1. Archive

Handheld devices ripe for virus infestations

A nasty bug on the Internet recently threatened to wipe out the contents of Palm handheld computers. This time, it was a false alarm.

Still, this minor infestation could belie havoc to come. Experts warn that in two to four years, mobile phones, handheld computers, video game consoles, cars and other devices could become infected by software code with the destructive power of the "ILOVEYOU" worm that ravaged computer networks in May.

"It's an example of what's possible. All these things are just little computers with weird interfaces," said Bruce Schneier, founder and chief technical officer at Counterpane Internet Security. "You can write a worm in 1,000 lines of code."

As more computing devices become networked, it opens up the potential for viruses and worms to spread, disguised not just in e-mail attachments but also in voice messages, MP3 music files, video games, interactive maps and other seemingly harmless communications.

Today there is little chance that such an attack could do real damage, though security experts disagree whether the threat is years or mere months away. A virus probably couldn't spread fast enough outside of the PC network today because few devices are Internet enabled, and for the most part people are not yet using such Internet-connected devices to freely share programs.

Though there are rumors about viruses and keystroke combinations that can freeze up mobile phones, there's no solid evidence that phones are vulnerable to such attacks. Plus, mobile phones and handheld computers are increasingly using many different operating systems, so malicious software would not spread as quickly.

"To date, we have been unable to confirm that any user data has been affected by a virus or a trojan horse," Palm Inc. spokeswoman Julia Rodriguez said. "We believe that as handhelds and other devices like phones, pagers, even cars become increasingly connected through wireless or wireline connections to the Internet and to e-mail, the threat of malicious software will naturally become greater than it is today."

The program that caused the recent stir, "PalmLiberty.A," was technically not a virus. It was a type of malicious program called a trojan horse, named for Ulysses' famous trick.

To become infected, a user would have to mistake it for an illegal video game "crack" program, download it from a public bulletin board, then run it on a Palm device, at which point it would delete most of the device's software, much in the way the Greeks sacked Troy.

"You had to be stupid enough to download a crack over an IRC channel," said Roger Thompson, technical director of malicious code research at, a security consulting company. "If you download anything from a place that is not inherently trustworthy such as the manufacturer's Web site, you're just asking for trouble."

While a virus is a program that can corrupt other programs on a device by altering them to include a version of itself, a trojan horse doesn't necessarily modify other programs. It just does something unexpected and damaging behind the scenes.

Potentially worse than a virus or trojan horse is a worm, such as ILOVEYOU and Melissa. Unlike trojan horses and viruses, worms spread themselves from computer to computer, often by e-mailing copies of themselves to everyone in a user's address book.

Though many worms do nothing more threatening than pack e-mail boxes with unwanted messages, some are dangerous. The Melissa virus, for instance, was a worm/virus cocktail, so it was able to replicate at an exponential rate and do a lot of damage before antivirus companies could deliver a remedy.

These were special cases. There are more than 55,000 viruses in existence for the DOS and Windows platform, according to, but only about 200 regularly show up on people's PCs. "Most of them don't get to spread. Most of them are just trapped in the zoo, so to speak," Thompson said.

As more devices get connected, worms have a better chance of causing problems for more than just PCs. A month after the ILOVEYOU virus outbreak, another worm targeted mobile phone users in Spain, sending out a disparaging message about Telefonica, a telecommunications carrier there.

The Telefonica worm was not especially clever or sophisticated; it simply sent a text message to randomly generated phone numbers. The phone worm made the point, though, that e-mail addresses are just one of many potential ways to infect a device.

The cell phone community has taken precautions against very damaging attacks, said Jim Caile, corporate vice president for Motorola Inc.'s personal communication sector. But within the next two years, Motorola and other manufacturers will build more advanced phones that probably will need to carry antivirus software.

At that point, cell phones could be a tempting target. There are an estimated 600-million cell phone subscribers in the world, Caile said, and there will be 700-million by the end of the year. There aren't half as many personal computers.

Meanwhile cell phones are on the way to becoming more versatile. In recent months, mobile phone manufacturers have begun showing off phones that can play MP3 files as well as more sophisticated games.

"As more and more devices out there can allow people to program for them, and use more executable files, the holes will open up," said Stephen Trilling, director of research at the Symantec Antivirus Research Center.

Thompson of echoed that sentiment.

"Security and functionality exist in an inverse relationship," Thompson said. "The more powerful these things are, the less secure they become."