Palm's Trojan horse spurs antivirus software makers

With the arrival of the first known Trojan horse for the Palm last week, antivirus software makers are targeting handheld devices in earnest.

Symantec today released a beta of an antivirus application that is stored directly on the Palm. The download, which takes up 12K of memory, can be obtained at Symantec's Web site.

Although antivirus software makers tend to see even the slightest bug or threat of a bug as an opportunity to tout the need for their software, the popularity of Palm's products and other handhelds is making these mobile devices a prime target for hackers. And wireless access through handhelds will only increase the potential for problems.

The antivirus software, which Symantec says is the first of its kind, sits on the Palm itself.

McAfee.com and Trend Micro have announced similar products, but the software resides on a PC. These antivirus programs protect Palm users every time they synchronize their devices with their PCs and protect against viruses that get spread to Palms via PC networks.

By storing the software directly on the Palm, people will be protected against potential viruses or malicious code that spreads through a wireless connection or through "beaming" via the infrared port, according to Carey Nachenberg, chief researcher for Symantec's Antivirus Research Center. Beaming is a popular way for Palm users to share contact information or games.

Symantec's product was in the works long before last week's event, Nachenberg said, but the company decided that it was a good time to release the software.

"If you release an antivirus application, it encourages virus authors," Nachenberg said. "We released this as a public beta now because the Pandora's box has been opened." Still, most of the potential danger lies in the future. The current risk remains relatively low because most people don't access the Web directly through their Palms, he added.

The software makers are rushing to respond to fears about the first Trojan horse for the Palm, which was released in an Internet chat room for Palm developers last week. The Trojan horse is disguised as a file that can convert a shareware program of Liberty into a registered version.

The Trojan horse, which has circulated under the name Palm_Liberty.A, was written by one of Liberty's developers, who told News.com he created the alternate version to punish those who attempted to upgrade a shareware copy of Liberty without paying for it.

There have been few reports of people affected by the problem. The glitch can be fixed by re-synchronizing the Palm device with the PC, according to Palm.

Although today's risks are still fairly minimal, Nachenberg recommends that companies and organizations with employees who use Palms should begin thinking about virus protection. "They should be concerned enough to be thinking about a strategy," he said.