Results 1 to 12 of 12
  1.    #1  
    if i use my treo to check my bank account info or other personal information, how secure is it?

    - robert
  2. #2  
    Without encryption software it's as secure as the places you keep it. If you're going to keep sensitive info on your handheld I suggest encrypting it (CryptoPad from palmgear is a free and excellent solution for this)
  3. #3  
    I second that... I also use mSafe to do a wipe on the device when I send a special SMS.
  4.    #4  
    i use splashID to keep sensitive info on my treo.

    but what i am talking about is when i access wells fargo to check my checking account online, etc. since that page on their site is secure, is that enough?
  5. #5  
    if there is no spyware on your device, you are pretty safe checking you bank via ssl browser.

    I think msafe is the one where 3 bad tries and the device hard resets. I may be wrong about the name, but useful protection.
  6. holmes4's Avatar
    Posts
    982 Posts
    Global Posts
    984 Global Posts
    #6  
    I use TurboPasswords (formerly Cloak) from Chapura. Works very well.
  7. #7  
    I use YAPS, pretty good program. Not sure how cryptic it is, but good for me.
  8. #8  
    Quote Originally Posted by robcg
    How secure is my treo?
    It's very secure... but that doesn't mean it doesn't like to be told it's pretty every now and then.

    Unlocked GSM Palm 650.
  9. #9  
    I use YAPS as well, it's uses a very good crypto algorithm (blowfish 256bit) which was one of the runnerups to become the new AES (advanced encryption standard) crypto standard. As long as the program implements the algorithm correctly you should be safe.

    TurboPasswords also uses blowfish but at 128bit (still very adequet protection). Same rules as above apply.

    SafeID also uses blowfish, no idea at what bit length though.

    Not sure on CryptPad.

    At some point in the near future I'm going to do some security analysis on Mobile devices, and my Treo650 is going to be one of the test subjects. At that point I should have a better idea of how secure it is. For now, just follow the normal rules, use SSL websessions for banks and such, only turn bluetooth on when you need it (or atleast leave discover mode off), and use an encrytped password safe like the above mentioned ones, to protect info incase you loose your treo or if it is comprimised or borrowed by a curious coworker while you aren't looking.
  10. #10  
    Quote Originally Posted by D-Caf
    At some point in the near future I'm going to do some security analysis on Mobile devices, and my Treo650 is going to be one of the test subjects. At that point I should have a better idea of how secure it is. For now, just follow the normal rules, use SSL websessions for banks and such, only turn bluetooth on when you need it (or atleast leave discover mode off), and use an encrytped password safe like the above mentioned ones, to protect info incase you loose your treo or if it is comprimised or borrowed by a curious coworker while you aren't looking.
    any idea when your going to start, thats a very usefull topic.
    Old Nokia - Nokia 3390 Sidekick 1 (black and white) - Sidekick Color - Treo 600 - Sidekick 2 - Blackberry 7100t - Treo 650 and razr black (best combo EVER) Iphone 8gb - Iphone 3G 16gb - BlackBerry Bold
  11. #11  
    Well, I'll be doing some initial research this weekend and next week (I'm doing a lighting talk on mobile security early march, it's not a detail talk), then after that I want to do some more detailed work on the Treo650, some bluetooth cards, a few other pdas and phones etc... So maybe in a month or two? Depends on what I find or don't find. Also got to work on looking at putting SELinux on my semi-retired Sharp Zaurus in that time frame. Just depends on how much spare time I've got (the wife likes to be talked to every once in a while ).
  12. #12  
    Quote Originally Posted by D-Caf
    I use YAPS as well, it's uses a very good crypto algorithm (blowfish 256bit) which was one of the runnerups to become the new AES (advanced encryption standard) crypto standard. As long as the program implements the algorithm correctly you should be safe.

    TurboPasswords also uses blowfish but at 128bit (still very adequet protection). Same rules as above apply.

    SafeID also uses blowfish, no idea at what bit length though.

    Not sure on CryptPad.

    At some point in the near future I'm going to do some security analysis on Mobile devices, and my Treo650 is going to be one of the test subjects. At that point I should have a better idea of how secure it is. For now, just follow the normal rules, use SSL websessions for banks and such, only turn bluetooth on when you need it (or atleast leave discover mode off), and use an encrytped password safe like the above mentioned ones, to protect info incase you loose your treo or if it is comprimised or borrowed by a curious coworker while you aren't looking.
    Check out this thread:

    http://discussion.treocentral.com/sh...0+security+app

    Will your Treo 650 make you the next Paris Hilton?

Posting Permissions