On viruses for Palms, ecosystems and continuity

We recently celebrated the 10th anniversary of the first malicious program for smartphones. Cabir’s discovery brought interesting changes to Kaspersky Lab, in particular, those Nokia smartphones that we had bought for the full-scale testing of the worm became the first ones in a collection now consisting of more than 250 devices.

The antivirus for Symbian smartphones appeared after Cabir, although in a few days we made ​​a utility DeCabir to remove this particular worm. But it does not mean that we had had no mobile products till 2004. Back in 2001 the first program of this type was the antivirus for Palm OS PDA.

It was no easy task digging into the archives for the old handheld, distributives of our software, documentation and keys to them. It turned out even harder to remember the way it was configured and run. Although it got clear what would happen to modern mobile phones in 15 years. Modern hardware, software, development tools, bug trackers, and network services would have grown obsolete by then. But the experience, the ability to foresee the development of the industry in general and cyberthreats in particular will remain. Let’s talk about that.

Software Atlantis

This is a Handspring Visor Edge handheld. It was released 13 years ago, in the spring of 2001. Unlike earlier PDAs it syncs with your computer via USB, not the serial port (and thanks for that). It has a monochrome screen, which, incidentally, has a positive effect on its battery life. An iron body, a functional battery, a set of software and accessories included – in general, as they say on eBay, “perfect condition”. Unfortunately, we have dozens of non-operational devices in our collection, all of them finished by old age, but this one is an exception. Whether it was manufactured well, “to last for good”, or there is nothing to break in it.

All is fine, but the attempt to revive it, say, by software means, turned into a real quest. To start with, a simple mission: PC synchronization. After a series of mergers and acquisitions all assets of Palm passed to HP, and software (Palm Desktop and HotSync Manager) can be downloaded from HPWebOS. Even that is a bit ironic: one digital vault contains two software platforms, one of which was popular for a decade, and the other just never took off.

HotSync does not operate under 64-bit versions of Windows. Neither does it run okay under Windows Vista/7, so we need Windows XP (recently buried, too). An old laptop under Windows 98 is an alternative, everything functions on it, but there is no USB – just a PDA compatible infrared port which sifts data for ages. In general, as simple a task as synchronization with the computer already took quite a while. And at that moment I wondered how fared the infrastructure of 14 year old devices? Not that I needed any, but still…

And the infrastructure was rich. Above you may see a page from the booklet for PDA, touting a variety of expansion modules, including modules of cellular and paging (!) communication, memory banks, games, GPS navigation, and camera. Each module had its own developer, site, a set of software, options to buy additional software.

For example, here you have the HandyGPS module – a still working GPS-receiver. Let’s read the instructions: “In order to download the navigation software, visit our website and enter the serial number of the device. You may buy additional maps in the store at… “. Nothing. There is neither the manufacturer’s website nor the software store, nowhere to enter the serial number. Nowhere to download updates and maps from. Karakum Desert. The city of Kitezh. Software Atlantis. The hardware operates, but without the software you get just ten percent of its capacity. The companies which developed devices, accessories, and software in the early XXI century have gone bankrupt resold a dozen times and changed their field of occupation. And the websites that were once the foundation and hope of the still swollen dot-com bubble are now seized by squatters. By the way, the very GPS appears a paragon of stability against that background of devastation, although the old module launches for 10-15 minutes, lacking all those improvements implemented during ten years. But it communicates with the satellites without any problems. Maybe because programming devices in orbit suppresses the urge to rewrite everything from scratch?

Another victim of progress is the PDA Handspring Eyemodule add-on camera. The camera itself works fine, but to convert a photo of a proprietary format into a regular JPEG you need an appropriate program for Windows. We had no software disk, and there was no use looking for the program in the Web.

Why is it all so bad?

The answer seems to be plain: Palm OS is a dead branch of mobile software, isn’t it? PDA is a dead branch of mobile devices. It appears that Windows Mobile is a dead branch, too. Actually, everything is a little more complicated.

Let’s start with handhelds. They were the forerunners of the era of general mobilization, very useful and convenient in their times. But soon enough they yielded to smartphones. In the same year of 2001 Handspring discontinued developing Visor series, and began to work on Treo smartphones which were quite popular for some period of time. Everything becomes clearer if we consider that PDAs were the ancestors of tablets, not smartphones. That is, you get a portable device for taking notes, managing tasks, contacts, reading books and something else, but not for phone calls. Moreover, the first device created by Jeff Hawkins, the founder of both Palm and Handspring, was a tablet:

The line between smartphones, tablets and even laptops is definitely very vague and gets thinner every day. But there is some continuity: In 2000 the PDA walked side by side with the mobile phone; in 2014 the smartphone is complemented by the tablet.

Was Palm OS not good enough to stand the test of time? Yes, it partly was. By maintaining a balance of performance and autonomy, they made it single-tasking. They tried to fix the disadvantage, but never made it. The announced multi-tasking Palm OS 6 Cobalt became a platform without hardware in 2004. To some extent Palm shared the fate of Symbian and Windows Mobile. All three systems were born in the 90’s and their rich pedigree eventually sunk them. However, Palm’s single-tasking is also an advantage. Despite the ridiculous now performance, Visor Edge programs run very fluently. A modern tablet provides that “sense of speed” by not a single processor at 33 MHz, but by four 2 GHz chips. And it does not always work okay either.

