August 2003 was a difficult month for personal computer
users. Well, not all PC users. Linux and Macintosh users
had little to fear, although I assume they also got some
e-mail messages that were intended to cause trouble. But
it was a difficult month for the majority of us who operate
a computer with one version or another of Microsoft Windows.
From Blaster to Sobig, there were several new additions
under the category of nasty things circulating on the
It was a particularly difficult month if you happened
to click on a file attachment to an e-mail where someone
you knew was apparently wanting to share a "wicked
screensaver" or "that movie" with you.
Many of us avoided the worst of these potential problems
because we knew two things: 1) just because an e-mail
states it is from a certain individual does not make
it so, and 2) there are many types of e-mail attachments
you just do not click on, certainly not until you have
verified by phone or face-to-face discussion the legitimacy
of the attachments. (These include files with names
ending in .pif and .scr, the two file types used by
Most computer viruses and worms are still spread by
someone who makes the mistake of clicking on a bad attachment
to an e-mail. But the new Blaster worm did not utilize
e-mail for its transmission. Rather, it used an open
port in the Windows operating system to attack computers.
You don't need to know what a port is to understand
that if it is open, things may enter and if it is closed,
they may not. We'll discuss more on ports later.
A lot of lawyers tell me that they do not download
any files from the Internet, that they never click on
e-mail file attachments or they delete any e-mail from
an unfamiliar source without opening it. While those
techniques would certainly greatly reduce the chances
of one's computer being infected with something nasty,
those rules are probably too restrictive for most of
us. While there are many aspects to the Internet, the
ability to send and receive e-mail and file attachments
is likely the biggest business boon to most lawyers.
In this article I will discuss some of the bad things
that you can run into online and ways of avoiding or
coping with them, beginning with the least serious.
1) Pop-up ads - Surely every Internet user is
familiar with these annoying ads that pop into view
when you enter or leave a Web page. Now some pop-up
ads have made it harder to close the page by positioning
the X to close the Web page just off of your viewable
(and clickable) screen area so you have to drag it over.
Many web surfers have stumbled into an area where you
are bombarded with multiple pop-up ads or new ones that
open as you close the old ones. If you find yourself
suddenly receiving substantially more pop-up ads when
surfing your normal Web sites, it may be that some "adware"
has infested your computer and is now serving them up
to you in greater numbers.
2) Spam - Unsolicited commercial e-mail continues
to proliferate. Hardly a day goes by that I don't get
an e-mail offering to expand or shrink part of my anatomy,
refinance my home, give me another credit card or direct
me to Web sites with inappropriate material. A recent
study by e-mail filtering specialist MessageLabs
indicated that the legal professional was the second-highest
industry in receipt of spam, second only to the health
care sector. The Federal Trade Commission has stated
that an estimated 96 percent of spam contains information
that probably is false or misleading.
3) Spyware - Spyware is software, that is usually
downloaded for free from the Internet for some other
purpose, which also sends information without your knowledge
from your computer to third parties whenever the computer
connects to the Internet. Generally speaking, this information
is benign information about web surfing habits not linked
to you personally, but that is not always true.
4) Adware - Adware is like spyware, but with
one legal difference -- the computer owner probably
agreed to it being installed by clicking on an "OK"
box sometime during the installation of the software.
There is a rumor that some people, even lawyers, do
not read every word of every online or software installation
agreement before clicking OK. These programs are usually
a feature of software that is free with included advertising
and where a registration fee is required for the "ad
5) Viruses, worms and other malicious e-mail attachments
- One of the most important features of the Internet
is the ability to send e-mail with file attachments.
A five-hundred-page contract may be sent across the
country or around the world instantly and at no cost.
This also means that every computer program designed
for naughtiness can also be attached to e-mail. If you
are not aware that sending out infected e-mail attachments
is the primary method that most computer viruses use
to spread to other computer systems, then you should
6) Port probers - Ports are, in fact, non-physical
openings from your operating system to the Internet.
Ports are reserved for certain tasks. They are needed
to perform certain operations. Still, the design and
use of ports by Windows seems questionable. One writer
noted that Windows XP Home Edition ships with five ports
open, even though the services run by these ports are
meant to be used in a network environment, not the single
computer environment that is intended for the Home Edition.
It was one of these open ports that was exploited by
the Blaster worm. In addition, there are programs used
by hackers and hobbyists that randomly check for open
ports on other computers connected to the Internet.
