It depends
"bluke" wrote:
If I store some sensitive information (e.g. a credit card number) on my Palm V and password protect the entry, how secure is the information?
1. Store it where? In what software?
2. What's the threat model you're worried about?
There are PalmOS apps that store data in 3DES or Rijndahl-encrypted data stores, pulling it out only long enough to display an entry at a time. You can find several of those in my [link|http://linuxmafia.com/pub/palmos/|archive] of all known open-source applications for and about PalmOS.
However, that solves only one threat model, that of stealing a copy of the stored database of passwords, either by stealing the PalmOS device itself or by stealing your backups. There are other threat modes: People can "shoulder surf" (watch the screen over your shoulder, as you view it). They might talk you into installing a PalmOS app of theirs that combs through discarded temporary data for stack information, etc., or try to sneak it onto your machine over the IR or other ports, or via your Palm Desktop or equivalent "sync" files. And like that.
Questions about security that don't define the threat models of concern aren't likely to get you useful answers.
Rick Moen
rick@linuxmafia.com
If you lived here, you'd be $HOME already.