"PDA Home Page" Website
"PDA Home Page" Website
Sat Jan 06, 2007 1:22 pm by PocketChange | Comments (0)
When you find a good pda friendly website, you may add it to your favorites for a quick link to revisit. But over time, your favorites list can grow quite large. Unless you keep this list well organized, sometimes finding a certain link can become a real pain!

Well, now there is a much easier way. A new website called PDA Home Page, is now available, and already contains hundreds of pda & smartphone related sites. From news, to weather to helpful tips, this site seems to have it all! Don't see your favorite site? Well, there is a link to request an addition, and the developer has been updating almost every couple of hours....

Quote from the developers 'About Page':

"PDA Home Page" is a none profit making website. This website was created and is managed solely by me.

I am Nigel Mabandla, the founder of this website. I created PDA Home Page with the intention to relieve my frustration on the fact that PDA's are still badly represented on the internet. One would assume that we would have hundreds of Handheld dedicated sites...but we don't. Therefore this website was created to become a portal for all Handhelds thence my slogan: "the home of all Handhelds".

Due to the fact that this website was created solely to make your handheld surfing more enjoyable, I am always happy to recieve suggestions and feedback on what you think about the site and what content you want on it. My email is (mabandla2003@msn.com). Be sure to spread the news!!!

MORE >>
Posted by PocketChange at 1/6/2007 12:33 PM | View Comments (0) | Add Comment | Trackbacks (0)
New Year Holiday Contest by 4WinMobile.com
New Year Contest

Design the ideal accessory

4WinMobile proudly presents the New Year Contest.
Get those thinking caps on to come up with the ideal accessory in two categories.
Serious: the real accessory that was never made
Fun: the fantasy accessory

Visit the 4WinMobile Contest Page, enter, and hopefully win one of these great prizes:






£100 voucher from Proporta
for Proporta branded products






$100 voucher from Clickgamer
For any software from the 4WM store






4WM subscription and Pocket Secure
Silver subscription to 4WM for six months, worth £15, and a copy of Pocket Secure 4, worth $13.95




Terms and Conditions
Now for the boring bit.
Entries by email to compo@4winmobile.com
Closing date for entries midnight GMT Sunday 21 January
The aim is to complete judging and announce winners by the following weekend
Up to 2 entries per person, 3 for subscribers
Judges will be the site admins and the moderators of the Hot Deals and Pocket Secure forums
Entries are open to forum members who have made at least 2 forum postings by the closing date (postings with content - "Me too" postings do not count).
Judges are not eligible for prizes, but can enter if they wish
If there are less than ten entries (excluding judges) then prizes will not be awarded
All entries must comply with the site's family friendly policy
MORE >>
Posted by PocketChange at 1/2/2007 7:50 PM | View Comments (0) | Add Comment | Trackbacks (0)
Basic PDA Security Ideas
PDA (Personal Digital Assistant) Device Security

  • The average cost of a PDA?   $300
  • The average cost of encryption software for the PDA?  $30
  • The cost of a lost or stolen PDA with sensitive data that has NOT been encrypted? PRICELESS

Ever felt that panic when you can’t find your PDA?  The biggest security threat to a PDA is loss or theft. What type of information could be exposed if your PDA were lost or stolen today?

  •  Passwords?  
  •  E-mail?
  •  Sensitive work information such as Protected Health Information (PHI), financial or personnel information?
  •  Personal information such as bank account information, credit card numbers, social security numbers?

 
Although we can never completely eliminate the possibility of loss or theft, we can ensure that the information on our handheld device is protected.



Tips to Secure PDA’s and other Handheld Devices:

  •     Enable a power-on password - Use a strong password with a minimum password length of 8 characters or keys and require a password in order to sync or backup the device to the desktop.
  •     Encrypt sensitive data – By encrypting files, you ensure that unauthorized people can’t view data even if they have physical access to the device. When using encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data. Encryption software is built into some PDAs.  (You have to activate it before it will work!) It is also available from several reputable vendors such as:  PDA Defense, Bluefire Security, Credant, Certicom, Trust Digital…
  •     Configure the device to log-off or power down no longer than (15) minutes after the last user activity.
  •     Enable device reset (data erasure) if an incorrect password is entered more than (5) consecutive times.
  •     Disable Bluetooth and other network device connections (Infrared, 802.11, CDMA, GPRS) when not in use to prevent handheld device viruses and other malicious activity.
  •     Never leave your handheld device unattended.
  •     Use Virtual Private Network (VPN) when the handheld device connects to the organization over the Internet in order to access and transmit data securely.
  •     Keep patches up to date for the software operating on your device. This will prevent attackers from taking advantage of known vulnerabilities.
  •    Immediately report the loss, theft or any unauthorized use of your handheld device that has been used to store or access protected health information or other sensitive information to the School of Medicine HIPAA Security Officer.

