Jay C Austad wrote:
>
> If you have Network HotSync (provided on the CD that comes with your Visor) enabled
>on your machine, and a malicious user knows your name (ex. John Smith), and the ip of
>your machine (ex. 192.168.22.22, or jsmith.company.com), he can change the name on
>his Visor to yours, do a Network hotsync with your ip, and download all of your
>email, send email as you, and perform any function that you can.
>
> There is no password or authentication of any kind. If I wanted to read my
>co-workers email, or send a nasty message from him to his boss, all I would need to
>do is put his name into my visor (Jim Beam), and do a network sync to
>jbeam.company.com.
>
> I have contacted Handspring about this and have heard nothing back.
Unrelated to this, I've noticed that port scanning a Palm IIIe connected to
my network results in the Palm hanging and shutting down. Some people use
the Palm as a web browsing platform while their workstation does other
things; my Palm recently got portscanned while I was doing that, which
prompted me to see if the behavior was repeatable (it was). Ping flooding
the Palm makes it act funny, too.
- Jason
