Palm T|X Security: Counterproductive

The other day, I was looking through the preferences on my Palm T|X, and I found out that I could enable “Intrusion Protection”. I set it so that it would destroy all data on the TX if I failed to enter my password 25 times. That seemed like enough grace period that I wouldn’t accidentally destroy my data, even if I mis-typed the password several times.

The next day, I let my three-year-old play “Bombel”, and draw on the “Note Pad”. Several minutes later, I noticed that she was pushing buttons willy-nilly at the password screen.

“Oh!”, I thought, “That’s not good.” She was well on her way to exceeding the 25-password attempts and wiping out my data. I knew I could get it back with a hot-sync, but I didn’t want to resort to that.

Palm “intrusion detection” became counterproductive when placed in the hands of a child.


I also tried the Palm TX feature to “Encrypt data when locked”. First, I tried using [AES]( encryption, since it would likely be “stronger” than the default of [RC4]( AES was unusable — it took minutes to encrypt and decrypt my calendar and address databases. RC4 was barely usable, taking ten seconds or so to encrypt and decrypt my calendar. When I whip out my Palm, I want access to my data immediately, so I disabled encryption.


I’ve chosen convenience over confidentiality for the data on my Palm TX, because I felt that the price to pay for confidentiality was too high. I’m not sure that it’s the right decision. I might feel differently if the Palm is lost or stolen. And so might some of the contacts in the address book. I would re-evaluate my decision if I were required to notify those contacts in the case of a lost Palm.