You might consider this the equivalent of walking down
a street at night trying every door to see if it is
unlocked. Nothing bad may happen at that particular
instant, but you hate to be added to the list of "unlocked
7) Hackers and other strangers - There once
was a time when "true" hackers reacted strongly
to the idea that they were wrongdoers. They just checked
out things that were open on the Internet and often
gave valuable advice to Web site designers who had left
open some vulnerability. Hacking into someone else's
computer is now by definition a crime, and most of the
time the goal is stealing credit card numbers or other
valuable information. The Internet is largely about
improving the connections between people, which is great
if your sister moves to Taiwan. But sometimes, while
having a vigorous debate in an online forum, some behave
as if these were not real people that they are insulting
and disparaging. One need not do anything wrong to become
a target. Finding oneself as the victim of hacking or
an identity theft or a cyberstalker can be scary and
dangerous. Children obviously have to be taught safe
Internet use rules.
So, let's discuss how to improve your ability to surf
and use the Internet safely.
It is certainly not my intention to scare every reader
into permanently disconnecting his computer from the
Internet. First of all, most use the Internet regularly
without suffering much impairment from any of the problems
listed above. Secondly, for most lawyers, the use of
the Internet is just about a business necessity. From
e-mail transfer of files to free legal research to easy
access to a vast array of federal government regulatory
information available for free, there is much online
to make a lawyer's life easier and to help the lawyer
serve clients better.
There are a few general suggestions to better secure
and protect your computers. These rules often relate
to more than one of the problem areas listed above.
The Basic "Rules of the (Cyber) Road"
1) Back up your data -- Hackers and drive-erasing
viruses are not the only threats to your data. Hard
drives are like automobile tires. Drive them long enough
and they will go flat on you. It is absolutely critical
to guard against the loss of the irreplaceable data
that resides on your computer network, from the hundreds
of previously drafted documents to the data in your
calendaring, billing, and case management software.
If you lost huge amounts of this data, the results would
be devastating to your law firm. Just imagine paying
someone to redo all of your word processing forms or
to correct the results from scanning them all. The best
backup is a complete backup that can be restored to
a new hard drive. But using a CD burner to make quick
copies of all documents and data files (and taking a
CD home frequently) keeps your practice data from being
"wiped out." Tulsa attorney Ken Bodenhamer
says that he just replaces his hard drives with "newer
and better" drives every sixteen to eighteen months.
"That is a whole lot better than waiting for it
to crash, because it will crash, and then I have to
go through the pain of restoring," he says. "They
are too inexpensive now to worry much about the cost
of replacing them." Of course, he still continues
to do his daily and weekly back ups.
2) Protect your passwords -- "Treat your
password like your toothbrush. Don't let anybody else
use it, and get a new one every six months." (This
witty techno-safeguard is attributed to one Clifford
Stoll by many Web sites.) Your password to your computer
and various online services is the key to the information.
Try not to lose that key and, when you do have to share
it with another, change it immediately thereafter. Use
long passwords containing a mix of letters, numbers
and some other characters. (This summer a group of Swiss
researchers published a paper outlining a way to speed
the cracking of alphanumeric Windows passwords, reducing
the time to break such passwords to an average of 13.6
seconds instead of over 100 seconds. Sticking in symbols
that are neither number nor letters greatly guards against
crackers.) It is OK to use the same password for inconsequential
services, such as online newspaper registration, but
never use the same password for critical services like
your Internet service provider or online banking provider.
3) Patch your software -- Every type of software
has service packs and updates, it seems. But the critical
ones are the software from Microsoft -- with the patches
for Windows, Outlook and Internet Explorer. We will
discretely avoid the often, asked question of why there
are so many updates needed and why software is released
with so many flaws. But you have to patch, particularly
when there is a critical security patch released. Blaster
exploited a flaw for which a patch had been available
online for free for some time. Some lawyers have reported
horror stories from patches and it is important to back
up everything before applying a patch. But the bottom
line is that there is little choice. You have to patch.
(You do not have to install every patch, however. I
routinely avoid foreign language updates, for example.)
If you have not done this for a while, then do a backup
and head to http://windowsupdate.microsoft.com/.
4) Virus protection -- You have to have this,
which means paying for it when the free period of protection
on your new computer runs out. Install it, learn about
it, set it to scan every e-mail message and then make
certain it is updated regularly.
5) Firewalls -- A firewall sits between your
computer and the Internet and keeps bad things from
coming inside your system. Firewalls may be physical
(a box) or only software. They are somewhat of a pain
to initially set up and administer. If you work in an
organization large enough to have technology staff people,
they have probably already set up the firewall for you.
