Open platform devices such as mobile telephones, personal computers and personal digital assistants include large amounts of software. In many instances, some of the individual software programs may be malicious and/or do not behave satisfactorily with other software programs on the device. In the case of a virus or a propagating Trojan horse (worm) attack, virus killing programs may not react quickly enough to prevent the malicious entity from contaminating other programs and/or any data on the device. Furthermore, in devices such as mobile telephones, there may not be any virus killing programs installed at all.
Virus killers have recently been implemented on open mobile phone platforms. These programs, however, require a network connection in order to update their virus databases. Although platform security enhancements help to reduce worm and virus threats, they cannot completely eliminate them. In any event, it is extremely important for the device to be capable of halting the propagation of harmful software from the devices extremely quickly.
Various safe-boot systems currently exist for allowing a device to start up in a “safe” mode. In a safe boot, the end user is given the opportunity to go step-by-step through the boot process. This is often initiated by actuating a certain key, such as a “function” key on a personal computer.
One system for implementing a safe boot is described in U.S. Pat. No. 6,640,316, issued on Oct. 28, 2003 and incorporated herein by reference. In this system, the contents of a diagnostics indicator are evaluated to determine whether the indicator contains a “simple boot” value. In at least one embodiment, the “simple boot” value is equivalent to a “set” state. The method includes determining, if the diagnostics value is set, whether a platform corruption has occurred. If the simple boot flag is set and a platform corruption has not occurred, then a simple boot is performed. Otherwise (i.e., either the simple boot flag is not set or a platform corruption has occurred, or both) one or more diagnostic routines are executed.
In many Symbian telephones and other conventional systems, a safe boot can be conducted by loading only programs stored in the devices read-only memory (ROM) or other software whose trustworthiness can be assured by other methods. However, the decision whether to load programs from the device's ROM is based on self-diagnostics and is not dependent on any external commands. Furthermore, a mobile phone may reach a condition where it can no longer boot properly due to user data failure.