<div class='os_post_top_link'><a href='http://sfgate.com/cgi-bin/article.cgi?file=/c/a/2005/02/25/BAG4DBGR981.DTL' target='_blank'>http://sfgate.com/cgi-bin/article.c...BAG4DBGR981.DTL</a><br /><br /></div><i>"Outgoing Secretary of State Kevin Shelley told San Francisco police that his Glen Park home was burglarized over the weekend by someone who bypassed valuable property in favor of his state-issued handheld computer....Shelley's personal digital assistant device was said by employees to be one of his most prized possessions. He reportedly bragged to them so often about using it to raise $3 million in donations for his 2002 campaign for secretary of state that they came to dub it "the Palm Pilot speech."</i><br /><br />Handheld security is no longer a joke, and if you're not careful you could be the next victim of information theft via your handheld -- not only via online mechanisms a la Sidekicks, but actual physical theft as well. Unfortunately, with PDA/Smartphones, it becomes clumsy to lock the device all the time. As a compromise, I use eWallet for any seriously private information and make sure to be obsessive about "patting down my pockets" and keeping my PDAs close to me. How do you protect yourself?

That's the kind of thing that makes me wish that the little fingerprint scanner that was on the iPAQ 5400/5500 series would become more popular on handhelds and smartphones. It is a small piece that can make such a difference.

I do not yet keep anything on my handheld that I would feel is a security risk...no passwords, credit card numbers, no email from the important address...I would really like to see better security on these things that is easier, and quicker to use. Even the 4 digit password is annoying to use every time I pick up the phone, so I often don't bother turning that on....

On my old 5555 I used the fingerprint scanner. Now that I have the 4705 I just use the 4 digit PIN. Still I have SD and CF cards and those can be removed.

always pat down my pockets. always.

I've never bothered with the fingerprint scanner on my iPaq 5550. Every time I consider it, I get this horrible image in my head of my fingerprints getting melted off and then I would no longer be able to use my beloved. I do use the password (in conjunction with Nice Start (http://www.trancreative.com/nicestart.aspx)) and a password-protected FlexWallet file.

And I always do The Pat.

Ewallet, theft insurance, and pat pockets all the time for me

Hi Janak ! ;)

Well as Janak Said, this is no longer a joke, this is real, like everybody I am using ewallet on my Qetk9090, but what about my 500 contacts, my Calendar and all my business oriented notes or documents? The Finger print censor on my beloved 5555 was a neat feature and we should have this kind of stuff on any PDA or phones. We should also consider making SD really "Secure".

If I take my personal example, in Tokyo Japan we now got "emoney" built-in mobile phone, you put your phone next to a censor and you pay your stuff, some makers are adding to this features a finger print censors, but not all of them... Which is I think a quite dangerous stuff.

We do not really pay attention at this at first but think about it, we are daily wearing on US, a LOT of information, that can be used against us or our company if we are not more "responsible" or if maker do not start helping us in protecting us.

I am not paranoiac, but we must face the reality.

eWallet for financial data &amp; passwords, and set a 1 hour lock with 4 digit passcode if unused for that period of time.

I'm sure in 7 years we'll see a technology where all we have to do is touch our handheld for security verification like the personal area network stuff coming soon.

A pocket pc that boasts alot of internal memory is actually part of my security measures. Since my JAM has 128mb internally...I can dump documents and other files internally and password protect the device.


Memory cards are an issue as Daimaou mentioned but I think that many people put things like music and movies on thier memory cards more than sensitive files. In the case of memory cards...a program to encrypt or password protect folders or files is what I think handhelds need to come with...as a standard feature and not a third party add-on.

I think actual theft notwithstanding..the most scary part for me is how pdas and cell phones are being joined so even more information is being stored now in a wireless unprotected device by many people. :(

I use the password and HP Tools encryption on my HP Ipaq 4705 and FlexWallet. The problem is getting the other 50 Ipaq users I adminstrate to consistently use FlexWallet Istill have but only use for testing purposes the Ipaq 5555. I really loved that fingerprint reader.

I use the HP ProtectTools on my 4700, and keep anything senstive encrypted by Resco File Explorer.