 
MORE >>
Posted by PocketChange at 11/12/2006 11:53 AM | View Comments (0) | Add Comment | Trackbacks (0)
Security Safegards
Basic Security Safeguards for Pocket PC
By Brien M. Posey
Basic Security Safeguards for Pocket PC
Imagine for a moment that you are in Las Vegas and you accidentally leave your Pocket PC in the back of a cab. What would become of the device and the data that it contains? Being that there are countless taxicabs in Las Vegas, your odds of ever finding the cab that you just got out of again are pretty slim.

You are now at the mercy of the person who finds your Pocket PC. There are a few things that you can do to tip the odds in your favor though, including dozens of third party security products that you can use to lock down your Pocket PC.

Even if you don't have the budget or can't spare the memory for third party software though, there are still several things that you can do to help secure your data and maybe even recover your lost device.

Passwords
Passwords are your device's number one line of defense. Unless your device is password protected - at the least - a person who finds the device can do absolutely anything with it.

For a long time, Pocket PCs have supported a numeric PIN, similar to those used for ATM machines. On newer Pocket PCs though, you have the option of using a stronger, alphanumeric password. So if your device supports alphanumeric passwords, we highly recommend using them.

Most of the Pocket PCs that do offer alphanumeric password protection will also allow you to enter a password hint. The hint is designed to help you remember your password should you forget it. Just be sure that your hint doesn't give the password away.

For example, My Wife's Name is a terrible hint. If someone found or stole your Pocket PC and saw this type of password hint, they could just start trying random girls names until they figure out the password.

A better hint might be your boat's name (assuming that you own a boat), because boat names tend to be very unique and imaginative.

Memory Cards
The second most important thing that you can do to secure your Pocket PC is to use removable memory cards for data storage. For example, my Pocket PC accepts Secure Digital (SD) memory. The idea behind using a removable card is that you can save all of your data onto the device.

When you are done using the data, remove the card from the device and put it some place safe. The concept is that if your Pocket PC is lost or stolen, then there is no data on the device. All of the information is stored safely on a memory card that is still in your possession.






Most Pocket PCs take either SD or CompactFlash cards or both. MultiMediaCards
fit in SD card slots but are less secure and not as capacious, while newer half-sized
miniSD type cards can be found in some newer Microsoft-based handhelds—usually along
with another removable memory card format.

You must exercise caution though, as memory cards can work for or against you when it comes to security. Imagine - for a moment - that you have taken my advice and protected your Pocket PC with a strong password and all of your data is stored on a removable memory card.

There's just one problem though. One day you are feeling a little lazy or you are a little rushed, so you forget to take the memory card out of the device.

Guess what happens now? On that particular day your Pocket PC is stolen. It's not a huge deal though because you've got a strong password, right?

This is where the removable memory chip becomes a double-edged sword. The person who has stolen your Pocket PC doesn't even need to know your password to get to your data. He can simply remove the memory card and place it into a card reader or into another Pocket PC and gain full access to your data.

Of course, you can always protect yourself against this type of exploit by buying encryption software for your Pocket PC.

Don't Store Passwords
One of the best things about a Pocket PC is that you can connect it to a corporate VPN (Virtual Private Network) and check your e-mail or access your files. It never fails to amaze me how many people tell Windows to remember their passwords, though.

Configuring Windows Mobile to remember passwords (other than the password to protect the handheld itself) is an extremely dangerous thing to do on a mobile device. If the device is lost or stolen, then anyone who happens to figure out your device's main password would be able to use any additional connections that are set up through the device without having to provide any additional credentials.

This means that if someone managed to get past your device's main password, and you had the password for your corporate VPN stored in the device, then the person who stole your device now has access to your corporate network. They can access your files and E-mail and can even send messages as you!

