Volume 5, Number 1
March 2006

Table of Contents
Past Issues

Trends in Technology

Musings on the Uncertainties of Technology

J. Anthony Vittal

Over the past several weeks, I have seen first-hand how the bright promise of technology can have a darker side. First, despite multiple layers of antivirus protection—on the ABA and Earthlink mail servers and on my own systems—an early (preinoculation) version of the KamaSutra (BlackMal) worm got onto my computer. Victimized by social engineering—known source, known (but ineffective) prophylaxis—I felt safe enough to examine the attachment. Unfortunately, in doing so, I inadvertently activated it. Oops! Small comfort that I was not alone, with other tech writers also among the victims of this worm, which infected hundreds of thousands of computers around the world.

Although Symantec and McAfee had definitions out the following day, it was too late for my notebook. Unlike later, more malicious versions of this worm, the one that hit me only disabled my software firewall and Norton AntiVirus protection, deleted the critical files for those applications, and rewrote my registry. Thus began my epic saga. In order to get my antivirus back up and running, I first had to uninstall the original installation. The uninstall, however, did not properly clean the registry, thus preventing reinstallation until I manually went into the registry and deleted every relevant reference to Symantec—not something for the faint of heart. Of course, everyone recommends that you back up your registry before undertaking such a massive edit, but the backup was as corrupt as the original. In any event, after hours of editing countless lines of Symantec-related instructions in my registry, I finally got it cleaned up to the point that I could successfully reinstall Norton AntiVirus. Yes! Then I went back online, downloaded and installed all relevant updates, and I was back in business. All at the cost of a day and a night out of my life and several grey hairs.

I learned several lessons from this experience.

First, Murphy’s Law always will bite you when you least expect it, when you can least afford the time to deal with it, and where it will really hurt.

Second, trust no one—not even yourself—when it comes to attachments to email messages. If you are not expecting the attachment, and if the attachment is executable (*.exe, *.dll, *.pif, etc.), don’t go anywhere near it, even if it is from a trusted source, until you have contacted the source and verified that the attachment is safe and serves some legitimate purposes. If you can’t contact the source and are reluctant to just delete it, leave the file alone for long enough to have your antivirus definitions updated, then scan it. Of course, this assumes that you have installed antivirus software on your computers, that you have updated it and have updated the definitions at least daily, and that it is always running.

Third, never rely on a third party (such as the entity hosting your mail server or the mail servers of the folks who send you email) to catch malware. Even though it may seem like “belt and suspenders,” you need your own protection. Even then, as I discovered, something can get by multiple layers of protection.

Finally, as I have said before in this column, regularly back up your entire system, including your “system state.” It is not enough to back up the “My Documents” folder, since that doesn’t permit you to restore the prior configuration of your system including all applications. If you back up your entire system, including your “system state,” you can do a full system restore from a separate (theoretically “clean”) source. This, I learned, is important, because the malware also corrupted all of the files associated with the “restore points” on my computer, thereby effectively disabling the “system restore” function in Windows XP.

 Are you an oyayubizoku 1 using a “CrackBerry” and threatened with withdrawal? Much has been written in the press lately about the long-running patent litigation between Research in Motion (the folks who manufacture the BlackBerry® PDAs and provide the related technology) and NTP, Inc., and the risk that an injunction will issue to shut down all BlackBerrys now that the Supreme Court has denied cert in the case. The district judge scheduled a hearing for February 24 to decide whether to issue an injunction. RIM claims to have a workaround and has filed patent applications for it, but NTP threatened to seek an injunction against use of that fix. At the same time, the NTP patents in question recently have been invalidated by the Patent & Trademark Office. Uncertainty reigns.

Although RIM has about 50 percent of the market for these devices, this situation underscores the need for all of us to practice caveat emptor. Although a change to a different device and server could be accomplished, the associated dislocation and costs are not insignificant. Some enterprises, such as Congress, the Justice Department, UPS, and any number of large law firms have an installed base of hundreds, if not thousands, of BlackBerry devices and related servers. With the benefit of hindsight, some due diligence before investing in these devices might have suggested using an alternative source.

One example of an enterprise alternative is Good Technology ( www.good.com), which offers analogous secure server technology interfacing globally with both Microsoft Outlook and Lotus Notes. Unlike RIM, Good Technology holds a license from NTP. An advantage of Good’s GoodLink™ technology, however, is that it does not require RIM’s proprietary BlackBerry devices. Instead, it works with numerous popular devices running either the Palm operating system (such as the Treo 600 and 650) or Microsoft Windows Mobile 5.0 and 2003 (such as the Dell Axim X50, the HP iPAQ hw6515, and others). Later this year, GoodLink tm also will work with the Nokia E61 running the Symbian operating system.

All of this shows that, just because a particular device or technology is popular, it may not be worth the investment in hardware and training time. Only you will know what is best for your situation. Just beware.

Postscript:  RIM announced on March 3 that it settled its long-running patent dispute, averting a possible court-ordered shutdown of the BlackBerry system, by paying NTP $612.5 million in a “full and final settlement of all claims,” including the $450 million it had escrowed for settlement purposes. For more info, see http://abcnews.go.com/Technology/wireStory?id=1684919.

Vittal is the general counsel of Credit.com, Inc., in San Francisco, California. He is a member of the editorial boards for the technology and practice guide issues of GPSolo and the Technology eReport and writes and lectures frequently on technology topics of interest to the legal profession. He can be reached by email at tony.vittal@abanet.org.

1 A Japanese colloquialism referring to those who spend the day typing with their thumbs on portable communicators.




Back to Top