Page 2 of 2 FirstFirst 12
Results 21 to 26 of 26
  1.    #21  
    Thank you!
  2. #22  
    I really hope palm fixes this by Sunday....
  3. #23  
    Our firm has Exchange 2007. I was initially not able to sync the Pre. I got the error that certain security policies were not supported. Our IT person and myself went into Exchange and viewed the settings for devices. We found that there was a selection [check the box] to allow non-provisionable devices. Once this was checked, I was able to sync my Pre. We are still trying to determine the nature, if any, of the vulnerability or exposure to which our server is now subjected.
  4. #24  
    Quote Originally Posted by spaine View Post
    Our firm has Exchange 2007. I was initially not able to sync the Pre. I got the error that certain security policies were not supported. Our IT person and myself went into Exchange and viewed the settings for devices. We found that there was a selection [check the box] to allow non-provisionable devices. Once this was checked, I was able to sync my Pre. We are still trying to determine the nature, if any, of the vulnerability or exposure to which our server is now subjected.
    There are some vulnerabilities, but what additional exposure you have depends on what restrictions other users have.

    Here are some examples of potential vulnerabilities:

    Password Restrictions - Your IT department will not be able to require what type of password your Pre uses, or even that it be forced to use one. If you loose your device, someone may be able to pick it up, and see all of your emails, and all of your contacts.

    Lock Restrictions - Your IT department will not be able to force the device to lock (requiring a password), if it's been idle for x number of minutes. In other words, they won't KNOW how secure it is.

    Device Wipe - Your IT department won't be able to wipe the device if you lose it. You can, since Palm has given you that ability. But your IT department doesn't have that level of control.

    There are others, but this will give you a general idea.
  5. #25  
    Hey guys, I picked up my Pre a few days ago and I haven't been able to sync email either.

    My situation seems kinda wired, I setup my EAS exchange account and it pulled email for one day and my calendar and contacts are syncing but I get no more email after the setup.
    I checked and we are using SSL for exchange, but the email is still not syncing.

    Any one seen this before or have any suggestions?
  6. #26  
    Quote Originally Posted by Frustrated_Sprint_User View Post

    I have to admit that as a non-IT person I don't get (or really care to get! LOL) the whole SSL/non-SSL issue, but it seems like a lot of people don't have it so I am confused why palm didn't make sure that the phone was compatible for everyone before they released it
    So tangentially - publishing OWA and RPC/HTTP or EAS without requiring SSL goes against every best practice published by, well, anyone.

    The reason? If I know your OWA address, it's absolutely possible for a determined person to capture traffic to and from that server, and reconstruct your email,, if you are transmitting your data across an unencrypted (that is, non-SSL) connection.

    With SSL you're using an encrypted tunnel to transmit your data. Capturing it is unlikely to result in your communications being deciphered.

    I've been designing email systems for more than 12 years, and you should never, ever be using an unencrypted connection to an Exchange server. Your network admins should not allow it. Bottom line, if they do, they are putting your company data at risk and should be retrained, or even replaced.

    Now a different question would be where does your SSL Cert come from, and that in itself could be an issue if your environment is using a self-signed (rather than a trusted) Certificate Authority. I don't know if the Pre is yet open enough to install a self signed certificate.
Page 2 of 2 FirstFirst 12

Tags for this Thread

Posting Permissions