Home > Blogs > Snake Oil Salesmen vs. Your Sensitive Data

Snake Oil Salesmen vs. Your Sensitive Data

By  Sep 21, 2007


I just got back from IT Security World where I delivered a presentation on Windows Mobile security. One part of this talk includes a close look at how many so called 'secure' programs have some vulnerability that renders them insecure. In fact, we sat down just yesterday with an untested program and it only took us about 15 minutes to complete bypass the protection. Read on for more...

The target in this case was Pocket Secure v.4, which provides 128-bit encryption, incorporates a hard reset feature after some number of bad guesses, and sells itself as 'Total Lockout Security'. While the marketing sounds great, we were able to bypass the protection using just the autorun feature in Windows Mobile.

Thats it...nothing high tech or 'l33t'. Just some basic knowledge about how the the Windows Mobile operating system works.

The point - be careful who you trust out there. Just because a product is sold as secure, doesn't mean it is true

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.