The Denver-based Privacy Foundation has issued a warning against what is being called "e-mail wiretapping'', a method of surveillance which allows people who sent you an e-mail to secretly receive copies of replies and forwarded messages that are made off the original message.

For example, if a person is sufficiently fluent in a basic programming language called JavaScript, he might be able to program his e-mail so that a copy of your forwarded e-mail gets delivered to him as soon as you send it. He or she will know to whom you forwarded the proposal within the company and your comments about it.

The e-mail must be written in HTML, the Web language used to format Internet pages so they can be seen by a browser. The recipient must also be using an e-mail program with JavaScript enabled.

The e-mail programs most likely to be affected are Microsoft Outlook and Outlook Express, Netscape 6 Mail, America Online 6.0 and newer versions of Eudora, according to the Privacy Foundation. Microsoft and Netscape e-mail readers usually have JavaScript enabled by default.

The Privacy Foundation has posted the instructions for disabling JavaScript in selected programs at www.privacyfoundation.org.

Microsoft has responded by stating that the newest version of Outlook Express comes with JavaScript disabled by default, and has issued a patch for Outlook.

The warning was issued in February but its good to check throughout your company, as even if one recipient of a forwarded message has JavaScript enabled, the e-mail tap works.

Congratulations to Bermuda-based QuoVadis Ltd., a commercial digital certificate authority which launched this week out of Centre Solutions' e-VentureCentre incubator facility. OffshoreOn.com, of which I am editor, is part of the incubator through parent-company ISI Publications.

Digital certificates are a form of secure electronic identification used on corporate and institutional networks to identify users and protect content when documents and messages are passed between two computers.

Like other digital certificate authorities worldwide QuoVadis is attempting to provide a level of security on the Internet, where confidentiality and privacy are being challenged almost every day.

US-based VeriSign, Inc. felt the heat this month when it announced on March 22 that it had issued two digital certificates in January to an individual who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation''.

"The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run,'' Microsoft stated in its warning to users.

''The certificates could be used to sign programs, ActiveX controls, Office macros, and other executable content.'' Microsoft has a new definition of ''trust'' in the digital certificate world.

"Trust is defined on a certificate-by-certificate basis, rather than on the basis of the common name,'' Microsoft said.

VeriSign has revoked the certificates but users are unable to check against revocation automatically. Microsoft is working on an update to fix the problem. If you use digital certification to check postings from Microsoft, the company advises that all certificates should be visually inspected to see whether they were issued on the 29 and 30 January 2001. If so, hit delete! See www.verisign.com for more details.

Lawyers are raving over a new IBM portable Thinkpad computer that doubles as a writing pad.

The ThinkPad TransNote portfolio computer combines a mobile computer with a digital notepad which transforms all your handwritten scribblings into an Adobe PDF file for later reference.

The TransNote opens like a book. Inside on the left side is a regular mobile computer with a pivoting touch screen that can be used flat or raised to any desirable angle to expose a keyboard with full-sized keys. On the right side, the digital notepad acts as a standard letter-sized or A4 pad of paper. The mobile computer and digital notepad can be used together or independently.

According to testers at Law Technology News magazine, everything you draw on the yellow digital pad gets can be saved as an Adobe portable document format (PDF) file. The ThinkScribe digital notepad automatically saves up to 50 pages of handwritten notes and transfers them to the computer, even when the system is off. The notes are transferred to the computer when the system is turned on again. Visit the IBM Internet site for more information (www.ibm.com).

A decision made by a US jury in a mass junk faxing case raises interesting questions about whether the legal interpretation can be used to find liability in companies that send out mass e-mails -- know in geek lingo as "spam''.

The case went against Hooters, the restaurant chain which attracts clients more through its waitresses than through its food. In March a jury determined that Hooters willfully violated the Telephone Consumer Protection Act by sending unsolicited advertising faxes offering lunch coupons to businesses and individuals in the Augusta, Georgia (CHECK) and Aiken, South Carolina area.

The legislation prohibits advertisers from sending faxes without prior or express permission from the recipients and imposes a $500 fine for each violation, subject to trebling for willful and knowing violations.

In the class action case the jury found that 1,320 members could share an estimated $4 million to $12 million from a suit filed in 1995 because each received six unsolicited faxes.

The legislation imposes a $500 fine for each violation, subject to trebling for willful and knowing violations.

Over the past year I've noticed a remarkable decline in unsolicited e-mail in my in-box, and when the odd one does arrive it contains a means of asking to be taken off the list. As the Internet settles down into a stable economic sector the challenge will be to attempt to capture customers through other means than by mass e-mailing.

Tech Tattle deals with topics relating to technology. You can contact Ahmed at editor yoffshoreon.com or (33) 467901474.