Ask them. If you know you do not have a firewall, then
first go to http://grc.com
and visit the link there for Shields Up! There is a
free service there to probe your ports and see how vulnerable
you are. The software offered there is free for personal
use and very reasonable for business use.
If you want to learn more about firewalls go to http://directory.google.com/
(or your favorite Internet directory) and click computers
- security- firewalls.
6) E-mail Addresses -- Use more than one e-mail
address. Sure it can be a bit confusing at times, but
if you post in many online forums, participate in vigorous
discussions online, list items for sale on eBay and
place bids, enter into online contests, or generally
find yourself typing your e-mail address into web pages
frequently, it probably makes sense to use a separate
e-mail address for all of that activity. That address
is sure to receive much more spam e-mail plus legitimate
vendor offers. Having all of those materials in a different
inbox than your law firm e-mail account will be a good
thing. Hotmail and Yahoo, among others, provide web-based
e-mail accounts, for free or a small monthly fee. Many
Internet service providers allow you to set up more
than one e-mail address for your basic monthly service
For a valuable white paper on Internet security for
the home user or small office from the Internet Security
Alliance, see http://www.isalliance.org/resources/papers/ISAhomeuser.pdf.
Now, let's cover some suggestions for coping with the
problems and dangers outlined earlier.
1) Pop-up ads
There are several pop-up ad blockers. But consider
this warning first. Not all pop-ups are bad. So after
you install a pop-up blocker, you may have to spend
some time telling it that pop-ups from certain Web sites
are approved and should not be blocked. PopUpCop
2.0 for Internet Explorer and AdSubtract
2.5 currently get the best reviews at CNET.com.
Both are commercial packages, although there is a free
version of AdSubtract with fewer features.
Bargain Special - For those of you who hate
pop-up ads, but don't want to pay to get rid of them,
try downloading the Google
Toolbar version 2.0. You should already be using
the Google Toolbar for other features and the newly
released version 2.0 includes a pop-up blocker getting
great reviews. Sorry, but this only works for Internet
Spam has been the subject of congressional hearings
and much debate. E-mail users waste literally thousands
of hours each day deleting the numerous junk e-mail
that floods their inboxes. It is annoying and a drain
on our national productivity.
There is only one long term solution to this problem.
Never respond to spam and never buy anything from a
spammer. These companies simply do not care if they
inconvenience and annoy millions of people if they can
generate a dozen sales. Good luck to our government
authorities as they try to cope with this growing problem,
but we must do our part by not supporting it in any
There are several commercial software packages that
assist in blocking or removing spam. CNET.com
reports that SpamCop
requires more technical expertise than McAfee.com's
or SpamAssassin, which are standalone filtering applications.
McAfee bought SpamAssassin early this year so there
should be a combined product soon.
Spam filters will let a certain amount of spam through
despite the best defenses and also will inadvertently
block some legitimate e-mail, which should be a major
concern for lawyers.
Bargain Special -- You can set up rules to reduce
dealing with spam in your own e-mail client (Microsoft
Outlook or Outlook Express for the majority of you).
For example you could set up a new folder called Spam
Inbox and set up rules that say any e-mail containing
certain words would be immediately moved from your inbox
to that Spam Inbox. Some suggested words might be refinance,
Nigeria, Viagra, or winner, depending on what type of
spam you receive. (I'll let you pick out the keywords
for filtering the pornography spam on your own.)
Then you can check the Spam Inbox once a week or so
for any familiar senders before deleting it all. Sometimes
you will find that a legitimate e-mail has been moved
there because someone has said something like "I
got ten spams for Viagra today" in an e-mail to
you. But overall this technique saves time, allowing
you to mass-delete most of the spam once or twice a
3) Spyware and 4) Adware
As noted previously, some of the pop-up ads you encounter
may be generated by something that has installed itself
on your computer. These products range from Gator, a
password organization and recall service that makes
it very clear before you install the software you will
be seeing pop-up ads in return for the freebie to the
widely-hated Xupiter, which can hijack your browser
after one visit to their Web site. The company claims
to install only after permission, but many consumer
reports dispute that claim. Once you get stuck with
Xupiter, manual removal is difficult and most will have
to download a professional program to get it totally
removed. There are sets of instructions for removing
Xupiter online. In fact, typing the words adware and
spyware into search engine Google will return many results.
Other products that report to others on your net surfing
habits include the Comet Cursor and Weather Bug.