I had my iPod pick-pocketed from me (off an ultra clip belt hook whilst on a bus) last week and was really pleased that I had all my music backed up on my PC - the insurance company sorted out a new iPod within 3 days. It made me consider how secure my PPC is, so I now encrypt my backup and store it in 2 remote locations as well as on the SD card.

Conductive RFID would be an interesting feature - keep a card in your wallet that identifies you to the PDA, and use the conductivity of the body to carry information to the PDA - but what if you loose your card?

i don't have valuable info on my pda. that's my protection.

online banking: i only have one bank with multiple accounts, so one login gives me access to them all.
PIN numbers are stored at home, on the paper they were printed on.
had an excel file once, but i screwed up when i entered the codes so that half were not useable, so i gave up on that.
besides ... my girlfriend takes care of the finances :)

all the other data, like email account logins, domain name admin codes etc are all stored in my head. they're not all the same, but i have a pretty good memory for that.

fingerprint scanners sound good ... but since i chew away the skin on my fingertips when i'm fidgety, i doubt i'd have consistent fingerprints :)
maybe i should use a toe ;)
but then ... my p900 would need a fingerprint scanner first.

PIN numbers are stored at home, on the paper they were printed on.


8O

&lt;&lt;Shaking head>>

shake your head all you want ... the probability of a break-in, where they take that sheet of paper is lower than me losing my smartphone.

and if they were to break in, they'd go for computers, gadgets, hi-fi and jewlery first.

i don't have valuable info on my pda.

Neither do I.

15 minute timeout with the four digit pin. All really sensitive personal info is in eWallet (passwords, credit card numbers, etc). I do have business contacts and notes on my Pocket PC. I've been using PDAs since the early 90's (HP 95LX was my first handheld) and I haven't lost one yet. (knocking on wood.)

One of the most interesting ways to protect yourself if you are using a smartphone on certain platforms is an application which enables you to send an SMS text message to your device which automatically locks it down. This way, assuming that you realize your device is lost in a fairly reasonable amount of time, you can protect your data.

I know this type of application is available for both Palm and Symbian smartphones. For example, here is a link to a Treo-specific program which does this: http://www.motionapps.com/products.jsp?msafe

I've searched and searched and haven't found a comparable program for the PPC. Anyone know of such an applicaiton or want to take as stab at creating one?

David

Just out of curiosity, does anyone know what kind (brand,model) of PDA was stolen from the former secretary ? :?:

I'm hoping to get my hands on an hx2750 soon.
If it has the same Credent tools as the 4700 then I should be able to lock down the device with my finger print and encrypt the data on memory cards (although thats usually just my music and movies...). We'll see how well it works.

Security on a Pocket device is going to be clumsy no matter what you do, but I'm surprised Biometrics haven't been made business chic yet. You'd think we'd see every "enterprise" market laptop with a fingerprint scanner by now. If only for its "cool" factor.

Just out of curiosity, does anyone know what kind (brand,model) of PDA was stolen from the former secretary ? :?:

Its just a guess, but i would think maybe a BlackBerry. As i know a lot of state and federal offices ues them, there is even a version made for more sensitive inforamtion. And the fact the article said the device was internet enabled and could access the states secure web site, and that it was loked by remote. which i know can be done on the blackberry.
If its not a blackberry, i too would be intrested in know what device it was.

Security on a Pocket device is going to be clumsy no matter what you do, but I'm surprised Biometrics haven't been made business chic yet. You'd think we'd see every "enterprise" market laptop with a fingerprint scanner by now. If only for its "cool" factor.

I will admit that I was a bit nervous when the iPaq with fingerprint scanning first came out - some of the initial reviews indicated that it was sometimes a bit 'buggy', and they would have to take several swipes at it before the fingerprint was recognized.

Interestingly enough, anyone notice that IBM now has a commercial on TV touting the benefits of the fingerprint scanner on their laptop? I think that is their X41!?!?! :?

If biometrics became better supported, with consistent operation, I would seriously consider buying a PDA equipped with this feature - I depend on my PDA to have all of my passwords, logins, credit card info, etc, so that I have that information with me all the time. I keep that info in eWallet, but I haven't yet gone to a power on password, as that just seems too cumbersome for day to day use....

I would use the built-in password utility if Microsoft would ever fix the nasty memory leak that riddles it... :evil: :evil: :evil: