Log in

View Full Version : A Look At Windows Mobile 2003 Security


Ed Hansberry
09-22-2003, 03:00 PM
<a href="http://www.cewindows.net/commentary/wm2003secure.htm">http://www.cewindows.net/commentary/wm2003secure.htm</a><br /><br />Chris De Herrera takes a look at security in the new Windows Mobile 2003 for Pocket PC. "Now maybe you think that Windows Mobile 2003 is more secure because it offers more security features like 802.1x and IPSEC however there are a number of items that are no more secure than the Pocket PC 2002 was. In this article, I am focusing on the security that is provided out of the box and how it is implemented to help users and administrators understand potential risks associated with the use of Pocket PCs."<br /><br />Note that just because there are some areas that are similar to 2002 doesn't mean they aren't secure though. Take the power on password. It was quite secure in Pocket PC 2002. 2003 doesn't make any improvements to it because it really wasn't necessary. :D There are some areas though that Chris digs into that may be if interest to administrators looking to ensure that corporate data remains safe when on these mobile devices.

gorkon280
09-22-2003, 04:51 PM
Here I have a few points to comment on.

First, the power on password is probably the best part of that and it's even better if you have a 5400 or 5500 series iPaqs. The thumb print data is stored in iPaq file store and survives a hard reset.

Storing passwords in the web browser or e-mail client does not scare me as much as people who have a UNENCRYPTED Pocket word or pocket Excel file storign passwords for your network. Buy Resco and train them to encrypt sensitive data using the highest encryption available. Or buy F-secure.

ActiveX controls? Are there ANY that run on Pocket PC? I don't think so.

Jscript? Evil? Never had or seen ANYTHING bad happen with this. Even if there was an exploit, I doubt it would work....all exploits are targeted at the desktop and not these things. Also,why would you GO to a strange site when your sent a e-mail? Thats what I thought.

Why would multiple users need to use a PocketPC? Is it a server? Policy support on WM 2003 would be a good thing, but is it needed?


What concerns me more are the open ports that are there when your connected via WiFi or GPRS. GPRS is relatively ok because most providers open up the bare minimum anyway. WiFi is usually configged a bit more open then GPRS. WHY are all of these ports open? Activesync also uses alot of local ports on the system. More then I think should be necessary. As far as the other ports being there, why? This is not an issue now, but can be in the near future as more and more Podcket PC's are being networked and always connected when on or even connected while suspended. Over all, he has good points, but because of the nature of most Pocket PC's now (unconnected a moajority of the time), I would not worry about things like passwords being stored. Worry more about your users losing the device.

Jonathan1
09-22-2003, 07:24 PM
Am I the only one concerned that, at least for my Jornada, if you do a hard reset a person can gain direct access to the safe store on your device. I personally think this is a security no no. There should be the option, and maybe there is in some of the newer devices, to wipe the safestore and the CF card in the event of a hard reset.

That and I think that the NTFS file system and permission should be implemented on the Pocket PC. If these things are going to be used in the business environment and store sensitive data they should have security on par with Windows NT or 2K. Group policies that can be inheried from the domain, file permissions, etc.

Ed Hansberry
09-22-2003, 07:38 PM
Am I the only one concerned that, at least for my Jornada, if you do a hard reset a person can gain direct access to the safe store on your device. I personally think this is a security no no. There should be the option, and maybe there is in some of the newer devices, to wipe the safestore and the CF card in the event of a hard reset.
Yeah, I want my 512MB SD Card cleared off when a hard reset happens.

You should never store unencrypted data in the SafeStore or external storage cards, just like you should never do that with floppys and zip drives on your PC. When you look at the Pocket PC versus an XP box, the PPC is more secure. With XP, I can take your hard drive out of your PC and put it on mine, take ownership of it and it is all mine, unless you are using EFS, and very few implement that. Most don't even know it is there.

ChrisD
09-22-2003, 09:06 PM
Hi,
To answer some of the questions proposed by gorkon208:

1. Yes there are ActiveX controls that are built for the Pocket PC. CEAnywhere uses them as does other apps and you may never know they are installed. They do not show up as an installed ap unless the author wants them to.
2. Jscript is device specific. So if an author wants to create a web page using it don't you want to know if it's doing things you don't expect? Examples of this include the ability to dial your PPCPE if you click on a link - imagine calling a far away place with a huge charge to your cell phone as an example.
3. As for multiuser capabilities - there are corporations that share devices.

Overall, you didn't comment on the main points of the article - is WM2003 more secure or not? I'm still not convinced it is more secure.

easylife
09-22-2003, 09:30 PM
Why would multiple users need to use a PocketPC? Is it a server? Policy support on WM 2003 would be a good thing, but is it needed?
Believe it or not that's actually possible! :D I think that someone on these threads got apache working on their PPC! :D

ctmagnus
09-22-2003, 10:27 PM
Why would multiple users need to use a PocketPC? Is it a server? Policy support on WM 2003 would be a good thing, but is it needed?
Believe it or not that's actually possible! :D I think that someone on these threads got apache working on their PPC! :D

ApacheCE (http://www.rainer-keuchel.de/wince/apache-ce.html) or this discussion (http://www.pocketpcthoughts.com/forums/viewtopic.php?p=146735).

Jonathan1
09-22-2003, 11:00 PM
Am I the only one concerned that, at least for my Jornada, if you do a hard reset a person can gain direct access to the safe store on your device. I personally think this is a security no no. There should be the option, and maybe there is in some of the newer devices, to wipe the safestore and the CF card in the event of a hard reset.
Yeah, I want my 512MB SD Card cleared off when a hard reset happens.

You should never store unencrypted data in the SafeStore or external storage cards, just like you should never do that with floppys and zip drives on your PC. When you look at the Pocket PC versus an XP box, the PPC is more secure. With XP, I can take your hard drive out of your PC and put it on mine, take ownership of it and it is all mine, unless you are using EFS, and very few implement that. Most don't even know it is there.

My reasoning for a NTFS file system IS because of EFS. If you can format your CF card with NTFS and EFS you can guarantee that any data will be relatively safe from prying eyes. Encrypting and decrypting files on the fly with an external app is time consuming and anything that gets in the way of a users productivity usually gets thrown by the wayside. If you’ve ever worked for in a large user environment you should know this: Simply giving a user a tool doesn’t guarantee that they are going to use it unless its fast and simple.
From a security standpoint it makes sense to blow away the SD/CF card. At least have the option. Even if you are storing non-sensitive information a person who is looking at using your device for identity theft could gleam some info from any files that you store on an external memory card. Finally I’ve already seen instances of rather larger database files being stored on external memory. In my case they were only being used for warehouse inventory and product tracking. While the Dbases didn’t contain any sensitive data that doesn’t mean there aren’t other examples out there that could.

As for a safestore area. Not everyone is an uber user. And not everyone knows that safestore is separate from the rest of the device. I know from past PPC user group meetings this has been brought up because people do believe otherwise.