Software, hardware, and “life” troubles were supplemented by pure business aspects like bankruptcies, not the most successful mergers with other companies, shareholders’ pressure on the management of once successful companies. In many respects the business problems have led to the fact that a large part of the Palm’s ecosystem simply disappeared from the Web, slumped in collectors’ closets, and saw no further development. The only exceptions are relatively small private companies, less susceptible to almost unpredictable things like market fluctuations or shareholders’ meetings. For example, the developers of the popular Palm iSilo reader stayed afloat. They meticulously develop Android version and sell absolutely every old version. Out of fun I even bought a $10 key for the Palm reader via PayPal, which certainly amazed a sales manager on the other side.

Are there any viruses on Palms?

I must confess that our Palm OS software was very close to drowning along with thousands of other pieces of software and accessories for that platform. If you try to find a distributive of Kaspersky Antivirus for Palm OS, you will most likely find none. The point is that we had no full trial version our software for Palm OS. Namely a trial version is the warrant of a program’s longevity even after the development termination by means of various software sites and collections (and torrents, let’s be honest here). By the standards of the early 2000s our product also had decent protection and needed a separate key to sync with the program via HotSync. Fortunately, we discovered both distributives and keys in our internal archives.

So was there any malware for Palms? You bet there was. Although, again, by today’s standards – what was there to steal? There was no Internet (in most cases), all programs were usually installed from a computer. In general, nothing might happen until a user had infected his PDA by pushing buttons with his own hands and confirming the operation a hundred times. And he still had to launch the virus by himself.

Of course, I’m exaggerating, but those few viruses for Palm OS actually spread rather through social engineering, not some tricky software techniques. A typical example is the PalmOS/LibertyCrack trojan. It pretends to be a useful program, but when installed on the PDA and started it erases all data on the device. A typical Palm virus was disguised as a crack for a program or a game and distributed accordingly.

By all means users had to be protected from such malicious programs, too. The first version of Kaspersky Antivirus for Palm OS was released in April 2001. Kaspersky DataSafe for Palm application followed shortly. It was no antivirus, but a tool to protect user data. Even then we knew that we must protect the user not only from viruses, but also from any unauthorized attempts to access the data.

DataSafe utility allowed setting an access password to the device with automatic locking. Moreover, selected user applications and data (data could not exist separately from applications anyway) could be encrypted – first with XOR algorithm, later with RC4 (before the algorithm was eventually conceded weak).

Fragmentation

Kaspersky Lab’s mobile solutions evolved with the industry, and I tell you, it was fun. In a historically short period of ten odd years the following happened:

– Palm OS devices (PDAs and smartphones) turned from hot pies have into outsiders of the market

– First Symbian smartphones appeared, and this platform soon became the most popular (but not for long)

– However, Microsoft with its Windows Mobile tried to keep up

– Apple released the iPhone

– First Android devices appeared

– Tablet PCs became a new type of mobile devices

– Android topped the mobile market, Android and Apple together squeezed Palm (with WebOS already), BlackBerry, Microsoft (they had to rewrite the mobile platform from scratch), and Nokia’s Symbian off the market

– There was also BlackBerry, with a considerable share of the corporate market.

We had to keep up with everything. There were lots of platforms and each required developing its own version of security software (because each platform attracted cybercriminals in its way). Moreover, for Windows Mobile, for example, we had to actually develop two products at the same time as the smartphone OS version and Pocket PC edition significantly differed. A similar thing happened to Palm OS 4 (and earlier) and Palm OS 5 devices – both their hardware and software were greatly different.

To avoid confusing our customers we decided to apply one name for our mobile application for all platforms and provide unified functionality as much as it was possible. The last version supporting Palm OS – Kaspersky Security 5.5 for PDA – was released in 2006. And now the versions for Symbian, BlackBerry and Windows Mobile, though not being developed, are still supported by our corporate solution for mobile devices protection. Since last year we stopped dividing our products by device type. As I said already, the difference between laptops, tablets and mobile phones blurs from the point of view of the user (not the developer, of course).

Bright future

All that happened to the mobile industry since the early 2000s are very rapid development stages. My brief excursion into the ecosystem of Palm makes me doubt that everything has settled down now. The market of smartphones and tablets is far from “stagnation”. You may compare Android releases 4.0 and 4.4 – they were just two years apart but there is remarkable difference even in their interfaces, not to mention the four revisions of API.

From a technical point of view we inherited nothing from the era of developments for Symbian, Blackberry and Windows Mobile. All developments, tools, bug trackers had to be mastered from scratch and the obsolete stuff – to be frozen and stored. That’s no big problem. When moving together with the industry and even helping it to change, it is important to save your experience, not the code. It is the experience that bridges Palm OS and Android, PDAs and tablets, smartphones and their successors.

The experience helps to move on. Traditions and legacy (as in the case of Symbian) happen to be in the way. However, I would not approve of a sharp and mindless rejection of old ecosystems. That’s why we still support Windows XP, Android 2.3, even Symbian and Windows Mobile (albeit to some extent). It makes perfect sense as long as our customers use the devices concerned. But everything passes; sooner or later all novelties become museum pieces just like this Handspring PDA.