Owner Information
Some Pocket PC devices allow you to enter contact information for the device's owner. There are two schools of thought on this one.

On one hand, if you enter your contact information, then there is always the chance that some Good Samaritan will find the device and return it to you.

On the other hand, if some unscrupulous individual finds the device, they now have your home address and phone number. They could call your house to verify that you are not home and then break in. The thief's job is even easier if you happen to keep your travel schedule in the Outlook calendar.

Personally, I keep my contact information in my Pocket PC, but that's just my individual choice. You should do what feels right to you.

GPS
Some Pocket PCs, such as the one that I use, have an integrated cell phone. Such models typically also include a GPS . By default, the GPS transmitter is turned off.


GPS-Enabled iPAQ Phone

However, if you switch the GPS transmitter on, then the device will occasionally transmit its position to your cell service provider. Sure, enabling this feature will burn a little bit of battery power, but on the flip side, you can actually call the phone company and find out where your device is.

Conclusion
Although there are a lot of third party security utilities for the Pocket PC, there are also measures you can take secure your device without the aide of add-on software. Take the basic steps outlined in this article and be more secure should your handheld become lost or stolen.

MORE >>
Posted by PocketChange at 11/12/2006 11:35 AM | View Comments (0) | Add Comment | Trackbacks (0)
PDA Security
PDA Security Tips
by Carl Brooks

Corporate information technology users are increasingly relying on personal data assistants (PDAs) to check e-mail, surf the Web, and a variety of other tasks. When you use PDAs for online tasks they become just as vulnerable as desktop systems to viruses, mobile code exploits, and a variety of other threats. What should organizations do to make keep their PDA users safe from the threats of the Internet?

PDA Security Issues

With PDAs becoming ubiquitous, the same threats that affect desktop users are starting to affect PDAs. The biggest threats that PDA users need to be concerned typically fall into one of these six categories:

    * Password theft
    * Viruses and data corruption
    * Data theft through line sniffing
    * Theft of the PDA itself
    * Mobile code vulnerabilities
    * Wireless vulnerabilities

The biggest security risk to PDAs is likely theft of the device itself, and for that reason securing the data on the device in standalone mode is probably the best type of precaution users can take. The second biggest security risk to PDAs is viruses. Mobile code vulnerabilities (Java and ActiveX exploits) are also a threat, but only affect PDAs that do Web surfing. Wireless vulnerabilities only affect PDAs that use wireless services or have their wireless port enabled.

Encryption solutions exist for PDAs to secure both the data, and links used to communicate with remote systems and networks. The encryption solutions that exist for PDAs typically are one of two types: products to secure the data as the PDA sits in standalone mode or products to secure the link as the data moves back and forth to and from infrastructure devices (such as the desktop unit that it uses for hot-syncing). Using an encryption product to secure either the link to the desktop hot-sync system, or for wireless surfing, means that you basically need to wrap up your PDA traffic in a VPN. Unless you have extremely sensitive data (e.g. government classified data), using a VPN on your PDA may not be worth the performance hits you will suffer.

The best way to protect your PDA from wireless vulnerabilities is to install a VPN client on your PDA. When you protect wireless transmissions, you are protecting the data in transit. If you install a VPN client on your PDA, you will likely notice performance degradations and unless you have reason to believe that someone is "sniffing" your wireless traffic, or you have sensitive information to protect, installing a VPN client on your PDA is probably not worth it. However, if you are dialing into a classified network on your PDA, the security policies of the organization may require that you use a VPN whether you want to or not.

VPNs operate using a client-server architecture, therefore PDAs using VPN clients need to connect to a VPN gateway server residing on the destination network. It is not possible to establish a VPN tunnel with the VPN client by itself. Therefore, unless you have a VPN gateway server on the destination network that your PDA client will connect to, there is no point in trying to configure a VPN client. For stronger VPN security, you'll want to use X.509 digital certificates for authentication.

Security Policies for PDAs

Organizations can also create security policies to help protect sensitive data that resides on PDAs. For example, a policy that requires the wireless port be disabled will reduce the risk of sensitive data being transmitted to unauthorized individuals. You can create an end-user behavior policy that stipulates that PDAs not be used for receipt or sending of e-mails with private and sensitive information. By creating end-user behavior security policies organizations can hold the end-users accountable for security violations.

