files via your Infrared port with users you trust and who preferably also use some sort of Pocket PC virus protection.
.END_LIST
A virus attack on the Pocket PC is more or less inevitable. However, if we’re ready for it and take some preventative action, we can ensure continued safe and happy handheld computing.
.BEGIN_SIDEBAR
.H1 Product availability and resources
For more information on McAfee.com’s VirusScan for Windows CE, visit http://www.mcafee.com/wireless/handscan/ov_pocketpc.asp.
For more information on Computer Associates’ Windows CE solution, visit http://www.cai.com/press/2000/01/symbol.htm.
For up-to-date information on viruses, visit http://www.zdnet.com/downloads/topics/antivirus.html.
For some cool research information on anti-virus technology (from Symantec’s point of view), visit http://www.sarc.com/avcenter/refa.html.
.H1 Bulk reprints
Bulk reprints of this article (in quantities of 100 or more) are available for a fee from Reprint Services, a ZATZ business partner. Contact them at reprints@zatz.com or by calling 1-800-217-7874.
.END_SIDEBAR
.BIO Jason Carter is a Senior Systems Analyst with a major Telecommunications OSS Software Provider in Plano, TX.
