Startseite | Programme | Problems

Problems

Security hole on Psions Series5

German PSION Enthusiast Ralf Klüber found a way to get around the password protection of the Series5/5mx/5mxPRO, and thus to get access to possibly sensible data on the attacked system's C-drive.

As everybody knows, data on the CF is totally unprotected and can be accessed by simply putting the CF into another machine and read it there.

It is new that this can be achieved quite easily with the data on the C-drive, too. Leaving your PSION unattended for two minutes is enough!!

It is possible to protect your machine against this form of attack, but as a description of the way how to do this would also be a description of how to attack the machine, Ralf decided to keep this information under disclosure.

He is in close contact with PSION Germany, and the people there are very interested in the method of the attack, and they will definitely be looking for a way to protect the systems against it.

In the meantime, PsionWelt strongly recommends to encrypt ALL sensible data on your machine, on the CF as well as on the internal drive. Some encryption programs are

- Crypto by Philipp Salvisberg,
- SafePlace by Palmtop and
- Encrypt-it by Palmscape

To make the severity clear: We tested this on several machines, Series5 and 5mxPro, and it definitely works for all models, probably also for Ericsson's MC218 and maybe also for the Geofox. The security hole does NOT depend on the language, so the hack also works for all international versions of the Series5.

Please do not contact Ralf Klüber for questions on this topic, as he won't give away any information concerning this. We will inform you on these pages, so keep a look!

A patch for the problem can be found at: https://www.psionwelt.de/programm/indexe.htm