If you feel that your network is at risk for PDA viruses, and you have not deployed enterprise anti-virus software for PDAs, you can create a policy that requires the synchronization capability (hotsync) to be turned off. Keep in mind that end-users typically are resistant to security policies, and your best bet for gaining end-user acceptance is by illustrating the risks to executive managers who may help with championing and supporting PDA security policies.

PDA Security Products

There are a wide variety of PDA security products on the market to protect PDAs from becoming susceptible to vulnerabilities and threats. The leading PDA security products available today are typically made for the PalmOS and WindowsCE platforms. PalmOS is bundled on PDAs made by both Palm and Handspring. WindowsCE is Microsoft's PDA operating system and comes bundled on PDAs that are marketed as PocketPCs. PocketPCs are made by a wide variety of vendors including Compaq, HP, Sony, Toshiba, and Dell.

Except for PDA security products related to hotsync functions, most of the PDA security products on the market are similar to security products for desktop systems. There are authentication products, encryption products, anti-virus products, and password products that work in similar ways as products of this type made for desktop and laptop systems.

One product that stands out as very unique to PDAs is an electronic shielding bag made by MobileCloak. PDAs typically operate in "always on" mode. If you remove the battery, you actually lose your data. (This is why end-users should hotsync their PDA regularly.) Therefore, in one sense, PDAs are never completely turned off. To ensure that wireless transmissions are protected and not leaking into wireless access points that you may not know about, you can put your PDA into an electromagnetic shielding bag while carrying it around with you.

On PDAs that have highly sensitive information that could, for example, compromise national security, you can install bit wiping packages. Bit wiping occurs when the entire memory is over-written, basically wiping out all of the data completely so that it can't be recovered even by a PDA forensics tool. Bit wiping is just a terminology for reformatting or completely erasing the stored memory. Typically, you would set-up bit wiping to kick in if the PDA was not synchronized within a certain timeframe, or if there were too many bad password attempts. However, bit wiping is not for the average everyday user. If not used correctly, bit wiping can destroy your valuable data so that even the data owner cannot recover it.

If you allow PDAs on your enterprise network, you should at the very least set up a password enforcement product that will require all your PDA end-users to supply a password for authentication. The best way to deploy a PDA password enforcement solution is to set-up a backend system to automatically install password enforcement software on the enterprise PDAs when they hotsync to their desktop hosts.

A Word to the Wise

The CERT Coordination Center at Carnegie Mellon University (www.cert.org) has been publishing advisories on information technology security threats and trends since 1988. For at least a year, CERT has been publishing information about vulnerabilities and threats that affect PDAs. With the debut of PDA-based cell phones, security vulnerabilities to PDAs and their associated hotsync hosts will only increase over time.

Not securing PDAs from viruses and all the other threats that exist increases the possibility of data corruption on the PDA itself, and on the devices to which they pass traffic. If you allow PDAs on your network infrastructure, then you need security controls and policies to keep these devices from damaging your valuable data and infrastructure. If no security controls or policies are in place for PDAs, it is best to keep them off your network infrastructure until policies and security controls can be implemented.

Keep in mind that if you leave your PDA in a taxi or a restaurant, a person finding it will likely be more interested in the device itself than in the data on the device. If you have a password enforcement package that prevents access to the device making it unusable to an unauthorized user, it is possible that a finder might be motivated to give it back. Therefore, a simple suggestion is to label your PDA with an address or phone number so that it can be returned to you in case it is recovered by an honest finder.

MORE >>
Posted by PocketChange at 11/12/2006 11:22 AM | View Comments (0) | Add Comment | Trackbacks (0)
10 Security Tips

Top 10 Security Tips for Your PDA

From Catherine Roseberry,


Security for your PDA will only work if you the mobile professional take the proper steps to ensure the security of your PDA and its contents. You must use proper security programs and protocols to ensure that you don't lose your PDA, the data contained or cause unauthorized access to your ocmpany network while you are working on the road. All companies should create and enforce PDA Security policies and make sure that they are enforced. Failure to do so will result in economic and data losses.


1) Physical Security
Physical security is your first level of protection to provide security for your PDA. Keep your PDA properly stowed away while traveling. Don’t leave your PDA in a jacket pocket or external pocket of your baggage. Don’t make it easy for someone to walk away with your PDA. Physical security is your first defense against theft. Choosing the right PDA case will help ensure you provide security for your PDA by helping to protect it from damage and/or theft.

