Notes from the Technology Trenches - August, 1998

By Elizabeth H. Klampert, Published on August 15, 1998

Elizabeth H. Klampert is the Director of Library Services for the Association of the Bar of the City of New York. Ms. Klampert was formerly a litigator for five years, specializing in professional liability litigation. Before attending law school, she was a corporate librarian for twelve years, holding management positions in libraries in a number of large organizations, including Rainier National Bank in Seattle, Deloitte & Touche, and Merrill Lynch, both in New York. She received both her BA in English and MLS from the University of Washington in Seattle. She received her JD at the Benjamin N. Cardozo School of Law in New York.

Enough of covering conferences! This column returns to its roots and covers various technological glitches, including some in my last column.

Some of my alert readers (as opposed to those who sleep right through it) noticed that my last column included, ahem, a URL took them to an X-rated site, rather than the perfectly legitimate site that it was intended to cover. I won't republish it here, but I wish to thank those who did send me (and my editors) e-mails so promptly. The glitch was fixed very quickly, but this sort of thing can happen to the best of us. After all, I imagine the whitehouse.gov site never expected that it would have to put up with the whitehouse.com site! While I hope this does not happen again, I'm under no illusions that it may well recur.

Which leads me to the issue of Internet browsers. As you know, Netscape Communicator, the successor to Netscape Navigator, allows you to truncate a Web site's address, leading to the whitehouse problem mentioned above. While it is useful to have a way to eliminate extra keystrokes, having ".com" be the default can prove embarrassing. I've not used the Internet Explorer recently, but given Microsoft's tendency to mirror the other browser, I expect that it provides the same feature. Word to the wise: when doing a live demo, you may want to type in the entire URL just to be on the safe side.

While I prefer to use Netscape as my browser, I've found that Netscape Communicator has eliminated a most worthwhile feature available in Netscape Navigator. For those of you who liked the Sort feature in Bookmarks, Netscape has inexplicably (and I've asked) eliminated this extremely useful feature. Many of us organize our Bookmarks by subject and the Sort feature allowed me to reorganize these subject files easily. Some techie at Netscape evidently deemed this an unimportant feature. Wrong! Things like this are extremely annoying.

More worrisome than annoying is the recent news about flaws in several popular e-mail programs, including those produced by Netscape and Microsoft, announced in July, and Qualcomm's Eudora, announced in early August. The flaws in Netscape Mail include both e-mail available on Netscape Communicator versions 4.0 through 4.05 on Windows 3.1, 95, 98 and NT and the Preview Release on Win95, 98 and NT. According to the articles I've read, the flaw in Netscape e-mail allows a sender to introduce a virus via an e-mail attachment When the receiver of the message opens up his or her e-mail, he or she also opens up the nasty code embedded in the header, infecting the hard drive and causing potential harm.

The Microsoft e-mail affected includes Outlook 98 (on Win95, 98 and NT) and Outlook Express (those shipped with Internet Explorer 4.0 or 4.01 on Win95, NT 4.0, NT for DEC Alpha and versions for Macintosh and Unix. The flaw here is similar to that in Netscape, but with Outlook 98, a particularly nasty difference, in that the illegal program can run without having the file opened up.

The problem with Eudora lies in the Windows versions 4.0, 4.01 and 4.1 and is somewhat different. Here, the sender can embed the illegal program inside a URL included in the e-mail message. The program then either crashes the receiver's computer or allows the sender to steal data.

Both Microsoft and Qualcomm have announced fixes for the flaws in their respective e-mail programs. For Microsoft, patches can be found for its two e-mail programs at its Web site (http://www.microsoft.co/ie/security). Qualcomm has also posted a patch for Eudora on its Web site (http://www.qualcomm.com/Eudora).

On July 27, Netscape announced on its site (http://www.netscape.com) that within two weeks, it would post an update to Communicator that would fix the flaws (dubbed Long Filename Mail Vulnerability in its e-mail programs). As of mid-day August 14, I did not find an update. In the meantime, Netscape advises that you view incoming e-mail attachments as links.

Some commentators predict that these flaws, even when fixed, will cause people to consider more seriously the security problems engendered by e-mail, especially attachments. This concern will, in turn, lead to the adoption of even simple encryption that will allow a receiver of an e-mail to verify the identity of an e-mail sender. Others are less hopeful and claim that it will be business as usual once this particular crisis is over. Law firms in particular should be nervous about this sort of thing and some, particularly here in New York, while not allowing Internet access from the individual's desktop, do have e-mail. The question is whether they are encrypting this e-mail. For those dealing with French firms, all bets are off, because France is one of the few countries that does not allow encryption.

News from the technology front never seems to stop, does it? I can hardly wait to see what next month will bring! In the meantime, I hope you get a chance to enjoy what's left of the summer -- I'll report back after Labor Day.