Bargain Special -- The state-of-the-art programs
to remove these programs from your computer include
many that are free. You can download Spybot Search &
Destroy at http://www.safer-networking.org.
This product gets rave reviews and is listed as the
best by many web sites discussing spyware. Don't be
surprised if dozens of programs are identified on your
system by Spybot S & D. Another product is Lavasoft's
Ad-aware, a free utility that detects and removes many
adware products. This product also gets great reviews.
I used it to free my computer when my son surfed into
Xupiter. There are more advanced versions for purchase,
but I have been happy with the free version.
5) Viruses, worms and other malicious e-mail attachments
You can get software to do just about anything on your
computer. Therefore when you click on an e-mail attachment
and run the program, it can do just about anything.
Without intending to do so, you have given the green
light for the program to install spyware, invade your
address book and start sending out e-mail to your friends,
set up a Trojan that will allow others to remotely access
or run your computer, or just format your hard drive,
leaving you with nothing on your computer.
The vast majority of computer viruses and worms are
spread by the simple act of clicking on an attachment
to an e-mail message. Therefore the majority would be
stamped out if all computer users would just think before
The Internet Security Alliance proposes the following
analysis, which it calls the KRESV tests.
"The Know test: Is the e-mail from someone
that you know?
The Received test: Have you received e-mail
from this sender before?
The Expect test: Were you expecting e-mail with
an attachment from this sender?
The Sense test: Does e-mail from the sender
with the contents as described in the Subject line and
the name of the attachment(s) make sense? For example,
would you expect the sender - let's say your mother
-- to send you an e-mail message with the Subject line
"Here you have, ;o)" that contains a message
with attachment - let's say AnnaKournikova.jpg.vbs?
This message probably doesn't make sense. In fact, it
happens to be an instance of the Anna Kournikova worm,
and reading it can damage your system.
The Virus test: Does this message contain a
Of course for one to know if an attachment has a virus,
one must install and use an anti-virus program. We also
know that the current crop of viruses are able to insert
a bogus sender e-mail address, so even though the message
says it is from your best friend, it may not be either
from him or his computer. Buy virus-scanning software,
use it to scan all of your e-mail, and update it regularly.
Perhaps most importantly, do not routinely click on
unusual file attachments even if they pass your virus
scanning test. There are new viruses being released.
Wait. Before opening the file, visit Symantec's great
virus warning page at http://www.symantec.com/avcenter.
Be aware of the type of file attachment. The SobigF
virus was spread across the world because people clicked
on a PIF file attachment. That is one with a file name
ending with .pif. Savvy e-mail users knew long ago that
this was a very dangerous type of attachment and not
one that should be automatically opened.
Here's a list of potentially damaging file name attachments.
It is very unlikely anyone would send you a file in
any of these formats anyway (except MDB).
ADE ADP BAS BAT CHM CMD COM CPL CRT EXE HLP HTA INF
INS ISP JS JSE LNK MDB MDE MSC MSI MSP MST PCD PIF REG
SCR SCT SHS URL VB VBE VBS WSC WSF WSH.
Most legitimate file attachments will be in one of
a few formats with an easy-to-recognize extension: Microsoft
Word (.doc), WordPerfect (.wpd), Adobe Acrobat (.pdf),
Excel (.xls) or images (.jpg, .jpeg, .bmp or .gif.)
There are several other common file types. But the point
is if it is not one of the extensions you are familiar
with, then it is time to pay attention.
The final point on the dangers of e-mail attachments
is that you are not the only source of danger. Make
sure everyone with an e-mail account at your office
understands the danger and procedures. It might even
be that some staff are prohibited from opening any attachment
besides PDF or word processing documents without getting
6) Port probers
See discussion of firewalls above.
7) Hackers and other strangers
Generally speaking, the areas of greatest potential
catastrophe involve cyberstalking and identity theft.
These are criminal justice matters and outside the scope
of this article. The U.S. government's central Web site
for information on identity theft is www.consumer.gov/idtheft.
Just remember that people may not be who they say they
are online. The Internet is a great source of information.
When you choose to share your personal information with
someone, make certain you know why you are doing so.
Be safe and practice safe computing.
This article was originally published in the Oklahoma
Bar Association Journal. Reprinted with permission.
Jim Calloway is an attorney from Oklahoma.
He serves as the Director of the Oklahoma Bar Association
Management Assistance Program. He received his Juris
Doctorate from the University of Oklahoma, where he
was named to the Oklahoma Law Review.