2) Software Security
Prevent unauthorized access to the operating system with the use of a password. Password protection can also help prevent unauthorized access to your company's network through wireless access. Preventing access to the software on your PDA starts with properly using passwords and ensuring that you wisely select your passwords and keep your passwords private. Security for your PDA only works when you properly and regularly use password protection.

3) Removable Storage
Use removable storage cards to prevent the loss of data if your PDA is stolen. Keep removable storage media in a separate location from your PDA when not in use while traveling. Not only do removable storage cards enable you to run more programs and save more data but they provide another level of security for your PDA. You can keep copies of vital data on a removable storage card and keep it in a secure location in case your PDA is comprimised and you lose the data it contains.

4) Data Encryption
Data encryption is another layer of security that you can use to protect the contents of your PDA. Don't make it easy for someone to access your confidential and important data. Learn how to encrypt your files and remember to use this software on a regular basis to maintain a high level of security for your PDA.

5) Software Programs That Restrict Access and/or Locks the PDA
There are programs available which can prevent access to specified programs or even lock a PDA up if there have been too many failed attempts to access your PDA programs or the PDA operating system itself.

6) PDA Anti Virus and Firewall Programs
Just as you would use anti virus and firewall programs on your laptop, you should be using these on your PDA. Prevent problems with your data and PDA by keeping your PDA working smoothly with the use of anti virus and firewall programs. You will also be protecting your own laptop and the company network from becoming infected when you have this type of security for your PDA installed and running correctly.

7) Wireless Security
Whenever you use make use of a wireless network with your PDA you must be sure to enable all safety protocols and ensure that you are using a secure wireless connection. If you can't be certain of the security of a wireless connection it's best to avoid using that connection point and wait until you can be sure you will be connecting wirelessly securely.

8) Disable Bluetooth and Wi-Fi
Whenever you aren't using your wireless connections make sure you disable the software so that no unauthorized connections are made to your PDA. In crowded areas such as airports, trainstations and bus terminals you never who may be seeking out devices to wirelessly connect to and make attemtps to corrupt or steal data.

9) Monitor and Detection Software
Using programs to monitor and detect activity on your PDA. This can let you know if someone is attempting to access programs on your PDA or have made changes to the data on your PDA.

10) Use Email Wisely
Always make sure you open only attachments which are from contacts that you know. Set up email on your PDA to properly filter spam and not open any executable files you may receive by email. Email security on PDAs is quite often overlooked by mobile professionals and if you really want to make sure that security for your PDA is going to be effective than you cannot forget to use your email wisely and securely.
MORE >>
Posted by PocketChange at 11/12/2006 11:05 AM | View Comments (0) | Add Comment | Trackbacks (0)
Great Websites for Free Backgrounds
If you're like me, and like a new colorful background often, on your PC or PPC, then here are some great websites for Free!

Most of the images are full size for desktop use, and can be resized for your device size.  Most are pretty darn 'exotic', colorful, and very cool! 

Know of any other sites?  Please share!

Enjoy them!....
MORE >>
Posted by PocketChange at 11/11/2006 1:42 PM | View Comments (0) | Add Comment | Trackbacks (0)
Buzzard's 2006 Christmas Skin for PS
One of the latest, (and best) additions to the Pocket Secure skins collection, is the new "2006 Christmas" theme!
Outstanding quality and detail, using .GIF images for a small file size!

This skin, (as well as others) was made and donated by "Buzzard"

Really Great Job.... 



MORE >>
Posted by PocketChange at 11/11/2006 1:15 PM | View Comments (0) | Add Comment | Trackbacks (0)
Welcome
My name is Joe, and would like to Welcome you all to the new "Pocket Secure Blog"!
I hope to fill this place with lots of interesting discussions, helpful tips, and just plain old "good chat"!

Please join us here as often as you can, and subscribe using your email address at the bottom of the page. 

Enjoy your stay, speak your mind, and "play nice"!

MORE >>
Posted by PocketChange at 11/9/2006 5:22 PM | View Comments (0) | Add Comment | Trackbacks (0)
Copyright .      Pocket Secure Solutions       All rights reserved.