this product is unavailable for purchase using a firm account, please log in with a personal account to make this purchase.

I.T in practice: A thousand eyes

Every Issue

Cite as: (2004) 78(9) LIJ, p. 87

Practices need to know how to protect themselves from “spyware”.

The utility of any office tool comes down to an assessment of the benefits of that tool compared with the burdens that it may impose on the user.

The Internet is acknowledged as the most significant piece of accessible technology to have been taken on by mainstream business users in the past 10 years. The two main aspects of this technology in use in legal practices are email and websites.

Practitioners accept the rotting seaweed of computer viruses and spam washed up daily onto the beaches of their firm’s effectiveness because the Internet’s benefits far outweigh the drawbacks. However, many lawyers have begun to note a new piece of flotsam – “spyware”.

Spyware is the generic term for a special category of software, most often seen as those annoying pop-up advertisements which appear as websites are surfed.

There are those who support the use of this intrusive form of advertising – preferring to use the less judgmental term “adware”. Even organisations whose websites are otherwise rich in quality online information will use adware to draw attention to particular parts of their sites (or their advertisers’ sites). However, it is generally agreed that users have grown tired of – and increasingly annoyed with – this level of intrusiveness.

Beyond the annoying, there is the malicious. Seemingly innocent clicks on parts of a website can cause small pieces of computer programs or coded bookmarks (cookies) to be loaded onto your computer. Sometimes, these can be loaded merely by accessing a website or passing your mouse cursor over a particular part of the website – known as “drive-by” downloads.

Other spyware can harvest personal details, including credit card details, when there has been some historical use of online financial transactions. The significance of this should not be understated – just by accessing websites it is possible to unintentionally acquire software which can affect the performance of a computer, and can sometimes prove difficult to find and remove. Computer users are often quite surprised to find that they have acquired spyware on their systems without their knowledge.

In addition to the inconvenience of spyware, there are significant technical computer support costs involved in attempting to deal with the problem.

Legal initiatives

In the US, some jurisdictions are considering outlawing spyware, and there have been court cases already in this area.

The US state of Utah has outlawed spyware,[1] and there are plans to introduce similar legislation here in Australia.

Cynics might comment that the introduction of legislation banning unsolicited bulk emails – spam – has done little to materially change the amount of this type of email flooding inboxes each day, so why would legislative protection from spyware make a difference? The answer lies in the fact that although emails can easily mask their source, websites are almost always identifiable.

There are more than 10,000 potential variations of spyware and practices need to know how to remove and prevent them. A number of free tools are available to prevent pop-up advertisements. Most of these tools require no special technical expertise to install, and run on a system without any day-to-day maintenance.

For example, users familiar with the Google and Yahoo! online search engines may also have taken advantage of the respective toolbar programs[2] to track and block pop-ups. Some of the commercially available virus and personal firewall programs also selectively block spyware, and there are special programs, such as the popular “Spybot Search & Destroy” which removes spyware and claims to immunise a system against it. As with any software of this type, it is important to subscribe to a continually updated piece of software, so that with each new round of malicious software there are complementary tools to combat it.

From a broader perspective, it is worth questioning how spyware can be allowed to invade apparent holes in software like Internet Explorer in the first instance.

Practices running Windows XP on the desktop will be relieved to hear that the next major update of this software, known as “Service Pack 2”, will build significant protection from spyware into Windows itself. Although not the “magic bullet”, when it comes to all types of malicious software Service Pack 2 will go a long way to reducing its effect.

“To do” List

• Acquire a spyware tool that will identify and remove this software from practice computers.
• Consider the acquisition and installation of a spyware protection tool.
• Ensure that staff are alert to sites where pop-ups are prevalent, and avoid them where possible.
• When Windows XP SP2 arrives, install it to reduce spyware problems, but only after testing it extensively with existing software to ensure compatibility.


ADAM REYNOLDS is the principal of Proficio, an independent IT consultant firm.

For more I.T. in practice information, see the contributions of the Law Institute Legal Practice Management Committee and IT special projects department at http://www.liv.asn.au/sections/lpms_it.

itcolumn@liv.asn.au


[1] Spyware Control Act (Utah, HB 323).

[2] See http://toolbar.google.com; http://companion.yahoo.com.

Comments




Leave message



 
 Security code
 
LIV Social
Footer