News

Sharp rushes to replace "hackable" hand-held Zaurus

They were looking for ways to analyse the usefulness of Sharp's Linux-based Zaurus hand-held as a hacking tool. They found that it was vulnerable - but surely, that's impossible? Surely, only Windows is vulnerable to hackers? The harsh truth is: no.

It will come as a dreadful blow to slash-dot zealots: researchers at the American Syracuse University say they've discovered two major security "vulnerabilities" in the recently-released Sharp hand-held PDA, the Zaurus SL-5000 range - which could make the device a trojan horse for hackers trying to break into corporate networks.

According to ZDNet reporters, Sharp has hastily hinted that the next version of the device will be aware of these flaws.

The full text of the Syracuse report says: "The Sharp(R) Zaurus(tm) SL-5000D and SL-5500 have multiple security vulnerabilities in design and implementation that affect system security. The first vulnerability gives a remote attacker full control of the Zaurus filesystem, including the ability to overwrite files and/or programs with trojans."

The second vulnerability "affects the Zaurus passcode function, which locks the Zaurus so that no data can be input via the keypad and touch screen."